[DNS] Review and reorganize FAQ

src/content/docs/dns/dnssec/index.mdx

@@ -18,6 +18,8 @@ import { Render } from "~/components"
 
 <Render file="dnssec-enabled-migration" product="dns" />
 
+Removing the DS record at your registrar starts a DNSSEC unsigning process. This is expected when you are moving authoritative DNS providers, because it allows you to update your authoritative nameservers without DNSSEC validation failures.
+
 ***
 
 ## Enable DNSSEC

src/content/docs/dns/manage-dns-records/how-to/create-dns-records.mdx

@@ -67,6 +67,12 @@ To update part of a record with the API, use a [PATCH request](/api/resources/dn
 
 </TabItem> </Tabs>
 
+### Update an origin IP address
+
+If your hosting provider changes or your origin IP address changes, update the **Content** value of the relevant DNS records (usually `A` or `AAAA` records).
+
+If you are not sure which IP address to use, refer to your hosting provider's documentation.
+
 ---
 
 ## Delete DNS records

src/content/docs/dns/manage-dns-records/reference/dns-record-types.mdx

@@ -112,6 +112,10 @@ These records include the following fields:
   - If the **Proxy Status** is **DNS Only**, you can customize the value.
 - **Proxy status**: For more details, refer to [Proxied DNS records](/dns/proxy-status/).
 
+:::note
+A CNAME record does not perform an HTTP redirect. If you need to redirect visitors (for example, from one hostname to another), configure a redirect on your origin or use Cloudflare redirect features. Refer to [Redirect one domain to another](/fundamentals/manage-domains/redirect-domain/).
+:::
+
 #### Proxied CNAME records
 
 Observe the following aspects, especially before changing a CNAME record from <GlossaryTooltip term="proxy status" link="/dns/proxy-status/">proxied</GlossaryTooltip> to DNS-only or vice versa:

src/content/docs/dns/manage-dns-records/reference/ttl.mdx

@@ -12,6 +12,10 @@ import { GlossaryTooltip } from "~/components";
 
 Longer TTLs speed up [DNS lookups](https://www.cloudflare.com/learning/dns/what-is-dns/) by increasing the chance of cached results, but a longer TTL also means that updates to your records take longer to go into effect.
 
+:::note
+DNS results can look inconsistent across tools because recursive resolvers cache answers for the duration of the TTL. If you recently changed a record, wait for the TTL to expire or query your authoritative nameservers directly.
+:::
+
 ## Proxied records
 
 By default, all <GlossaryTooltip term="proxy status" link="/dns/proxy-status/">proxied records</GlossaryTooltip> have a TTL of **Auto**, which is set to 300 seconds. This value cannot be edited.

src/content/docs/dns/proxy-status/index.mdx

@@ -4,8 +4,6 @@ title: Proxy status
 sidebar:
   order: 7
   label: Overview
-  group:
-    label: Proxy status
 ---
 
 import { Render, Example, Details, GlossaryTooltip } from "~/components";
@@ -59,6 +57,12 @@ Since only [records used for IP address resolution](/dns/manage-dns-records/refe
 It may take longer than five minutes for you to actually experience record changes, as your local DNS cache may take longer to update.
 :::
 
+### Originless and redirect-only setups
+
+If you need a placeholder address for an originless setup, you can use the reserved IPv6 address `100::` or the reserved IPv4 address `192.0.2.0` in a proxied DNS record.
+
+This allows you to route requests using products such as [Redirect Rules](/rules/url-forwarding/), [Page Rules](/rules/page-rules/), or [Workers](/workers/).
+
 ### Mix proxied and unproxied
 
 If you have multiple A or AAAA records on the same name and at least one of them is proxied, Cloudflare will treat all A or AAAA records on this name as being proxied.

src/content/docs/dns/troubleshooting/faq.mdx

@@ -9,22 +9,6 @@ sidebar:
 import { Render, GlossaryTooltip } from "~/components";
 
