I don't know if it's the correct forum.....

I have noticed by my firewall that I have a lot of traffic that is a query of DNS generate from my server novell.
I 'd like to know why my server generate this traffic.

I have netware 6.5 sp6. I don't manage a DNS external, I have only
a DNS internal for resolving the name of my server and some others workstations.
I want to forward the query to another server (DMZ), so I have inserted into the forwarding-list the ip of the server that there is on my DMZ.
Then from this server I have insereted into forwarding-list the ip of my IPS.

IS it all right????

I don't want to use the rootserverinfo (rootsrvr.dat) , so manualy I have modified the rootserveinfo of my first server in this way:

$ORIGIN RootServerInfo.
@ IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. (
2002110511 ; Serial
3600 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum


$ORIGIN .
3600000 IN NS A.ROOT-SERVERS.NET.
3600000 IN NS B.ROOT-SERVERS.NET.
3600000 IN NS C.ROOT-SERVERS.NET.
3600000 IN NS D.ROOT-SERVERS.NET.
3600000 IN NS E.ROOT-SERVERS.NET.
3600000 IN NS F.ROOT-SERVERS.NET.
3600000 IN NS G.ROOT-SERVERS.NET.
3600000 IN NS H.ROOT-SERVERS.NET.
3600000 IN NS I.ROOT-SERVERS.NET.
3600000 IN NS J.ROOT-SERVERS.NET.
3600000 IN NS K.ROOT-SERVERS.NET.
3600000 IN NS L.ROOT-SERVERS.NET.
3600000 IN NS M.ROOT-SERVERS.NET.

$ORIGIN ROOT-SERVERS.NET.
A IN A 192.168.99.99


I just left a ServerRoot but I have modified the ip .... I have put 192.168.99.99 that not exist.....

MUST I CORRECT THIS IP-address ????? MUST I insert the Ip of my IPS also in this server .....?


sorry for the explanation .... Have you understood anything?
how do I know who or what generates the query-dns?

thanks
MOnica