On 08/02/2016 04:01 PM, Ray Bellis wrote:
> On 02/08/2016 19:47, Matthew Pounsett wrote:
>> In the authoritative configuration, BIND has no need to do DNS lookups
>> of its own, so it wouldn't be any use there.
> That's not strictly true - BIND will in some circumstances use its own
> internal resolver to handle the host lookups for NOTIFYs and XFRs if
> they're using hostnames instead of IP lists.
As is usually the case, the initial message (the one I submitted) did not contain enough information. My question originated precisely because of the need for BIND to send NOTIFY messages. We allow our server to send queries to our local recursive, caching nameservers (which are configured in the server's resolv.conf), but queries to other servers were not allowed. We did this because we didn't think anything on the server needed to send DNS queries anywhere else. From our point of view, it only needed to respond to DNS queries. 

So apologies for not providing enough information.
We have an authoritative server and it has a zone with secondary name servers owned by another organization.
This authoritative name server needs to send a NOTIFY to these other name servers.
I thought it was enough for BIND to use the operating system's mechanism for resolving names.

