Cloudflare 1.1.1.1 Incident on July 14, 2025
10 months ago
- #Cloudflare
- #Outage
- #DNS
- Cloudflare's 1.1.1.1 Resolver service experienced a global outage on 14 July 2025 from 21:52 to 22:54 UTC due to a misconfiguration.
- The outage was caused by an internal configuration error, not an external attack or BGP hijack.
- A dormant configuration error from June 6, 2025, inadvertently linked 1.1.1.1 Resolver IPs to a non-production Data Localization Suite (DLS) service.
- A subsequent change on July 14 triggered the withdrawal of 1.1.1.1 prefixes globally, making the service unavailable.
- DNS traffic over UDP, TCP, and DNS over TLS (DoT) dropped significantly, while DNS over HTTPS (DoH) remained stable.
- During the outage, a BGP hijack of 1.1.1.0/24 by Tata Communications India (AS4755) was observed but was unrelated to the outage.
- Cloudflare restored service by reverting the configuration and accelerating the rollout of fixes, with full recovery by 22:54 UTC.
- Cloudflare plans to deprecate legacy systems and implement staged deployments to prevent similar incidents in the future.