diff --git a/plist b/plist
index 0c5e463b7..8a22452d5 100644
--- a/plist
+++ b/plist
@@ -836,7 +836,7 @@
 /usr/local/opnsense/scripts/systemhealth/queryLog.py
 /usr/local/opnsense/scripts/unbound/cache.sh
 /usr/local/opnsense/scripts/unbound/download_blacklists.py
-/usr/local/opnsense/scripts/unbound/unbound_start.sh
+/usr/local/opnsense/scripts/unbound/start.sh
 /usr/local/opnsense/scripts/unbound/wrapper.py
 /usr/local/opnsense/service/conf/actions.d/actions_auth.conf
 /usr/local/opnsense/service/conf/actions.d/actions_captiveportal.conf
diff --git a/src/etc/inc/plugins.inc.d/openssh.inc b/src/etc/inc/plugins.inc.d/openssh.inc
index a6a52ee87..32b0c3224 100644
--- a/src/etc/inc/plugins.inc.d/openssh.inc
+++ b/src/etc/inc/plugins.inc.d/openssh.inc
@@ -39,7 +39,7 @@ function openssh_enabled()
 function openssh_configure()
 {
     return array(
-        'earlybootup' => array('openssh_configure_do'),
+        'early' => array('openssh_configure_do'),
         'local' => array('openssh_configure_do'),
         'newwanip' => array('openssh_configure_do:2'),
     );
diff --git a/src/etc/inc/plugins.inc.d/unbound.inc b/src/etc/inc/plugins.inc.d/unbound.inc
index 2d21e006b..1efb6bdb7 100644
--- a/src/etc/inc/plugins.inc.d/unbound.inc
+++ b/src/etc/inc/plugins.inc.d/unbound.inc
@@ -42,6 +42,7 @@ function unbound_configure()
     return array(
         'bootup' => array('unbound_configure_do'),
         'dns' => array('unbound_configure_do'),
+        'early' => array('unbound_cache_flush'),
         'hosts' => array('unbound_hosts_generate:0'),
         'local' => array('unbound_configure_do'),
         'newwanip' => array('unbound_configure_do:2'),
@@ -377,50 +378,24 @@ EOD;
     mwexecf('/usr/sbin/chown -R unbound:unbound %s', '/var/unbound');
 }
 
-function unbound_interface($interface)
+function unbound_cache_flush()
 {
-    global $config;
-
-    if (empty($interface)) {
-        /* emulate non-interface reload */
-        return true;
-    }
-
-    if (!empty($config['unbound']['active_interface'])) {
-        foreach (explode(',', $config['unbound']['active_interface']) as $used) {
-            if ($used == $interface) {
-                return true;
-            }
-        }
-    }
-
-    if (!empty($config['unbound']['outgoing_interface'])) {
-        foreach (explode(',', $config['unbound']['outgoing_interface']) as $used) {
-            if ($used == $interface) {
-                return true;
-            }
-        }
-    }
-
-    /*
-     * We can ignore this request as we don't listen here
-     * or always listen on :: / 0.0.0.0 so that a reload
-     * is not necessary.
-     */
-    return false;
+    configd_run('unbound cache flush');
 }
 
 function unbound_configure_do($verbose = false, $interface = '')
 {
     global $config;
 
-    unbound_generate_config();
-
-    if (!unbound_interface($interface) && isvalidpid('/var/run/unbound.pid')) {
-        return;
+    if (empty($config['unbound']['cacheflush'])) {
+        if (isvalidpid('/var/run/unbound.pid')) {
+            configd_run('unbound cache dump');
+        }
+    } else {
+        unbound_cache_flush();
     }
 
-    //configd_run('unbound cache dump');
+    unbound_generate_config();
 
     killbypid('/var/run/unbound_dhcpd.pid', 'TERM', true);
     killbypid('/var/run/unbound.pid', 'TERM', true);
@@ -434,7 +409,7 @@ function unbound_configure_do($verbose = false, $interface = '')
         flush();
     }
 
-    configd_run("unbound start", true);
+    configd_run('unbound start', true);
 
     if (isset($config['unbound']['regdhcp'])) {
         $domain = $config['system']['domain'];
@@ -444,8 +419,6 @@ function unbound_configure_do($verbose = false, $interface = '')
         mwexecf('/usr/local/opnsense/scripts/dns/unbound_dhcpd.py --domain %s', $domain);
     }
 
