How to give DNS management to CloudFlare

mazzespazze · March 4, 2021, 3:01pm

I have my domain registered with AWS Route 53 and the DNS management is done by DigitalOcean. I changed nameservers in AWS with the two that CloudFlare gave me and I change nameservers also in DigitalOcean.

Though when on the DNS dashboard, even if I add “A” records or delete, nothing gets affected. The resources still keep the names given my DigitalOcean. On top of that, if I change on DigitalOcean, the actual resource changes.

When I do a lookup with “whois mydomain” or “dig + trace mydomain.com” I can see the CloudFlare domain name servers.

Any suggestion or tip in how to give CloudFlare permissions? 12 hours already passed since I updated the domain name servers.

Thanks

Judge · March 4, 2021, 3:03pm

If Route 53’s domains is delegating authoritative control to Digital Ocean, you can’t further delegate from DO to Cloudflare; adding NS records to Digital Ocean is different from changing the authoritative DNS servers at your registrar.

To move to CF, you should change the ‘authoritative name servers’ at Route 53, not DO.

mazzespazze · March 4, 2021, 3:04pm

I changed nameservers in AWS with the two that CloudFlare gave me

It is the first thing I did. They are changed on AWS Route 53, since I can see the two that CloudFlare gave me also on the AWS dashboard.

cscharff · March 4, 2021, 3:44pm

I’m not sure what this means.

Your zone was active ~= 20 minutes after you added it Cloudflare. Doing a DNS lookup for your records resolves to a Cloudflare IP. Cloudflare then proxies to the target you’ve specified in the Cloudflare DNS control panel.

So it seems to be working.

mazzespazze · March 4, 2021, 3:21pm

Sorry I expressed myself really badly. I meant that in DigitalOcean dashboard I created an “A” record called “kibana.mydomain.com” pointing to an IP.

Then when I noticed that with “whois mydomain.com” the nameservers were the ones of CloudFlare, in the CloudFlare dashboard (that had already all the records of DigitalOcean) I renamed the record from “kibana.mydomain.com” to “kibanaCloudFlare.mydomain.com”.

I still cannot visit the kibanaCloudFlare subdomain, but I can still visit the “kibana” one. And if I change name on DigitalOcean, I can visit the changed version immediately.

So how can I have CloudFlare managing the DNS records? Am I missing something?

cscharff · March 4, 2021, 3:24pm

dig kibanaa.mydomain.com +short
104.21.70.168
172.67.137.184

The name you have in Cloudflare resolves just fine for me. Perhaps you need to flush the DNS on your machine / network?

mazzespazze · March 4, 2021, 3:43pm

Wow that was it (in a sense). After flushing the DNS I couldn’t reach anymore the DigitalOcean entry (as I wanted) and your command gives me exactly the same output. Though now the “kibanaa.mydomain.com” goes into a timeout error.

Do you have any insight? And again, thanks so much for helping me!

cscharff · March 4, 2021, 3:51pm

Is the IP specified (in Cloudflare’s DNS) listening on port 443?

mazzespazze · March 4, 2021, 4:01pm

No it is listening on http port 5601. So I guess I should have it listening on port 443 and server under https?

erictung · March 4, 2021, 4:16pm

You’re correct.

system · March 7, 2021, 4:17pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.