DNS Issues and UNKOWN Origin host records not on Dash DNS page

Hello Community! Thanks in advanced for any help.

I’m having an issue with a domain I’ve migrated from Google Domains registrar to Cloudflare. The main DNS Issue is that my origin can’t seem to be resolved even though I’ve updated the DNS on the Dash. When doing a DNS check with dnschecker.org I find there are four UNKOWN Origin host records not displayed (so not editable) on my Dash DNS page (2xA + 2xAAAA). dnschecker.org does show that my Cloudflare NSs are correct, so these UNKNOW records must come from the Cloudflare NSs. This results in my domain being unreachable externally and giving errant resolution info.

I guess I first need to know where the origin hosts come from to be able to correct that resolution. I imagine from there it’ll be easier to configure through the rest of my unreachable resolution. I just can’t find where the records are or “why” they are there and pointing in that direction.

A snippet of the dnschecker.org request return:

Auth DNS: dell.ns.cloudflare.com.

A

Type Domain Name TTL Address
A [domain] 300 104.21.73.109
A [domain] 300 172.67.189.170

AAAA

Type Domain Name TTL Address
AAAA [domain] 300 2606:4700:3032::6815:496d
AAAA [domain] 300 2606:4700:3034::ac43:bdaa

CNAME

Sorry no record found!

*New User so I can’t put many links

Also when adding my actual Origin server to the DNS Dash page I get the blue exclamation message “Another record shares the same name, so we’ve applied CNAME flattening.”

Hi @daxisaac,

2 Likes

@domjh Thank you much for this info! That did help me trace the issue. I see DNS resolution on backends resolved the the proper origin. I think part of that resolution issue was DNSSEC. I had started the DNS transfer months ago and had enabled DNSSEC previous to that. I don’t remember if when I transferred I did the proper disable and re-enable for it. I just disabled that as well.

This has also helped me understand some of the concepts Cloudflare employs, so I really appreciate your help. Now I just have to figure out how to server or pass http/https externally to clients.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.