Is this normal that CloudFlare responds with the root SOA record for a non-existent sub domain? I expect to see the “DNS name does not exist” response as per the top of my image (a fully operational domain but non-existent sub domain) but instead I’m getting the bottom return.
This seems to be a new function of cloudflare DNS as it’s broken our split tunnel VPN for our corporate environment in the last few days/weeks. Devices are trying to get to internal.domain.com which only resolves when on the internal corporate DNS servers but because it is getting a response from global DNS servers it doesn’t do a lookup for that record on the second VPN interface.
Is there a setting I can change to ensure that CloudFlare returns a DNS name does not exist error?