A record on local authoritative DNS pointed to CloudFlare Anycast proxy IP

Hi there.
I want to point A record from my local DNS to the Cloudflare Proxy Anycast IPs.
How bad or good is this idea?
Reason for this is pretty simple - I need some hosts to be accessed from Cloudflare only, so no direct connections to IP address.
Local DNS is integrated with AD and is authoritative for the domain.

For hostnames under the root domain, these should be CNAME records in the following format:


Any changes to the Origin IP, or :orange:/:grey: status of the Cloudflare managed IPs are reflected in the CNAME automatically.

For the root, you will just have to pick the A/AAAA values currently used for your root, and replicate those internally. (This is because without some non-standard magic, you cannot have a CNAME at the root of a domain)

It is a fairly common setup, and works very reliably.


Thank you. Simple and elegant.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.