Why can't I make ANY queries to Cloudflare DNS servers?

ANY queries are special and often misunderstood. They are usually used to get all types available on a DNS name, but what they return is just any type in the cache of recursive resolvers. This can cause confusion when they are used for debugging.

Because of Cloudflare's many advanced DNS features like CNAME flattening, it's at times very complex and at times impossible to give correct answers to ANY queries. For example, when DNS records dynamically come and go or are stored remotely, it can be very taxing or even impossible to get them all at the same time.

ANY is rarely used in production, but is often used in DNS reflection attacks, taking advantage of the lengthy answer returned by ANY.

Instead of using ANY queries to list records, Cloudflare customers can get a better overview of their zone by logging in to their control panel and checking the DNS tab.

The changes happened for all Authoritative DNS customers on the week of September 28th 2015, and does not affect Virtual DNS customers.

Read more on our blog: https://blog.cloudflare.com/deprecating-dns-any-meta-query-type/


Still not finding what you need?

The Cloudflare team is here to help. 95% of questions can be answered using the search tool, but if you can’t find what you need, submit a support request.

Powered by Zendesk