Restrict zone transfers to the zone transfer agents
You might want to restrict zone transfer access from your primary name servers to only allow the Edge DNS zone transfer agents (ZTAs).To obtain a list of ZTAs, subscribe to Control Center’s firewall rules notification service. This service allows you to view all ZTA IP addresses and proactively notifies you of any changes to the ZTA infrastructure. Use the following procedures to subscribe to this service.
- Log in to Control Center.
- Go to .
- Click Manage Subscriptions.
Click Subscribe Users, enter your
email information, and select Edge
Zone Transfer Agents.
Ensure that zone transfers are allowed from your primary name servers from the IPs and ports included in the Edge DNS Zone Transfer Agents service, over both UDP and TCP.