What kind of Cloudflare service is doing this to a domain?

First of all I’m just a newbie getting along with these technologies and studying for my CCNA. My teacher said we need to understand how the internet works and he suggested to learn about Cloudflare…so I’ve encoutered a fourth level domain, let’s say and only for example abcd.domain.name.com

Why I can ping abcd.domain.name.com or also dcba.domain.name.com or hellothere.domain.name.com or (basically everything i write and it’s seem to be very weird to me) and always having back a ping response from a Cloudflare IP? And why I can’t ping anything from the third level domain or traceroute it (it’s say “unable to resolve the host”) ?.

Sorry for appearing so newbie but I’m learning and I cannot explain what kind of Cloudflare service is able to to these.

Your description is a bit lacking in details, it would be helpful to know the actual domain name. Different levels can be controlled by different parties.

The most obvious answer is that there’s a wildcard Proxied DNS record on *.domain.name.com but not on domain.name.com, not a Cloudflare specific thing.

If you’re confused about the DNS Record Types and how ping is actually resolving A/AAAA records, there’s lots of videos on youtube and tutorials out there, worth learning the basics well first.

1 Like

Thanks for the answer, I’m not confused about DNS Record Types I’m a bit confused how this proxied DNS record could work with cloudflare: the ip address responding when you ping it is a Cloudflare IP address not the real server behind Cloudflare, so i was thinking if this is done by Cloudflare Load Balancers maybe

It’s just the normal Cloudflare CDN/Proxy feature. You make a record proxied, wildcard or not, and Cloudflare will respond with its Proxy IPs so requests go
Visitor → Closest Routable Cloudflare Location → Origin. Having Cloudflare in the middle offers many benefits, such as caching, ddos protection/waf, supporting the latest protocols like http/3, brotli compression, etc.

So if I’ve understood well: I can (reverse) proxy a server, with or without a wildcard, using its even a third level or a fourth level domain and, after that, I can ping basically every fourth or third domain because it’s the cloudflare proxy server answering me?

I tried and it works even with a yritmen23140.site. domain. com, there’re no rules or filters for “controlling” the answer ? I just can’t get how the randomic answer works.

Sorry this is just DNS. Proxy isn’t involved.

If you have a wildcard record in place it responds with an answer for any subdomain that isn’t explicitly defined in DNS (mostly).

demo.dog has a wildcard record in place. It happens to be a proxied record so it always resolves to a Cloudflare IP address. If it wasn’t proxied it would point to 192.0.2.1.

Yes I’m starting to get it thanks for the explanation. I tried with abc.demo. dog and other third randomic domain levels and they where all answering with a Cloudflare IP Address.
So if I’ve understood well, what’s configured in Cloudflare is something like a record A with * pointing to a non cloudflare IP server (like an external hosting or my server at home) and another record A with demo .dog pointing to the same non cloudflare ip server. It’s correct?

Bump this

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.