Article

On January 22, 2026, Cloudflare experienced a route leak due to an automated routing policy configuration error at its Miami data center. The incident caused unintended leakage of BGP prefixes, impacting both Cloudflare customers and external parties by misrouting traffic.

The leak lasted 25 minutes, leading to congestion and elevated latency on the backbone infrastructure. The issue originated from a policy change at 20:25 UTC intended to remove certain BGP announcements for a Bogotá data center, which inadvertently relaxed the routing policy, allowing internal prefixes to be advertised externally.

This misconfiguration led to a mix of Type 3 and Type 4 route leaks according to RFC7908 definitions. As a result, approximately 12Gbps of traffic was discarded due to firewall filters. Cloudflare plans to enhance its routing policy safeguards and improve detection mechanisms to prevent future incidents.