Unique situation with cloudflare origin certificates. I need help in regards to an internal DNS pointing directly at the server and how to point it the root domain at cloudflare

Hi,

Apologies for this not exactly being cloudflare specific however I think it would be useful for others on cloudflare on know how to deal with this. This is a follow up to this topic where I wanted to know how to fix an issue where the website is setup normally via cloudflare and uses the cloudflare origin certificates. It works great for everyone except those in the organization. They have an internal bind9 DNS with the same record names pointing directly to the origin server IP.

@thedaveCA gave a good explanation in that thread on how to fix the bind9 config to route to cloudflare using a CNAME.

My issue is that I would like to know what I can do for the root domain example.com as I can not use CNAMEs in the bind9 config for the root name. It says it needs to be an A record. Any help you all could provide would be most welcome.

Create an A record pointing to the IP. Update when/if it changes. Automate the update via a script if you want/need.

Ah I was hoping this wouldn’t be the case. Since the IP has to be cloudflare’s do I just point it to the IP address of the cloudflare nameserver? Is there no other way to do this without having to constantly monitor if cloudflare’s IP address to its nameserver changes?

Not at the IP of the nameserver. At the IP that example.com currently resolves to.

You do not need to be too quick in updating the DNS when Cloudflare changes. In general, any Cloudflare address will actually work for your website.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.