Put your public-facing authoritative and recursive nameservers on different machines. The twentieth-century practice of combining authoritative and recursive DNS on one machine led to many security problems. In hindsight, the “store the sacrosanct Single Source of Truth for our company’s public face” function and the “collect and cache random data from any system anywhere on the Internet” function should not share one memory stack.