Cloudflare DNS records do not propagate - Updated 3 days ago
Hi, My domain is pointed to ian.ns.cloudflare.com jean.ns.cloudflare.com. I've set up A records for my domain and its WWW subdomain. When I check "https://www.whatsmydns.net/", I see that some records resolve to 104.21.31.177 and 172.67.178.239, while others resolve to 188.114.96.6 and 188.114.97.6.
Additionally, when I visit the website, it appears to be proxied through 188.114.96.6, which points to an outdated server instead of the correct IP address that I recently updated in the DNS settings.
Anyone knows how can this issue be addressed?
4 Replies
Those are Cloudflare Proxy IPs, when you have proxy enabled on the record, CF will respond to DNS Queries with its Proxy IPs to send the traffic through it first, and then to your backend. You won't be able to see/your actual record's IP(s) won't be exposed
Thanks for your reply, you are correct and I know this.
My problem is, that cloudflare DNS doesn't point to the A record I configured.
The query is outdated. It points to some other server.
This is my configuration. It should load the website from the IP from the screenshot, but instead it loads it from other IP.
I've pointed my domain to cloudflare nameservers 3 days ago.
It seems that cloudflare DNS responds with outdated IP that was proxied before I changed it.
Just to make things clear, it seems that cloudflares proxy IPs do not point to the correct ip that I updated in the DNS records (eg: 188.114.96.6 doesn't proxy to 49.13.51.206).
Be careful about sharing unblurred screenshots like that, you're leaking your origin's IP/can be used by attackers to get around CF.
Are you sure about what you're saying though? You can use curl override to bypass Cloudflare and connect directly to your origin, ex:
curl --resolve algamol.com:443:<ip> https://algamol.com/
(can replace <ip> with 127.0.0.1 if in shell on same machine as the web server, or remote ip if you don't have a firewall blocking it)
If I do so with that origin directly, I get back a response like this:
< HTTP/2 200 < server: nginx < date: Tue, 03 Dec 2024 14:15:29 GMT < content-type: text/html; charset=UTF-8 < vary: Accept-Encoding < x-powered-by: PHP/7.4.33 < link: https://algamol.com/wp-json/; rel="https://api.w.org/" < access-control-allow-origin: *and if I compare the response html from .206 to the html served on your website, exactly the same
Thanks! It seems to be 80% pointed to the origin and 20% pointing to previous IP.
I've deleted these A records and re-added them. It seems like it started to move things around and serving the website from the correct origin. What a weird bug.