MORE POSTS
March 20, 2021 2:00 PM
Moving k8s communication to gRPC
How we use gRPC in combination with Kubernetes to improve the performance and usability of internal APIs....
March 08, 2021 2:00 PM
The benefits of serving stale DNS entries when using Consul
We use Consul for service discovery, and we’ve deployed a cluster that spans several of our data centers. We were aware from the start that the DNS query latencies were not great from certain parts of the world that were furthest away from these data centers....
December 08, 2020 12:00 PM
Helping build the next generation of privacy-preserving protocols
Today, we’re making several announcements around improving Internet protocols with respect to something important to our customers and Internet users worldwide: privacy....
December 08, 2020 12:00 PM
Improving DNS Privacy with Oblivious DoH in 1.1.1.1
Oblivious DoH (ODoH) makes secure DNS over HTTPS (DoH) queries into private queries which prevent the leakage of client IP addresses to resolvers. The new proposed ODoH standard addresses this problem and today we are enabling users to use this protocol with 1.1.1.1...
December 08, 2020 12:00 PM
Good-bye ESNI, hello ECH!
A deep dive into the Encrypted Client Hello, a standard that encrypts privacy-sensitive parameters sent by the client, as part of the TLS handshake....
November 30, 2020 1:14 PM
Improving the Resiliency of Our Infrastructure DNS Zone
We've improved the resiliency and management of our infrastructure DNS zone. In this post, we guide you through some of the "whats", "whys" and "hows" we encountered along the way. ...
November 13, 2020 7:06 PM
SAD DNS Explained
Researchers from UC Riverside and Tsinghua University found a new way to revive a decade-old DNS cache poisoning attack. Read our deep dive into how the SAD DNS attack on DNS resolvers works, how we protect against this attack in 1.1.1.1, and what the future holds for DNS cache p...
October 30, 2020 12:00 PM
Unwrap the SERVFAIL
We recently released a new version of Cloudflare Resolver, which adds a piece of information called “Extended DNS Errors” (EDE) along with the response code under certain circumstances. This will be helpful in tracing DNS resolution errors and figure out what went wrong behind th...
October 02, 2020 7:35 AM
DNS Flag Day 2020
October 1 is DNS Flag Day, an initiative by the DNS community to make DNS more secure, reliable and robust. This year the focus is on problems around IP fragmentation of DNS packets....
September 15, 2020 11:00 AM
Secondary DNS - Deep Dive
The goal of Cloudflare operated Secondary DNS is to allow our customers with custom DNS solutions, be it on-premise or some other DNS provider, to be able to take advantage of Cloudflare's DNS performance and more recently, through Secondary Override, our proxying and security ca...
August 20, 2020 11:00 AM
Orange Clouding with Secondary DNS
Secondary DNS Override is a great option for any users that want to take advantage of the Cloudflare network, without transferring all of their zones to Cloudflare DNS as a primary provider....
July 30, 2020 3:00 PM
Bringing Your Own IPs to Cloudflare (BYOIP)
Today we’re thrilled to announce general availability of Bring Your Own IP (BYOIP) across our Layer 7 products as well as Spectrum and Magic Transit services. ...
May 25, 2020 11:00 AM
Secondary DNS — A faster, more resilient way to serve your DNS records
Starting today, enterprise customers who are entitled to secondary DNS will be able to configure their zone in the Cloudflare Dashboard....
May 25, 2020 11:00 AM
Making DNS record changes more reliable
DNS is the very first step in accessing any website, API, or pretty much anything on the Internet, which makes it mission-critical to keeping your site up and running. This week, we are launching two significant changes that allow our customers to better maintain and update their...