Cloudflare's public DNS service '1.1.1.1' was down for 62 minutes due to a prefix misconfiguration



Cloudflare's public DNS service '

1.1.1.1 ' went down for 62 minutes from 21:52 (UTC) to 22:54 on July 14, 2025. According to Cloudflare, the cause was that a prefix associated with 1.1.1.1 was mistakenly included in the prefix for the DLS (Data Localization Suite) service to be provided in the future.

Cloudflare 1.1.1.1 incident on July 14, 2025
https://blog.cloudflare.com/cloudflare-1-1-1-1-incident-on-july-14-2025/



The service outage occurred on July 14, 2025, but was triggered by work done on June 6, 2025. At that time, Cloudflare was preparing the configuration of a DLS service that it planned to provide in the future, and the configuration change included a reference to a prefix associated with 1.1.1.1. However, since the network configuration was not changed at this time, the routing of 1.1.1.1 was not affected.

At 21:48 on July 14, 2025, a configuration change was made to the DLS service, and the erroneously referenced 1.1.1.1 prefix began to be removed from Cloudflare's data centers around the world. At 21:52, the impact began to be felt in the form of a decrease in DNS traffic to 1.1.1.1 worldwide. At 21:54,

a BGP hijacking of '1.1.1.0/24' was discovered, but this was not the cause of the service outage, but an unrelated issue that became apparent when the prefix was removed by Cloudflare.

At 22:01, an internal service health alert was triggered on 1.1.1.1 and an 'incident' was declared.

At 10:20pm, the write-back of configuration changes began. To speed up full recovery, any manually triggered actions were verified in a test location before being executed.

At 22:54, 62 minutes after the impact was confirmed, DNS traffic had returned to normal and the alert was lifted.

Here's Cloudflare's query volume by protocol: UDP (blue) and TCP (yellow) queries dropped immediately after the impact began. On the other hand, most DoH (DNS over HTTPS) users use domains, so the traffic remained fairly stable.



in Web Service, Posted by logc_nt