DNS Location - compliance requirements

Hello!
Could you please answer the following questions:

  1. If we have Seconday DNS server at Cloud Flare can we choose a location for the server or at least to have it in a location different to our Primary DNS server at Cloud Flare (in a separate Data Center of Cloude Flare)?
  2. Will we have at Cloud Flare the zone transfers between primary and secondary servers at least every 24 hours?
  3. The zone transfers to non-authorised servers (arbitrary hosts) must be rejected. That is true for Cloud Flare DNS servers, isn’t it?

Thank you in advance!

You can’t have that. You can only use the servers assigned by Cloudflare.

You essentially have two options.

  1. You use the nameservers assigned by Cloudflare, which will follow the standard Cloudflare logic and there is no transfer possible.
  2. You sign up for a Business plan and switch to a CNAME setup, in which case you’d manage DNS all by yourself with your own servers and only point your DNS records to the proxies.
  1. You run the Primary, so you can decide where it runs.

  2. Transfers are initiated by the Primary using AXFR notify, so this is within your control. You can also use the API to force a transfer even if no changes have been made.

  3. Cloudflare do not allow outbound zone transfers, so there are not authorised hosts.

(Secondary DNS is an Enterprise only feature).

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.