Incident on Wirezhttps://wirez.top/tags/incident/Recent content in Incident on WirezHugoenFri, 23 Jan 2026 00:00:00 +0000Route leak lessons from Cloudflare's 25-min outagehttps://wirez.top/posts/route-leak-lessons-from-cloudflares-25-min-outage/Fri, 23 Jan 2026 00:00:00 +0000https://wirez.top/posts/route-leak-lessons-from-cloudflares-25-min-outage/<meta charset="utf-8"> <!-- wp:html --> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "FAQPage", "mainEntity": [ { "@type": "Question", "name": "How much IPv6 traffic was dropped during the Cloudflare Miami router incident?", "acceptedAnswer": { "@type": "Answer", "text": "The automation error caused routers to discard exactly 12 Gb of stray IPv6 traffic. This massive volume overwhelmed firewall filters designed only for specific Cloudflare services, causing immediate packet loss." } }, { "@type": "Question", "name": "What specific routing violations occurred when peer routes were sent upstream?", "acceptedAnswer": { "@type": "Answer", "text": "The incident involved Type 3 and Type 4 leaks that breached valley-free routing principles. These violations forced 12 Gb of external traffic through a node lacking proper firewall acceptance rules." } }, { "@type": "Question", "name": "How long did the BGP route leak persist before manual reversion stopped it?", "acceptedAnswer": { "@type": "Answer", "text": "Operators manually reverted the bad configuration after twenty-five minutes of unintended route advertisements. During this brief window, the error funneled significant congestion onto backbone infrastructure before being halted." } }, { "@type": "Question", "name": "Why did external parties suffer latency when Cloudflare leaked peer routes?", "acceptedAnswer": { "@type": "Answer", "text": "External traffic was incorrectly funneled through Miami routers that dropped packets via firewall filters. This misdirection created elevated loss and higher latency for any data attempting to traverse the affected links." } }, { "@type": "Question", "name": "What triggered the initial automation failure chain in the network code?", "acceptedAnswer": { "@type": "Answer", "text": "A merged repository change removed specific prefix filters, allowing permissive export policies to activate. This single code merge caused the Miami router to accept and re-advertise internal routes to external peers." } } ] } </script> <!-- /wp:html --> <!-- wp:html --> <style> .faq-section { margin: 24px 0; padding: 24px 0; border-top: 2px solid #e5e7eb; } .faq-section-title { color: #1a1a1a; font-size: clamp(1.2rem, 3vw, 1.4rem); font-weight: 700; margin-bottom: 24px; text-align: center; } .faq-item { background: #fff; border: 1px solid #e5e7eb; border-radius: 8px; margin-bottom: 12px; overflow: hidden; transition: all 0.3s ease; } .faq-item:hover { border-color: #2563eb; box-shadow: 0 4px 6px rgba(0,0,0,0.05); transform: translateY(-2px); } .faq-question { background: #f9fafb; padding: 12px 16px; cursor: pointer; position: relative; transition: all 0.3s ease; border: none; width: 100%; text-align: left; font-family: inherit; display: block; } .faq-question:hover { background: #e8f0fe; } .faq-question-text { color: #1a1a1a; font-size: 1rem; font-weight: 600; line-height: 1.5; margin: 0; padding-right: 2rem; display: inline-block; } .faq-answer { max-height: 0; overflow: hidden; transition: max-height 0.4s ease, padding 0.4s ease; padding: 0 16px; } .faq-item.active .faq-answer { max-height: 1000px; padding: 0 16px 16px; } .faq-answer-text { color: #4b5563; font-size: 1rem; line-height: 1.7; margin: 12px 0 0; } </style> <script> (function() { function initFAQ() { var qs = document.querySelectorAll(".faq-question"); for (var i = 0; i < qs.length; i++) { qs[i].addEventListener("click", function() { var item = this.closest(".faq-item"); var wasActive = item.classList.contains("active"); var allItems = document.querySelectorAll(".faq-item"); for (var j = 0; j < allItems.length; j++) { allItems[j].classList.remove("active"); } if (!wasActive) item.classList.add("active"); this.setAttribute("aria-expanded", String(!wasActive)); }); } } if (document.readyState === "loading") { document.addEventListener("DOMContentLoaded", initFAQ); } else { initFAQ(); } })(); </script> <!-- /wp:html --> <!-- wp:paragraph {"className":"std-text"} --> <!-- /wp:paragraph --> <!-- wp:paragraph {"className":"std-text"} --> <p class="std-text">A 25-minute automation error forced 12Gbps of stray <a href="https://datatracker.ietf.org/doc/html/rfc8200" target="_blank" rel="noopener noreferrer">IPv6</a> traffic through <a href="https://www.cloudflare.com/" target="_blank" rel="noopener noreferrer">Cloudflare</a>&#039;s Miami router on January 22, 2026. This incident proves that <strong>automated policy platforms</strong> now pose a greater stability risk than human error when rigorous testing protocols fail. The industry&#039;s rush toward configuration efficiency has created fragile systems where a single code merge triggers <strong>cascading routing failures</strong> across the global backbone.</p>