CF CDN always on, I can’t close

Website, Application, Performance DNS & Network
1

Hi all, I facing this problem, please help.

My domain is abc.com

I have subdomain go.abc.com, I create an A record to 123.123.123.123, turn on Orange cloud (proxied)

I also create AAAA record for go.abc.com, also turn on Orange cloud (proxied)

I used for few months, it don’t have any problem, but now, I need A record site go.abc.com, close the CDN (use grey cloud), the problem appears

I’ve tried: (use 1.1.1.1 or use other resolver to nslookup, also the same)

1.)turn go.abc.com A record to grey cloud, remain AAAA record to orange cloud, I wait for 1-2 hours, nslookup go.abc.com, CDN IP still here, not my direct IP 123.123.123.123

2.)keep go.abc.com A record to grey cloud, also turn AAAA record to grey cloud, I wait for 1-2 hours, still the same, CDN IP still here.

3.)delete go.abc.com A / AAAA record, wait for few hours, nslookup go.abc.com, CDN IP still remain.(and my site still work)

4.)re-create A / AAAA record in few hours later, without proxied (Grey cloud), waited for about 24 hours already, now, nslookup still show the CF CDN IP

That’s mean, I can’t turn off the CDN under go.abc.com

I’ve tried to create proxied test.abc.com A / AAAA record, the new host do not have this problem, when turn it to grey cloud, just few mintues, nslookup will show the direct IP.

I need go.abc.com, direct connect, and I don’t want to give up go.abc.com, If I use other hostname, I need to notices all user connect to new hosts, it’s too trouble for me.

please help.

say thank you first.

2

Have you tried purging the cache?:

https://1.1.1.1/purge-cache/

3

Hi, thanks for reply, yes ,I did, and wait for about 2 hours, and then, nslookup go.abc.com 1.1.1.1, the result is the same, show the CDN IP.

4

If you have multiple A and/or AAAA records for the same DNS name, and there’s a mix of orange-clouds and grey-clouds, I think Cloudflare will ignore the grey-clouds so you won’t get a scenario where some of the traffic to that domain is routing through Cloudflare and some isn’t.

So in your step 1, where you’re grey-clouding your A records and orange-clouding your AAAA records, that’s non-standard, and it’s expected that you’ll continue seeing the domain only resolve to Cloudflare IPs.

After that it gets a little weird. Instead step 3, are you absolutely certain you deleted ALL of the A and AAAA records for the domain? Could there potentially have been an orange-clouded CNAME record as well?

Are you using normal 5 minute TTLs?

Once all DNS entries for a name are deleted, it should completely stop resolving within 5 minutes assuming normal setup. If it still resolves, check your DNS dashboard very carefully for entries that you missed.

Could there possibly be an orange-clouded wildcard (*) subdomain entry? If you deleted all the DNS entries for subdomain.example.com but you still have one for *.example.com then that would explain the behavior

1 Like
5

Hello, thanks for help, after seeing your explanation, I may have really misremembered point 3.

I just tried test it again, that’s what I test:

1.) Delete go.abc.com A / AAAA again, wait 1-2 hours

2.) create go.abc.com A record with grey cloud, no CDN IP again

3.) create AAAA record with grey cloud, also, it show my origin v6 IP

4.) turn on AAAA orange cloud, (leave A record grey cloud on), after a moment, all IP become CDN IP

If you have multiple A and/or AAAA records for the same DNS name, and there’s a mix of orange-clouds and grey-clouds, I think Cloudflare will ignore the grey-clouds <—your explanation is correct, I have got it wrong.

sorry to bother you

Thanks again for the detailed explanation

6

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.