Just to clear up some misinfo circulating, a BGP hijack was not the cause of
Cloudflare DNS going down today.
At 21:51 UTC, Cloudflare (AS13335) withdrew both 1.1.1.0/24 and 1.0.0.0/24 for an unknown reason.
I suspect AS4755 was always announcing 1.1.1.0/24, when CF went away, it leaked a bit (i.e. "%2").
https://infosec.exchange/@GossiTheDog@cyberplace.social/114854023690856642
Here’s the @Cloudflare write-up with a description of what caused the outage. It was caused by an internal error not a BGP hijack, but we already knew that.
https://blog.cloudflare.com/cloudflare-1-1-1-1-incident-on-july-14-2025/
On July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, resulting in downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver as well as intermittent degradation of service for Gateway DNS. We’re deeply sorry for this outage. This outage was the result of an internal configuration error and not the result of an attack or a BGP hijack. In this blog post, we’re going to talk about what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.
Doug Madory
Pedro
Martin Boller 