-    //configd_run('unbound cache load');
-
     if ($verbose) {
         echo "done.\n";
     }
diff --git a/src/etc/inc/plugins.inc.d/webgui.inc b/src/etc/inc/plugins.inc.d/webgui.inc
index c2cd8cf59..87be03e2b 100644
--- a/src/etc/inc/plugins.inc.d/webgui.inc
+++ b/src/etc/inc/plugins.inc.d/webgui.inc
@@ -31,7 +31,7 @@
 function webgui_configure()
 {
     return array(
-        'earlybootup' => array('webgui_configure_do'),
+        'early' => array('webgui_configure_do'),
         'local' => array('webgui_configure_do'),
         'newwanip' => array('webgui_configure_do:2'),
         'webgui' => array('webgui_configure_do'),
diff --git a/src/etc/rc.bootup b/src/etc/rc.bootup
index adfb838b2..2c373b77c 100755
--- a/src/etc/rc.bootup
+++ b/src/etc/rc.bootup
@@ -99,7 +99,7 @@ interfaces_configure(true);
 
 system_resolvconf_generate(true);
 filter_configure_sync(true);
-plugins_configure('earlybootup', true);
+plugins_configure('early', true);
 system_cron_configure(true, true);
 system_routing_configure(true);
 
diff --git a/src/opnsense/scripts/unbound/cache.sh b/src/opnsense/scripts/unbound/cache.sh
index fd5c0507b..faed4b3c6 100755
--- a/src/opnsense/scripts/unbound/cache.sh
+++ b/src/opnsense/scripts/unbound/cache.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# Copyright (c) 2017 Franco Fichtner <franco@opnsense.org>
+# Copyright (c) 2017-2021 Franco Fichtner <franco@opnsense.org>
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@@ -28,13 +28,13 @@
 set -e
 
 UNBOUNDCTL="/usr/local/sbin/unbound-control -c /var/unbound/unbound.conf"
-CACHE="/var/unbound/cache.dump"
+CACHE="/var/unbound/cache.dump.gz"
 COMMAND=${1}
 
 if [ "${COMMAND}" = "dump" ]; then
-	${UNBOUNDCTL} dump_cache > ${CACHE}
+	${UNBOUNDCTL} dump_cache | gzip > ${CACHE}
 elif [ "${COMMAND}" = "load" -a -f "${CACHE}" ]; then
-	cat ${CACHE} | ${UNBOUNDCTL} load_cache
+	gunzip -c ${CACHE} | ${UNBOUNDCTL} load_cache
 elif [ "${COMMAND}" = "flush" ]; then
 	rm -f ${CACHE}
 fi
diff --git a/src/opnsense/scripts/unbound/unbound_start.sh b/src/opnsense/scripts/unbound/start.sh
similarity index 96%
rename from src/opnsense/scripts/unbound/unbound_start.sh
rename to src/opnsense/scripts/unbound/start.sh
index f9d8c0f4e..e751d4aea 100755
--- a/src/opnsense/scripts/unbound/unbound_start.sh
+++ b/src/opnsense/scripts/unbound/start.sh
@@ -1,4 +1,5 @@
 #!/bin/sh
+
 # Copyright (c) 2020 Deciso B.V.
 # All rights reserved.
 #
@@ -25,6 +26,8 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.
 
+set -e
+
 # prepare and startup unbound, so we can easily background it
 
 chroot -u unbound -g unbound / /usr/local/sbin/unbound-anchor -a /var/unbound/root.key
@@ -34,3 +37,4 @@ if [ ! -f /var/unbound/unbound_control.key ]; then
 fi
 
 /usr/local/sbin/unbound -c /var/unbound/unbound.conf
+/usr/local/opnsense/scripts/unbound/cache.sh load
diff --git a/src/opnsense/service/conf/actions.d/actions_unbound.conf b/src/opnsense/service/conf/actions.d/actions_unbound.conf
index c92d4d75a..b10a45bc4 100644
--- a/src/opnsense/service/conf/actions.d/actions_unbound.conf
+++ b/src/opnsense/service/conf/actions.d/actions_unbound.conf
@@ -38,7 +38,7 @@ message:list local data
 command:/usr/local/opnsense/scripts/unbound/cache.sh
 parameters:%s
 type:script
-message:cache %s
+message:Unbound cache %s
 
 [reload]
 command:/usr/local/sbin/unbound-control -c /var/unbound/unbound.conf reload
@@ -47,10 +47,10 @@ type:script
 message:Reloading Unbound
 
 [start]
-command:/usr/local/bin/flock -n -E 0 -o /tmp/unbound_start.lock /usr/local/opnsense/scripts/unbound/unbound_start.sh
+command:/usr/local/bin/flock -n -E 0 -o /tmp/unbound_start.lock /usr/local/opnsense/scripts/unbound/start.sh
 parameters:
 type:script
-message:Start Unbound
+message:Starting Unbound
 
 [dnsbl]
 command:
diff --git a/src/www/services_unbound.php b/src/www/services_unbound.php
index 835e4fef6..0333f0dca 100644
--- a/src/www/services_unbound.php
+++ b/src/www/services_unbound.php
@@ -1,7 +1,7 @@
 <?php
 
 /*
- * Copyright (C) 2018 Franco Fichtner <franco@opnsense.org>
+ * Copyright (C) 2018-2021 Franco Fichtner <franco@opnsense.org>
  * Copyright (C) 2018 Fabian Franz
  * Copyright (C) 2014-2016 Deciso B.V.
  * Copyright (C) 2014 Warren Baker <warren@decoy.co.za>
@@ -48,6 +48,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
     $pconfig['regdhcp'] = isset($a_unboundcfg['regdhcp']);
     $pconfig['regdhcpstatic'] = isset($a_unboundcfg['regdhcpstatic']);
     $pconfig['txtsupport'] = isset($a_unboundcfg['txtsupport']);
+    $pconfig['cacheflush'] = isset($a_unboundcfg['cacheflush']);
     // text values
     $pconfig['port'] = !empty($a_unboundcfg['port']) ? $a_unboundcfg['port'] : null;
     $pconfig['regdhcpdomain'] = !empty($a_unboundcfg['regdhcpdomain']) ? $a_unboundcfg['regdhcpdomain'] : null;
@@ -111,10 +112,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
             }
 
             // boolean values
+            $a_unboundcfg['cacheflush'] = !empty($pconfig['cacheflush']);
+            $a_unboundcfg['dns64'] = !empty($pconfig['dns64']);
+            $a_unboundcfg['dnssec'] = !empty($pconfig['dnssec']);
             $a_unboundcfg['enable'] = !empty($pconfig['enable']);
             $a_unboundcfg['enable_wpad'] = !empty($pconfig['enable_wpad']);
-            $a_unboundcfg['dnssec'] = !empty($pconfig['dnssec']);
-            $a_unboundcfg['dns64'] = !empty($pconfig['dns64']);
             $a_unboundcfg['forwarding'] = !empty($pconfig['forwarding']);
             $a_unboundcfg['noreglladdr6'] = empty($pconfig['reglladdr6']);
             $a_unboundcfg['regdhcp'] = !empty($pconfig['regdhcp']);
@@ -304,7 +306,17 @@ include_once("head.inc");
                           <input name="txtsupport" type="checkbox" value="yes" <?=!empty($pconfig['txtsupport']) ? 'checked="checked"' : '';?> />
                           <?= gettext('Create corresponding TXT records') ?>
                           <div class="hidden" data-for="help_for_txtsupport">
-                            <?=gettext("If this option is set, then any descriptions associated with Host entries and DHCP Static mappings will create a corresponding TXT record.");?><br />
+                            <?=gettext("If this option is set, then any descriptions associated with Host entries and DHCP Static mappings will create a corresponding TXT record.");?>
+                          </div>
+                        </td>
+                      </tr>
+                      <tr>
+                        <td><a id="help_for_cacheflush" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext('DNS Cache');?></td>
+                        <td>
+                          <input name="cacheflush" type="checkbox" value="yes" <?=!empty($pconfig['cacheflush']) ? 'checked="checked"' : '';?> />
+                          <?= gettext('Flush DNS cache during reload') ?>
+                          <div class="hidden" data-for="help_for_cacheflush">
+                            <?= gettext('If this option is set, the DNS cache will be flushed during each daemon reload. This is the default behavior for Unbound, but may be undesired when multiple dynamic interfaces require frequent reloading.') ?>
                           </div>
                         </td>
                       </tr>