Load Balancing supports DNS-only and HTTP proxy modes, outlined below.
In HTTP Proxy mode, load balancers have an automatic TTL. Cloudflare will announce Cloudflare IP addresses externally, but will protect (mask) your origin server IP addresses. Any changes to your load balancer will propagate within seconds inside Cloudflare, including any failover events.
In the Load Balancing dashboard, an orange cloud icon indicates HTTP Proxy mode.
Setting the load balancer to HTTP Proxy mode offers the following benefits:
In DNS-Only mode, you can configure load balancers to set a TTL from 30 seconds to 10 minutes. Cloudflare will serve the addresses of the (healthy) origin servers directly but relies on DNS resolvers respecting the short TTL to re-query Cloudflare’s DNS for an updated list of healthy addresses.
In the Load Balancing dashboard, a gray cloud icon indicates DNS-Only mode.
You can have HTTP Proxy (orange cloud icon) and DNS-Only (gray cloud icon) domains in the same Load Balancing region, but the traffic routing behavior differs as follows: