ON 22 January 2026, an automated routing policy configuration error caused some Border Gateway Protocol (BGP) prefixes to be leaked unintentionally from Cloudflare’s Miami data centre. The route leak lasted 25 minutes, creating congestion and elevated loss for some Cloudflare traffic, with higher latency across the affected backbone links and some traffic being discarded by firewall filters on our routers.
The incident was IPv6-specific and resulted from a misconfiguration that made internal routes appear external, causing BGP updates to be redistributed to peers and providers in Miami. At its peak, about 12Gbps of non-downstream traffic was discarded on the Miami router as a consequence of the leak.
According to RFC7908, the event involved a mixture of Type 3 and Type 4 route leaks, and Cloudflare notes that the trigger was a change merged into their network automation code, which was subsequently reverted and the automation paused before being restored. We apologise for the impact to users, customers, and external networks, and outline several follow-up measures to prevent such leaks in the future.