Is it possible to hacky use the NS address of CF to resolve an A record?

So here’s the deal. We have a network that has a AD server setup as domain.com, and so we have to point the NS of WWW to Cloudflare so they can see their website internally.

I know, bad setup.

What we are trying to figure out, is since CF proxies the A record, we can point to the proxy addresses, and that works. But we are worried those proxy addresses will change, and aren’t a stable pointer for the companies internal access to the WWW subdomain.

Obviously pointing the A record to our first NS record’s IP address doesn’t work. We tried lol

So 2 thoughts here, do those proxy addresses change? And if so, how do you point a subdomain to proxied changing addresses?

Split horizon is pretty common in an AD setup.

Yes.

Don’t use an A record internally. Create a CNAME to www.example.com.cdn.cloudflare.net. Then in Cloudflare, manage the public value of the DNS entry.

This will match the proxy addresses that the public see for www.example.com, and has the advantage of changing even as you change from :orange: to :grey:.

7 Likes

Thank you for the help!! You :rock: :metal:

Ok, I see when I point the domain to

www.example.com.cdn.cloudflare.net

The address resolves to the same place as www.example.com

Thanks Michael.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.