From 55bd61adba6bbff23a3c1f92fa7957019c29adeb Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 6 Mar 2025 17:07:42 +0000 Subject: [PATCH 01/10] Add conditional rendering for create internal zone --- .../docs/dns/internal-dns/get-started.mdx | 13 +++--------- .../dns/internal-dns/internal-zones/setup.mdx | 11 +++------- .../partials/dns/internal-zone-create.mdx | 20 +++++++++++++++++++ 3 files changed, 26 insertions(+), 18 deletions(-) create mode 100644 src/content/partials/dns/internal-zone-create.mdx diff --git a/src/content/docs/dns/internal-dns/get-started.mdx b/src/content/docs/dns/internal-dns/get-started.mdx index b0a15f2359949da..9113e9ab1e86f44 100644 --- a/src/content/docs/dns/internal-dns/get-started.mdx +++ b/src/content/docs/dns/internal-dns/get-started.mdx @@ -41,16 +41,9 @@ Although there are some steps that can be achieved on the dashboard, currently t ## 1. Set up your internal DNS zone -1. Use the [Create Zone](/api/resources/zones/) endpoint to create an [internal zone](/dns/internal-dns/internal-zones/). Specify your account ID and set the `type` to `internal`. - -
- -
- -2. Add DNS records to your internal zone using your preferred option: -- [Import](/api/resources/dns/subresources/records/methods/import/) a formatted BIND file. Refer to the [DNS records how-to](/dns/manage-dns-records/how-to/import-and-export/) for guidance. -- Use other API endpoints, such as [`/batch`](/api/resources/dns/subresources/records/methods/batch/), to manage DNS records. Refer to [Batch record changes](/dns/manage-dns-records/how-to/batch-record-changes/#use-the-api) for details. -3. Repeat this process for each internal zone you wish to add. + ### (Optional) Reference a zone from another zone diff --git a/src/content/docs/dns/internal-dns/internal-zones/setup.mdx b/src/content/docs/dns/internal-dns/internal-zones/setup.mdx index 9e7b29bba27631a..ca433d74bfd8d09 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/setup.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/setup.mdx @@ -17,14 +17,9 @@ When setting up internal zones, observe the following conditions: ## Create an internal zone -1. Use the [Create Zone](/api/resources/zones/) endpoint to create an internal zone. Specify your account ID and set the `type` to `internal`. -2. Add DNS records to your internal zone using your preferred option: -- [Import](/api/resources/dns/subresources/records/methods/import/) a formatted BIND file. Refer to the [DNS records how-to](/dns/manage-dns-records/how-to/import-and-export/) for guidance. -- Use other API endpoints, such as [`/batch`](/api/resources/dns/subresources/records/methods/batch/), to manage DNS records. Refer to [Batch record changes](/dns/manage-dns-records/how-to/batch-record-changes/#use-the-api) for details. -3. Repeat this process for each internal zone you wish to add. - -Since the resolver policy configuration will require a DNS view, you must link the internal zones to at least one view to be able to use them when routing requests to Internal DNS. For a full procedure overview, refer to [get started](/dns/internal-dns/get-started/). - + ## Other actions diff --git a/src/content/partials/dns/internal-zone-create.mdx b/src/content/partials/dns/internal-zone-create.mdx new file mode 100644 index 000000000000000..235c275b8a392f7 --- /dev/null +++ b/src/content/partials/dns/internal-zone-create.mdx @@ -0,0 +1,20 @@ +--- +params: + - conditional +--- + +import { TabItem, Tabs, Details, Example, Render, Markdown } from "~/components"; + +1. Use the [Create Zone](/api/resources/zones/) endpoint to create an [internal zone](/dns/internal-dns/internal-zones/). Specify your account ID and set the `type` to `internal`. + +{ props.conditional === "get-started-detail" && ( +
+ +
