Reduce default for max-stale-ttl to something more reasonable - 12 hours or similar
Per Support ticket #16297, it was a surprise to find that despite having set
stale-answer-enable no; in options, that cache was full of expired stale answer candidates that persisted for up to 1 week.
It turns out that the default value for max-stale-ttl is 1 week.
The reason for instructing the cache to keep expired content, even if the serve-stale feature is not enabled is a good one - you don't know you want it until it's gone (and there's a problem out on the Interwebs ...). So in the interests of being able to recover in an emergency, and to use
rndc serve-stale on, we keep stale content around just in case.
But 1 week is excessively long - that's effectively doubling the default max-cache-ttl
Generally most authoritative server issues like this are reported and fixed within a half day - which is also long enough for resolver admins to realise that something is broken and to enable serve-stale as a remedial action. (Although see also #1712 )