>>>>> "AMK" == Ashley M Kirchner <ashley@xxxxxxxxxx> writes: AMK> Hrm, not sure what you're referring to ... yet. Essentially, you want machines on your network to be able to point to your DNS server(s) in /etc/resolv.conf so that they ask those servers to do all lookups for them. But you don't want hosts outside of your network to do the same thing; it's like providing free work for everyone on the Internet and can cause other problems (like opening you to DNS cache poisoning attacks) and of course violates the principle of exposing as little as possible to the global network. BTW, the simpler thing to do is to use "allow-recursion" in the options section of named.conf to list out the netblocks which can perform recursive queries. - J<
