What does cloudflare DNS do with non http traffic?

I have the free account currently. I am trying to get an answer to determine what Cloudflare does with non HTTP\S traffic. If the DNS request is for non HTTP or HTTPs traffic do they server the DNS record and its associated IP in the same way that a regular DNS server does without doing any special filtering on the traffic and just direct the traffic directly to my IP?

I have some additional services running on my domain and they don’t seem to be working correctly since I pointed my name servers to Cloudflare.

Thanks

Here is the list of ports that are supported by Cloudflare. https://support.cloudflare.com/hc/en-us/articles/200169156-Which-ports-will-Cloudflare-work-with-

If the applications are on the list of supported ports, which ones are not working?

Did you set those subdomains to be WITHOUT the orange cloud in the DNS tab? (click the orange cloud to disable)

If you didn’t, it will try to go through Cloudflare… which you don’t want.

The question is not what ports they support I have seen that list. My question is if there is another non HTTP service using the same domain on another TCP port how does Cloudflare handle that. Do they simply refer the traffic without filtering it or do the try to filter it breaking the connection.

I am new to Cloudflare and can’t find an answer to what seems a simple yet important question.

I didn’t set any subdomains with the orange cloud off. thank you for that bit of advice.
In this instance thought the service uses both HTTP, HTTPS and non HTTP traffic all to a single domain. there are multiple ports involved. HTTP can’t be pointed to a separate domain from the non HTTP traffic.

The way the regular Cloudflare works is by assigning MANY customers on the very same IP address; You don’t get your own IP. In both HTTP and TLS, there’s a method to differentiate what site was “called” despite having the same IP address. In HTTP this is “Name-based Virtual Host”, based on the “Host:” header in the client request. In TLS, there’s SNI. That’s how Cloudflare knows which customer (and which host at a given customer) was the traffic destined to, so it can proxy it.

If you need services which are not HTTP, then Cloudflare will have to assign you your own IP from their pool, because there’s no way to differentiate random services (they don’t include the “callee” information in the protocol). They do that with the Spectrum service, but that costs money. Which makes sense, because those unique IPs cost them money.

If you have to use both HTTP and other services on the same hostname, I think there’s no choice but to not use Cloudflare (or any other CDN for that matter - all of them will have this issue…)

2 Likes

No, on a DNS level nobody knows what service you are going to use it for. Depending on your settings it will always return your IP address or Cloudflare’s.

The connection attempt will be ignored and time out.

2 Likes

Thank you both for that information. I would be nice if Cloudflare listed that in their FAQ as many websites \ Web Services also have additional non HTTP related traffic associated with them.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.