app engine custom domain presented with A, AAAA and CNAME records

950 views
Skip to first unread message

Juan Uys

unread,
Aug 24, 2017, 6:44:45 AM8/24/17
to Google App Engine

Hello,

I want to add a custom subdomain (api.example.org) to my App Engine app. I'm presented with this list of DNS entries. However, when I enter them on CloudFlare, the alias/name field has to be specified, so I add all the A/AAAA records successfully, but the CNAME addition errors with "record already exists with that host".

Some questions:
* when using A/AAAA, is CNAME optional?
* vice versa? (i.e. if using the CNAME record, are the A/AAAA optional?)
* could this be due to the non-RFC-compliant esoteric way CloudFlare implements DNS (I think it's called "CNAME flattening")
* how to add ALL these records to CloudFlare without getting errors (e.g. do aliases not matter in some cases, or can I use different values?)

If there are any CloudFlare experts lurking here, great, but I'll also put this on the CloudFlare forums.

Thanks,
Juan








George (Cloud Platform Support)

unread,
Aug 24, 2017, 3:59:29 PM8/24/17
to Google App Engine

Hello Juan,


You seem to be referring to errors you receive from the CloudFlare site, and illustrating the situation with an image from the app engine standard environment custom domains page. More information is needed to clarify the situation.


Referring to the “Using Custom Domains and SSL” page, if you choose to use the CNAME record, you are not obliged to fill in the resource records, and the other way round. You have to use resource records if you plan to have the bare domain name functional; this is not possible with CNAME.


For more information on how to register you domain on CloudFlare, you may check their documentation page at “CNAME Flattening: RFC-compliant support for CNAME at the root”.

Juan Uys

unread,
Aug 25, 2017, 5:34:24 AM8/25/17
to Google App Engine
On Thursday, 24 August 2017 20:59:29 UTC+1, George (Cloud Platform Support) wrote:

if you choose to use the CNAME record, you are not obliged to fill in the resource records, and the other way round.


Hi George, what you just said was also my suspicion (using one or the other) but it wasn't clear from the GCloud console.

My next question would be: which do you recommend I use? CNAME, or A/AAAA? And why?

Thanks,
Juan

George (Cloud Platform Support)

unread,
Aug 25, 2017, 9:35:16 AM8/25/17
to Google App Engine
Main difference is that one is safe to use at the zone apex (ex. naked domain, such as example.com), whereas the other is not. A/AAAA allows you to have the bare domain functional. More detail on the "Comparing Alias and CNAME Records" page

Juan Uys

unread,
Aug 25, 2017, 11:23:54 AM8/25/17
to Google App Engine
OK, I'll switch to CNAME, because it seems that even though there's a performance hit, customers will be given the IP of the load balancer relevant to their location, which is better in the end.
Thanks so much for the answers.

Attila-Mihaly Balazs

unread,
Aug 28, 2017, 11:26:44 PM8/28/17
to Google App Engine
@Juan - just a note: it's possible to route clients to different datacenters even when they are just using an IP using a special setup in BGP (and in fact it works better than routing using the DNS since the DNS method routes you to the IP closest to your DNS server, which might not be the closest to you).

@George - perhaps you can confirm that the GAE IPs have this special setup (sorry, I'm not a network engineer so I don't know the exact technical term for it).

Attila
Reply all
Reply to author
Forward
0 new messages