While
your router
sends data between devices on your home network, DNS servers do a similar job for the internet, providing a lookup table between human-readable URLs like xda-developers.com to the IP addresses your web browser uses to get data. It’s a simple-sounding system that’s incredibly complicated underneath the macro view, and most of the time, it works to keep the internet connected.
The DNS servers set on your operating system or router take your browser query and, depending on whether it has the data cached or not, return the info to your browser or query a series of other name servers, starting with the c-root server, then the name server for TLDs, then the name server for the actual website hosting, before passing the data back to your browser.
Except for when things go wrong—and depending on which part of the DNS resolving process is affected, it can take out large sections of the internet at a time. Sometimes, it’s a single website that disappears or a series of services connected to it, but it can be more widespread. Because of how name servers work, it could affect some parts of the world but not others.
What’s also widespread is the IT industry meme that “it’s always DNS,” because the root cause of many unexplained behaviors can often be traced back to some quirks of the DNS process. When your favorite website is unreachable or you can’t get onto the internet, it’s usually DNS, so let’s dive into some major outages caused by poor system admins.
Related
The little known glue that keeps the internet working
We all rely on DNS everyday to access the internet, read on to learn about what it actually does
11
Zoom (2025)
What can you do when your domain registrar takes your website down?
Normally, once you register a domain name, it’s yours and once you set up the accompanying records to link it to the public IP address of your servers, not much can go wrong. Except on April 16, 2025, everyone’s favorite teleconferencing service, Zoom, went offline. Or more specifically, the zoom.us domain went offline, impacting services.
What could have been a DNS misconfiguration turned out to be a server block by GoDaddy Registry, because of a miscommunication between Markmonitor (the domain registrar) and GoDaddy. DNS was technically working properly here, but due to the layers of caching to enable resilient services, it took quite some time before the domain was reachable again.
Related
7 website URLs that changed hands for unholy sums of money
Registering a URL might be relatively inexpensive, but you can make bank selling the domain name to the right buyer.
10
Cogent (2024)
One of the thirteen root servers for DNS glitched for multiple days
Source: Lenovo
DNS is at the heart of every part of internet connectivity, and it’s slightly worrying that only a few servers control its top level. There are thirteen root servers worldwide, spread out geographically. Usually, they’re completely in sync and there to route DNS queries to where they need to go. But in 2024, one of them went out of sync for four days, which could have plunged the internet into chaos.
If those root servers are out of sync, DNSSEC can be circumvented under the right attack conditions, allowing attackers to spoof any domain they want. This is known as DNS cache poisoning, and is why DNSSEC was invented in the first place. Without that server in sync with the other 12, it could have been used to spoof domains for unsavory activity. And that wasn’t the only issue with DNS at the time, as the company that runs that root server also mistakenly transferred the IP address of the c-root website to another company, leading to the website going offline.
Related
What is internet routing, and why does it matter?
Your internet connection isn’t just influenced by things like bandwidth and signal strength, but by routing, too.
9
Akamai (2021)
Internet routing at scale is hard, okay?
Akamai is one of the leading content delivery service providers for large companies and, as such, an important part of the DNS system. The company has its own DNS services to make things smoother for its clients, which it does most of the time. In the summer of 2021, its Edge DNS system experienced issues, which wasn’t good news for the websites Akamai keeps online.
Major players like UPS, FedEx, Airbnb, and Fidelity disappeared temporarily from the internet while the outage was ongoing. Steam, LastPass, and the PlayStation Network also had connectivity issues that took hours to resolve. This time, it wasn’t a cyberattack or hack, which is good, really, as the DNS system is vulnerable to attacks and has been a favorite target for years.
Related
I tried storing data in the internet itself
Sure, hard drives are cool. But what if we could store our data in the internet itself, all with the power of a ping.
8
Facebook (2021)
A significant self-own for the engineering department took things offline
Whether it’s Facebook, WhatsApp, Messenger, or Instagram, one redeeming feature of Meta’s hegemony is that it’s always online. It’s the communication hub for many regions of the world, and every tiny outage is met with angry users. But in 2021, all Facebook services went down for hours worldwide, and while DNS wasn’t the root cause, it had a part to play. A simple maintenance task to assess the availability of those services ended up cascading and disconnecting every Facebook data center from each other, as well as the internet. Then Facebook’s DNS servers stopped announcing because of this, meaning that none of the data centers could be reached to be fixed unless physically on-site.
Related
How to delete or deactivate your Facebook account
Deleting or deactivating your Facebook account is fairly simple as long as you know where to find the options.
7
Cloudflare (2020)
When one company secures a large percentage of the internet, any issue is major
Cloudflare protects a large portion of the internet from attack, but it’s not immune to errors. In 2020, a misconfigured router routed all Cloudflare traffic from several locations through it instead of helping load balancing, while another section of the backbone was under maintenance. Essentially, Cloudflare DDoS’ed its own router off the network, and made a large chunk of its customers and users have connectivity issues. It’s the first (and only to my knowledge) time that Cloudflare’s backbone has had issues, and the changes implemented mean it can’t go down again like this.
