App Services Architecture & Implementation

DNS

Task

For these exercises, you will be using a web application running at 20.88.188.200. As a first step, configure a DNS Record for this application.

You can find more about Cloudflare DNS in our DNS Developers Docs.

Why

  • DNS lets you access web services using memorable domain names instead of IP addresses
  • But more importantly, most of Cloudflare Application Services operate through reverse proxy, which is enabled on a DNS record
  • This makes having a DNS record a necessary prerequisite for being able to use these services

Steps

1. Open zone configuration

In your Cloudflare Dashboard navigate to Websites and select a zone you want to work with during these labs.

ℹ️
If you’re using a Cloudflare account you were provided with, you should have one zone provisioned there for you.
Select zone

2. Add a DNS record

Inside your zone, select DNS ‣ Records and click Add record.

Create a new A record that will point your zone’s root to our lab origin server. Make sure you keep the Proxy toggle switched ON so that Cloudflare performs reverse proxy on this domain.

ℹ️
Cloudflare also allows the addition of comments to DNS records for ease of reference, such as a change request ID. Feel free to add a comment to your record.
Type: A
Name: @
IPv4 address: 20.88.188.200
Proxy: yes
Comment: Lab origin server
Add DNS record

3. Test

Open your terminal and query the DNS record for your root domain (note the below is an example, please use your lab domain here):

macOS/Linux

dig cfdemolab-zone-xxx.cfdemolab.xyz A
; <<>> DiG 9.10.6 <<>> +noquestion +nocomments cfdemolab-zone-xxx.cfdemolab.xyz A
;; global options: +cmd
cfdemolab-zone-xxx.cfdemolab.xyz. 91 IN A 104.18.28.41
cfdemolab-zone-xxx.cfdemolab.xyz. 91 IN A 104.18.29.41

Windows

nslookup cfdemolab-zone-xxx.cfdemolab.xyz
Server:		127.0.2.2
Address:	127.0.2.2#53

Non-authoritative answer:
Name:	cfdemolab-zone-xxx.cfdemolab.xyz
Address: 104.18.0.122
Name:	cfdemolab-zone-xxx.cfdemolab.xyz
Address: 104.18.1.122

Even though the origin server 20.88.188.200 is running in Azure, you should see two Cloudflare IP addresses returned (you can verify the owning organization via whois.com).

That is because Cloudflare is acting as a reverse proxy for all requests to the new domain - it terminates the HTTP session from the user and then establishes a new one to the origin.

And lastly, test you can access the web application using the DNS record you just created. Open your browser and insert your domain name to the address bar. You should see our lab application’s home page.

Navigate to DNS record in a browser

Summary

In this section we’ve configured the DNS records needed to complete the lab exercises.

Next, we will take a look at TLS (SSL).