Restricting Queries

[Thomas Duterme]

Hi Folks,

Perhaps this is a silly question.

I've got a nameserver which I've locked up pretty tightly.
It allows recurive queries to only a few other servers on
the LAN, but currently answers queries to all.  (albeit only
pointing them to root and forcing them to use other
nameservers to do the work)

Now if I do the following
allow-query { LAN;};

Suddenly the rest of the world can't look up names that my
nameserver is authoritative for...that's bad.

But I'd like to do something which really limits the ability
for other clients to use my nameserver....ie they can query
my nameserver directly, but only if its for one of the zones
that nameserver is authroritative for, otherwise they don't
get any response.

Am I being silly?  ie. will I really save that much from not
pointing them off to root like I do now?  Even if this
weren't possible, would there be aby reason why I wouldn't
want to do this.

TIA,
Tom