I was trying an experiment to see what happens if I have an explicitly configured zone which is also listed in a catalog zone. e.g. initial config snippet catalog-zones { zone "catz.arpa.cam.ac.uk" zone-directory "/zs"; }; zone catz.arpa.cam.ac.uk { type slave; file "/zs/catz.arpa.cam.ac.uk"; masters { ucam; }; }; The catz has an entry for 10.in-addr.arpa. I add the following to named.conf zone 10.in-addr.arpa { type master; file "/zm/ten"; allow-query { cudn; }; }; then `rndc reconfig` says rndc: 'reconfig' failed: already exists and named logs: 2017-09-06.22:55:55.573 config: error: /etc/named.conf:202: zone '30.172.in-addr.arpa' already exists 2017-09-06.22:55:55.573 general: error: reloading configuration failed: already exists OK, I delete the zone 10 configuration clause, and run `rndc reconfig` again. named logs up to: 2017-09-06.22:56:04.490 general: info: automatic empty zone: view rec: EMPTY.AS112.ARPA 2017-09-06.22:56:04.490 config: warning: /etc/named.conf:192: catz: catalog zone 'catz.arpa.cam.ac.uk' will not be reconfigured then crashes :-( The wider question is what should happen when there is a conflict like this. For instance, we also act as a secondary for Imperial College, so it would be handy to use a catalog zone to do that. But I don't want to have to trust them not to break our servers by adding a cam.ac.uk zone. So ideally, I think explicitly configured zones should override / shadow zones listed in a catalog. And if there are multiple catalog zones, there should have a priority order so that zones listed in a higher priority catalog will override / shadow zones in a lower priority catalog. Tony. -- f.anthony.n.finch http://dotat.at/ - I xn--zr8h punycode Biscay: Westerly or northwesterly 3 or 4, occasionally 5 in north. Moderate, occasionally rough in north. Mainly fair. Good.