# Cloudflare DNS Duplicate Records - Fix Guide ## ⚠️ Current Issues ### Duplicate A Records Found: 1. **besu.d-bis.org** - 2 A records: - `20.215.32.42` (cf-proxied:true) - `70.153.83.83` (cf-proxied:true) 2. **blockscout.d-bis.org** - 2 A records: - `20.215.32.42` (cf-proxied:true) - `70.153.83.83` (cf-proxied:true) 3. **explorer.d-bis.org** - 2 A records: - `20.215.32.42` (cf-proxied:true) - `70.153.83.83` (cf-proxied:true) 4. **d-bis.org** (root) - 2 A records: - `20.215.32.42` (cf-proxied:true) - `20.215.32.15` (cf-proxied:true) ## 🔍 Problems Caused - **Random IP Selection**: DNS round-robin causes connections to alternate between IPs - **HTTP 522 Errors**: When Cloudflare proxies to a down or misconfigured IP - **Connection Failures**: If one IP doesn't have the correct service - **Unpredictable Behavior**: Load balancing without proper health checks ## ✅ Recommended Fixes ### Step 1: Remove Duplicate Records Remove one of each duplicate A record. Keep the IP that: - Has the correct service running - Is the primary/reliable endpoint - Matches current deployment ### Step 2: Service-Specific Recommendations #### **explorer.d-bis.org** → Blockscout - **Keep**: Single IP that has Blockscout running (port 4000) - **Remove**: Duplicate IP - **Note**: Should point to the node running Blockscout (currently eus2: 10.4.1.4) #### **besu.d-bis.org** → Besu RPC - **Keep**: Single IP that has Besu RPC enabled (port 8545) - **Remove**: Duplicate IP - **Note**: Should point to a reliable RPC node #### **blockscout.d-bis.org** → Blockscout (alternative) - **Keep**: Same IP as explorer.d-bis.org OR remove if not needed - **Remove**: Duplicate or redundant record #### **d-bis.org** (root) - **Keep**: Primary IP (20.215.32.15 based on comment) - **Remove**: 20.215.32.42 (seems to be duplicate) ### Step 3: Verify IPs Match Deployment Before making changes, verify: 1. Which IPs are actually in use 2. Which services are running on each IP 3. Which IP is the Nginx proxy/gateway ### Step 4: Cloudflare Proxy Settings - **explorer.d-bis.org**: Keep `cf-proxied:true` (HTTPS through Cloudflare) - **besu.d-bis.org**: Consider `cf-proxied:false` if direct RPC access needed - **blockscout.d-bis.org**: Match explorer.d-bis.org settings ## 📝 DNS Record Template (Recommended) ``` # Primary explorer endpoint explorer.d-bis.org. 1 IN A 20.215.32.42 ; cf-proxied:true # Besu RPC endpoint (if needed publicly) besu.d-bis.org. 1 IN A 20.215.32.42 ; cf-proxied:false or true # Root domain d-bis.org. 1 IN A 20.215.32.15 ; cf-proxied:true # Remove duplicates: # - Remove second IP from besu.d-bis.org # - Remove second IP from blockscout.d-bis.org # - Remove second IP from explorer.d-bis.org # - Remove 20.215.32.42 from d-bis.org root ``` ## 🔧 Verification Steps After making changes: 1. **Wait for DNS propagation** (usually 1-5 minutes) 2. **Test DNS resolution**: ```bash dig explorer.d-bis.org dig besu.d-bis.org ``` 3. **Test HTTP endpoints**: ```bash curl -I https://explorer.d-bis.org curl -X POST http://besu.d-bis.org:8545 -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}' ``` 4. **Check for HTTP 522 errors** (should be resolved) ## ⚠️ Important Notes - **Don't remove records immediately** - First verify which IP is correct - **Keep backup** of current DNS settings - **Test changes** in a staging environment if possible - **Monitor** after changes for any service disruption ## 🚨 Current Deployment Context - **Nginx Proxy**: 20.160.58.99 (private network gateway) - **Besu Nodes**: 10.1.1.4 - 10.5.1.4 (private IPs) - **Blockscout**: Deployed on eus2 node (10.4.1.4) Need to map public IPs (20.215.32.42, 70.153.83.83, etc.) to actual services before removing duplicates.