I am sure this is a stupid question ...but I will ask anyway. Should I be allowing my dns server (in my dmz) connect to root servers ? At the moment it is being bloced, and the only thing it can connect to is my ISP's DNS server. Basically, my dns server serves requests for servers in my dmz for my internal users. If it can't find the hit, it passs the request on to my ISP's ... I am trying to clean up my firewall logs, and noticed that the DNS server is always trying to query root servers. I was just not sure if this should be allowed. If it is not, (and I suspect there is no need to) Is there a way to make my DNS server stop quering the root servers ? PS DNS is a rh9 box running bind. Thanks, Peter
