Hi Chaps and Chappettes,

I've had a short period of time recently to learn and implement DNS cache-only in our organisation. Trouble is, according to my tcpdumps, the amount of traffic on port 53 has increased. This is of course the exact opposit of the desired effect. Would y'all mind looking over my config?

FYI, the machine is an Exim MTA handling mail traffic. There are 2 internal and 2 external DNS servers as well as this machine. resolv.conf is pointed to local. Stuff I dig appears in the cache dump. I'm not sure if I should have the zone specified as there is no zonefile on this machine, but it did seem to get the internal traffic going again.

RHEL 5 2.6.18-128.1.6.el5PAE
BIND 9.3.4-10.P1.el5

Many, many thanks for any help.

named.conf:

options {
  forwarders { ip_of_external_1; ip_of_external_2; };
  forward first;
  directory "/var/named" ;
  dump-file "dump/named_dump.db";
  allow-query { any; };
  allow-recursion { any; };
  allow-transfer { none; };
  allow-notify { none; };
  listen-on-v6 { none; };
  recursive-clients 3500;
  version none;
  zone-statistics yes;
  notify no;
  auth-nxdomain no;
  };

logging{
  channel simple_log {
    file "named.log" versions 3 size 5m;
    severity dynamic;
    print-time yes;
    print-severity yes;
    print-category yes;
  };
  category default{
    simple_log;
  };
  category lame-servers {
    null;
  };
};

zone "orgname.com" {
        type forward;
        forwarders { ip_of_internal_1; 2ip_of_internal_2; ip_of_internal_1_service_ip; ip_of_internal_2_service_ip; };
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "db.127.0.0";
};

$TTL 345600
@               IN      SOA     localhost. root.localhost.      (
                                00      ; Serial
                                86400   ; Refresh
                                7200    ; Retry
                                2592000 ; Expire
                                345600) ; Minimum

                IN      NS      localhost.
1               IN      PTR     localhost.