Zone Delegation in GCP causes DNS Problems in Cloudflare

Hello everybody,

I have a domain managed in GCP Cloud DNS, let’s call it: gcp<DOT>domain.
I have a need to create a new subdomain called another<DOT>gcp<DOT>domain, and delegate routing from (parent) gcp<DOT>domain to another<DOT>gcp<DOT>domain (child).

I also host a website in Cloudflare using the parent domain. One of my addresses is a proxied Cloudflare CNAME record that (for some legacy reason) was created with the name api<DOT>another in the parent site/domain, pointing to the A record api<DOT>gcp<DOT>domain (which was created in GCP and leads to the actual service).

So we effectively proxy api<DOT>another<DOT>gcp<DOT>domain to GCP’s api<DOT>gcp<DOT>domain using Cloudflare. I also point out that we have a KV worker involved along the way, which holds the value of api<DOT>another<DOT>gcp<DOT>domain for some routing decision.

I created the new child domain in GCP with a proper CNAME record (api<DOT>another<DOT>gcp<DOT>domain) using the provided proxy value, to keep everything in-tact for the delegation. I also checked the proper Name Servers for my GCP region. Unfortunately, when I’ve provisioned the NS record in the parent domain, after about 15-20 minutes, Cloudflare started to return 530/1016 statuses and I had to quickly roll-back.

Currently the only mitigations I can think of is:

  1. change the CNAME record in Cloudflare to be something other than api<DOT>another in the gcp<DOT>domain site
  2. copy also the A record api<DOT>gcp<DOT>domain from the parent domain when creating its child

Any thoughts?


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.