Thinking this out, out loud. Well, in black and white, anyway. Your vix.com name servers are authoritative for the zone. If a name server wants to do a lookup on maps.vix.com, it will get it from cache, or send a query to the listed IP address for one of the name servers. You said you had tried, e.g., putting up a maps.vix.com zone with a huge negative TTL - or did you say negative TTL? - but that would only work for multiple queries for the same value from the same name server. I don't see a clean way to "poison" even a large number of caches to forget about you completely. Does a large negative TTL on vix.com really not reduce the traffic much? But then that hurts you when you add a new record, if someone has been trying to get to that record. And there are name servers out there that ignore negative TTL. The only way for it not to arrive at the name server is for something in the way to block it. Perhaps a transparent filter, or perhaps the IP addresses of the "name servers" are your firewalls, which will block and pass the rest on to the real name servers behind them. Or maybe that's more work than it's worth. ;-) Is anything suffering besides your logs? -- Joe Yao ----------------------------------------------------------------------- This message is not an official statement of OSIS Center policies.