BIG-IP DNS allowing zone transfer to slave linux server

Question

Hello!&nbsp;
I'm trying to get F5 to allow zone transfer to another Linux Bind server, which will be a slave for backup purposes.&nbsp;
BIG-IP is authoritive and is answering to all DNS requests for that zone file correctly.&nbsp;
I've configured another Linux Named(Bind) server and set it up as slave. When I'm doing "dig axfr "@F5-VIRTUAL-DNS-IP example.com" and check F5 LTM logs, I get "REFUSED qr, aa" for that query.&nbsp;
in F5 zone file for "example.com" I added allow-transfer/allow-notify IP for my Linux Slave server.I got 2 listeners in F5 for UDP / TCP.under DNS -&gt; Delivery -&gt; Profiles -&gt; "DNS Traffic" I allowed "ZONE-TRANSFER"
And now I've ran out of ideas.&nbsp;
All help is appreciated.&nbsp;

liccccboeh_3569 · Accepted Answer

DNS -&gt; Delivery -&gt; Nameservers and create a entry for all your slave linux bind serversDNS -&gt; ZONES -&gt; Zones -&gt; Zone list choose correct zone ("example.com") and in "Zone Transfer Clients" add previously created slave servers to active. Previously there should be only 127.0.0.1.

Forum Discussion

BIG-IP DNS allowing zone transfer to slave linux server

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Show or List F5 XC Routes in the Web

Related Content

Configuring BIG-IP for Zone Transfer and DNSSEC

Automating Certificate Management on F5 BIG-IP

What's new in BIG-IP v21.0?

BIG-IP File Transfers

Introducing the F5 AI Assistant for BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS