5

I've been trying to configure a Github Pages + Universal SSL from Cloudflare setup, unfortunately while the Jekyll/Github Pages part is going well, DNS configuration is not going as well.

I've bought a domain from Amazon/AWS/Route 53 (http://oblio360.com), and now I'm in a similar situation to the one from here:

DNS errors after changing nameservers for Cloudflare

What I did was:

  1. Bought the domain name from AWS.
  2. Initially configured Route53 with CNAMES to point to Github.
  3. Decided I want SSL.
  4. Found out about the Github Pages limitations and decided to go with CloudFlare. Followed this tutorial: www.benburwell.com/posts/configuring-cloudflare-universal-ssl/
  5. Deleted the previous CNAMEs at AWS and changed the NS record set to use the CloudFlare name servers.
  6. Configured SSL & DNS at CloudFlare and now I have 3 sub domains which seem to work: dota.oblio360.com / hearthstone.oblio360.com / blog.oblio360.com).
  7. And now it gets tricky. I want to use Google Apps for email. I've been trying to verify my domain with them and I can't get it to work. I've tried TXT RR verification, HTML meta tag, HTML file upload, nothing works.
  8. So I've started investigating and found this:

www.whatsmydns.net/#TXT/oblio360.com

=> some name servers around the world see the SOA as the former AWS one, some see CloudFlare. Should I update the SOA record set in AWS? It currently says this:

ns-302.awsdns-37.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

  1. I found another debugging tool:

www.intodns.com/oblio360.com

I read the other ServerFault question but I'm not sure how I should proceed. Should I add A entries in Route53 for the CloudFlare name servers?

  1. I'm a bit afraid of proceeding, despite reading up about DNS, because every mistake I make takes a ton of hours to correct due to the nature of DNS :(

Thanks for your help!

oblio
  • 375
  • 3
  • 11

2 Answers2

18

For poor souls who might have had the same question: you don't need to add NS RRs in Route53 in the hosted zone section. You need to go to your Registered Domains, click the domain you want to modify, and then Add/Edit the name servers there.

Those are the domain NSes, and are associated with the registrar, they are different from the ones delegated inside the zone itself.

When I did this the update was almost instant, the AWS data center is probably next to the Google one

oblio
  • 375
  • 3
  • 11
  • 1
    You will have better luck with DNS changes if you set your TTL values low, such as 60 seconds, at least until you are satisfied with your configuration. Note that the ttl on the *old* record determines how quickly the *new* record will "propagate," as the old record expires much more quickly (pretty much) anywhere it may have been cached. – Michael - sqlbot Jul 09 '15 at 17:33
  • solved my problem. Created article with image step by step http://www.eq8.eu/blogs/33-how-to-configure-route-53-to-cloudflare – equivalent8 Oct 10 '16 at 10:20
  • Unfortunately the AWS "Registered domains" screen doesn't allow to set a TTL for the name servers (only in the Route53 hosted zone, which as said here is not the right place). – giorgiosironi Sep 07 '17 at 09:26
  • Thanks so much for this answer, saved me a whole bunch of hassle. Why they've decided to have two copies of the name server fields is beyond me. – Nic Barker Oct 11 '17 at 02:51
1

"I read the other ServerFault question but I'm not sure how I should proceed. Should I add A entries in Route53 for the CloudFlare name servers?"

Just to clarify...no. That will cause issues.

"And now it gets tricky. I want to use Google Apps for email. I've been trying to verify my domain with them and I can't get it to work. I've tried TXT RR verification, HTML meta tag, HTML file upload, nothing works.

My guess is that you may have had a Google verification record in your DNS settings marked with our proxy (orange cloud)on the record, which will cause issues when Google attempts to verify. Verification records should be marked as a grey cloud in your CloudFlare DNS settings.

damoncloudflare
  • 471
  • 2
  • 5