[master] add missing release notes and fix other doc nits

README

@@ -67,10 +67,10 @@ BIND 9.11.0
 	- Added support for "dyndb", a new API for loading zone data
 	  from an external database, developed by Red Hat for the FreeIPA
 	  project.
-	- New "fetchlimit" quotas are now available for the use of
+	- "fetchlimit" quotas are now compiled in by default.  These
-	  recursive resolvers that are are under high query load for
+          are for the use of recursive resolvers that are are under
-	  domains whose authoritative servers are nonresponsive or are
+          high query load for domains whose authoritative servers are
-	  experiencing a denial of service attack:
+          nonresponsive or are experiencing a denial of service attack:
 	  + "fetches-per-server" limits the number of simultaneous queries
 	    that can be sent to any single authoritative server.  The
 	    configured value is a starting point; it is automatically

doc/arm/Bv9ARM-book.xml

@@ -4890,7 +4890,7 @@ badresp:1,adberr:0,findfail:0,valfail:0]
 		    <command>fstrm-set-buffer-hint</command>: The
 		    threshold number of bytes to accumulate in the output
 		    buffer before forcing a buffer flush. The minimum is
-		    1K, the maximum is 64K, and the default is 8K.
+		    1024, the maximum is 65536, and the default is 8096.
 		  </simpara>
 		</listitem>
 		<listitem>

doc/arm/notes.xml

@@ -144,10 +144,15 @@
       </listitem>
       <listitem>
 	<para>
-	  New quotas have been added to limit the queries that are
+	  Fetch quotas are now compiled in by default: they
-	  sent by recursive resolvers to authoritative servers
+	  no longer require BIND to be configured with
-	  experiencing denial-of-service attacks. When configured,
+	  <command>--enable-fetchlimit</command>, as was the case
-	  these options can both reduce the harm done to authoritative
+	  when the feature was introduced in BIND 9.10.3.
+	</para>
+	<para>
+	  These quotas limit the queries that are sent by recursive
+	  resolvers to authoritative servers experiencing denial-of-service
+	  attacks. They can both reduce the harm done to authoritative
 	  servers and also avoid the resource exhaustion that can be
 	  experienced by recursive servers when they are being used as a
 	  vehicle for such an attack.
@@ -558,7 +563,7 @@
 	  recursive lookup returns NXDOMAIN, a second lookup is
 	  initiated with the specified name appended to the query
 	  name. This allows NXDOMAIN redirection data to be supplied
-	  by multiple zones configured on the server or by recursive
+	  by multiple zones configured on the server, or by recursive
 	  queries to other servers. (The older method, using
 	  a single <command>type redirect</command> zone, has
 	  better average performance but is less flexible.) [RT #37989]
@@ -778,14 +783,6 @@
 	  [RT #39047]
 	</para>
       </listitem>
-      <listitem>
-	<para>
-	  A alternative NXDOMAIN redirect method (nxdomain-redirect)
-	  which allows the redirect information to be looked up from
-	  a namespace on the Internet rather than requiring a zone
-	  to be configured on the server is now available.
-	</para>
-      </listitem>
       <listitem>
 	<para>
 	  Retrieving the local port range from net.ipv4.ip_local_port_range
@@ -852,14 +849,26 @@
 	  does the same but only when answering recursive queries.
 	</para>
       </listitem>
-    </itemizedlist>
-  </section>
-
-  <section xml:id="relnotes_port"><info><title>Porting Changes</title></info>
-    <itemizedlist>
       <listitem>
 	<para>
-	  None.
+	  At server startup time, the queues for processing
+	  notify and zone refresh queries are now processed in
+	  LIFO rather than FIFO order, to speed up
+	  loading of newly added zones. [RT #42825]
+	</para>
+      </listitem>
+      <listitem>
+	<para>
+	  When answering queries of type MX or SRV, TLSA records for
+	  the target name are now included in the additional section
+	  to speed up DANE processing. [RT #42894]
+	</para>
+      </listitem>
+      <listitem>
+	<para>
+	  <command>named</command> can now use the TCP Fast Open
+	  mechanism on the server side, if supported by the
+	  local operating system. [RT #42866]
 	</para>
       </listitem>
     </itemizedlist>