Making progress on routing security: the new White House roadmap
2024-09-02
On September 3, 2024, the White House published a report on Internet routing security. We’ll talk about what that means and how you can help....
Continue reading »
The backbone behind Cloudflare’s Connectivity Cloud
2024-08-06
Connectivity CloudAnycastArgo Smart RoutingAthenian ProjectBGPBetter InternetCloudflare NetworkMagic TransitProduct News
Read through the latest milestones and expansions of Cloudflare's global backbone and how it supports our Connectivity Cloud and our services...
Exam-ining recent Internet shutdowns in Syria, Iraq, and Algeria
2024-06-21
Similar to actions taken over the last several years, governments in Syria, Iraq, and Algeria have again disrupted Internet connectivity nationwide in an attempt to prevent cheating on exams. We investigate how these disruptions were implemented, and their impact...
Traffic anomalies and notifications with Cloudflare Radar
2023-09-26
Cloudflare Radar now displays country and ASN traffic anomalies in the Outage Center as they are detected, as well as publishing anomaly information via API. We are also launching Radar notifications, enabling users to subscribe to notifications about traffic anomalies...
Cloudflare Radar's new BGP origin hijack detection system
2023-07-28
BGP origin hijacks allow attackers to intercept, monitor, redirect, or drop traffic destined for the victim's networks. We explain how Cloudflare built its BGP hijack detection system, from its design and implementation to its integration on Cloudflare Radar...
MORE POSTS
December 16, 2022 2:00 PM
Helping build a safer Internet by measuring BGP RPKI Route Origin Validation
Is BGP safe yet? If the question needs asking, then it isn't. But how far the Internet is from this goal is what we set out to answer....
- By
November 24, 2022 5:31 PM
Why BGP communities are better than AS-path prepends
Routing on the Internet follows a few basic principles. Unfortunately not everything on the Internet is created equal, and prepending can do more harm than good. In this blog post we’ll talk about the problems that prepending aims to solve, and some alternative solutions...
- By
November 23, 2022 4:00 PM
How we detect route leaks and our new Cloudflare Radar route leak service
In this blog post, we will introduce our new system designed to detect route leaks and its integration on Cloudflare Radar and its public API....
- By
February 23, 2022 1:59 PM
BGP security and confirmation biases
On February 1, 2022, a configuration error on one of our routers caused a route leak of up to 2,000 Internet prefixes to one of our Internet transit providers. This leak lasted for 32 seconds and at a later time 7 seconds...
- By
October 08, 2021 3:16 PM
What happened on the Internet during the Facebook outage
Today, we're going to show you how the Facebook and affiliate sites downtime affected us, and what we can see in our data....
- By
October 04, 2021 9:08 PM
Understanding how Facebook disappeared from the Internet
Today at 1651 UTC, we opened an internal incident entitled "Facebook DNS lookup returning SERVFAIL" because we were worried that something was wrong with our DNS resolver 1.1.1.1. But as we were about to post on our public status page we realized something else more serious was ...
- By
March 25, 2021 1:00 PM
Protecting Cloudflare Customers from BGP Insecurity with Route Leak Detection
Today, we're excited to announce Route Leak Detection, a new network alerting feature that tells customers when a prefix they own that is onboarded to Cloudflare is being leaked....
- By
November 06, 2020 12:36 PM
The Internet is Getting Safer: Fall 2020 RPKI Update
The cap of two hundred thousand routing cryptographic records was recently passed. We thought it was time for an update on a major year for RPKI....
- By
June 26, 2020 11:00 AM
Introducing Regional Services
Cloudflare launches Regional Services, giving customers control over where their data is processed....
- By
April 17, 2020 3:00 PM
Is BGP Safe Yet? No. But we are tracking it carefully
BGP leaks and leaks and hijacks have been accepted as an unavoidable part of the Internet for far too long. Today, we are releasing isBGPSafeYet.com, a website to track deployments and filtering of invalid routes by the major networks....
- By
March 03, 2020 2:00 PM
RPKI and the RTR protocol
Today’s Internet requires stronger protection within its core routing system and as we have already said: it's high time to stop BGP route leaks and hijacks by deploying operationally-excellent RPKI!...
- By
June 26, 2019 10:22 PM
The deep-dive into how Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Monday
On Monday we wrote about a painful Internet wide route leak. We wrote that this should never have happened because Verizon should never have forwarded those routes to the rest of the Internet. Today we will dive into the archived routing data and analyze it....
- By
June 24, 2019 7:58 PM
How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Today
Today at 10:30UTC, the Internet had a small heart attack. A small company in Northern Pennsylvania became a preferred path of many Internet routes through Verizon (AS701), a major Internet transit provider. ...
- By
June 18, 2019 1:00 PM
Securing Certificate Issuance using Multipath Domain Control Validation
Trust on the Internet is underpinned by the Public Key Infrastructure (PKI). PKI grants servers the ability to securely serve websites by issuing digital certificates, providing the foundation for encrypted and authentic communication. ...
- By
June 16, 2019 5:07 PM
Welcome to Crypto Week 2019
The Internet is an extraordinarily complex and evolving ecosystem. Its constituent protocols range from the ancient and archaic (hello FTP) to the modern and sleek (meet WireGuard), with a fair bit of everything in between. ...
- By