Making progress on routing security: the new White House roadmap
2024-09-02
On September 3, 2024, the White House published a report on Internet routing security. We’ll talk about what that means and how you can help....
Continue reading »
Helping build a safer Internet by measuring BGP RPKI Route Origin Validation
2022-12-16
Is BGP safe yet? If the question needs asking, then it isn't. But how far the Internet is from this goal is what we set out to answer....
BGP security and confirmation biases
2022-02-23
On February 1, 2022, a configuration error on one of our routers caused a route leak of up to 2,000 Internet prefixes to one of our Internet transit providers. This leak lasted for 32 seconds and at a later time 7 seconds...
Fixing Recent Validation Vulnerabilities in OctoRPKI
2021-11-12
A number of vulnerabilities in Resource Public Key Infrastructure (RPKI) validation software were disclosed in a recent NCSC advisory, discovered by researchers from the University of Twente....
Protecting Cloudflare Customers from BGP Insecurity with Route Leak Detection
2021-03-25
Today, we're excited to announce Route Leak Detection, a new network alerting feature that tells customers when a prefix they own that is onboarded to Cloudflare is being leaked....
MORE POSTS
November 06, 2020 12:36 PM
The Internet is Getting Safer: Fall 2020 RPKI Update
The cap of two hundred thousand routing cryptographic records was recently passed. We thought it was time for an update on a major year for RPKI....
- By
April 17, 2020 3:00 PM
Is BGP Safe Yet? No. But we are tracking it carefully
BGP leaks and leaks and hijacks have been accepted as an unavoidable part of the Internet for far too long. Today, we are releasing isBGPSafeYet.com, a website to track deployments and filtering of invalid routes by the major networks....
- By
March 03, 2020 2:00 PM
RPKI and the RTR protocol
Today’s Internet requires stronger protection within its core routing system and as we have already said: it's high time to stop BGP route leaks and hijacks by deploying operationally-excellent RPKI!...
- By
June 26, 2019 10:22 PM
The deep-dive into how Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Monday
On Monday we wrote about a painful Internet wide route leak. We wrote that this should never have happened because Verizon should never have forwarded those routes to the rest of the Internet. Today we will dive into the archived routing data and analyze it....
- By
June 16, 2019 5:07 PM
Welcome to Crypto Week 2019
The Internet is an extraordinarily complex and evolving ecosystem. Its constituent protocols range from the ancient and archaic (hello FTP) to the modern and sleek (meet WireGuard), with a fair bit of everything in between. ...
- By
February 24, 2019 5:00 PM
Cloudflare’s RPKI Toolkit
A few months ago, we made a first then a second announcement about Cloudflare’s involvement in Resource Public Key Infrastructure (RPKI), and our desire to make BGP Internet routing more secure....
- By
September 19, 2018 12:01 PM
RPKI and BGP: our path to securing Internet Routing
This article will talk about our approach to network security using technologies like RPKI to sign Internet routes and protect our users and customers from route hijacks and misconfigurations....
- By
September 19, 2018 12:00 PM
RPKI - The required cryptographic upgrade to BGP routing
We have talked about the BGP Internet routing protocol before. We have talked about how we build a more resilient network and how we can see outages at a country-level via BGP. We have even talked about the network community that is vital to the operation of the global Internet....
- By