Orange cloud not orange-clouding

I have an interesting situation. I have a DNS name configured to proxy. But it won’t!

I’ve created a bunch of different flavors of rules. Even a worker. Nothing runs.

One clue, there used to be a wildcard (*) record in the zone. But it’s since been deleted.

Any ideas? Could something from the deleted wildcard record still linger under the hood?

Next steps, I’m going to delete the A/AAAA records and rebuild…

What’s the domain?

If it’s proxied and nothing is taking effect then I’d consider where the record previously pointed. There is a possibility it’s this: Troubleshooting Custom Hostnames / Cloudflare for SaaS when moving provider

test.gripercourtneyaviation.com I’ll leave it b0rk for awhile, if you want to take a peek.

My goal was to just put a simple Redirect Rule on it. But after banging my head on the desk when that didn’t run, I’ve currently got a route ‘test.gripercourtneyaviation.com/*’ to a simple worker that returns Response.redirect(). It works on the dev site https://old-griper.courtney-aviation.workers.dev but not https://test.gripercourtneyaviation.com.

That hostname resolves to Google, not Cloudflare. Is it definitely proxied?

If so, what are the nameservers listed below your DNS records in the dashboard?

Good catch! I didn’t think to check the obvious. :slight_smile:

But they are orange.

And the NS records look legit.
image

But yeah, something amuck still with abdullah.ns.cloudflare.com.

; <<>> DiG 9.16.33-RH <<>> +trace +nodnssec test.gripercourtneyaviation.com
;; global options: +cmd
.                       513473  IN      NS      a.root-servers.net.
.                       513473  IN      NS      b.root-servers.net.
.                       513473  IN      NS      c.root-servers.net.
.                       513473  IN      NS      d.root-servers.net.
.                       513473  IN      NS      e.root-servers.net.
.                       513473  IN      NS      f.root-servers.net.
.                       513473  IN      NS      g.root-servers.net.
.                       513473  IN      NS      h.root-servers.net.
.                       513473  IN      NS      i.root-servers.net.
.                       513473  IN      NS      j.root-servers.net.
.                       513473  IN      NS      k.root-servers.net.
.                       513473  IN      NS      l.root-servers.net.
.                       513473  IN      NS      m.root-servers.net.
;; Received 811 bytes from 1.1.1.1#53(1.1.1.1) in 3 ms

com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
;; Received 856 bytes from 198.97.190.53#53(h.root-servers.net) in 70 ms

gripercourtneyaviation.com. 172800 IN   NS      hadlee.ns.cloudflare.com.
gripercourtneyaviation.com. 172800 IN   NS      abdullah.ns.cloudflare.com.
;; Received 382 bytes from 2001:503:231d::2:30#53(b.gtld-servers.net) in 0 ms

test.gripercourtneyaviation.com. 300 IN A       216.239.34.21
test.gripercourtneyaviation.com. 300 IN A       216.239.36.21
test.gripercourtneyaviation.com. 300 IN A       216.239.32.21
test.gripercourtneyaviation.com. 300 IN A       216.239.38.21
;; Received 124 bytes from 162.159.44.203#53(abdullah.ns.cloudflare.com) in 13 ms

Interesting, just check that Cloudflare isn’t paused at the bottom right of the overview tab? It’s not resolving your root domain to Cloudflare either so that’s all I can think of.

Oh drat! I’m off to strangle one of my co-workers…

But serious, thanks for the clue stick! I’d forgotten about that knob on the overview page.

Feature request: Have some banner or background visual element in the DNS UI that indicates the proxy is globally disabled.

1 Like

No worries, I’m glad it was that or you’d have had me stumped.

That’s a good suggestion, can you create a post in #feedback:feature-request to request this. Other users can then vote on it and it won’t get lost here.

1 Like

Done! Visual indicator when proxy is globally disabled

1 Like

Fantastic, I’ve voted on it and hopefully others will too. Would solve a quite a number of posts here :sweat_smile:

2 Likes

Finally! I can use the new Redirect Rule instead of the heavier-weight worker.

  "rules": [
    {
      "version": "6",
      "action": "redirect",
      "expression": "(http.host eq \"test.gripercourtneyaviation.com\")",
      "description": "test griper has moved",
      "enabled": true,
      "action_parameters": {
        "from_value": {
          "status_code": 307,
          "target_url": {
            "expression": "concat(\"https://test.griper.aero\", http.request.uri.path)"
          },
          "preserve_query_string": true
        }
      }
    }
  ]

Many thanks @domjh.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.