 
----
-
-## Can I CNAME a domain not on Cloudflare to a domain that is on Cloudflare?
-
-No. If you would like to do a redirect for a site not on Cloudflare, then set up a traditional `301` or `302` redirect on your origin web server.
-
-Redirecting non-Cloudflare sites via `CNAME` records would cause a DNS resolution error. Since Cloudflare is a reverse proxy for the domain that is on Cloudflare, the `CNAME` redirect for the domain (not on Cloudflare) would not know where to send the traffic to.
-
-
----
-
-## What happens when I remove the `DS` record?
-
-When you remove your DS record, an invalidation process begins which results in the unsigning of your domain’s DNS records. This will allow your authoritative nameservers to be changed. If you are an existing customer, this will not affect your ability to use Cloudflare. New customers will need to complete this step before Cloudflare can be used successfully.
-
----
 
 ## Does Cloudflare support EDNS0 (extension mechanisms for DNS)?
 
@@ -34,12 +18,6 @@ EDNS0 is the first approved set of mechanisms for [DNS extensions](http://en.wi
 
 ---
 
-## What should I do if I change my server IP address or hosting provider?
-
-After switching hosting providers or server IP addresses, update the IP addresses in your Cloudflare **DNS** app. Your new hosting provider will provide the new IP addresses that your DNS should use.  To modify DNS record content in the **DNS** app, click on the IP address, and enter the new IP address.
-
----
-
 
 ## 403 Authentication error when creating DNS records using Terraform
 
@@ -57,34 +35,6 @@ Make sure the argument `zone_id = data.cloudflare_zones.example_com.zones[0].id`
 
 ---
 
-## Why am I getting hundreds of random DNS records after adding my domain?
-
-This can happen when you had a wildcard `*` record configured at your previous authoritative DNS, and for some reason the wildcard record wasn't detected. You can remove these records in bulk [using the API](/api/resources/dns/subresources/records/methods/delete/).
-
-Alternatively, you can also:
-
-1. [Remove your domain](/fundamentals/manage-domains/remove-domain/) from Cloudflare.
-2. Delete the wildcard record from your authoritative DNS.
-3. [Re-add](/fundamentals/manage-domains/add-site/) the domain.
-
----
-
-## What IP should I use for parked domain / redirect-only / originless setup?
-
-In the case a placeholder address is needed for “originless” setups, use the IPv6 reserved address `100::` or the IPv4 reserved address `192.0.2.0` in your Cloudflare DNS to create a [proxied DNS record](/dns/proxy-status/) that can use Cloudflare [Redirect Rules](/rules/url-forwarding/), [Page Rules](/rules/page-rules/), or [Cloudflare Workers](/workers/).
-
----
-
-## Why are DNS queries returning incorrect results?
-
-Third-party tools can sometimes fail to return correct DNS results if a recursive DNS cache fails to refresh. In this circumstance, purge your public DNS cache via these methods:
-
-- [Purging your DNS cache at OpenDNS](http://www.opendns.com/support/cache/)
-- [Purging your DNS cache at Google](https://developers.google.com/speed/public-dns/cache)
-- [Purging your DNS cache locally](https://docs.cpanel.net/knowledge-base/dns/how-to-clear-your-dns-cache/)
-
----
-
 ## I've updated my CNAME to a new SaaS provider, but I still see content from the old provider
 
 When a SaaS provider is leveraging our [Cloudflare for SaaS](/cloudflare-for-platforms/cloudflare-for-saas/) solution, they create a [Custom Hostname](/cloudflare-for-platforms/cloudflare-for-saas/domain-support/) on their Cloudflare zone.

src/content/docs/dns/zone-setups/full-setup/setup.mdx

@@ -73,6 +73,12 @@ When you start using Cloudflare's nameservers for authoritative DNS and your zon
 
 <Render file="dns-nxdomain-warning" product="dns" />
 
+### Unexpected DNS records after import
+
+If you see many unexpected DNS records after adding your domain, a wildcard (`*`) record at your previous authoritative DNS provider may have been imported into Cloudflare in a way that creates additional records.
+
+Review your imported records and remove any records that you do not need. For more background on wildcard behavior, refer to [Wildcard DNS records](/dns/manage-dns-records/reference/wildcard-dns-records/).
+
 ## Update your nameservers
 
 <Render file="nameserver-preamble" product="dns" />