BIND 8.2.5 not caching queries

[McNutt, Justin M.]

Okay, perhaps I'm doing something stupid here, but I looked around a bit and
I can't find anything that says I'm doing this wrong.  So here's the deal:

Host dnps-linux1 is a Slackware 7.1 box running a newly-compiled BIND 8.2.5
named.  It is also set up to receive syslog messages from several of our
routers.  Every time a message from a router comes in, syslogd does a name
lookup against the IP address so it can put the DNS name in the log file.
When syslog messages start coming in fast and furious, the traffic to the
name servers was getting horrendous, so I figured I could set up a local
caching server to solve the problem (thus keeping all of the queries local).

Problem is, it's not working.  The machine still sends name queries to the
"real" (authoritative) servers every time a log message comes in (shown by
packet captures).  The queries only come between 20 and 40 seconds apart,
which is *way* smaller than the TTL for those entries.  So what's the deal?

Help!

/etc/resolv.conf:
search telecom.missouri.edu iats.missouri.edu missouri.edu
nameserver 127.0.0.1
nameserver 128.206.10.3
nameserver 128.206.2.252
nameserver 150.199.1.11

/etc/named.conf:
/*
 * A simple BIND 8 configuration
 */

options {
        directory "/var/named";
        listen-on {       127.0.0.1; };
        allow-query {     127.0.0.1; 128.206.212.228; };
};

logging {
        category lame-servers { null; };
        category cname { null; };
};

zone "." in {
        type hint;
        file "root.cache";
};

zone "0.0.127.in-addr.arpa" in {
        type master;
        file "named.local";
};

Later...

Justin McNutt
Network Systems Analyst - Expert
DNPS, Mizzou Telecom
(573) 882-5183

One IP to rule them all, one IP to find them,
One IP to bring them all, and in the darkness BIND them!