Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: 1.1.1.1 DNS (Cloudflare) outage?
29 points by sbr464 on May 31, 2018 | hide | past | web | favorite | 36 comments
I'm experiencing an outage with the new 1.1.1.1 dns resolver. Anyone else?



It's back up:

    ; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @1.1.1.1
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21908
    ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1536
    ;; QUESTION SECTION:
    ;.                              IN      NS

    ;; ANSWER SECTION:
    .                       2179    IN      NS      a.root-servers.net.
    .                       2179    IN      NS      b.root-servers.net.
    .                       2179    IN      NS      c.root-servers.net.
    .                       2179    IN      NS      d.root-servers.net.
    .                       2179    IN      NS      e.root-servers.net.
    .                       2179    IN      NS      f.root-servers.net.
    .                       2179    IN      NS      g.root-servers.net.
    .                       2179    IN      NS      h.root-servers.net.
    .                       2179    IN      NS      i.root-servers.net.
    .                       2179    IN      NS      j.root-servers.net.
    .                       2179    IN      NS      k.root-servers.net.
    .                       2179    IN      NS      l.root-servers.net.
    .                       2179    IN      NS      m.root-servers.net.

    ;; Query time: 10 msec
    ;; SERVER: 1.1.1.1#53(1.1.1.1)
    ;; WHEN: Thu May 31 18:14:31 UTC 2018
    ;; MSG SIZE  rcvd: 431


This issue should be resolved. It is early but appears our DDoS systems kicked in when they shouldn't.


You might want to put a link to your system status page on your home page:

https://1.1.1.1/

I googled "1.1.1.1 service status" and that was the top result and there was no link to your actual status page.

So then I did what I always do and hit https://news.ycombinator.com/newest


https://www.cloudflarestatus.com/incidents/2mz3wly2g7dy

Sorry about that. https://www.cloudflarestatus.com/ should also encompass 1.1.1.1 and 1.0.0.1.


Thanks for the update. Did this affect all of your public resolvers or only 1.1.1.1?


It only affected 1.1.1.1 and 1.0.0.1 over UDP. The IPv6 pairs 2606:4700:4700::1111 and 2606:4700:4700::1001 were unaffected.


How to check if you're having trouble from your specific location:

-- Windows --

Cloudflare DNS:

  nslookup www.google.com 1.1.1.1
Google DNS:

  nslookup www.google.com 8.8.8.8
-- Linux --

Cloudflare DNS:

  dig @1.1.1.1 www.google.com
Google DNS:

  dig @8.8.8.8 www.google.com


Using dig on windows 7 it seems to be up.


Cloudflare explained this incident on this post [0]. You can also check the discussion on HN here [1].

[0]: https://blog.cloudflare.com/today-we-mitigated-1-1-1-1/

[1]: https://news.ycombinator.com/item?id=17201830


Confirmed in The Netherlands.

Was concerned it was another hijack, but a hijack would probably try to act like a dns...


Confirmed from India.

Are we even supposed to use the same DNS provider for both the fields? That seems like a bad idea


Confirmed from Argentina.

From Cloudflare Status: "Resolver Timeouts" https://www.cloudflarestatus.com/incidents/2mz3wly2g7dy


funny that no one links to the cloudflare status page: https://www.cloudflarestatus.com/


Thanks for posting, I had checked originally, but didn't see that update, probably too early.


Is it ironic that the status page requires DNS to access?


It made my router lockup for some reason, even changing DNS locally on PC seemed to give some routing issues. Router reboot seemed to sort out.


Yeah - Europe side too. Thought my raspberry pi hole setup was broken...nope.

Maybe related to the recent attack on that DNS server?


New Jersey on Fios, same here. Secondary DNS set to 8.8.8.8 which probably makes more sense as a backup anyway.


Just had to change my DNS forwarders, it was stupid of me to use 2 from the same provider.


Could this be more hacking originating from China? Same thing from just a few days ago.


Confirmed in Silicon Valley, seems to be working now though.


Denver/Comcast Business Cable currently (fyi)


yeah I just had to change to 8.8.8.8 as well


yep same, guess I'll need to put a backup dns back in my settings.


Yea I just updated my Google Wifi settings to 1.1.1.1 primary and 8.8.8.8 secondary.


Down in London, both 1.1.1.1 and 0.0.0.0


0.0.0.0 might be down for a little bit longer ;)


Just a little bit longer... ;)


It's still down, shall we let Cloudflare know .. ;-)


Confirmed from LA, dig times out...


Yep. Seems to be global too.


Confirmed from Austin, TX


Confirmed from St. Louis


yea, I set the secondary dns to 8.8.8.8 due to that


Yup, same here.


confirmed back up here (denver)




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: