In the context of Domain Name System (DNS) administration, AXFR (short for "authoritative transfer") is a type of zone transfer in which the complete DNS zone file is transferred from the primary DNS server to a secondary DNS server. This is used to keep the secondary DNS server synchronized with the primary server so that it can provide DNS query resolution for the same set of DNS records.
The AXFR protocol is defined in RFC 5936 and is based on the IXFR (incremental transfer) protocol. It allows a secondary DNS server to request a full copy of the DNS zone file from the primary server, which the primary server then transfers to the secondary server. The AXFR protocol uses TCP as the transport protocol, and the DNS zone file is transferred using the DNS message format.
To perform an AXFR transfer, the secondary DNS server must be authorized by the primary DNS server to receive the transfer. This is typically done by including the IP address of the secondary server in the allow-transfer directive in the primary server's configuration file. The secondary server can then initiate the transfer by sending a DNS AXFR request to the primary server. The primary server will respond with the complete DNS zone file, and the secondary server will use this information to update its local DNS records.