Traditionally, I have created a DNS service on EVERY Internal/DMZ interface and pointed DHCP clients to use the interface gateway as the DNS server for each. Pretty much every one of them is Recursive with the default DNS filter enabled. Is there any recourse drawback to doing this 1:1 setup, or should I cut this back and just use a single interface for DMS and another single one for Trusted and update the clients to point their DNS requests to those consolidated addresses? My firewalls have been running low on recourses and I wonder if this will help reduce that load given I have roughly 20 interfaces.
