<a href="https://twitter.com/CloudFlareSys/status/308154786316963841" rel="nofollow">https://twitter.com/CloudFlareSys/status/308154786316963841</a><p>- There is a global problem that affects the CloudFlare proxy and DNS services.<p>- The problem appears to be due to bad routing.<p>- We are working to restore correct routes in order to bring both DNS and proxy services back online.<p>- The operations and networking team are all online and treating this as an emergency.<p>- We do not have an ETA on the response time but will continue to post updates via Twitter as we learn more.<p>UPDATE. Sites are being restored now. DNS is operating.<p>I don't know all the details as bugging the network team while they were fixing wasn't going to help. We'll get a postmortem blog post up.
I'm starting to think it's questionable to depend on CloudFlare more than necessary, but they're still the best option for some things. (I'm a customer, but probably going to stop being a customer this week; I was mostly curious to test it out. Not really decided, though.)<p>1) The CloudFlare security model for SSL basically lets them MITM all your traffic. Probably not a big deal for SSLizing a normal website, or even for accepting credit cards), since they're a decent-sized US company with legal liability, although I'd be concerned about their internal security vs. your own internal security (since you're still fully exposed on your side, too -- it doesn't improve security, and can at best not be a source of new vulnerability).<p>2) Their DNS doesn't appear particularly redundant; it's just anycast in one big block. Using CloudFlare for DNS seems to be bad practice; you should use something else and cname to CF. Ideally something with multiple DNS servers either individually anycast or in at least two independent (probably anycast) netblocks.<p>3) Performance of the proxy service seems adequate in my experience but for sites with large amounts of overseas-source traffic, I've heard of people getting lots of suspected-bad-guy path. For a free forum like 4chan that's probably fine; for an e-commerce site, probably not.
My feels go out to the ops folk at Cloudflare. Mistakes happen no matter how many years of experience people bring in, or how much they're paid. We're all humans after all. It must be a pressurizing task to be responsible for potentially millions of dollars of losses during this downtime.<p>I hope the issue is resolved soon and if a person caused it, they're not in too much trouble.
As someone who hosts hundreds of PAID sites with CloudFlare this is pretty unacceptable. I'm giving them thousands of dollars so that this doesn't happen. Will probably be moving off unless they have some very good reasoning behind a world-wide shutdown of a geo-redundant service...
In my experience, cloudflare has been little more than a scam for anyone with half decent traffic.
Not really surprised. Funny how the status page shows all green (are those just static button?) while they acknowledge there is an issue and that they don't know what's going on.<p><a href="http://www.cloudflare.com/system-status" rel="nofollow">http://www.cloudflare.com/system-status</a>
From the cloudfare business page:<p>"2500% guarantee
This extended Service Level Agreement guarantees 100% uptime, and adds a multiplier to owed service credits resulting from any lapse: 5 times any downtime minutes and 5 times customers affected = 2500% guarantee."
Looks like they dropped off the internet:<p><a href="http://www.youtube.com/watch?v=wMRaKtydILI" rel="nofollow">http://www.youtube.com/watch?v=wMRaKtydILI</a><p>AS13335 = Cloudflare
This is down as well:
<a href="http://www.cloudflare.com/system-status" rel="nofollow">http://www.cloudflare.com/system-status</a><p>They should host this page on a third party provider.
I use a pretty major forum that has a huge amount of traffic. The owner migrated it to CloudFlare. For the past 5-6 weeks the site has 50% of its request go to a 'Sorry xyz is not available right now'
Somebody pointed out about the CNAME available on Cloudflare. I never knew that and i checked out the article. The First paragraph:<p>"CNAME setup is a manual process generally available to paid CloudFlare plans only. If you are interested in testing CNAME setup, please contact CloudFlare <i></i>first<i></i> with the domain you would like to test CNAME with. Please specifically mention CNAME Setup in the subject field for faster review. Allowing for CNAME setup is entirely at the discretion of CloudFlare."<p>So NO: This isn't even a features at all. They made it as hard as possible to set this up and will grant you the use of it as they like.
It seems that CloudFlare's DNS is down, and affecting NameTerrific as we have a CNAME record pointing to them. I had to change the CNAME record to get our site working again.<p>EDIT: Based on Twitter search, all CloudFlare sites seem to be down.
And it's up again! <a href="https://twitter.com/CloudFlareSys/status/308170566760792064" rel="nofollow">https://twitter.com/CloudFlareSys/status/308170566760792064</a>
Even their status page is down. And sure - all my sites too. And funny part is that for most of my sites i have stopped Clouflare features and use just their DNS. Never thought that I will fail because of DNS not being available.
All my sites are now back online! ~ 40min downtime.<p>Edit: Looks like DNS is back. However if you use CloudFlare services then you might still have problems. Like:<p>504 Gateway Time-out
cloudflare-nginx
It took a CloudFlare total wipeout to discover how useless our browsers are against domain name lookups that take a ridiculously long time to timeout.<p>News flash: CDN fallback like the one below is next to useless unless the first request times out reasonably quickly.<p><a href="http://css-tricks.com/snippets/jquery/fallback-for-cdn-hosted-jquery/" rel="nofollow">http://css-tricks.com/snippets/jquery/fallback-for-cdn-hoste...</a>
I'm going to say this on the posibility of this being seen as a flamebait... But You should have chosen Akamai over Cloudflare.<p>It's so funny how everybody jumps on top of new companies that say they can proxy all of the interwebz for a low price. (Cloudflare, Blackberry)<p>And then they fail...
I'm so happy we didn't go on that wave. Redirecting your DNS to someone else seems like a bad idea in any case. In any case, what do they do, that I could not have done with Varnish?
its sunday! seems like they pushed another faulty update (like last time)! yep confirmed, all is down including their own site, thats pretty fucked up, when they dont even have offsite status! good thing i dont use cloudflare in all my sites...