RPKI - The Cloudflare Blog

BGP security and confirmation biases

February 23, 2022 1:59PM

On February 1, 2022, a configuration error on one of our routers caused a route leak of up to 2,000 Internet prefixes to one of our Internet transit providers. This leak lasted for 32 seconds and at a later time 7 seconds...

Maximilian Wilhelm

Fixing Recent Validation Vulnerabilities in OctoRPKI

November 12, 2021 8:59PM

RPKI Vulnerabilities

A number of vulnerabilities in Resource Public Key Infrastructure (RPKI) validation software were disclosed in a recent NCSC advisory, discovered by researchers from the University of Twente....

David Haynes

Protecting Cloudflare Customers from BGP Insecurity with Route Leak Detection

March 25, 2021 1:00PM

Security Week BGP Security RPKI

Today, we're excited to announce Route Leak Detection, a new network alerting feature that tells customers when a prefix they own that is onboarded to Cloudflare is being leaked....

David Tuber

The Internet is Getting Safer: Fall 2020 RPKI Update

November 06, 2020 12:36PM

BGP RPKI Security Crypto

The cap of two hundred thousand routing cryptographic records was recently passed. We thought it was time for an update on a major year for RPKI....

Louis Poinsignon

Is BGP Safe Yet? No. But we are tracking it carefully

April 17, 2020 4:00PM

BGP Security RPKI DNSSEC

BGP leaks and leaks and hijacks have been accepted as an unavoidable part of the Internet for far too long. Today, we are releasing isBGPSafeYet.com, a website to track deployments and filtering of invalid routes by the major networks....

Louis Poinsignon

March 03, 2020 2:00PM

RPKI and the RTR protocol

Today’s Internet requires stronger protection within its core routing system and as we have already said: it's high time to stop BGP route leaks and hijacks by deploying operationally-excellent RPKI!...

By

Martin J Levy

BGP , RPKI

June 26, 2019 11:22PM

The deep-dive into how Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Monday

On Monday we wrote about a painful Internet wide route leak. We wrote that this should never have happened because Verizon should never have forwarded those routes to the rest of the Internet. Today we will dive into the archived routing data and analyze it....

By

Martin J Levy

RPKI , BGP , Deep Dive , Post Mortem

June 16, 2019 6:07PM

Welcome to Crypto Week 2019

The Internet is an extraordinarily complex and evolving ecosystem. Its constituent protocols range from the ancient and archaic (hello FTP) to the modern and sleek (meet WireGuard), with a fair bit of everything in between....

By

Nick Sullivan

Crypto Week , Security , Product News , BGP , Crypto

February 24, 2019 5:00PM

Cloudflare’s RPKI Toolkit

A few months ago, we made a first then a second announcement about Cloudflare’s involvement in Resource Public Key Infrastructure (RPKI), and our desire to make BGP Internet routing more secure....

By

Louis Poinsignon

BGP , Security , RPKI , Crypto , Product News

September 19, 2018 1:01PM

RPKI and BGP: our path to securing Internet Routing

This article will talk about our approach to network security using technologies like RPKI to sign Internet routes and protect our users and customers from route hijacks and misconfigurations....

By

Jérôme Fleury
, Louis Poinsignon

Crypto Week , Crypto , Security , Product News , RPKI

September 19, 2018 1:00PM

RPKI - The required cryptographic upgrade to BGP routing

We have talked about the BGP Internet routing protocol before. We have talked about how we build a more resilient network and how we can see outages at a country-level via BGP. We have even talked about the network community that is vital to the operation of the global Internet....

By

Martin J Levy

Crypto Week , BGP , RPKI , Security , Crypto