No subject

secondaries you previously mentioned?

> This all ran OK for a while, after which, various maps seem
> to have stopped propagating to their secondaries.

Do you mean that the secondary servers can no longer zone transfer?  If so,
check syslog on both the primary and secondaries.

> All maps on the primary server look to be OK. None of the
> forward maps are published on the main internal secondaries.

Is this by design, or a result of the previous paragraph?

> The reverse maps appear to still be functioning quite happily.
>
> I suspect this is something to do with the root server not being
> authoratitive, but don't know how to fix the problem.

What root server?

> The "Root" map on the normal internal servers references the internet
> roots.

ok as long as it secondaries your inside domain.

> These know about our external server, but not the internal one (probably
> denying it authority as far as most of the secondaries are concerned).

Is this the symptom or the design?

It sounds like your internal servers can no longer zone transfer the forward
zones for some reason. The expire time has tripped on their copy of the zone
data, so now, they find only your external dns view via the Internet roots.
There are probably syntax problems in your zone files on the primary server.
You need to inspect you syslogs.

Bill Myers
Total Network Solutions
Network Enabling Security Engineer
Email wmyers at tns-inc.com