Forum Discussion

Cirrus

Mar 28, 2025

how to monitor the axfr master response

Hi everyone. Previously I had a zone transfer configuration between GTM (slave) and Microsoft AD (master). Recently, I have experienced problems with axfr access to the server with intermittent stat...

application delivery

GTM DNS

tomas573

Nimbostratus

Apr 02, 2025

Hello,

Hello! It sounds like you're dealing with a frustrating intermittent AXFR issue between your GTM (slave) and Microsoft AD (master). Let's break down the problem and explore some potential solutions for monitoring the AXFR response.

Understanding the Problem

AXFR vs. IXFR:
AXFR (Authoritative Zone Transfer) transfers the entire zone file.
IXFR (Incremental Zone Transfer) only transfers the changes since the last transfer.
The fact that IXFR works but AXFR is intermittent suggests a potential issue with the size of the zone or the reliability of the full zone transfer.
Intermittent Status: This makes troubleshooting challenging. It could be due to:
Network instability.
Resource limitations on the master server (AD).
Firewall or security appliance interference.
DNS server configuration issues.
The size of the zone file.
Monitoring Challenges: You want to monitor the AXFR response, but relying on external monitors or complex setups might be overkill.
Solutions and Strategies

Scripted Monitoring with dig or nslookup

You can create a simple script that periodically runs dig axfr <your_zone> @<master_server_ip> or nslookup -query=axfr <your_zone> <master_server_ip>.
The script can analyze the output for success or failure.
You can then log the results or trigger alerts based on the outcome.

Best Regards

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

how to monitor the axfr master response

ICYMI - Steve Wozniak at AppWorld 2026

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Question/Advice on iRule Remediating the Telerik (Unsafe Reflection Vulnerability (CVE-2025-3600)

CONVERT C113 TO r 4000

Syslog Filter Configuration for Separating Audit and LTM logs.

Impact of client.crt and server.crt expiration

Issue with IIS and Client Component Service Load balancing

Related Content

F5 DNS/GTM External Monitor(EAV) with SNI support and response code check

Introduction of Incident Response

Mastering API Architectures Ebook from NGINX

F5 NGINX API Gateway: Simplify Response Manipulation

custom response page for api

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS