I configured my host as described above:
- maradns on my vps, configured more or less as above,
- linode configured (in DNS manager) as slave for my domain
- two linode nameservers (plus some other secondary DNS my colleague serves for me) configured as servers for my domain

Everything seems to be working properly

The system seems to work pretty well. I recently moved everything over to ns{1,2,3,4}.linode.com, with my Linode as the master.

I've noticed a few quirks:

-ns{3,4} seem to take a few minutes to pick up changes sometimes.

-Subdomains don't work. I assume this is to prevent a malicious user from setting up www.mydomain.com on top of mydomain.com as a DNS poisoning attack.

I haven't seen any major issues, and it's one of my favorite features of Linode. Just getting name servers for the domain is trivial with most registrars, if you're looking to host at Linode at all you probably need more. Unfortunately a good DNS setup isn't something a single VPS can host by itself. Getting an infrastructure to do that is a great addition.
The security impact isn't that large, it's mostly an image thing to be honest. Whether or not the practice is important, it's preferable to be seen to follow it.

Someone jogged my memory about this post and I thought I'd update the bind acl list - I now have four Linode servers in /etc/bind/named.conf:

acl slaves {
        69.93.127.10;
        65.19.178.10;
        75.127.96.10;
        207.192.70.10;
        };

_________________
TJ.
IntuitiveNipple
The only intuitive interface is the nipple; everything else is learned.

Delegated sub-domains should work the same as any other. On the master server delegate the sub-domain in the domain zone file, create the zone-file for the sub-domain, and add the sub-domain to Linode DNS Manager.

_________________
TJ.
IntuitiveNipple

The only intuitive interface is the nipple; everything else is learned.

Are you sure that's right? I have a couple of domains slaved to the Linode servers, but only the first two servers respond when I query them - the last two return ESERVFAIL.

EDIT: Oh wait, sorry, my bad - got confused with the nameservers. Yes, I have to add these to the Bind config *before* ns3 and ns4 will work...