Here's more or less what you're looking for (all this goes in named.conf):

acl inner { 10.0.0.0/8; 127.0.0.1; }

and stick these in each 'zone' statement:

        allow-query { inner; };
        allow-transfer { inner; };

This will allow only hosts on your 10.0.0.x network to ask about the
specified zone. 

Reverse lookups work like this:

zone "1.168.192.IN-ADDR.ARPA" {
        type master;
        file "192.168.1";
        allow-query { inner; };
        allow-transfer { inner; };
};

that file (192.168.1) can be called whatever you want.
each entry is like this:
4       IN      PTR     ratbert.home.org.
(so ratbert is 192.168.1.4)

The first rule of Fight Club is: You Do Not Talk About Fight Club.

// Erik Huizing   huizing@cpsc.ucalgary.ca
// www.cpsc.ucalgary.ca/~huizing

On Thu, 10 May 2001, Jukka Marin wrote:

> Dear You,
> 
> Is it possible to define local names (which do not show outside the local
> domain) using bind?  It would be nice to have a working forward and reverse
> name service for, say, 10.0.0.0 network, without showing the names to the
> outside world (and how do you get reverse lookups working, anyway?).
> 
> Is this or anything like this possible?  Using /etc/hosts does not always
> work so well and keeping all the hosts files in sync isn't so nice..
> 
> Thanks,
> 
>   -jm
>