I’ve enabled Load Balancing on a few sites about 36h ago (proxied, so orange cloud).
Cloudflare reports 53k DNS requests since then. I’ve checked the logs on the origins, and they show slightly over 4k unique IPs (HTML is not cached on the edge). Cloudflare Analytics agrees with the origins.
From what I understand, the 300s DNS TTL would cause a long-running session (e.g. Googlebot crawling lots of pages) to have multiple DNS queries (one every 5 minutes). We usually don’t have long-running sessions, and we have rather few bots allowed. I’m sure there are few stealthy bots, but probably not that many.
What else can cause DNS queries but doesn’t create hits? Could someone just send a DNS query every few seconds to drive up our costs or would they be blocked / not billed at some point?
