DNS Cache works sort of! is their a better way of doing it?

[Peter R. Atkin]

I am running a Windows domain network 2000 Server with a linux firewall that 
also acts as a transparent proxy and DHCP server.
Windows 2000 Server PDC (Active Directory / DNS) 10.0.0.1 the firewall is on 
10.0.0.100 inside and 24/7 x.x.x.x on the outside

Local domain: local.cfu.com
External DNS are 192.168.2.10 / 192.168.2.5

I have setup a caching DNS server according to 
http://www.ibiblio.org/pub/Linux/docs/howto/DNS-HOWTO this works but, I am 
really not sure how well, may aim was to allow the XP machine to logon to 
the PDC without having to go though the Internet first, before this script 
was in place it could take anything upto 10mins to a workstation to logon now 
it is 1-3 seconds.

So that aim seems to have been achieved, more by luck I fear then knowledge.

// Config file for caching only name server
//
// The version of the HOWTO you read may contain leading spaces
// (spaces in front of the characters on these lines ) in this and
// other files.  You must remove them for things to work.
//
// Note that the filenames and directory names may differ, the
// ultimate contents of should be quite similar though.
options {
        directory "/var/named";
        // Uncommenting this might help if you have to go through a
        // firewall and things are not working out.  But you probably
        // need to talk to your firewall admin.
        // query-source port 53;
        allow-recursion { 10.0.0.0/24; localhost; };
        forward first;
        forwarders {
                10.0.0.1;
                192.168.2.10;
                192.168.2.5;
                };
        root-delegation-only exclude {
                "ad"; "ar"; "biz"; "cr"; "cu"; "de"; "dm"; "id"; "lu";
                "lv"; "md"; "ms"; "museum"; "name"; "no"; "pa"; "pf";
                "se"; "sr"; "to"; "tw"; "us"; "uy"; };
};
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
};
key "rndc_key" {
        algorithm hmac-md5;
        secret 
"c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
};
zone "com" {
        type delegation-only;
};
zone "net" {
        type delegation-only;
};
zone "." {
        type hint;
        file "root.hints";
};
zone "0.0.127.in-addr.arpa" {
        type master;
        file "pz/127.0.0";

I wish to know:

1) is this script safe, as I hacked it together from verious sources, 
2) and is their any benfit for me to add a reverse lookup zone, if their is 
how do it do it.
3) hows can i get the DNS get the information for the LAN PC's from my 
windows 2000 server DNS server.
4) could this in any way make trouble to the Windows DNS server?

Hope these are not stupid questions i have only been doing this for a few 
hours.

Kind Regards

Peter