diff --git a/unbound.conf b/unbound.conf
index 02d7fb8..28ab50e 100644
--- a/unbound.conf
+++ b/unbound.conf
@@ -9,7 +9,9 @@ server:
 
     # tls-upstream: yes
     # tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
-    auto-trust-anchor-file: /etc/unbound/autotrust/root.key
+
+    # initially create using unbound-anchor -a /etc/unbound/root.key
+    auto-trust-anchor-file: /etc/unbound/root.key
 
     tls-service-key: /etc/unbound/privkey.pem
     tls-service-pem: /etc/unbound/pubcert.pem
@@ -18,6 +20,7 @@ server:
 
     num-threads: 2
 
+    # curl https://www.internic.net/domain/named.root > /etc/unbound/root.hints
     root-hints: /etc/unbound/root.hints
 
     do-daemonize: no