Cloudflare Outage: Understanding the Impact and Causes
On February 20, 2026, Cloudflare experienced a service outage that affected a subset of customers using the Bring Your Own IP (BYOIP) service. The issue was caused by a change in how Cloudflare manages IP addresses onboarded through the BYOIP pipeline, resulting in the unintentional withdrawal of customer prefixes.
Impact on Customers
The outage led to services and applications being unreachable from the Internet, causing timeouts and failures to connect across Cloudflare deployments that used BYOIP. The website for Cloudflare’s recursive DNS resolver (1.1.1.1) saw 403 errors, and some customers were able to restore their own service by using the Cloudflare dashboard to re-advertise their IP addresses.
Services Impacted
- Core CDN and Security Services: Traffic was not attracted to Cloudflare, and users connecting to websites advertised on those ranges would have seen failures to connect.
- Spectrum: Spectrum apps on BYOIP failed to proxy traffic due to traffic not being attracted to Cloudflare.
- Dedicated Egress: Customers who used Gateway Dedicated Egress leveraging BYOIP or Dedicated IPs for CDN Egress leveraging BYOIP would not have been able to send traffic out to their destinations.
- Magic Transit: End users connecting to applications protected by Magic Transit would not have been advertised on the Internet, and would have seen connection timeouts and failures.
Cloudflare’s Addressing API
The Addressing API is an authoritative dataset of the addresses present on the Cloudflare network. Any change to that dataset is immediately reflected in Cloudflare’s global network. The API allows customers to configure their IP addresses by interacting with public-facing APIs, which configure a set of databases that trigger operational workflows propagating the changes to Cloudflare’s edge.
How the Incident Occurred
The specific piece of configuration that broke was a modification attempting to automate the customer action of removing prefixes from Cloudflare’s BYOIP service. This change was part of Cloudflare’s Code Orange: Fail Small work to push all changes toward safe, automated, health-mediated deployment.
Conclusion
Cloudflare apologizes for the impact on its customers and is taking steps to prevent outages like this from happening again. The company is working to improve its systems and processes to ensure that changes are deployed safely and without affecting customer services.
Frequently Asked Questions
- What caused the Cloudflare outage on February 20, 2026?
The outage was caused by a change in how Cloudflare manages IP addresses onboarded through the BYOIP pipeline, resulting in the unintentional withdrawal of customer prefixes. - How many customers were affected by the outage?
A subset of customers using the Bring Your Own IP (BYOIP) service were affected by the outage. - What services were impacted by the outage?
Core CDN and Security Services, Spectrum, Dedicated Egress, and Magic Transit were among the services impacted by the outage. - How long did the outage last?
The total duration of the incident was 6 hours and 7 minutes. - What is Cloudflare doing to prevent similar outages in the future?
Cloudflare is working to improve its systems and processes to ensure that changes are deployed safely and without affecting customer services.







