Hacker News new | past | comments | ask | show | jobs | submit login

I've had relatively bad experiences with Cloudflare's DNS solution. Here are a couple of examples of pain-points: 1. You can't set NS records for an Apex domain registered through cloudflare (even at more expensive service tiers). You can delegate management of subdomains with NS records but only if you shell out for an expensive plan $$$. 2. Cloudflare performs cname flattening for cnames by default. This prevents you using cname based dns validation for third parties. One such example is certificates in Amazon Certificate Manager which performs cname lookups. You can disable cname flattening but you have to shell out for a more expensive plan $$$$.



Thanks for the feedback. I don't think we're intentionally charging to turn off CNAME flattening. May be that we just don't expose that to lower plans because we're worried it'll confuse people. Raised the feedback with the team. In most cases, CNAME flattening is a significant win on performance. But understand when you'd want to do it in some cases.

Will also check on NS delegation. Again, my hunch is that we only charge for it because it's something that less sophisticated users we worry would get themselves in trouble messing with.


> May be that we just don't expose that to lower plans because we're worried it'll confuse people.

It does. IIRC GitLab Pages used to have docs saying to set a CNAME for your domain without warning about doing it on the apex domain. I'm not sure if GitHub Pages was any better either.

It's only confusing the first time you mask your MX records. LMAO.


oh, ic.

To me, my biggest pain points is I cannot set NS record for a sub domain.

My use case is this: I had a certain subdomains where I want to use LetsEncrypt DNS with DNS validation. I don't want to give the whole domain to the auto renewal script. With another DNS provider, AWS Route53 for example, I can easily create another zone for that subdomain say blog.domain.com and set NS record on blog to that zone. Then create an API key with only privileges to manage that sub zone. I cannot do that with CloudFlare though.

Agree on Cname flattening. It cause some issue for my email forward service in the past.

So we have customer use githb page and set CNAME on apex domain. Then they add a MX record for apex domain. CloudFlare UI allow them to do that. But upon resolving won't return MX records for the apex. So my customer aren't able to finish setup. Eventually we have to set the A Record on Apex to an IP.


> You can delegate management of subdomains with NS records but only if you shell out for an expensive plan $$$.

Are you sure? I have a free site where `in.example.com` is delegated to Namecheap's FreeDNS so I can use it for DynDNS on some devices that don't support Cloudflare's newer (fine grained) API tokens.


add to that you can't atomically change a zone's DNS records

(I know there's an import but it erases some of the other settings)

$0.99 domain providers mostly get this right




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: