Issue with DNS Resolution and Unexpected Redirects/Error 1000

Hi Cloudflare Community,

I’m experiencing an issue with DNS resolution and unexpected behavior across two zones in my Cloudflare account. Here’s the setup and the problem:

Setup

• Zone 1: example.com (Partial setup, enterprise account)

  • A Records:

    • foo.example.com -> origin IP (proxied)
      

    • www.example.com -> origin IP (proxied)
      

  • CNAME Records at Authoritative DNS Provider (Not a Cloudflare):
    • foo.example.com → www.example.com.cdn.cloudflare.net
    • www.example.com → www.example.com.cdn.cloudflare.net

• Zone 2: example.net (Full setup, same enterprise account)

  • CNAME Record:
    • foo.example.net → foo.example.com (proxied).

• Zone 3: example2.net (Full setup, free account)

  • CNAME Record:
    • foo.example2.net → foo.example.com (proxied).

Expected Behavior

• For foo.example.com to resolve to an origin IP
• For foo.example.net and foo.example2.net to resolve to the same origin IP as foo.example.com.

Actual Behavior

• When accessing foo.example.com, I receive a response from my origin as expected
• When accessing foo.example.net, I receive a 301 redirect to www.example.net. There are no redirect or page rules set up that would cause this behavior.
• When accessing foo.example2.net, I receive the following error:
  Error 1000: DNS points to prohibited IP…

Questions

• Why is foo.example.net redirecting to www.example.net despite no configured redirect rules?
• Why is foo.example2.net returning an Error 1000?
• How can I configure these records to resolve to the correct origin IP without issues?

Any insights or suggestions would be greatly appreciated!
Thank you!

If it’s redirecting then a redirect must be set up somewhere. Either it’s on Cloudflare or your origin.

Likely as it’s linked to a Cloudflare IP address from a resolver outside Cloudflare. Try the CNAME as “DNS only”.

To dig deeper you can give the real hostnames.

Why is foo.example.net redirecting to www.example.net despite no configured redirect rules?

We had a redirect rule that applied to non-SSL requests and sent them to the www host. I assumed this rule wouldn’t affect my HTTPS request to foo.example.net, but it did.
When I turned off the rule, I got “Error 1000 DNS points to prohibited IP”.
This error is the same as in my question 2.
Both foo.example.net and foo.example2.net have an alias to foo.example.com which is in Partial zone setup, so the DNS query goes to my DNS provider first and gets www.example.com.cdn.cloudflare.net, which resolves to CF IPs. However, Cloudflare doesn’t let me point my DNS record to CF IPs

What are you trying to achieve? Why did you turn off the redirect? Can you show a screenshot of the rule?

While I can’t provide a guaranteed two-line solution without more details, here are two options to troubleshoot your Cloudflare DNS issue:

Verify both zones use Cloudflare’s nameservers. If not, update your registrar’s settings to point to them. Ensure all necessary DNS records (A, AAAA, CNAME, etc.) are present and accurate for both zones in the Cloudflare dashboard.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.