Summary:
I've got a domain hosted with Cloudflare that works for the root, but not any subdomains. Instead, subdomains return a Cloudflare Error 1016 - Origin DNS Error.
Detail:
I have several domains hosted with cloudflare. Most of them are simple and only have a root URL (e.g., acme.com). For these, there are only two DNS records (other than NS records):
An A record for "@" that points to an IP address, and
A CNAME record for "www" that points to a hosted SAN certificate.
These all work great.
I have one domain however that has quite a few subdomains. For these, the DNS entries are similar:
An "A" record for "sub1" that points to the same IP address as the root, and
A CNAME record for "www.sub1" that points to the same hosted SAN certificate as the root.
I know these configurations are valid in general, as they were previously hosted on another DNS hosting provider. I transferred them to Cloudflare this week and verified that all A & CNAME records came over correctly.
On this domain, the root works fine, both "www.foo.com" and "foo.com" resolve correctly and behave just like they did before the transfer to Cloudflare. But none of the subdomains work.
sub1.foo.com and www.sub1.foo.com both give an Error 1016 - Origin DNS Error.
Attempts to solve:
Cloudflare's documentation suggests solutions that don't seem related. The various community posts on the same topic also suggest incorrect or unavailable IP addresses. The related post I found on Server Exchange is about making sure the CNAME entries are correct.
I don't believe these solutions are applicable because A) the root domain with the same A -> IP address and CNAME -> hosted SAN work fine, and B) this exact set of DNS zone records were imported as-is from another hosting provider where everything worked as expected.
I thought about simply pointing the NS records back at the old hosting provider as a temporary workaround, but that doesn't seem to be possible in Cloudflare either.
I'm a bit new to Cloudflare, so any help is welcome.