Related
How Cloudflare’s wall of lava lamps helps keep the internet safe
A wall of lava lamps, dubbed the “Wall of Entropy,” is a core pillar of Cloudflare’s key generation.
6
Verizon (2019)
A small ISP somehow managed to affect Verizon’s systems and chaos ensued
Photo: Brady Snyder
The routing and announcement of DNS routes on the Internet work on a hierarchy of authority, from the root servers to the providers that handle the major backbones to smaller ISPs, and so on. This trusted authority system can be hijacked, but sometimes it mistakenly gets taken over as well. In 2019, Verizon accepted some internet routing from a tiny ISP that it shouldn’t have, and because of its authoritative position, the rest of the world agreed.
The end result was that traffic intended for Cloudflare, Facebook, and plenty of others all got routed through a tiny ISP’s hardware in Pennsylvania, taking it offline and blackholing those requests. It’s as if a Pi-hole was set up on the entire internet, and while this kind of thing happens fairly often, Verizon should have filtered the requests out and not changed major routing because of it.
Related
I hosted my own DNS server using my NAS, and you can too
Self-hosting a DNS server makes your searches faster and more secure.
5
Azure (2021 and 2019)
Everywhere there are system admins, there is the possibility of bad code
Even huge cloud providers sometimes miss the mark, and when DNS is the root cause, those cloud servers can worsen the problem. In 2021, Microsoft’s Azure DNS servers first got hit by odd DNS requests, stopping its servers from replying to legitimate client requests. Then those clients retried their DNS queries, swamping the server with requests that wouldn’t be out of the ordinary at any other time. But it’s not the only time Azure has suffered from the whims of DNS, as during a DNS migration in 2016, Microsoft knocked its cloud services out of the sky for a couple of hours.
Related
Microsoft, Amazon, and Google may be forced to work with EU firms to handle sensitive European data on the cloud
AWS, Azure, GCP, and other cloud service providers may soon require an EU cybersecurity label to handle sensitive data.
4
DNS Nameserver Hijacks (2018)
A complex series of attacks hijacked the DNS records of multiple government websites
Source: Wikicommons
Espionage takes many forms, and in 2018, a nation state took over the DNS records of multiple other government websites. Once the hijack was successful, they replaced the SSL encryption certificates for those sites to decrypt any VPN or other encrypted traffic from those sites. This included the DNS infrastructure for more than 50 Middle Eastern companies and government agencies, including targets in Albania, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Saudi Arabia, and the United Arab Emirates. It was all possible because they hijacked part of one of the 13 root servers that handle the global DNS records, showing just how fragile the internet is underneath.
Related
6 reasons to host your own DNS server at home
Adding a DNS server to your home network can have a whole host of benefits
3
DDoS on Dyn (2016)
What happens when you try to knock the DNS providers offline?
The Mirai botnet,responsible for this vast swathe of attacks in 2016, is the main reasonevery journalist and security professional will tell you not to trust your IoT devices. It also took down Xbox Live, PlayStation Network, Fox News, GitHub, and dozens of other huge sites and services. The same hackers also generated a botnet that infected tens of thousands of home routers, which was used to generate revenue through click fraud through online advertising infrastructure. While they’re in prison, the Mirai code was posted online and used in other attacks.
Related
5 ways to choose the best alternate DNS service
If you are looking for speed or features, here are five ways to choose the best alternate DNS service that works for you.
2
Wikipedia (2010)
Even enterprise servers overheat sometimes
In 2010, the Wikimedia Foundation suffered DNS issues, which temporarily disabled Wikipedia. Some servers in their European data center overheated and shut down to protect the hardware and data, which is standard practice. They also had a plan to failover the DNS queries to another data center. During the changeover, they realized the failover mode was broken, and the DNS resolution for all Wikimedia sites stopped working until they could restore services.
Related
4 signs that your CPU is overheating
A CPU that runs too hot isn’t going to last very long
1
YouTube (2008)
It’s not every day your servers accidentally get taken over by a foreign ISP
When we think about hijacked DNS, you might think it takes shadowy hackers with malign intentions. But as we saw earlier with Verizon, sometimes all it takes is the DNS servers of the world to trust the wrong announcement. In 2008, Pakistan Telecom started announcing an IP address space, like the 192.168.1.0/24 space your home network is likely on. A short while later, YouTube announced the same IP address space, leading to an automated fight for traffic between the two sets of servers. But Pakistan Telecom wasn’t supposed to announce the IP space. It was trying to block YouTube from being viewed from inside Pakistan, but instead the international data carrier that the telco uses announced it to the broader internet, taking YouTube down for roughly two-thirds of the world’s internet users.
Related
The rise of the greatest video streaming service
YouTube is here, there, and everywhere
When DNS goes wrong, everybody knows about it
Large-scale DNS issues are pretty uncommon because the backbone of the internet is designed to be resilient in case of any issue. But as we’ve seen, sometimes even the best safeguards fail, and those servers disappear from the internet due to accidental misconfiguration. Others spur the industry to create new ways to keep the name servers working when hacks or other issues arise. What will always be true is that most DNS issues are from human error, which you can build safeguards against, but not completely rule out.
