Hi,
I have added a new domain to Cloudflare. And I get the following screen at the DNS panel in the dashboard:
Can somebody tell me, why Cloudflare doesn’t recognize their own DNS server?
Greetings Harald
Can somebody tell me, why Cloudflare doesn’t recognize their own DNS server?
Greetings Harald
Have you tried clicking the “re-check” button? The DNS setup looks all right and I’d expect it to verify without issues.
Hi, thanks for the reply.
The “re-check” is running at the moment.
1 Like
The re-check is complete. But I’m still getting the same screen. Saying I should replace the Cloudflare nameservers, with the same Cloudflare nameservers (see screenshot in post #1)
Something got possibly stuck. Time for a support ticket → https://support.cloudflare.com/requests/new
Well. One says: registered, the next one can’t connect to .io’s servers, and another one
Seems like some mess…
1 Like
.io’s whois server seems to be inaccessible right now, but the domain resolves fine, so I’d assume it is properly registered.
I get a servfail from Google, Cloudflare, our companies servers, Quad9. Only toby and lila are resolving. 
I am a bit confused because nic.io says that the domain is available.
.io’s root servers do return NS records. Yandex also resolves the A record.
1 Like
Seems like you have DNSSEC enabled at your registrar. Did you have it enabled prior to moving to Cloudflare?
Anyway, I would try to disable it, because I think CF are validating it and at the same time serving no relevant records for them to successfully validate. See: DNSSEC Analyzer - INNOVADIS.IO
4 Likes
Definitely DNSSEC. Querying 8.8.8.8 with the check disabled flag returns an A record, but without check disabled, I get SERVFAIL.
I did have DNSSEC enabled, but disabled it (in the resellers control panel) when I switched to the Cloudflare nameservers.
I’m going to enable and disable it again to see of that makes a difference. And else contact my registrar to check if there might be a problem disabling DNSSEC for this domain.
Have you opened a support ticket?
Yes I did, yesterday afternoon I submitted a support ticket. But no response so far.
Ticket #1625912
Will investigate…
Hi @harald, thank you and sorry you’re having issues. I checked your account and zones. Whois has picked up the .io name server changes. You could try removing the zone and re-add it. I added myself to the ticket and added a link to this conversation.
(BTW, for your other zones, it appears you’re not using Cloudflare name servers and checking security trails, it seems the name servers have never pointed to Cloudflare. Have you made these changes?)
1 Like
Hello @cloonan, thank you for your reply.
I have a ticket running at my registrar and they are manually going to disable DNSSEC for the domain. Seems the setting in their control panel, wasn’t working as it should. As soon as that is fixed, I’ll re-add the domain.
(For the other zones, it’s correct that they do not point to Cloudflare. I was testing with this domain to see if I ran into any problems 
, before connecting production domains).
@cloonan, is DNSSEC the issue here?