TLD glue sticks around too long

Published on by Marek Majkowski.

Recent headline grabbing DDoS attacks provoked heated debates in the DNS community. Everyone has strong opinions on how to harden DNS to avoid downtime in the future. Is it better to use a single DNS provider or multiple? What DNS TTL values are best? Does DNSSEC make you more or

The Internet is Hostile: Building a More Resilient Network

Published on by Jérôme Fleury.

In a recent post we discussed how we have been adding resilience to our network. The strength of the Internet is its ability to interconnect all sorts of networks — big data centers, e-commerce websites at small hosting companies, Internet Service Providers (ISP), and Content Delivery Networks (CDN) — just to name

How the Dyn outage affected Cloudflare

Published on by John Graham-Cumming.

Last Friday the popular DNS service Dyn suffered three waves of DDoS attacks that affected users first on the East Coast of the US, and later users worldwide. Popular websites, some of which are also Cloudflare customers, were inaccessible. Although Cloudflare was not attacked, joint Dyn/Cloudflare customers were affected.

How Cloudflare's Architecture Allows Us to Scale to Stop the Largest Attacks

Published on by Matthew Prince.

The last few weeks have seen several high-profile outages in legacy DNS and DDoS-mitigation services due to large scale attacks. Cloudflare's customers have, understandably, asked how we are positioned to handle similar attacks. While there are limits to any service, including Cloudflare, we are well architected to withstand these recent