<TechBlogs/>
DowndetectorCloudflareCDNoutageresilience

Lessons from Downdetector: The Real Cost of No Upstream Dependencies

Lessons from Downdetector: The Real Cost of No Upstream Dependencies

# Introduction

The November 2025 Cloudflare outage had an interesting side effect: it took down Downdetector, a real-time outage and monitoring service. This may seem counterintuitive, given Downdetector's purpose is to monitor uptime. However, as it turns out, Downdetector has a key dependency on Cloudflare, which led to its downfall.

Understanding Downdetector's Architecture

Downdetector was built with a multi-region and multi-cloud architecture, which makes sense for a service meant to detect cloud provider outages. This design allows Downdetector to remain operational even if one cloud provider experiences an outage. However, despite this resilient architecture, Downdetector still relies on Cloudflare for DNS, Content Delivery (CDN), and Bot Protection.

The Advantages of Using a CDN

So, why would Downdetector take on this key dependency? The answer lies in the advantages of using a CDN:

  • Drastically lower bandwidth costs: assets cached on the CDN are served much faster
  • Faster load times: assets on a CDN are served from Edge nodes nearer to users
  • Protection from sudden traffic spikes: a CDN can help absorb traffic spikes, reducing the load on Downdetector's services
  • DDoS protection: a CDN can help protect against distributed denial of service attacks
  • Reduced infrastructure requirements: by using a CDN, Downdetector can run on fewer servers

The Business Case for Using Cloudflare

Downdetector's usage patterns reflect that it is a service heavily used by consumers who are not monetized. Given this business model, removing the upstream dependency on Cloudflare would likely result in significant cost increases, slower load times, and no change in revenue. In other words, using Cloudflare is a pragmatic choice based on Downdetector's business needs.

Design Choices and Lessons Learned

Dhruv Arora, Senior Director of Engineering at Ookla, the company behind Downdetector, shared some insights on the design choices behind Downdetector's architecture:

“Building redundancy at the DNS & CDN layers would require enormous overhead. This is especially true as Cloudflare's Bot Protection is world-class, and building similar functionality would be a lot of effort.”

The team also learned that having more Infrastructure as Code could have helped bring back Downdetector sooner during the outage. Additionally, they were able to shift traffic around and reduce the impact of the outage since it was not global.

Conclusion

The Downdetector outage highlights the importance of understanding the trade-offs involved in building a resilient architecture. While having no upstream dependencies may seem ideal, it is not always practical or cost-effective. By using a CDN like Cloudflare, Downdetector can reap the benefits of lower bandwidth costs, faster load times, and improved protection against traffic spikes and DDoS attacks. As Dhruv Arora noted, building redundancy at the DNS & CDN layers would require significant overhead, making Cloudflare a pragmatic choice for Downdetector's business needs.