+ ) +} + +2. Add DNS records to your internal zone using your preferred option: +- [Import](/api/resources/dns/subresources/records/methods/import/) a formatted BIND file. Refer to the [DNS records how-to](/dns/manage-dns-records/how-to/import-and-export/) for guidance. +- Use other API endpoints, such as [`/batch`](/api/resources/dns/subresources/records/methods/batch/), to manage DNS records. Refer to [Batch record changes](/dns/manage-dns-records/how-to/batch-record-changes/#use-the-api) for details. +3. Repeat this process for each internal zone you wish to add. \ No newline at end of file From 74b64b4e91a1d2fbf984939813549e1b8909c0f9 Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 6 Mar 2025 17:25:05 +0000 Subject: [PATCH 02/10] Clear out unused components from internal-zone-create --- src/content/partials/dns/internal-zone-create.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/partials/dns/internal-zone-create.mdx b/src/content/partials/dns/internal-zone-create.mdx index 235c275b8a392f7..a2864a73d081990 100644 --- a/src/content/partials/dns/internal-zone-create.mdx +++ b/src/content/partials/dns/internal-zone-create.mdx @@ -3,7 +3,7 @@ params: - conditional --- -import { TabItem, Tabs, Details, Example, Render, Markdown } from "~/components"; +import { Details, Render } from "~/components"; 1. Use the [Create Zone](/api/resources/zones/) endpoint to create an [internal zone](/dns/internal-dns/internal-zones/). Specify your account ID and set the `type` to `internal`. From 03d4606e195b65c5020f758d2d49b1d601507a8f Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 6 Mar 2025 17:34:16 +0000 Subject: [PATCH 03/10] Fix syntax to make conditional property opitional --- src/content/docs/dns/internal-dns/internal-zones/setup.mdx | 4 +--- src/content/partials/dns/internal-zone-create.mdx | 2 +- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/content/docs/dns/internal-dns/internal-zones/setup.mdx b/src/content/docs/dns/internal-dns/internal-zones/setup.mdx index ca433d74bfd8d09..14d35e8716f5095 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/setup.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/setup.mdx @@ -17,9 +17,7 @@ When setting up internal zones, observe the following conditions: ## Create an internal zone - + ## Other actions diff --git a/src/content/partials/dns/internal-zone-create.mdx b/src/content/partials/dns/internal-zone-create.mdx index a2864a73d081990..a46c3c8a59f9827 100644 --- a/src/content/partials/dns/internal-zone-create.mdx +++ b/src/content/partials/dns/internal-zone-create.mdx @@ -1,6 +1,6 @@ --- params: - - conditional + - conditional? --- import { Details, Render } from "~/components"; From 5dff0746b033d2f24a9376b1d63f98439ebd9ca8 Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 13 Mar 2025 08:48:54 +0000 Subject: [PATCH 04/10] Add .yaml file so that iDNS comes up in /products --- src/content/products/internal-dns.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 src/content/products/internal-dns.yaml diff --git a/src/content/products/internal-dns.yaml b/src/content/products/internal-dns.yaml new file mode 100644 index 000000000000000..17f9428302c582b --- /dev/null +++ b/src/content/products/internal-dns.yaml @@ -0,0 +1,9 @@ +name: Internal DNS + +product: + title: Internal DNS + url: /dns/internal-dns/ + group: Application performance + +meta: + description: Leverage Cloudflare DNS for your internal resources. \ No newline at end of file From 8f82673257bbb75f5373b55f9f7c9c15dda8fb89 Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 13 Mar 2025 08:53:39 +0000 Subject: [PATCH 05/10] Update DNS records link to point to #internal-dns-records --- src/content/docs/dns/internal-dns/index.mdx | 2 +- src/content/glossary/dns.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/docs/dns/internal-dns/index.mdx b/src/content/docs/dns/internal-dns/index.mdx index 3969a0ec6face30..14348e33e0b50d5 100644 --- a/src/content/docs/dns/internal-dns/index.mdx +++ b/src/content/docs/dns/internal-dns/index.mdx @@ -76,7 +76,7 @@ flowchart LR end ``` -Internal DNS zones contain the DNS records that should be used to resolve an internal DNS query. Also, if no internal record is found within a matching internal zone, Cloudflare will check if the matching internal zone is [referencing another internal zone](/dns/internal-dns/internal-zones/#reference-zones). +Internal DNS zones contain the DNS records that should be used to resolve an internal DNS query. Also, if no internal record is found within a matching internal zone, Cloudflare will check if the matching internal zone is [referencing another internal zone](/dns/internal-dns/internal-zones/#reference-zones). diff --git a/src/content/glossary/dns.yaml b/src/content/glossary/dns.yaml index c1e134dc8ffb4d4..b1e327568b6a000 100644 --- a/src/content/glossary/dns.yaml +++ b/src/content/glossary/dns.yaml @@ -27,7 +27,7 @@ entries: - term: DNS record