Hi there.
I want to point A record from my local DNS to the Cloudflare Proxy Anycast IPs.
How bad or good is this idea?
Reason for this is pretty simple - I need some hosts to be accessed from Cloudflare only, so no direct connections to IP address.
Local DNS is integrated with AD and is authoritative for the domain.
For hostnames under the root domain, these should be CNAME records in the following format:
<fqdn>.cdn.cloudflare.net
Any changes to the Origin IP, or 
/
status of the Cloudflare managed IPs are reflected in the CNAME automatically.
For the root, you will just have to pick the A/AAAA values currently used for your root, and replicate those internally. (This is because without some non-standard magic, you cannot have a CNAME at the root of a domain)
It is a fairly common setup, and works very reliably.
3 Likes
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.