DNS update seems like it's not taking place

I had a subdomain of api pointing at a cname.
Yesterday, I removed the cname record and pointed the api subdomain at an ip address using an a record.

It’s been over 24 hours since I did this and I’m still seeing all the traffic go to the old cname application.

What can I do?

Thanks in advance.

  • Toggle that DNS entry to :grey: DNS Only. (this takes five minutes to propagate)
  • Verify that A or CNAME record DNSChecker.org

Ok so I did that, and as soon as I turn the proxy off it goes to the correct ip. I turn the proxy back on and it immediately goes back to the old cname.

It’s been over 48 hours now, is there some sort of way I can check any diagnostics in Cloudflare?

I don’t know if there is something funny going on Cloudflare, but I’ve even set up a load balancer now for that subdomain and it is still making no difference. All traffic still goes to the old app. I tried with both the old and new apps in the load balancer, and I now have JUST the new app, and all traffic is still going to the old app.

Proxied DNS entries don’t return CNAME records. They return “A” records with the IP address of the proxy server.

I understand that, what I mean is that the traffic goes back to the old record, which is a CNAME record in Cloudflare.

And it’s still happening. Is there a way I can run any diagnostics within Cloudflare? Or speak to someone within Cloudflare so they can see if something strange has happened?

It doesn’t sound like it’s really a DNS issue, but a :orange: Proxy issue instead. Whatever that CNAME points to is probably a host that’s added your domain to their Cloudflare configuration and they’re intercepting your proxied traffic. You’d have to ask them to completely remove your domain from their Cloudflare SaaS service.

Is that a thing that is possible? So someone can add my domain to their Cloudflare account and essentially hijack my domain even when I have re-pointed the record away from their service?

They’re not hijacking your domain. You signed up with someone and they use Cloudflare as part of their services for your site. Some vendors just don’t do a good job of releasing domains when you stop using their service.

I’m not sure what you mean.

I use Cloudflare.
I spun my app up using digital ocean apps and pointed the api subdomain to their service using a cname record in my Cloudflare account.
I now want to point that subdomain in my Cloudflare account to an a record which pertains to a different server, spun up elsewhere. I have done this, but when the proxy is turned on it will always route to the cname record, even though there is no cname record against that domain anymore.

If I turn the proxy off, the traffic gets sent correctly to the IP address against that subdomain. If I turn the proxy on, it goes sent incorrectly to the old cname.

What does the old CNAME record point to?

It is brickpal-phawr.ondigitalocean.app.

That domain uses Cloudflare DNS, which means they would have added your hostname to their Cloudflare SaaS setup in order to issue an SSL/TLS certificate for it.

Ok I initially did a workaround by installing an SSL cert on the server and turning the proxy off. However, after your last message I have gone into the digital ocean apps config, deleted the domain from the app and turned the proxy back on and I THINK it’s fixed it. It looks like the SSL cert is now coming from Cloudflare, but traffic is being sent to the correct app instance.

Thanks for your help, that was very confusing! I still think it’s strange that even though I re-pointed the subdomain Cloudflare was still sending traffic to the old place, but at least it’s sorted now!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.