BIND 8 forwarding question

[Lemman, Paul]

Hi,
	I'm setting up a forwarder in BIND 8.2.4 that I don't want to be able to answer questions about internal hosts by asking our external view nameservers.  I tried the suggestion in the DNS and BIND book to set up a stub zone with an empty forwarders list but the forwarder still queries our external view servers.  I tried adding a "forward only" directive to the zone declaration but that didn't seem to help.  Neither did declaring the zone of type forwarder and giving it an empty forwarders list in the zone declaration.  Can anyone see where I'm going wrong?  

Thanks,

paul


options {
	directory "/cache";
	pid-file "/var/run/named.pid";
	// Created by SIGINT or ndc dumpdb
	dump-file "/var/tmp/dump.db";
	// Created by SIGILL or ndc stats
	statistics-file "/var/tmp/stats";
	statistics-interval 60;
	listen-on { 147.34.97.130; };
	recursion yes;
	fetch-glue yes;
	query-source address 147.34.97.130 port 53;
	version "Surely you're joking, Mr. Feynman.";
	allow-query { localhost; E2; internal-roots; mentor-nets; };
	use-id-pool yes;
};

zone "." {
	type hint;
	file "db.cache";
};


zone "mentorg.com" {
	type stub;
	masters { 147.34.22.13; 147.34.96.122; 137.202.21.21; 137.202.93.16; };
	file "stub.mentorg.com";
	forward only;
	forwarders {};
};

paul lemman                                       V: 503.685.1554
IT Computer Services                           www.mentor.com
Mentor Graphics Corporation