Route leak incident on January 22, 2026
3 months ago
- #Cloudflare
- #Network Security
- #BGP
- On January 22, 2026, a BGP route leak occurred due to an automated routing policy configuration error at Cloudflare's Miami data center.
- The leak lasted 25 minutes, affecting IPv6 traffic, causing congestion, elevated loss, and higher latency for some Cloudflare customers and external networks.
- The incident was caused by a misconfiguration that allowed internal BGP routes to be advertised externally, violating BGP best practices.
- Cloudflare identified the issue, reverted the configuration manually, and paused automation to stop the leak.
- The company outlined short- and long-term improvements to prevent future route leaks, including policy automation patches, BGP community safeguards, and advocating for routing security enhancements like RFC9234 and RPKI ASPA.
- Cloudflare apologized for the impact on users, customers, and external networks affected by the incident.