My name is: jolly-nobel-5c783a.netlify.app
I had things working perfectly for years (Thanks!) but tweaked some things on cloudflare which has broken some thing. I just want aglet.club and www.aglet.club to work (getting certification errors for aglet.club).
I also need the subdomains (which are cloudflare tunnels) to work.
I have attached a screenshot (with some edits) of my Cloudflare setup which I am guessing is wrong…THANKS!
It may now be working. 
But would still like a sanity check on my Cloudflaresetup if ok?
OK - in reading the docs, I think I should turn off the proxy at Cloudflare?
But curious if my settings are right? Everything seems to work…but I have no idea if it is right.
@TexasDave Here’s some related Support Guides:
Here’s an example of where users encountered issues recently:
Thanks for this. I have turned off the proxy in Cloudflare for my website. I have left it on for the two tunnels into my exposed services on my home network. I have also left it on for the A Records for my home network.
All appears to be fine but I do not understand how and why this works?
I have two uses cases:
I do not understand how the A Records work. They do - so I am happy. But they would seem to me confusing as one points to Netlify and one points to my home server. How and why does this work?
It seems to me I should have one A Record only? I can see two are allowed and it is called Round Robin DNS.
I guess it may work as it tries both IP addresses and either gets it right on the first go or falls back to the other one? It is just trying to find a specific port (Cloudflare tunnel) and the the correct ports/setup for the web page so if it grabs the wrong IP first and it fails, I guess it goes to the next one? It is also a simple form of load balancing (which I do not need).
If you’re intentionally configuring 2 distinct A records, both for your apex domain, then the behaviour you’re seeing is expected. Round Robin DNS is a bit different than this, in my opinion what you’ve done is simply misconfiguration and not Round Robin.
Thank you. I did remove the “extra” A record and everything seems to work fine (and I think I understand why).
What I do not understand is why when I login to Cloudflare I keep getting the following on my DNS page:
I have done what the have asked (www, root domain, restricted email) but that “next steps” shows every time I login?
From the screenshot, the configuration looks fine to me. However, I’m unable to see the records myself:
dig A +short @8.8.8.8 aglet.club
> returns nothing
dig CNAME +short @8.8.8.8 www.aglet.club
> returns nothing
Trying to browser your domain also doesn’t resolve it. It looks like you have enabled DNSSEC in your domain registrar settings, which might be causing this.
Sorry - I have been messing with it this afternoon and trying to fix this.
So it is likely up and down. Basically starting from scratch.
I am trying to follow this article from scratch:
(1) and (2) work fine…and I now only have one A name and then 3 CNAMES (2 for the tunnels, 1 for www). So I think this is good.
But I can not get cloudflare to stop telling me:
Add an A, AAAA, or CNAME record for www so that www.aglet.club will resolve.
Add an A, AAAA, or CNAME record for your root domain so that aglet.club will resolve.
I just do not know why Cloudflare is giving that suggestion…
I can confirm the setup looks good as far as Netlify is concerned. To get rid of the UI warnings, I think you might have to ask Cloudlfare on why their UI is showing it.
I think Cloudflare was in a weird state. I deleted everything but the two CF tunnels. The tunnels are the only reason I am even on Cloudflare. I then deleted my two entries for Netlify and re-added them. Everything worked fine but I was still getting the “suggested next steps”. Super frustrating.
So then I deleted all the email records just to try to fix that. That all worked and then “magically” the ANAME and CNAME warnings went away.
I think the email setup may have been an issue. I do not do email - I just wanted to block its use.
In any case - I am (finally) sorted. I have to say the Netifly docs are good and I think better than CF.
Thank you for taking the time to help me!
