Update enforce-dns-only.mdx#30616
Conversation
Updating enforce dns only devdocs for different zone types.
| - [Secondary zones](/dns/zone-setups/zone-transfers/cloudflare-as-secondary/): If [Secondary DNS Overrides](/dns/zone-setups/zone-transfers/cloudflare-as-secondary/proxy-traffic/) is enabled and you have manually set a record's proxy status to proxied, that record will be affected. Records transferred from the primary with their original proxy status are not affected since they are already DNS-only. | ||
|
|
||
| :::note | ||
| For secondary zones with overrides enabled, the enforce DNS-only setting will grey-cloud any record you have manually proxied. The proxy status override persists until the record is deleted on the primary and transferred again — changes to content or TTL on the primary do not reset the override. |
There was a problem hiding this comment.
| For secondary zones with overrides enabled, the enforce DNS-only setting will grey-cloud any record you have manually proxied. The proxy status override persists until the record is deleted on the primary and transferred again — changes to content or TTL on the primary do not reset the override. | |
| For secondary zones with overrides enabled, the enforce DNS-only setting will disable the proxy status on any record you have manually proxied. The proxy status override persists until the record is deleted on the primary even if it gets transferred again — changes to content or TTL on the primary do not affect the proxy status. |
There was a problem hiding this comment.
I'm not sure I understand what we want to call out with this note, maybe it's the the proxy status override persists in the second sentence that is tripping me up - By this we mean:
a- the effects of the enforce_dns_only setting will persist, meaning that what we describe here in "Disable enforce DNS-only" does not apply in this case.
b- we're just reminding users of how Secondary DNS overrides work, with no particular implication for the behaviors of Enforce DNS-only
c- we just want to reassure them that, even if new transfers occur while enforce_dns_only is active, the proxy status won't be affected (sticking to DNS-only while the setting is active and returning to proxied once it's turned off)
There was a problem hiding this comment.
Yes, the intent is (c) - we want to reassure users that while enforce_dns_only is active, zone transfers won't unexpectedly change their proxy status. The DNS-only setting persists through content/TTL changes on the primary.
Co-authored-by: Hannes <105781579+hannes-cf@users.noreply.github.com>
3 participants
Updating enforce dns only devdocs for different zone types.
Summary
Screenshots (optional)
Documentation checklist