Andrea wrote:
> Hi there,
> I'm setting up a secondary dns server with bind (the primary is a
> Microsoft DNS server).
> First of all I was wondering if I have to write this
> zone "" {
> type slave;
> file "/var/slaves/";
> masters {; };
> allow-transfer {; };
> };

"allow-transfer" governs only *outbound* zone transfers, so you don't
need it on a slave unless it also has slaves of its own (i.e.
multi-level replication hierarchy), or you have apps/programs/clients
that do zone transfers specifically from this box. Note also that the
default setting for allow-transfer is "any", so unless you've restricted
it globally, you don't need to selectively re-enable it for each zone.

- Kevin