> it is a best practice to separate authoritative and recursive servers. why? e.g. a small isp has a hundred auth zones (secondaried far away and off-net, of course) and runs cache. why should they separate auth from cache? randy