
Cloudflare: Is anyone else seeing DNS outages? - euph0ria
Seems that all our domains on Cloudflare are down. They can&#x27;t be resolved and we can&#x27;t even access www.cloudflare.com from several locations worldwide.
======
FabioFleitas
Looks like a thread is starting here:
[https://news.ycombinator.com/item?id=23875692](https://news.ycombinator.com/item?id=23875692)

------
nathanaldensr

      $ dig @1.1.1.1 google.com
      
      ; <<>> DiG 9.11.5-P4-5.1+deb10u1-Raspbian <<>> @1.1.1.1 google.com
      ; (1 server found)
      ;; global options: +cmd
      ;; connection timed out; no servers could be reached
      
      $ dig @1.0.0.1 google.com
      
      ; <<>> DiG 9.11.5-P4-5.1+deb10u1-Raspbian <<>> @1.0.0.1 google.com
      ; (1 server found)
      ;; global options: +cmd
      ;; connection timed out; no servers could be reached

~~~
ed25519FUUU
Both the primary and the secondary going down is a killer. It's enough to make
me switch out the secondary to a non-cloudflare DNS.

Even when the secondary works the performance is pretty miserable. Adds about
a 1s latency to each DNS resolution while it wait's for the primary to fail.

~~~
nathanaldensr
Yep. I quickly logged into my home Pi-hole and unchecked both IPv4 Cloudflare
DNS servers.

------
mrkstu
Just had a sales call w/them the other day and expressed concern about sending
domain authority over to them- this doesn't give me the warm and fuzzies.

------
Exuma
Aside from this one issue, is switching to 1.1.1.1 a good idea in your guys
experience? Right now I just realized I hvae the DNS for my ISP which is
probably how they inject bullshit 404 pages full of ads. What is the
fastest/best public DNS in your guys experience?

~~~
rochacon
CloudFlare DNS (1.1.1.1 and 1.0.0.1) and Google's DNS (8.8.8.8 and 8.8.4.4)
usually have the best latency everywhere. However, if you suspect your ISP is
injecting stuff, a VPN service + their DNS might be more useful to improve
your internet privacy.

~~~
skrowl
Using Firefox and DNS over HTTPS (DoH) will also bypass crappy ISP DNS
monitoring / injecting.

------
pixelface
yes and funny enough, downdetector is down. started doubting my network until
all the same outages confirmed on my mobile link, and mxtoolbox couldn't get a
response either.

------
benmmurphy
Example: dig +trace boards.4chan.org

    
    
            ; <<>> DiG 9.10.6 <<>> +trace boards.4chan.org
            ;; global options: +cmd
            .   85596 IN NS f.root-servers.net.
            .   85596 IN NS b.root-servers.net.
            .   85596 IN NS k.root-servers.net.
            .   85596 IN NS i.root-servers.net.
            .   85596 IN NS l.root-servers.net.
            .   85596 IN NS d.root-servers.net.
            .   85596 IN NS c.root-servers.net.
            .   85596 IN NS m.root-servers.net.
            .   85596 IN NS j.root-servers.net.
            .   85596 IN NS h.root-servers.net.
            .   85596 IN NS a.root-servers.net.
            .   85596 IN NS e.root-servers.net.
            .   85596 IN NS g.root-servers.net.
            .   85596 IN RRSIG NS 8 0 518400 20200730200000 20200717190000 46594 . XHNID5n3ki/LmJxN+XGoIrGMzylmRWBBubInleBI5RBeCTExgAmM4Obw FKtCW970Ured+UFYauKv/l574dMGsv03Jg6/1RAApSZU7GFVsWfffmc9 DRDGijEY6THNV65usIA8rryMSWN0aFqyRxwl3gBQKdglSq6GYm55Pe3T HW9vgHNUJ9ecQOaO3w848VKz7Pznsdw/A+cxCbaBrm1DlvPeaWJPUBIP Xt4ABZaWFQTe/yDK/ZpL1pt1A1iMbZvSpo24Dg1gRCI46N39ZTcYnFf7 48WgcrFCrjA0ay0lKvjGd1Mckgb8ikG2pe+O/FFWVpNuSHuylY8cDEqg gX7ogQ==
            ;; Received 525 bytes from 192.168.1.254#53(192.168.1.254) in 10 ms
    
            org.   172800 IN NS a0.org.afilias-nst.info.
            org.   172800 IN NS a2.org.afilias-nst.info.
            org.   172800 IN NS b0.org.afilias-nst.org.
            org.   172800 IN NS b2.org.afilias-nst.org.
            org.   172800 IN NS c0.org.afilias-nst.info.
            org.   172800 IN NS d0.org.afilias-nst.org.
            org.   86400 IN DS 17883 7 1 38C5CF93B369C7557E0515FAAA57060F1BFB12C1
            org.   86400 IN DS 17883 7 2 D889CAD790F01979E860D6627B58F85AB554E0E491FE06515F35548D 1EB4E6EE
            org.   86400 IN RRSIG DS 8 1 86400 20200730200000 20200717190000 46594 . buDGmVukWJCS28Ty/Ka/0Qe7Y+ChPRLNRfRNJDim2wPJXxSQR1Ic94pB +YcIZLK9M5jUIZel5aDKwOPdZEZktoWyxkI9993NFPyb9IMo0r4ISQfi PgeiBN8AOB2hjQ1y6owQFVhWQgdURd8yImHrU2seMd5kmYZkoJOL8Xt2 2L+QUxNfcIu5lNbyepaH7G8qkxyiLyWL/dDWNrknFWlQ4VQFxvo7WzlY sthJ3zADAEYRQo3M/Qr6SheiMkGVlM9Ol5W4ZHakJSPnAJsRxTdnthUx 6jPtLfCJ9ALUo4BjxeMCeYzb5Qx1W51dvmY147kRDt0M4DQ02uwKzi0c f/tCVg==
            ;; Received 818 bytes from 198.97.190.53#53(h.root-servers.net) in 24 ms
    
