I’m just starting out, and the first step recommended by the system is to switch DNS to cloudflare.
However, as a sanity check, I used DIG to check the records to ensure they’re all already there. Some are, but some of the text records are missing, like the s p f record. When I use DIG on the current authoritative nameservers, I see the records that Cloudflare is missing.
IF I were to follow the instructions (blindly) and reassign DNS to Cloudflare, these entries would be missing and create immediate delivery problems.
Why are these entries missing?
Why is the system recommending that I change the primary nameservers - a very serious operation - while entries are not at 1:1 parity with the authoritative nameserver?
Is there just some delay there in pulling all of them?
How can I be 100% sure that all entries are in the Cloudflare DNS, which I now feel is necessary before switching over?
yeah @cscharff I’m kinda stuck on Step 2 already - because the DNS records don’t match. Some of the TXT records are simply missing from Cloudflare’s DNS, so if I activate Cloudflare as the authoritative DNS, records will be missing which I can’t have.
so am I supposed to examine every DNS record from the domain and verify every single one is there in Cloudflare, and if they’re not (which currently they’re not), do I enter them somewhere? I don’t see a place to do that, I’m not sure it’s even possible since this entire DNS step seems almost completely automated.
Weird. What a hassle. I have a lot of records on this domain, but not an absurd amount - really very normal amount for a typical busy domain - and the very first step of my interaction with Cloudflare is “hey let us completely take over your DNS and it’s totally fine” except a bunch of records are just missing and have to be added manually. how many people DIDN’T check because they didn’t know how to use DIG or a similar manual lookup tool, allowed Cloudflare to take over DNS and just watched things fall apart?
You have just made the case for why DNS management for domains of any importance should be handled by professionals. It is also effectively the same reason that there is a trope that warns against the perils of granting DNS access to “the web d00d”.
Kudos to you for being more aware than the metaphorical “web d00d.”
