Hi everybody,

I think my question is probably a FAQ, but I still can't find an answer
from the Internet. Hope someone can give me some hints to fix my

I have a master DNS Server working properly, which connects to internet
directly. Recently I setup a Slave DNS server "behind" a simple firewall
(actually it's a wireless router D-Link DI-524 with NAT), I've set up a
mapping to my internal Slave DNS Server,

I was wondering should I open some firewall ports to help them do "Zone
Transfer" ? I've opened TCP/UDP 53 everywhere (Maser/Slave DNS Server
with iptables, wireless rounter TCP/UDP 53) and I expected there would
be a zone file appear in /var/named/chroot/var/named/slave - I was told
that this was a good sign that master server had successfully transfered
zone file(s) to slave server. Am I correct ?

Below is my settings. Hopefully anyone in the list can help me find out
the errors. Thanks in advance :)

-----------  Envrionemt -----------------------
Master&Slave are Fedora Core 2,BIND 9.2.3-13

-----------  Cfg filez ------------------------
Master DNS (ip address:
options {
   directory "/var/named";
   statistics-file "/var/run/named/named.stats";
zone "foo.org" IN{
        type master;
        file "foo.org.domain";
        zone-statistics yes;
        notify yes;
        also-notify {; };

Slave (ip address:
/var/named/chroot/etc/named.conf (Copy from master's)
zone "foo.org" IN{
        type slave;
        file "slave/foo.org.domain.bak";
        masters {; };
        zone-statistics yes;

O U T P U T (on slave DNS server)
# rndc reload
named[25483]: zone foo.org/IN: refresh: non-authoritative answer from

/var/named/chroot/var/named/slaves is "drwxrwx---", owned by named:named

