Cent OS DNS Slave says failed to connect: host unreachable

I have a DNS Master (192.168.102.159) and Slave (192.168.102.132) servers, both are VMs, the Master configuration is fine and does both forward and reverse lookups, however, when I try zone transfers with slave, the slave throws the following error failed to connect: host unreachable, I have checked the IP addresses are correct in both conf and zone files, the zone files also show no errors in named-checkzone. This is my second setup, in the earlier setup I received an error rndc.key not found followed by this error, however, in this setup I only received this error.

I have added chgrp and chown on slaves folder in Slave, however, no firewall entries are added, unsure if I have to.

Firewall entries

iptables -A INPUT -i ens33 -p tcp -m state --state NEW,ESTABLISHED -s 192.168.102.132 --sport 1024:65535 --dport 53 -j ACCEPT  iptables -A INPUT -i ens33 -p udp -m state --state NEW,ESTABLISHED -s 192.168.102.132 --sport 1024:65535 --dport 53 -j ACCEPT 

named.conf (MASTER)

acl internals { 192.168.102.0/24;  };  options {         listen-on port 53 { 127.0.0.1; 192.168.102.159; };         listen-on-v6 port 53 { ::1; };         directory       "/var/named";         dump-file       "/var/named/data/cache_dump.db";         statistics-file "/var/named/data/named_stats.txt";         memstatistics-file "/var/named/data/named_mem_stats.txt";         recursing-file  "/var/named/data/named.recursing";         secroots-file   "/var/named/data/named.secroots";         allow-transfer { 192.168.102.132; };         allow-query     { localhost; internals; };          recursion yes;         /*         dnssec-enable yes;         dnssec-validation yes;         */         /* Path to ISC DLV key */         bindkeys-file "/etc/named.iscdlv.key";          managed-keys-directory "/var/named/dynamic";          pid-file "/run/named/named.pid";         session-keyfile "/run/named/session.key"; };  logging {         channel default_debug {                 file "data/named.run";                 severity dynamic;         }; };  zone "." IN {         type hint;         file "named.ca"; };  zone "abc.local" { type master; file "abc.db"; allow-transfer { 192.168.102.132; };  };  zone "102.168.192.IN-ADDR.ARPA" { type master; file "cba.db"; allow-transfer { 192.168.102.132; }; };  include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; 

named.conf (SLAVE)

acl internals { 192.168.102.0/24; };  options {         listen-on port 53 { 127.0.0.1; 192.168.102.132; };         listen-on-v6 port 53 { ::1; };         directory       "/var/named";         dump-file       "/var/named/data/cache_dump.db";         statistics-file "/var/named/data/named_stats.txt";         memstatistics-file "/var/named/data/named_mem_stats.txt";         recursing-file  "/var/named/data/named.recursing";         secroots-file   "/var/named/data/named.secroots";         allow-notify { 192.168.102.159; };         allow-query     { localhost; internals; };          recursion yes;          dnssec-enable yes;         dnssec-validation yes;          /* Path to ISC DLV key */         bindkeys-file "/etc/named.iscdlv.key";          managed-keys-directory "/var/named/dynamic";          pid-file "/run/named/named.pid";         session-keyfile "/run/named/session.key"; };  logging {         channel default_debug {                 file "data/named.run";                 severity dynamic;         }; };  zone "." IN {         type hint;         file "named.ca"; };  zone "abc.local" { type slave; masters { 192.168.102.159; }; file "slaves/abc.db"; allow-transfer { 192.168.102.159; }; };  zone "102.168.192.IN-ADDR.ARPA" { type slave; masters { 192.168.102.159; }; file "slaves/cba.db"; allow-transfer { 192.168.102.159; }; };  include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; 

abc.db

$  TTL 3H $  ORIGIN abc.local. @       IN SOA ns1.abc.local. ns2.abc.local. (                                         0       ; serial                                         1D      ; refresh                                         1H      ; retry                                         1W      ; expire                                         3H )    ; minimum         IN NS ns1.abc.local.         IN NS ns2.abc.local. ns1     IN A 192.168.102.159 ns2     IN A 192.168.102.132 

cba.db

$  TTL 3H $  ORIGIN 102.168.192.IN-ADDR.ARPA. @       IN SOA ns1.abc.local. ns2.abc.local. (                                         0       ; serial                                         1D      ; refresh                                         1H      ; retry                                         1W      ; expire                                         3H )    ; minimum         IN NS ns1.abc.local.         IN NS ns2.abc.local. 159     IN PTR ns1.abc.local. 132     IN PTR ns2.abc.local. 

Error

30-Dec-2018 20:33:24.030 managed-keys-zone: journal file is out of date: removin                                     g journal file  30-Dec-2018 20:33:24.030 managed-keys-zone: loaded serial 2  30-Dec-2018 20:33:24.031 zone 0.in-addr.arpa/IN: loaded serial 0  30-Dec-2018 20:33:24.033 zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0  30-Dec-2018 20:33:24.035 zone localhost.localdomain/IN: loaded serial 0  30-Dec-2018 20:33:24.035 zone localhost/IN: loaded serial 0  30-Dec-2018 20:33:24.037 zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.                                     0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0  30-Dec-2018 20:33:24.037 all zones loaded  30-Dec-2018 20:33:24.037 running  30-Dec-2018 20:34:54.045 zone abc.local/IN: refresh: retry limit for master 192.168.102.159#53 exceeded (source 0.0.0.0#0)  30-Dec-2018 20:34:54.045 zone abc.local/IN: Transfer started.  30-Dec-2018 20:34:54.046 transfer of 'abc.local/IN' from 192.168.102.159#53: failed to connect: host unreachable  30-Dec-2018 20:34:54.046 transfer of 'abc.local/IN' from 192.168.102.159#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.001 secs (0 bytes/sec)  30-Dec-2018 20:34:54.547 zone 102.168.192.IN-ADDR.ARPA/IN: refresh: retry limit for master 192.168.102.159#53 exceeded (source 0.0.0.0#0) 

Both master and slave can ping each other.