External DNS www subdomain through Cloudflare


We want to understand the different options we have to achieve CDN setup through Cloudflare for one of our clients. Here is the situation:

  1. Client already has a DNS server and cannot transfer such authority to Cloudflare.
  2. They want to use Cloudflare as a CDN service for the www. subdomain only. The rest of subdomains will not be changed.
  3. As far as we are aware we have three options:
  • As far as we understand in https://support.cloudflare.com/hc/en-us/articles/360020348832 this is actually possible in the Business level at least, is that correct?
  • What if we create a CNAME record in the client DNS to Cloudflare for the www subdomain? This apparently was caught by Cloudflare security because of a change on host name probably, right?
  • We also noted a CNAME flattening option. Is this similar to what we are trying to do?

Thanks in advance for any information,

The Business/Enterprise option is the only choice for a domain who uses another DNS. Cloudflare will not otherwise respond to requests for that subdomain.

To address your questions directly:

  • Yeah, Business should be OK as sdayman has already said. You’re after a CNAME setup as per this link: https://support.cloudflare.com/hc/en-us/articles/360020615111
  • You can use the CNAME setup as per the above link but generally you can’t just make a CNAME in your own DNS like www.yourdomain.com pointing to www.dummydomainoncloudflarewhichpointstoourbackend.com and expect access to www.yourdomain.com to work because Cloudflare will match the host header and see that www.yourdomain.com isn’t configured here itself (if that makes sense?)
  • CNAME flattening is different, effectively it tells Cloudflare that even if you have CNAMEs defined, return lookups as an A recordwith a value of whatever the CNAME setting resolves to. So for example if I have home.saul.com set to and I have www.saul.com as a CNAME to home.saul.com, with CNAME flattening a lookup of www.saul.com would return a record type A with value instead of the CNAME. It’s kind of handy on your root node where CNAMEs can’t be set without violating RFCs.
1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.