general_definition: |- - DNS records are instructions that live in authoritative DNS servers and provide information about a domain including what IP address is associated with that domain and how to handle requests for that domain. + DNS records are instructions that live in authoritative DNS servers and provide information about a domain, including what IP address is associated with that domain and how to handle requests for that domain. - term: DNS server general_definition: |- From 647e89549318be6712da352489fc9fb68ab2d094 Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 13 Mar 2025 09:01:57 +0000 Subject: [PATCH 06/10] Create and apply partial for reference-zone-intro --- src/content/docs/dns/internal-dns/internal-zones/index.mdx | 2 +- .../dns/internal-dns/internal-zones/reference-zones.mdx | 2 +- src/content/partials/dns/reference-zone-intro.mdx | 6 ++++++ 3 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 src/content/partials/dns/reference-zone-intro.mdx diff --git a/src/content/docs/dns/internal-dns/internal-zones/index.mdx b/src/content/docs/dns/internal-dns/internal-zones/index.mdx index 5f4dfb4589219f3..056343856f3525e 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/index.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/index.mdx @@ -17,7 +17,7 @@ Internal DNS zones do not get assigned Cloudflare nameservers and can only be qu ## Reference zones -During an [internal DNS query resolution](/dns/internal-dns/#architecture-overview), if no internal record is found within a matching internal zone, Cloudflare will check if the matching internal zone is referencing another internal zone. Successive references can be followed with a maximum of five references in a chain. + Each internal zone can only reference one other zone, but the same zone can be referenced by multiple internal zones. Public zones cannot be used as reference zones. diff --git a/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx b/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx index 0d0bee5d88639ca..94077ca2ec6c7f3 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx @@ -7,7 +7,7 @@ sidebar: import { Example, Render } from "~/components"; -During an [internal DNS query resolution](/dns/internal-dns/#architecture-overview), if no internal record is found within a matching internal zone, Cloudflare will check if the matching internal zone is referencing another internal zone. Successive references can be followed with a maximum of five references in a chain. + Each internal zone can only reference one other zone, but the same zone can be referenced by multiple internal zones. Public zones cannot be used as reference zones. diff --git a/src/content/partials/dns/reference-zone-intro.mdx b/src/content/partials/dns/reference-zone-intro.mdx new file mode 100644 index 000000000000000..326bc7d5e540a21 --- /dev/null +++ b/src/content/partials/dns/reference-zone-intro.mdx @@ -0,0 +1,6 @@ +--- +{} + +--- + +During an [internal DNS query resolution](/dns/internal-dns/#architecture-overview), if no internal record is found within a matching internal zone, Cloudflare will check if the matching internal zone is referencing another internal zone. Successive references can be followed with a maximum of five references in a chain. \ No newline at end of file From 23d14e9542c493e4e988a08c381060ab78d522cd Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 13 Mar 2025 10:38:48 +0000 Subject: [PATCH 07/10] Add info about CNAME flatenning to iDNS docs --- src/content/docs/dns/cname-flattening/index.mdx | 8 ++------ .../docs/dns/internal-dns/internal-zones/index.mdx | 13 ++++++++++++- src/content/glossary/dns.yaml | 4 ++++ 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/src/content/docs/dns/cname-flattening/index.mdx b/src/content/docs/dns/cname-flattening/index.mdx index dcdd96e576dce45..024337b483121f7 100644 --- a/src/content/docs/dns/cname-flattening/index.mdx +++ b/src/content/docs/dns/cname-flattening/index.mdx @@ -6,16 +6,12 @@ sidebar: label: About --- -import { Render } from "~/components" +import { Render, GlossaryTooltip } from "~/components" -CNAME flattening speeds up CNAME resolution and allows you to use a CNAME record at your root/apex domain (`example.com`). +CNAME flattening speeds up CNAME resolution and allows you to use a CNAME record at your zone apex (`example.com`). :::note - - This functionality is also what allows you to use a [root custom domain](/pages/configuration/custom-domains/) with a Cloudflare Pages site. - - ::: ## How it works diff --git a/src/content/docs/dns/internal-dns/internal-zones/index.mdx b/src/content/docs/dns/internal-dns/internal-zones/index.mdx index 056343856f3525e..b6772b78562fbe6 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/index.