To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem that the incident was caused by an internal misconfiguration.
The outage occurred on July 14 and impacted most users of the service all over the world, rendering internet services unavailable in many cases.
“The root cause was an internal configuration error and not the result of an attack or a BGP hijack,” Cloudflare says in the announcement.
This statement comes after people reported on social media that the outage was caused by a BGP hijack.
Global outage unfolding
Cloudflare's 1.1.1.1 public DNS resolver launched in 2018 promising a private and fast internet connectivity service to users worldwide.
The company explains that behind the outage was a configuration change for a future Data Localization Suite (DLS) performed on June 6, which mistakenly linked 1.1.1.1 Resolver IP prefixes to a non-production DLS service.
On July 14 at 21:48 UTC, a new update added a test location to the inactive DLS service, refreshing the network configuration globally and applying the misconfiguration.
This withdrew 1.1.1.1 Resolver prefixes from Cloudflare’s production data centers and routed them to a single offline location, making the service globally unreachable.
Less than four minutes later, DNS traffic to the 1.1.1.1 Resolver began to drop. By 22:01 UTC, Cloudflare detected the incident and disclosed it to the public.
... continue reading