Changing name servers to cloudflare and Microsoft 365 records

At the moment i have a Microsoft 365 tenant that is setup and working ok. I wanted to change only the name servers from a registrar to cloudflare so to protect my webserver hosted on-prem. All dns records will be hosted identical with my domain registrar and cloudflare. I have come across 2 DNS SRV records that need some clarification.
SRV
_sip
TLS
Use your domain_name; for example, contoso.com
30 minutes
100
1
443
sipfed.online.lync.com SRV
_sipfederationtls
TCP
Use your domain_name; for example, contoso.com
30 minutes
100
1
5061
sipfed.online.lync.com

  1. Cloudflare recommended me to change sipdir.online.lync.com to sipfed.online.lync.com as it exposes the ip behind sip.domain.com. I need some clarification on this please.

  2. I have noticed a few Microsoft 365 records are proxied and some 365 records are DNS. Should Microsoft 365 records be proxied at all. What is the best practice.
    Thank you

  1. SRV records cannot be proxied, and in this case the target should not be one of your own domains. Check Microsofts documentation here. Mine looks like this:

  2. None of the Microsoft 365 records should be proxied, so need to be set DNS Only :grey:. https://docs.microsoft.com/en-us/microsoft-365/admin/dns/create-dns-records-at-cloudflare?view=o365-worldwide

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.