            4chan.org.  86400 IN NS rita.ns.cloudflare.com.
            4chan.org.  86400 IN NS rick.ns.cloudflare.com.
            4chan.org.  86400 IN DS 2371 13 2 6A733A066EC854DA185286CCFA57A32D5DB8C5423DDA19AE45C8DF62 7E6B3616
            4chan.org.  86400 IN RRSIG DS 7 2 86400 20200807152700 20200717142700 27353 org. NVLL4jjoUlqQGE01bwZmMLUx8KHG+gwMnYgXGdRX1ea782pva0Db2IlU ENiH3NsJhM2poEYltL6ighTX3CBr7T973ZzUJA/kIoRObgIrHJ/B0TiR pNGVodVQWsHKkDNpujwvFgzQYgLvmyKcCw9rIV5HGNxU5QbjcENGs6b7 nq8=
            couldn't get address for 'rita.ns.cloudflare.com': not found

------
ed25519FUUU
I'm realizing how bad the experience is when my computer starts falling back
to the "secondary" DNS. It adds a little over 1s latency to resolutions (very
noticable).

I wish my computer was smart enough to "healthcheck" the primary and
secondary, and fallback to using the secondary as the primary until it becomes
healthy again.

------
MertsA
So I just noticed that my mtr session that I started originally just changed
paths and is now going to a different POP and now 1.1.1.1 is back up for me.
No clue if the issue is fixed or they just sent a BGP update withdrawing the
advertised route for 1.1.1.1 for the impacted POP.

------
arh68
Well I just rebooted my modem, but modem + router checked out (I know the
IPs). Rebooted the Pi-Hole, seems to be back up now. Cloudflare is the only
DNS my Pi-Hole forwards to. I think I will add another, now..

~~~
1f60c
Which ones are you going to add? Just curious. :)

~~~
jyrkesh
I've used 4.2.2.1 extensively in the past, and never had any issues. 4.2.2.1
through 4.2.2.6 are run by Level 3

~~~
1f60c
Oh, I've heard about it, but I don't like to use it because it returns a
search page filled with ads for nonexistent domains.

------
jabzd
Yes, can confirm I am seeing the same behavior. Other members on my team in
other regions are able to resolve addresses - seems to be hit or miss to a
degree based on location.

------
bitclaw
[https://www.cloudflarestatus.com/](https://www.cloudflarestatus.com/) seems
like this page is out of date.

------
mercer
I can't access my own VPS nor Digital Ocean (which takes care of DNS). Good to
know I'm not the only one with issues, at least.

------
yizhang7210
Yep. Say [http://npmjs.com/](http://npmjs.com/)

------
clintavo
We are. We suddenly can't pull up any of our properties that use cloudflare
DNS.

------
psophis
I'm getting some. 1.1.1.1 isn't responding to any DNS requests for me.

------
mymindstorm
I'm seeing this too, I can't even load the Cloudflare website.

------
decad
We are experiencing issues with DNS, Discord seems effected as well

------
bitclaw
Same here DNS is not resolving for several domains and subdomains.

------
johnny81
Our AppBeat monitoring is reporting Cloudflare issues too.

------
ricardonunez
My websites are down. I noticed when some CDNs were down.

------
bweisb
1.0.0.1 and 1.1.1.1 are down for me for providing DNS.

------
bitclaw
Same here, DNS domains and subdomains not resolving.

------
sashk
Yep, github actions failing because of this too.

~~~
SwiftyBug
All my tests passed. The only explanation must be because Github Actions is
being affected. My tests would never pass otherwise.

------
oxfordmale
Yes, experiencing the same issue from the UK.

~~~
nbevans
And me. (UK)

~~~
christoph
Same (UK) some sites work, some others not. Thought it was just me.

------
amishkin
Yep, all my sites went down for a bit.

------
appveyor
AppVeyor has experienced DNS hiccup.

------
marblessubtext
using dig with 8.8.8.8 for discord.com and downdetector.com, I'm not seeing
answer sections?

------
redog
First twitter and now this....

------
benatkin
I can't get to chess.com.

~~~
NickLamp
Lichess is up (and also better)

------
maxk42
downdetector is down. Discord is down. Cloudflare is down.

Looks like a major DNS attack.

~~~
ipsum2
Hanlon's razor applies here.

~~~
Exuma
Ranlon's Hazor

