Update serve-stale config defaults

Change the serve-stale configuration defaults so that they match the
recommendations from RFC 8767.

CHANGES

@@ -1,3 +1,9 @@
+5560.	[func]		The default value of "max-stale-ttl" has been changed
+			from 12 hours to 1 day and the default value of
+			"stale-answer-ttl" has been changed from 1 second to
+			30 seconds, following RFC 8767 recommendations.
+			[GL #2248]
+
 5559.	[bug]		The --with-maxminddb=PATH form of the build-time option
 			enabling support for libmaxminddb was not working
 			correctly. This has been fixed. [GL #2366]

bin/named/config.c

@@ -171,7 +171,7 @@ options {\n\
 	max-ncache-ttl 10800; /* 3 hours */\n\
 	max-recursion-depth 7;\n\
 	max-recursion-queries 100;\n\
-	max-stale-ttl 43200; /* 12 hours */\n\
+	max-stale-ttl 86400; /* 1 day */\n\
 	message-compression yes;\n\
 	min-ncache-ttl 0; /* 0 hours */\n\
 	min-cache-ttl 0; /* 0 seconds */\n\
@@ -197,7 +197,7 @@ options {\n\
 #	sortlist <none>\n\
 	stale-answer-enable false;\n\
 	stale-refresh-time 30; /* 30 seconds */\n\
-	stale-answer-ttl 1; /* 1 second */\n\
+	stale-answer-ttl 30; /* 30 seconds */\n\
 	stale-cache-enable false;\n\
 	synth-from-dnssec no;\n\
 #	topology <none>\n\

doc/arm/reference.rst

@@ -1505,9 +1505,9 @@ default is used.
    treated as ``unlimited``.
 
 ``stale-answer-ttl``
-   This specifies the TTL to be returned on stale answers. The default is 1
+   This specifies the TTL to be returned on stale answers. The default is 30
-   second. The minimum allowed is also 1 second; a value of 0 is
+   seconds. The minimum allowed is 1 second; a value of 0 is updated silently
-   updated silently to 1 second.
+   to 1 second.
 
    For stale answers to be returned, they must be enabled, either in the
    configuration file using ``stale-answer-enable`` or via
@@ -3334,11 +3334,11 @@ Tuning
 
 ``max-stale-ttl``
    If retaining stale RRsets in cache is enabled, and returning of stale cached
-   answers is also enabled, ``max-stale-ttl`` sets the maximum time
+   answers is also enabled, ``max-stale-ttl`` sets the maximum time for which
-   for which the server retains records past their normal expiry to
+   the server retains records past their normal expiry to return them as stale
-   return them as stale records, when the servers for those records are
+   records, when the servers for those records are not reachable. The default
-   not reachable. The default is 12 hours. The minimum allowed is 1
+   is 1 day. The minimum allowed is 1 second; a value of 0 is updated silently
-   second; a value of 0 is updated silently to 1 second.
+   to 1 second.
 
    For stale answers to be returned, the retaining of them in cache must be
    enabled via the configuration option ``stale-cache-enable``, and returning

doc/notes/notes-current.rst

@@ -42,6 +42,16 @@ Feature Changes
   signal that the entire DS RRset at the parent must be removed, as
   described in RFC 8078. [GL #1750]
 
+- The default value of ``max-stale-ttl`` has been changed from 12 hours to 1
+  day and the default value of ``stale-answer-ttl`` has been changed from 1
+  second to 30 seconds, following RFC 8767 recommendations. [GL #2248]
+
+- Adjust the ``max-recursion-queries`` default from 75 to 100. Since the
+  queries sent towards root and TLD servers are now included in the
+  count (as a result of the fix for CVE-2020-8616), ``max-recursion-queries``
+  has a higher chance of being exceeded by non-attack queries, which is the
+  main reason for increasing its default value. [GL #2305]
+
 - When using the ``unixtime`` or ``date`` method to update the SOA
   serial number, ``named`` and ``dnssec-signzone`` silently fell back to
   the ``increment`` method to prevent the new serial number from being