Cloudflare 中文文档

Cloudflare 中文文档

Overview
Concepts
Zone setups
Full setup

Setup
Troubleshooting

Partial (CNAME) setup

Setup
Convert to full setup
DNS resolution

DNS Zone transfers

Cloudflare as Primary

Setup

Cloudflare as Secondary

Setup
Proxy traffic
DNSSEC options
Alerts

Access Control Lists (ACLs)

Cloudflare IP addresses
Create ACL

Troubleshooting

Subdomain setup

Setup
Enable DNSSEC
Migrate to new account
Rollback

Reference

Nameserver assignment
Records quick scan
Zone status

Troubleshooting

Cannot add domain
Delete all DNS records
Domain deleted from Cloudflare

Zone removal
Foundation DNS
Advanced nameservers
Setup
GraphQL DNS analytics
DNS records
How to

Manage DNS records
Import and export records
Create zone apex record
Create subdomain records
Set up email records
Dynamically update DNS records
Round-robin DNS
Delegating Subdomains

Reference

Proxy status
DNS record types
Time to Live (TTL)
Record attributes
Wildcard DNS records
Vendor-specific DNS records

Troubleshooting

Records with the same name
Exposed IP addresses
Verify a domain with CNAME
NS records already exist
Nameservers
Update nameservers
Nameserver options
Advanced nameservers
Custom nameservers

Zone level
Account level
Tenant level
DNSSEC
Multi-signer DNSSEC

About
Setup

DNSSEC states
Migration tutorial
Troubleshooting
CNAME flattening
Setup
Example diagram
Additional options
Analytics and logs
Reverse zones and PTR records
DNS Firewall
Setup
Analytics
FAQ
Random prefix attack mitigation

About
Setup
Reference
Analytics API properties
Recommended third-party tools
Features and plans
Domain Connect
Troubleshooting
General FAQ
DNS_PROBE_FINISHED_NXDOMAIN
DNS_PROBE_POSSIBLE
Email issues
General DNS issues
Glossary

Analytics

To access analytics for your DNS Firewall, use the Cloudflare API.

Alternatively, set up Logpush to deliver DNS Firewall logs to a storage service, SIEM, or log management provider.

Response reasons

When analyzing why Cloudflare DNS Firewall responded in one way or another to a specific query, consider the responseReason log field.

The following table provides a description for each of the values that might be returned as a response reason:

Value	Description
`success`	Response was successfully served, either from Cloudflare cache or forwarded from the upstream.
`upstream_failure`	Response could not be fetched from the upstream due to the upstream failing to respond.
`upstream_servfail`	Response could not be fetched from the upstream due to the upstream responding with `SERVFAIL`.
`invalid_query`	Query is invalid and cannot be processed.
`any_type_blocked`	Query of type `ANY` was blocked according to your DNS Firewall settings ( RFC 8482).
`rate_limit`	Query was rate limited according to your DNS Firewall settings.
`chaos_success`	Response for Chaos class was successfully served.
`attack_mitigation_block`	Query was blocked as part of random prefix attack mitigation.
`unknown`	There was an unknown error.