Question with existing onpremise dns server and cloudflare dns

I everyone.

We are new to the Cloudflare solutions and very happy to use this service.

Today we use Cloudflare dns zone attached to our domain (for example: domain[dot]com) and use also a on-premise dns server (windows server role) for use local ip address when our clients are connected locally to our infrastructure.

I’ve configured a hostname with load balancing on the Cloudflare dns zone : test[dot]domain[dot]com

But this hostname is not available on our on-premise network (by local dns server). Normally because this is missing on our zone configured from this side.

But the question is how can add the CNAME or A record to point the hostname domain[dot]com on on-premise zone to the hostname configured on Cloudflare side :slight_smile:

This is verry important for us because we use also the failover solution with load balancing.

Other question: how I can configure the dns server to looking all hostname not present on on-premise domain[dot]com zone to the Cloudflare zone ?

Thank-you !

The internal CNAME should point to the following:


This CNAME will correctly follow the proxy status of the hostname on Cloudflare.

1 Like

thank-you soo much !! :slight_smile: this is the solution i was searching a lot of time

For my second question: do you know if is possible to make a redirect to * for all other hostname not added to the on-prem zone or I must add them manually ?

anyone ?

nobody ? :frowning:

You want your internal authoritative DNS servers to become recursive instead of issuing NXDOMAIN. The question is really outside the scope of this Community, StackExchange might be a better place.

I do not think this is possible in Windows DNS, Bind NXDOMAIN Redirection might be what you want, and commercial DNS solutions like Infoblox have this sort of functionality.

You could try a wildcard CNAME in your internal DNS pointing to one of your :orange: entries that you have configured in Cloudflare. This will not follow the proxy status of the record being requested, and personally I would never use a wildcard on an internal DNS zone like that, it generally has more downsides than make it worth thinking about. Unless you have some crazy setup it would be easier to just write a script to create the internal records and keep them in sync.

ok thanks for your response :slight_smile:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.