On July 14, 2025, Cloudflare’s public DNS service at 1.1.1.1 experienced a global outage that lasted approximately 62 minutes. This incident disrupted DNS resolution for millions of users and businesses worldwide, making websites appear offline or unreachable.
What Caused the Outage?
At 21:48 UTC, Cloudflare engineers deployed a configuration update meant for their Data Localization Suite (DLS). The update was intended for internal staging environments, but it mistakenly included BGP route information for the 1.1.1.1 service IP range.
At 21:52 UTC, Cloudflare’s systems began withdrawing BGP routes for:
1.1.1.0/241.0.0.0/24- Several IPv6 prefixes
As a result, the DNS resolver at 1.1.1.1 effectively vanished from the Internet. DNS queries to Cloudflare’s resolver dropped to near-zero levels.
Was It a BGP Hijack?
Shortly after Cloudflare’s route withdrawal, Tata Communications (AS4755) began advertising the 1.1.1.0/24 prefix. While this resembled a BGP hijack, Cloudflare confirmed it was not the root cause, but rather an opportunistic announcement that filled the vacuum left by their own withdrawal.
Timeline of the Incident
| Time (UTC) | Event |
|---|---|
| 21:48 | Configuration update deployed with incorrect BGP data |
| 21:52 | BGP routes for 1.1.1.1 withdrawn globally |
| 22:01 | Cloudflare declares incident after alerting |
| 22:20 | Rollback initiated and routes re-announced |
| 22:54 | Global DNS resolution restored |
Impact on Users
- DNS Resolution Failed: Users and services relying on 1.1.1.1 experienced complete DNS failure.
- Websites Appeared Offline: Any system using Cloudflare DNS was unable to resolve domain names.
- Some Resilience via DoH: Users accessing DNS-over-HTTPS (DoH) via
cloudflare-dns.comwere less affected, as it uses separate IPs.
Lessons Learned
1. Always Use Redundant DNS
Avoid relying solely on a single DNS provider like 1.1.1.1. Add fallback resolvers like:
- Google DNS:
8.8.8.8 - Quad9:
9.9.9.9 - OpenDNS:
208.67.222.222
2. Route Withdrawals Are Risky
In anycast environments, incorrect route withdrawals can have immediate global effects.
3. Transparency Builds Trust
Cloudflare responded quickly and published a detailed postmortem, showing their commitment to transparency and reliability.
Conclusion
The July 14 Cloudflare DNS outage shows how a simple internal misconfiguration can cascade into a major Internet disruption. While the outage was not caused by an external attack, it exposed structural weaknesses in route configuration and dependency on single-provider DNS services. For businesses and individuals alike, this is a reminder to always build with resilience in mind.
