Cloudflare has shared more details about a recent Border Gateway Protocol (BGP) route leak that disrupted IPv6 traffic for about 25 minutes, leading to congestion, packet loss, and roughly 12 Gbps of dropped traffic.
BGP is a core Internet routing system that directs data between large networks known as autonomous systems. When it works correctly, traffic flows through intended and trusted paths. However, during this incident on January 22, Cloudflare accidentally leaked routing information due to a policy misconfiguration on one of its routers, affecting not only its own customers but also external networks across the internet.
According to Cloudflare, the issue occurred when routes learned from some peers were mistakenly redistributed in Miami to other peers and upstream providers. Under the definitions in RFC 7908, the company said the incident involved a mix of Type 3 and Type 4 route leaks, both of which violate standard “valley-free” routing rules.

A BGP route leak happens when a network improperly advertises routes learned from one peer or provider to another, causing traffic to be sent through networks that were never designed to handle it. This can result in congestion, inefficient routing paths, or complete packet drops. In some cases, firewall rules may reject such traffic entirely, worsening the impact.
Cloudflare explained that the root cause was a configuration change meant to stop Miami from advertising certain IPv6 prefixes from Bogotá. When specific prefix filters were removed, the export policy became too permissive. This allowed all internally distributed IPv6 routes to be accepted and then advertised externally to Cloudflare’s BGP neighbors in Miami.
As a result, IPv6 prefixes that should have remained internal were unintentionally shared with other networks, overwhelming parts of the routing system and causing traffic loss.
Cloudflare said it detected the problem shortly after it began. Engineers manually rolled back the configuration, paused automation, and fully contained the incident within 25 minutes. The faulty change was later reverted, and automation was safely re-enabled.
While incidents like this mainly affect reliability, Cloudflare noted that they also carry security risks. In more severe cases, route leaks or hijacks can allow unauthorized networks to intercept or analyze internet traffic.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
The company said the event closely resembled a similar BGP incident it experienced in July 2020. To reduce the risk of future occurrences, Cloudflare outlined several preventive measures, including stricter export safeguards, improved CI/CD checks for routing policies, faster detection mechanisms, validation under RFC 9234, and wider adoption of RPKI ASPA to strengthen routing security.





