DNS and third level geographic domains


We are an italian public administration. Our zone name is “yyy.xxx.si.it”.

When I try to add the zone in the Cloudflare dns-control panel, i get the error:

“We were unable to identify yyy.xxx.si.it as a registered domain. Please ensure you are providing the root domain and not any subdomains (e.g., example.com, not subdomain.example.com) (Code: 1099)”

ok… Cloudflare doesn’t accept third level domain…

But in Italy almost all public administrations use third level domain…

workaround? :slight_smile:

[post contents edited to obfuscate domain by Cloudflare support]

no way?


You can add only one subdomain to Cloudflare by using Partial Zone setup but to do that you need Cloudflare Partner help. You cannot do that if you are not Cloudflare Partner.
I don’t know if I can just give you an e-mail here but I certainly can post you a little instruction:

  1. Go here Our Partnerships
  2. Search for “********”
  3. Contact us :slight_smile:

Now that I think about it I’m sure I can do Partial Zone setup for subdomain like XXX.test.com but I’m not exactly sure that I can do the same for YYY.test1.test.com. Cloudflare?


thanks @komarEX … but i just want to test the Cloudflare free plan, without partner.

Then (from my knowledge) it is not possible to do what you are trying to do. If you want just to test free plan why not just use any random domain?

because i want to test clouflare with my organization domain!

However, it’s strange, all dns providers allow management of similar domains

It makes no difference what domain you use and please stop shouting… calm down… this isn’t how CTO of public administration should behave on public forum.

First you need to understand how Cloudflare works. They need to get hand of domain zone so they can automatically change it’s root records and provide highly available DNS that why you need to delegate domain to their DNS.
I believe that XXX.si.it might be possible to use with Cloudflare (at least if it works similar to Polish .gov.pl). But anything past that say YYY.XXX.si.it cannot be delegated - the max you can do is to change NS for that subdomain but that isn’t what Cloudflare want you to do.

shouting? no really, this isn’t shouting.
Sorry komar… trust me, i’m very calm…

In italy every municipality owns “comune.xxxxx.yy.it”, (comune=municipality) where xxxxx is municipality name and yy is district code.
Every municipality can only change NS record for comune.xxxxx.yy.it… and in italy there are about 8000 municipalty, a big market for Cloudflare :slight_smile:

This is an advanced configuration for Cloudfllare. My recommendation would be to reach out to the sales team. It is something we do in certain circumstances, but there are limitations and coordination requirements with the parent / root domain.

1 Like

We have an almost identical setup with our domain we’re vicroads.vic.gov.au with the vicroads part being the government department/agency and the vic.gov.au being the state, government, and country.

Cloudflare works fine with this setup, what we did was just got vic.gov.au to create the NS records to point to Cloudflare.

Incorrect. That’s not what actually happened.
vicroads.vic.gov.au is managed as if it was separate domain on registrar level and was delegated to Cloudflare.
Right now you are unable to “just point NS records” to Cloudflare. I would like it to be so I create this topic where I’m trying to prove that it is indeed possible.