slave == entire zone transfer

[Snoopy]

Hello all,


In 198.144.4.4
----------------
    zone "pvt.ga.org"{
        type slave; file "blah"; masters { 201.235.6.1; };
        allow-query {198.144.4.1; };
        allow-transfer { none; };
    };


In slave dns server (198.144.4.1)
-----------------------------------
    zone "pvt.ga.org"{
       type slave; masters{ 198.144.4.4; };
       forward only; forwarders { 198.144.4.4; };
       allow-query{ 127.0.0.1; };
       allow-transfer { none; };
    };

    Reading the bind book pg.85, it says that a slave server would do a
'zone transfer' from the master. If I specify 'forward only', would the
slave dns server (198.144.4.1) still perform entire zone transfer, or it
would only forward query for that zone (pvt.ga.org) to the forwarder
(198.144.4.4) ?

    I know that there is 'type forward' zone statements. But such a type
zone won't allow allow-query statements which I need. Putting the
allow-query in global 'option' would cause me to add many more allow-query
at other zones, that's why I want to put 'allow-query' statement in
pvt.ga.org zone.

    Basically, for zone "pvt.ga.org" I want it not to do zone transfer from
198.144.4.4 but only to query it. I also wanted to secure that zone, so that
only that slave dns server can query it itself for that zone.

   I think I can achieve this with an 'allow-query {127.0.0.1; };' in the
_global_ option and then for zone 'pvt.ga.org' just do 'type forward' zone,
but it would require me to modify lots of other things as well, so I hope I
can avoid all that......

    So, would my above setting work ?? Or I need to resort to do allow-query
statement in global option and then do 'type transfer' for zone pvt.ga.org
??

    It's the first time I touched Bind config. Any help or pointers would be
greatly appreciated.

Thanks...