Dynamic CNAME records

We have a Primary ISP / set of IP addresses and a Secondary ISP with their own set of IP addresses.

Is there a guide to setting up Dynamic CNAME records that will test things occasionally and update the IP address if the Primary ISP addresses is not reachable?


Sounds like a Load Balancer is one possible solution.


At the network layer, how are you failing over between the two ISPs?

Our firewall has a primary upstream and a secondary upstream connection. Each associated with a /8 set of IP addresses.

When it can’t pass traffic via the primary it tries to switch to the secondary. Which is ok for traffic originating from the offices but not for inbound traffic. That’s where the CNAMEs come in.

We used to use Azure for our DNS and they have a probe based setup that functions as dynamic CNAMEs at the DNS level. We had to switch to Cloudflare due to internal requirements and are just now trying to get things back to what we once had.

I suspect you are either a US military agency, or /8 is a typo! Perhaps look at getting your own ASN and IP space, and using BGP to maintain inbound reach ability. Depends on how big you are.

An alternative solution would be a Cloudflare Tunnel, which should work for your scenario.


I apologize for the confusion. I learned subnetting via subnet addresses, not / notation so I get that all messed up.
We have two very small address chunks from our ISPs, not big ones.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.