Hi - After yesterdays scary situation where we had 1000 clients not being able to access our systems for a while - we have decided to setup a secondary DNS system using ClouDNS. Now we have to tell Cloudflare that we have done that and I don’t know where to go in the dashboard to start setting that up. The instructions from ClouDNS were,
“To operate your secondary zone properly it is required for both the following IPs to be allowed for notifications ( also-notify ) and transfers ( allow-transfer ) at your primary servers:”
and then follow a bunch of IP’s address’s in IPv4 and IPv6 format.
While I can certainly sympathize with the concern, the reason nobody has answered is fear of an angry response, which is frequent in such a situation. Hopefully not from you.
So…Cloudflare expects to be the one and only DNS for your domain. It looks like you can use Cloudflare as Secondary DNS, but still use the proxy service. I think this requires at least a Business Plan. The trick is that your DNS records point to Cloudflare proxy IP addresses, so you’d have to to a mass-switchover to not use the proxy IP addresses.
There’s also the option of becoming a Cloudflare Hosting Partner so you can use your own DNS that’s tied to Cloudflare DNS. I expect this would still require a mass-switchover to origin IP addresses.
Again, I get where you’re coming from. Things are going to break and you don’t want to be affected by the outage. Stuff somewhere always breaks and ruins someone’s day. And then they curse and scream that they’ll never use that product again, so they switch to another product. That will also definitely break at some point.
So…weigh your options. While yesterday’s half-hour outage was a pain, the worst part for me was not knowing where the problem was. Cloudflarestatus didn’t show anything, and I couldn’t reach any other part of Cloudflare. What I appreciate is that every time something at Cloudflare breaks, we get a thorough explanation of what happened, and what they will do to stop that thing from happening again. This isn’t an easy operation behind the scenes, so I’m definitely appreciative that it works 99.99% of the time.
I’m also looking for a solution, even if it’s pointing my third/fourth name servers to another region, (such as Oceana, Europe, etc).
I’d rather keep it all in the CF family but when my customers can’t use my service for emergencies, I have to get the government involved and report why… and I don’t want to do that ever again.
In that instance I feel relying on a single system is bad, always. I don’t know your budget or whatever, but reach out to the sales team. The enterprise plan has more functionality and you can do various configurations to have more redundancy.