How to handle replicating records for internal DNS

I’ve started running into issues where our internal DNS server won’t forward queries for our subdomains created in cloudflare. One of our managers says we need to create the records in local DNS, but as the IPs given to our domains by cloudflare for the proxy are not static, that doesn’t seem like it’s the right way to do it.
Is there a best practice for how this should be done?

Are you referring to a split horizon DNS, where you have internal DNS servers which are authoritative for, and also have Cloudflare setup to be authoritative for the “public” view of

In the internal zone you can create CNAMEs for each of the public hostnames with a target of These will correctly follow the proxy status of the public view (:orange: or :grey:). For the root ( you cannot create a CNAME. If it is :grey: in Cloudflare, just replicate the A record from Cloudflare. If :orange: just replicate what you currently get from a dig of the hostname.


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.