zone transfers

[Jeff Shevlen]

Hi,

My domain's secondary service isn't working properly.  The domain's
slave servers don't seem to be able to perform zone transfers.  I
think the problem is networking related, but I've reached the end of
my expertise.

I'm running the master server (BIND 9.2).  I've created a secondary
account with granitecanyon.com (a free service, so no customer service
from them).  The domain is currently being resolved properly via my
primary server, as evidenced by functioning email and webpage.

I have been waiting for granitecanyon's servers to make a xfer request
to my master, anxiously, but it's not happening.  I'm logging
everything right now, and there is absolutely no reference to xfer's
at all in my logs.  No errors, no warnings, no nothing: which leads me
to believe this is a networking issue.

For the record, here is the entry for mydomain in named.conf:
zone mydomain.com {
        type master;
        [  ...  ]
        allow-transfer {
                205.166.226.38;    //    ns1.granitecanyon.com
                65.102.83.43;        //    ns2.granitecanyon.com
        };
};

My name server is behind the firewall, and this is likely part the
problem.  But when I look through the firewall's logs I don't see any
evidence of granitecanyon servers being bounced.

Any help is much appreciated.

And also, maybe someone could fill me in on how zone transfer
transactions occur.  I'm curious what server asks what and on which
port, and how the other server responds.  These details aren't in the
BIND documentation.

Thanks,
Jeff