Zone transfer denied errors, Me or my ISP's problem?

[Barry Margolin]

In article <a7q4nl$2uu at pub3.rc.vix.com>, Rick <huntervalley at hotmail.com> wrote:
>
>Hi,
>
>I have just set up my first primary nameserver using Bind 9.1.3 RH
>7.2. I have My primary running with no start up errors and I can use
>it to surf the net. I have been allowed to have a secondary at my isp,
>I have the NS ns.my.isp in the appropriate zone files on my primary.
>noah.maicom.com.au is my primary domain and ampba.asn.au is a hosted
>domain that will be used as a Name Vhost in apache.
>I want to have the secondary to do a transfer of my primary servers
>zone files but I get the following message....
>
>Mar 26 20:33:50 noah named[6392]: client 139.130.4.5#1392: zone
>transfer denied

You have two allow-transfer options, and the second one (which doesn't
contain your ISP's server) is overriding the first one.  I suspect the
second one was intended to be something like allow-recursion.

>options {
>        directory "/var/named";
>        /*
>         * If there is a firewall between you and nameservers you want
>         * to talk to, you might need to uncomment the query-source
>         * directive below.  Previous versions of BIND always asked
>         * questions using port 53, but BIND 8.1 uses an unprivileged
>         * port by default.
>         */
>query-source address * port 53;
>transfer-source * port 53;
>notify-source * port 53;
>auth-nxdomain yes;
>allow-transfer { 139.130.4.5; 203.50.0.24; };
>allow-transfer { 203.50.2.74; 203.50.1.64/26; };
>notify yes;
>
>};

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.