CNAME behind Cloudflare Ploxy (orange cloud)

I was wondering how a CNAME record works behind a Cloudflare Ploxy (orange cloud) enabled record. Does Cloudflare look up the CNAME record every time or cache the results? And does the answer to the previous question depend on whether the CNAME record itself is on Cloudflare?

The reason I’m asking is because we update a lot of records (orange cloud) with the same ip and we were wondering if it would be better to just CNAME them all to one record and just change that one. However and need them to propagate to all of Cloudflare server’s ASAP.

If the CNAME record is not on Cloudflare I guess at most the IP is cached for the DNS TTL (you could make it to 2m at minimum on Cloudflare, even lower probably on third party DNS providers, but it’s not really recommended), this should be per POP I would imagine. If it’s on the Cloudflare network it would most likely update instantly, especially if it’s :orange:.

At most it would remain cached for the TTL.

Thanks @matteo, I need to know for sure though because waiting for the TTL would be too long in our case.

May I ask in which case waiting for 1/2 minutes for the TTL would be too long? It could happen that misconfigured DNS servers don’t respect the TTL.

I’m not sure what you mean by “It could happen that misconfigured DNS servers don’t respect the TTL.” but to answer your question, specifically it’s not that it’s too long but that it would take longer than updating multiple A records in the case that the CNAME record is cached. The reason we want to use the faster method is because our use case is server fail-over and dynamic ip update.

I mean that you can’t trust DNS servers worldwide to change in the time that you expect.

Why not use Cloudflare’s load-balancing then? It’s automatic and integrated.

The records are behind the Cloudflare Proxy (orange cloud) and we don’t expect a time, we just need the shortest time. And load-balancing isn’t what we are after.

I realize that only someone in the technical department at Cloudflare can answer my question, I’ll probably have to email them if they don’t see this post.

Thank you for your help though @matteo

The Cloudflare load balancer can be used as a fail over mechanism with automatic detection. Take a look if you have a few minutes.

If you require the shortest time then everything behind Cloudflare, be it an A record or a CNAME should be instantaneous. All needs to be :orange: obviously. My guess is that update a single :orange: A record and then an :orange: CNAME to it would be the fastest.

