All news with #bgp tag

AWS Cloud WAN Routing Policy for Traffic Control, Flexibility

🌐 AWS has announced the general availability of AWS Cloud WAN Routing Policy, delivering fine-grained controls to optimize route management and traffic behavior across global wide-area networks. The feature supports route filtering, summarization, and advanced BGP attribute configuration to limit unnecessary route propagation, prevent asymmetric or sub‑optimal paths, and contain reachability blast radius. It also exposes enhanced routing database visibility for faster troubleshooting in complex multi‑path hybrid environments. Routing Policy is available in all Regions where Cloud WAN is offered and can be enabled via the Management Console, CLI, or SDK at no additional charge.

AWS Site-to-Site VPN Adds BGP Logging for Tunnels Now

🔍 AWS Site-to-Site VPN now publishes Border Gateway Protocol (BGP) logs from VPN tunnels to Amazon CloudWatch, providing deeper visibility into routing and session behavior. Previously, customers only had access to IKE/IPSec tunnel activity logs; the new BGP logs show session status, transitions, routing updates, and detailed error states. With both tunnel and BGP logs in CloudWatch, teams can correlate events, speed troubleshooting, and identify configuration mismatches between AWS endpoints and customer gateways across commercial Regions and AWS GovCloud (US).

Hunting BGP Zombies: Causes, Effects, and Mitigations

🧟 Cloudflare details 'BGP zombies' — routes that remain in the Default-Free Zone after a withdrawal due to path hunting, delayed processing, or MRAI timers. Through experiments and BYOIP on-demand tests, they show how more-specific withdrawals can trigger loops and long-lived reachability issues, often worse on IPv4. Cloudflare proposes graceful draining, a multi-step BYOIP failover using same-length native announcements, and vendor adoption of RFC9687 to reduce impact.

A Framework for Measuring Internet Resilience Nationwide

🔍 This post introduces a reproducible, data-driven framework to quantify Internet resilience, motivated by the July 8, 2022 Rogers outage that affected millions. It defines resilience as the ability of a national or regional ecosystem to maintain diverse, secure routing and rapidly recover from failures. The framework combines public sources (RouteViews, RIPE RIS, traceroutes, IXPs, submarine cable maps) and focuses on measurable metrics such as RPKI, ROV, IXP distribution, submarine cable diversity, AS path diversity, and impact-weighted assessments.

Cloudflare Radar's Evolution: Expanding Internet Observability

📡 Since its 2020 debut, Cloudflare Radar has evolved into a comprehensive observability platform that aggregates Cloudflare telemetry to illuminate security, performance, and usage trends. Initially centered on Radar Internet Insights, Domain Insights, and IP Insights, the service has grown to include Certificate Transparency metrics, TCP reset/timeouts visibility, post-quantum adoption tracking, and AI-focused crawler analytics. Radar also added routing tools such as route leak and origin hijack detection, real-time BGP views, AS-SET monitoring, and notifications, while improving programmatic access via the Radar API and an MCP server for LLM integration. Popular utilities like the URL Scanner, expanded search and date-range options, and internationalized interfaces reinforce Radar's mission to make the Internet more observable and resilient.

Monitoring AS-SETs and Their Importance for BGP Operations

🔎 Cloudflare Radar now publishes public IRR AS-SET monitoring on each ASN routing page, enabling operators to inspect, filter, and export AS-SET memberships and inclusion trees. The feature surfaces inferred ASN, IRR sources, counts of AS and AS-SET members, AS cone sizes, and upstream relationships, and provides direct/indirect toggles for focused views. These capabilities help build accurate BGP route filters, detect misuse, and reduce the risk of route leaks by making AS-SET data easier to validate and share.