Major Incident Tracking - Core IT Windows Services
Incident Report for UCSB
Resolved
RCA - DNS issue impacting multiple Microsoft services (Tracking ID GVY5-TZZ)
Summary of Impact: Between 21:21 UTC and 22:00 UTC on 1 Apr 2021, Azure DNS experienced a service availability issue. This resulted in customers being unable to resolve domain names for services they use, which resulted in intermittent failures accessing or managing Azure and Microsoft services. Due to the nature of DNS, the impact of the issue was observed across multiple regions. Recovery time varied by service, but the majority of services recovered by 22:30 UTC.

Root Cause: Azure DNS servers experienced an anomalous surge in DNS queries from across the globe targeting a set of domains hosted on Azure. Normally, Azure's layers of caches and traffic shaping would mitigate this surge. In this incident, one specific sequence of events exposed a code defect in our DNS service that reduced the efficiency of our DNS Edge caches. As our DNS service became overloaded, DNS clients began frequent retries of their requests which added workload to the DNS service. Since client retries are considered legitimate DNS traffic, this traffic was not dropped by our volumetric spike mitigation systems. This increase in traffic led to decreased availability of our DNS service.

Mitigation: The decrease in service availability triggered our monitoring systems and engaged our engineers. Our DNS services automatically recovered themselves by 22:00 UTC. This recovery time exceeded our design goal, and our engineers prepared additional serving capacity and the ability to answer DNS queries from the volumetric spike mitigation system in case further mitigation steps were needed. The majority of services were fully recovered by 22:30 UTC. Immediately after the incident, we updated the logic on the volumetric spike mitigation system to protect the DNS service from excessive retries.

Next Steps: We apologize for the impact to affected customers. We are continuously taking steps to improve the Microsoft Azure Platform and our processes to help ensure such incidents do not occur in the future. In this case, this includes (but is not limited to):

Repair the code defect so that all requests can be efficiently handled in cache.
Improve the automatic detection and mitigation of anomalous traffic patterns.
Posted Apr 07, 2021 - 16:58 PDT
Investigating
https://status.azure.com/en-us/status
Azure DNS - Investigating

We are currently investigating reports of an issue affecting Azure DNS. More information will be provided as it is known.

This message was last updated at 21:59 UTC on 01 April 2021

Warning DNS issues - Investigating

Engineering is investigating an issue with DNS that is impacting several downstream Azure services.

This message was last updated at 22:07 UTC on 01 April 2021
Posted Apr 01, 2021 - 15:20 PDT
This incident affected: Campus Technical Services (Campus Network).