Hi
My host tells me I need to remove a couple of AAAA records from my cloudflare DNS zone file but I cant see them in my zone file. Can anyone help?
Kind regards
Andrew
Any hostnames that are set to 
use the Cloudflare proxy and will always have AAAA records published. (Enterprise agreements may offer exceptions, but that is unlikely to apply here.) If you only have an A record for a hostname, Cloudflare will only connect to it using IPv4. What problem is your host trying to help you solve?
1 Like
Hi,
Thanks for getting back to me
we are trying to deactivate ipv6
Thanks
Andrew
Without an Enterprise plan, you cannot deactivate IPv6. It is always enabled to the Cloudflare edge.
You can read about it in the first article that I linked in my previous reply. The following text fromt that article is particularly important.
IPv6 is no longer something you can toggle on and off, it’s always just on.
I read that an api can be created to resolve this issue. Is that correct?
What exactly is the issue?
Cloudflare does not connect to your server using IPv6 if you do not have an AAAA record. Why do you not want people to connect to Cloudflare using IPv6?
1 Like
Recently someone told me they could connect with or see my website. I’m not technically experienced with this so I’m not confident my interpretation of what they said is accurate but my understanding is I have AAAA records which use ipv6 connections which my hosts server doesn’t use. I think that is the issue but not sure, I have forwarded your question on to them to see if i can get any more clarity on that for you.
When proxied Cloudflare accepts IPv6 requests and then forwards them to the host using whatever address is specified in your DNS control panel. A client will only try to connect to an IPv6 address if it’s using IPv6 unless it’s really, really broken. And if it’s that broken it will find 50m+ websites using Cloudflare unaccessible along with other large swaths of the interwebs.
1 Like
My host said
"The issue with having an AAAA record active is that it can cause an issue with SSL, as the provider Let’s encrypt doesn’t access such DNS records, when requesting a new certificate.
It is not an issue with the server, but with the SSL provider, if you are to use the free certificates. That’s why this should be disabled at your end."
If this can only be done on the enterprise plan. We did find a conversation about creating an api, which we have been trying to set up but I’m not technically competent and my host has had issues working inside my account for me. Can you help with this?
Ok, let me ask again:
Are you experiencing any issues? As in, is anything currently not working? If so, why do you believe the problem is related to Cloudflare’s IPv6 support?
If not, don’t try to invent problems where there are none. Just ignore what your host is saying, as his explanation doesn’t make any sense. All requests reach your server using IPv4.
Thanks for getting back to me Laudian
If I said something to offend you please forgive me.
I’ll repeat the answer I gave you before. A visitor to my website could not visit my site and my host told me it was because of the AAAA records in my DNS zone. I fed back the responses I have received in this chat and there last response was
"My host said
"The issue with having an AAAA record active is that it can cause an issue with SSL, as the provider Let’s encrypt doesn’t access such DNS records, when requesting a new certificate.
It is not an issue with the server, but with the SSL provider, if you are to use the free certificates. That’s why this should be disabled at your end."
This is a direct copy and paste from their response to me and its above my level of competence, I’m just repeating what I’ve been told. I’ll feed your response back to them.
If they are wrong, what would you think the problem is?
Kind regards
Andrew
Thanks buddy, unfortunately this is way over my head, I’m just a layman wordpress user generally reliant on plugins and themes and their authors. Thanks though, I appreciate your consideration in responding
Kind regards
Andrew
So a visitor couldn’t visit your website and they think it is because of an AAAA record and the inability to issue an SSL certificate? 
Let’s set aside the ‘support’ agent’s feedback. This user who couldn’t visit your site. Do you have any additional detail? An error message? Logs?
Can they still not visit your website?
1 Like
Thanks again
Unfortunately, I didnt ask the guy for any details. I realised this would have been helpful when it was too late but as I say I spoke to my host who’s credentials I trust and followed their advice.
Is it impossible to diagnose what could have caused this without an error message?
Kind regards
Andrew
Oh, no worries, I don’t ever get offended. But I’m very direct and try to get to the point. I’ve heard this might come across as rude for non Germans.
The problem is, what your host says makes no sense. If you had problems with certificate renewal, noone would be able to visit your site.
And instead of just recommending completely random stuff (which makes even less sense), your host should first determin if there even is a problem at all. One person not being able to visit your site could easily be a problem on their end, not yours.
2 Likes
That makes sense, thanks for the advice
I think I will have to consider this a one off and maybe a problem their side as you say because I didnt ask what they saw on their screen or if there was an error message so I doubt my host can diagnose the issue without that.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.