Cloudflare IP addresses
Depending on your setup (Cloudflare as Primary or Cloudflare as Secondary), you need to configure slightly different Cloudflare IP addresses at your other DNS provider.
Cloudflare's AXFR/IXFR zone transfer requests and NOTIFY messages originate from the following IP addresses. These need to be allowed at your other DNS servers.
104.30.167.163104.30.167.1732a09:bac0:1000:c47::/64Old source IP addresses (deprecated — removed December 1, 2026)
198.41.144.240/28198.41.150.240/282a06:98c0:3601::/482a06:98c0:1401::/48If you are using Cloudflare for Primary DNS — meaning that you are setting up Cloudflare to send outgoing zone transfers — you need to update the following settings at your secondary DNS provider.
Cloudflare's NOTIFY messages originate from the source IP addresses listed above. Allow them at your secondary DNS servers.
Cloudflare will listen to AXFR/IXFR zone transfer requests and SOA queries from your Secondary DNS server on this IP address.
172.65.64.6If you are using Cloudflare for Secondary DNS — meaning that you are setting up Cloudflare to receive incoming zone transfers — you need to update the following settings at your primary DNS provider.
Cloudflare's AXFR/IXFR zone transfer requests originate from the source IP addresses listed above. Allow them at your primary DNS servers.
Notify IPs are the IP addresses where you notify Cloudflare's Secondary DNS to initiate a pull of new zone information from your Primary DNS servers:
172.65.30.82172.65.50.1452606:4700:60:0:317:26ee:3bdf:57742606:4700:60:0:35a:4be3:4144:c5eeTo run a BIND server as a primary, add the following statements to your zone file:
allow-transfer {104.30.167.163;104.30.167.173;2a09:bac0:1000:c47::/64;}also-notify { 172.65.30.82;172.65.50.145;2606:4700:60:0:317:26ee:3bdf:5774;2606:4700:60:0:35a:4be3:4144:c5ee;}