Note:

• This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
• It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.

Migrate your DNS management from Cloudflare to Oracle Cloud Infrastructure

Introduction

DNS (Domain Name System) is a crucial component of the internet that enables users to access websites by translating human-readable domain names into IP addresses that computers can understand. DNS records are stored in zones, and each zone contains information about a specific domain. Managing DNS records can be a complex task, especially if you have multiple domains and subdomains.

With Oracle Cloud Infrastructure (OCI) DNS service, you can create zones, add records to zones, and allow Oracle Cloud Infrastructure’s edge network to handle your domain’s DNS queries. By configuring Oracle DNS, enterprise and business customers can connect their DNS queries to assets such as Oracle Cloud Infrastructure Compute and Storage, as well as to third-party and private assets. Customers can also manage DNS records, which are domain names mapped to IP addresses; domain names can be cloud or non cloud resources.

Objective

Importing DNS zones from Cloudflare to OCI can help you consolidate your DNS management, and take advantage of OCI’s DNS features. The process involves exporting your DNS zone from Cloudflare and importing the DNS records. By following the steps outlined in this tutorial, you can easily import your DNS zones from Cloudflare to OCI and streamline your DNS management.

Prerequisites

• An OCI account with access to create and manage OCI DNS Management.

• Access to a Cloudflare account.

Task 1: Export your DNS zone from Cloudflare

1. Log in to your Cloudflare account and select the domain for which you want to export the DNS zone.

2. Click Export to download a copy of your DNS zone file.

   

Task 2: Modify zone files exported from cloudflare.com to be imported to OCI DNS

To get the Oracle Cloud Infrastructure DNS service to correctly import a zone file exported from cloudflare.com, you must modify the file. Follow these instructions to update the zone file.

1. Open the file in your preferred text editor. Modify the second line, remove the ;; Domain: and replace it with $ORIGIN.

   

2. For the SOA record, replace the domain name with @.

   

3. Once the file has been modified, save changes to the file.

Points to note for modifying the exported zone file from cloudflare.com

• All records in an RRSet (Records of the same type at a single domain) must have the same TTL. If the exported zone file from Cloudflare has different TTL values for an RRSet, the Zone import will fail.

• You can see that the sample zone file exported from Cloudflare consists of two txt records named chaitanya.tk with different TTL values, whereas in the amended file, the TTL value must be modified for both the records to be the same for export.

• If the exported zone file consists of any TXT record longer than 255 characters, break the value into strings of 255 characters or less. Enclose each string in double quotation marks (“) using the following syntax: Domain name TXT "String 1" "String 2" "String 3"….."String N", otherwise Zone import will fail.

• In the sample exported file, there is a TXT record named mail._domainkey.chaitanya.tk. which has more than 255 characters. This record was modified in the modified zone file.

• This is an example of a zone file exported from cloudflare.com.

  ;;
  ;; Domain:     chaitanya.tk.
  ;; Exported:   2023-03-02 17:44:29
  ;;
  ;; This file is intended for use for informational and archival
  ;; purposes ONLY and MUST be edited before use on a production
  ;; DNS server.  In particular, you must:
  ;;   -- update the SOA record with the correct authoritative name server
  ;;   -- update the SOA record with the contact e-mail address information
  ;;   -- update the NS record(s) with the authoritative name servers for this domain.
  ;;
  ;; For further information, please consult the BIND documentation
  ;; located on the following website:
  ;;
  ;; http://www.isc.org/
  ;;
  ;; And RFC 1035:
  ;;
  ;; http://www.ietf.org/rfc/rfc1035.txt
  ;;
  ;; Please note that we do NOT offer technical support for any use
  ;; of this zone data, the BIND name server, or any other third-party
  ;; DNS software.
  ;;
  ;; Use at your own risk.
  ;; SOA Record
  chaitanya.tk	3600	IN	SOA	adrian.ns.cloudflare.com dns.cloudflare.com 2042944566 10000 2400 604800 3600
  
  ;; NS Records
  chaitanya.tk.	86400	IN	NS	adrian.ns.cloudflare.com.
  chaitanya.tk.	86400	IN	NS	zeus.ns.cloudflare.com.
  
  ;; A Records
  chaitanya.tk.	1	IN	A	141.148.6.7
  www.chaitanya.tk.	1	IN	A	141.148.6.7
  
  ;; CNAME Records
  web.chaitanya.tk.	1	IN	CNAME	chaitanya-tk.o.waas.oci.oraclecloud.net.
  
  ;; TXT Records
  chaitanya.tk.	1	IN	TXT	"85fcr0qm1lljm50bvgjkk55ydcbckelncdnlhilnvklenvlz77hc"
  chaitanya.tk.	86400	IN	TXT	"Sendinblue-code:40zvesgergrebrebrehreg73397d34cc56226d82d8bfa75"
  mail._domainkey.chaitanya.tk.	86400	IN	TXT	"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzhGUCCDX5W5qrjDj052Z54xAYlLBOE29lpmCoCYcuh0kx25vT66AZOLSs46VoAqpDqMT/dDdpabkg64zf4zTBnYaGP/VqcTxeOnQ+SLuXFWcY/HxS1mPRo6YoSeJFH8UHTPoIHUEgW6ykjqQdYLTuv+slewcctbzFyyz+70VRlW96Hsd09rWqk6AWYhuucO8znRsJDwuVefSSK+I/ASkF0YFr/B8xdGgMXG37YCWBffCcVSW+2k/fjRtt8+UJfF5v1hYstbihD6eVBverzWYRJPwkpGbTtKmDFsHKiYCEBQT7bz0I3l31RlrBZQ9mSrTpRiJw34oSgvlJJSROKjC"
  
  

• Below is an example of an modified zone file ready to import into Oracle Cloud Infrastructure DNS.

  $ORIGIN     chaitanya.tk.
  ;; Exported:   2023-03-03 08:45:43
  ;;
  ;; This file is intended for use for informational and archival
  ;; purposes ONLY and MUST be edited before use on a production
  ;; DNS server.  In particular, you must:
  ;;   -- update the SOA record with the correct authoritative name server
  ;;   -- update the SOA record with the contact e-mail address information
  ;;   -- update the NS record(s) with the authoritative name servers for this domain.
  ;;
  ;; For further information, please consult the BIND documentation
  ;; located on the following website:
  ;;
  ;; http://www.isc.org/
  ;;
  ;; And RFC 1035:
  ;;
  ;; http://www.ietf.org/rfc/rfc1035.txt
  ;;
  ;; Please note that we do NOT offer technical support for any use
  ;; of this zone data, the BIND name server, or any other third-party
  ;; DNS software.
  ;;
  ;; Use at your own risk.
  ;; SOA Record
  @	3600	IN	SOA	adrian.ns.cloudflare.com dns.cloudflare.com 2042949974 10000 2400 604800 3600
  
  ;; NS Records
  chaitanya.tk.	86400	IN	NS	adrian.ns.cloudflare.com.
  chaitanya.tk.	86400	IN	NS	zeus.ns.cloudflare.com.
  
  ;; A Records
  chaitanya.tk.	1	IN	A	141.148.6.7
  www.chaitanya.tk.	1	IN	A	141.148.6.7
  
  ;; CNAME Records
  web.chaitanya.tk.	1	IN	CNAME	chaitanya-tk.o.waas.oci.oraclecloud.net.
  
  ;; TXT Records
  chaitanya.tk.	1	IN	TXT	"85fcr0qm1lljm50bvgjkk55ydcbckelncdnlhilnvklenvlz77hc"
  chaitanya.tk.	1	IN	TXT	"Sendinblue-code:40zvesgergrebrebrehreg73397d34cc56226d82d8bfa75"
  mail._domainkey.chaitanya.tk.	86400	IN	TXT	"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzhGUCCDX5W5qrjDj052Z54xAYlLBOE29lpmCoCYcuh0kx25vT66AZOLSs46VoAqpDqMT/dDdpabkg64zf4zTBnYaGP/VqcTxeOnQ+SLuXFWcY/HxS1mPRo6YoSeJFH8UHTPoIHUEgW6ykjqQdYLTuv+slewcctbz""Fyyz+70VRlW96Hsd09rWqk6AWYhuucO8znRsJDwuVefSSK+I/ASkF0YFr/B8xdGgMXG37YCWBffCcVSW+2k/fjRtt8+UJfF5v1hYstbihD6eVBverzWYRJPwkpGbTtKmDFsHKiYCEBQT7bz0I3l31RlrBZQ9mSrTpRiJw34oSgvlJJSROKjC"
  
  

Task 3: Import your DNS zone into OCI DNS

1. Log in to the OCI tenancy, navigate to Networking, DNS Management, Zones.

   

2. Click Create Zone and then click Import. Select the modified zone file and create the zone.

   

It will take a few seconds for the zone to get created and populated with the records.

Task 4: Verify your DNS zone in OCI DNS

1. Verify that all the DNS records from your Cloudflare zone are present in OCI DNS. You can export the records from OCI DNS to a TXT file and compare. You can use cloud shell to export the records as shown below.

   oci dns zone get-zone-content --file $file --zone-name-or-id $zone_name_or_id

   

   • When you want to switch from the Cloudflare DNS servers to the OCI DNS servers, modify the name servers from the domain registrar to point to the OCI Name servers(NS) assigned when the zone was imported.

   • Here we are transferring the Hosted Zone for the Domain from Cloudflare to Oracle DNS, not the registration of the domain itself. The domain will still be registered with the existing registrar, whether it’s Cloudflare, GoDaddy, or any other provider.

   • The process for transferring the Hosted Zone will be the same regardless of your domain registrar, as long as you are able to update the DNS records there and migrate the domain to OCI.

   • Post modifying the name servers, you can test by performing nslookup queries from your machine or use whatsmydns.net to make sure that the domain management is migrated to OCI DNS.

     

Related Links

• Oracle Cloud Infrastructure (OCI) DNS

Acknowledgments

• Authors: Shruti Soumya (Senior Cloud Security Engineer), Chaitanya Chintala (Cloud Security Advisor)

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

---

Title and Copyright Information

Migrate your DNS management from Cloudflare to Oracle Cloud Infrastructure

F80600-01

April 2023

Copyright © 2023, Oracle and/or its affiliates.