Firewall and allowlist requirements

For Shield NS53, make sure you allow these CIDRs in your firewall and allowlists. These IP addresses must be open to:

  • Allow authoritative zone transfer (AXFR) and incremental zone transfer (IXFR) transactions for Automatic filtering.
  • Allow recursive DNS from ​Akamai​ IPv4 and IPv6 IP addresses.

IPv4IPv6PortProtocolDescription
184.24.0.0/13
23.192.0.0/11
23.64.0.0/14
23.32.0.0/11
23.72.0.0/13
2a02:26f0::/32
2600:1400::/24
2405:9600::/32
53UDP,
TCP
Used for AXFR and IXFR transactions. These IP addresses are used to transfer zones and records.
80.67.68.0/24
96.16.0.0/15
66.198.8.0/24
201.33.187.0/24
104.64.0.0/10
125.56.218.0/24
96.6.0.0/15
60.254.173.0/24
202.138.183.0/24
203.69.138.0/24
2.16.0.0/13
124.106.175.0/24
72.246.0.0/15
67.220.142.0/23
95.100.0.0/15
184.24.0.0/13
23.0.0.0/12
118.214.0.0/16
184.84.0.0/14
69.192.0.0/16
23.64.0.0/14
23.32.0.0/11
23.72.0.0/13
175.207.14.0/24
92.122.0.0/15
23.192.0.0/11
80.239.148.0/24
173.222.0.0/15
189.247.213.0/24
184.50.0.0/15
88.221.0.0/16
2a02:26f0::/32
2600:1400::/24
2405:9600::/32
2001:4450:40::/48
2001:4457:ff0::/48
2001:2030:22::/48
53UDP,
TCP
Used for recursive DNS from ​Akamai​ IPv4 and IPv6 IP addresses