Cloudflare BYOIP BGP Outage

🔑 Enhanced Key Takeaways

• •Cloudflare's outage began at 17:48 UTC on February 20, 2026, affecting a subset of BYOIP customers by unintentionally withdrawing ~1,100 BGP prefixes due to a configuration change in IP address management[1].
• •The issue caused BGP path hunting, leading to connection timeouts; it was not a cyberattack and was resolved by reverting the change, though some customers needed to re-advertise prefixes via dashboard[1].
• •Laravel Cloud, a BYOIP customer, experienced a 3-hour 15-minute outage starting around 18:42 UTC, with control panel and apps unreachable due to withdrawn IP prefixes; no data loss occurred[4].
• •Cloudflare stock dropped 8% on February 20, 2026, with investors awaiting detailed reports and customer impact assessments[3].
• •Impacted services included Magic Transit and Dedicated IPs for CDN Egress using BYOIP, preventing traffic routing[1][6].

🛠️ Technical Deep Dive

• •BYOIP allows customers to use their own IP blocks on Cloudflare's network, with Cloudflare announcing them via BGP across locations for traffic routing[1][3].
• •The outage stemmed from a change in BYOIP pipeline management, causing unintended prefix withdrawals; BGP path hunting occurred as networks searched for routes until timeouts[1].
• •In Magic Transit with BYOIP and Egress, IP tunnels hide customer IPs between cloud VPCs and Cloudflare, using BGP peering over links; egress bypasses cloud provider BYOIP fees[6].
• •Some prefixes entered a 'Withdrawn' state, locking dashboard re-advertisement until Cloudflare unlocked them[1][4].

🔮 Future ImplicationsAI analysis grounded in cited sources

⏳ Timeline