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/index.mdx @@ -29,4 +29,15 @@ Internal zones can contain the same [DNS record types](/dns/manage-dns-records/r You can manage internal DNS records in the same way as you would manage public DNS records, with the difference that [proxy status](/dns/proxy-status/) does not apply to internal DNS records. -Refer to [Manage DNS records](/dns/manage-dns-records/how-to/create-dns-records/) or to the [API documentation](/api/resources/dns/subresources/records/) for further guidance. \ No newline at end of file +Refer to [Manage DNS records](/dns/manage-dns-records/how-to/create-dns-records/) or to the [API documentation](/api/resources/dns/subresources/records/) for further guidance. + +### CNAME flattening + +With CNAME flattening, Cloudflare finds the IP address that a CNAME points to and then returns the final IP address instead of a CNAME record. With Internal DNS, this behavior is applied by default and cannot be turned off. + +Cloudflare will try to flatten the CNAME record within the same [DNS view](/dns/internal-dns/dns-views/). If that is not possible, the following will happen: + +1. The CNAME record is returned to Gateway resolver as-is. +2. Gateway resolver will process the returned record, depending on the **Fallback through public DNS** configuration: + - On: Gateway will try to resolve the query by sending it to Cloudflare's public DNS resolver ([1.1.1.1](/1.1.1.1/)). + - Off: Gateway will return the response as-is to the client. \ No newline at end of file diff --git a/src/content/glossary/dns.yaml b/src/content/glossary/dns.yaml index b1e327568b6a000..593179167b174d3 100644 --- a/src/content/glossary/dns.yaml +++ b/src/content/glossary/dns.yaml @@ -79,3 +79,7 @@ entries: When a [DNS record is proxied](/dns/proxy-status/), requests are processed according to your configurations, and Cloudflare can optimize, cache, and protect your domain. Refer to [How Cloudflare works](/fundamentals/concepts/how-cloudflare-works/) for details. associated_products: - Fundamentals + + - term: zone apex + general_definition: |- + zone apex refers to the domain or subdomain on which the control of DNS records starts. From 9fe349b7131c40ee803b5ab5b5f2b53208ebfa1e Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 13 Mar 2025 10:55:30 +0000 Subject: [PATCH 08/10] Add note about wildcard record and reference zones --- .../docs/dns/internal-dns/internal-zones/index.mdx | 2 -- .../dns/internal-dns/internal-zones/reference-zones.mdx | 2 -- src/content/partials/dns/reference-zone-intro.mdx | 8 +++++++- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/src/content/docs/dns/internal-dns/internal-zones/index.mdx b/src/content/docs/dns/internal-dns/internal-zones/index.mdx index b6772b78562fbe6..91b1b1e29f9d926 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/index.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/index.mdx @@ -19,8 +19,6 @@ Internal DNS zones do not get assigned Cloudflare nameservers and can only be qu -Each internal zone can only reference one other zone, but the same zone can be referenced by multiple internal zones. Public zones cannot be used as reference zones. - Refer to [Set up reference zones](/dns/internal-dns/internal-zones/reference-zones/) for step-by-step instructions. ## Internal DNS records diff --git a/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx b/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx index 94077ca2ec6c7f3..f95374c11d3c3bf 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/reference-zones.mdx @@ -9,8 +9,6 @@ import { Example, Render } from "~/components"; -Each internal zone can only reference one other zone, but the same zone can be referenced by multiple internal zones. Public zones cannot be used as reference zones. - ## Steps To set up a reference zone, use the [Update DNS settings](/api/resources/dns/subresources/settings/methods/edit/) endpoint. In `--data`, specify the `internal_dns` object with the parameter `reference_zone_id`. diff --git a/src/content/partials/dns/reference-zone-intro.mdx b/src/content/partials/dns/reference-zone-intro.mdx index 326bc7d5e540a21..3e255f6a447513e 100644 --- a/src/content/partials/dns/reference-zone-intro.mdx +++ b/src/content/partials/dns/reference-zone-intro.mdx @@ -3,4 +3,10 @@ --- -During an [internal DNS query resolution](/dns/internal-dns/#architecture-overview), if no internal record is found within a matching internal zone, Cloudflare will check if the matching internal zone is referencing another internal zone. Successive references can be followed with a maximum of five references in a chain. \ No newline at end of file +During an [internal DNS query resolution](/dns/internal-dns/#architecture-overview), if no internal record is found within a matching internal zone, Cloudflare will check if the matching internal zone is referencing another internal zone. Successive references can be followed with a maximum of five references in a chain. + +:::note +A wildcard record in the matching internal zone will take precedence over an exact match in a referenced zone. +::: + +Each internal zone can only reference one other zone, but the same zone can be referenced by multiple internal zones. Public zones cannot be used as reference zones. \ No newline at end of file From 938dbf6f90cd574804fd603c5b573935590d7ed4 Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Thu, 13 Mar 2025 10:57:51 +0000 Subject: [PATCH 09/10] Revert "Add .yaml file so that iDNS comes up in /products" This reverts commit 5dff0746b033d2f24a9376b1d63f98439ebd9ca8. --- src/content/products/internal-dns.yaml | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 src/content/products/internal-dns.yaml diff --git a/src/content/products/internal-dns.yaml b/src/content/products/internal-dns.yaml deleted file mode 100644 index 17f9428302c582b..000000000000000 --- a/src/content/products/internal-dns.yaml +++ /dev/null @@ -1,9 +0,0 @@ -name: Internal DNS - -product: - title: Internal DNS - url: /dns/internal-dns/ - group: Application performance - -meta: - description: Leverage Cloudflare DNS for your internal resources. \ No newline at end of file From e7eb4cfb567224596444eda77476c988eae7e488 Mon Sep 17 00:00:00 2001 From: Rebecca Tamachiro Date: Fri, 14 Mar 2025 14:26:59 +0000 Subject: [PATCH 10/10] Remove CNAME flattening desc to be added on a separate PR --- .../docs/dns/internal-dns/internal-zones/index.mdx | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/src/content/docs/dns/internal-dns/internal-zones/index.mdx b/src/content/docs/dns/internal-dns/internal-zones/index.mdx index 91b1b1e29f9d926..04b0f1f95bbe182 100644 --- a/src/content/docs/dns/internal-dns/internal-zones/index.mdx +++ b/src/content/docs/dns/internal-dns/internal-zones/index.mdx @@ -27,15 +27,4 @@ Internal zones can contain the same [DNS record types](/dns/manage-dns-records/r You can manage internal DNS records in the same way as you would manage public DNS records, with the difference that [proxy status](/dns/proxy-status/) does not apply to internal DNS records. -Refer to [Manage DNS records](/dns/manage-dns-records/how-to/create-dns-records/) or to the [API documentation](/api/resources/dns/subresources/records/) for further guidance. - -### CNAME flattening - -With CNAME flattening, Cloudflare finds the IP address that a CNAME points to and then returns the final IP address instead of a CNAME record. With Internal DNS, this behavior is applied by default and cannot be turned off. - -Cloudflare will try to flatten the CNAME record within the same [DNS view](/dns/internal-dns/dns-views/). If that is not possible, the following will happen: - -1. The CNAME record is returned to Gateway resolver as-is. -2. Gateway resolver will process the returned record, depending on the **Fallback through public DNS** configuration: - - On: Gateway will try to resolve the query by sending it to Cloudflare's public DNS resolver ([1.1.1.1](/1.1.1.1/)). - - Off: Gateway will return the response as-is to the client. \ No newline at end of file +Refer to [Manage DNS records](/dns/manage-dns-records/how-to/create-dns-records/) or to the [API documentation](/api/resources/dns/subresources/records/) for further guidance. \ No newline at end of file