Podcast Summary: The Architecture of the Internet with Erik Seidel

Podcast: Software Engineering Daily
Episode Date: November 6, 2025
Host: Gregor Vand
Guest: Erik Seidel, Network Engineer at Cloudflare

Overview

This episode explores the fundamental architecture underpinning the Internet, with a particular focus on real-world networking, global infrastructure, routing protocols, and the practical challenges faced by high-scale providers like Cloudflare. Erik Seidel, an experienced network engineer with a unique background including time in China, shares insights on topics including BGP, peering versus transit, redundancy, regional nuances (especially China), Cloudflare’s infrastructure, DDoS mitigation, and more.

Episode Highlights

1. Erik Seidel’s Journey & Background (02:04–04:23)

Non-traditional Path: Erik describes his circuitous route into tech—starting with classics studies, teaching in China, then returning to the U.S. and joining Cloudflare as a customer support engineer, before moving into systems engineering.
Hands-on Networking in China: Developing an interest in networking while in China, setting up an autonomous system (ASN) and running public IP addresses there.
- “I ended up building up my own ASN in China and running it with public IP addresses… That's really where I got into networking to begin with.” (03:52, Erik Seidel)

2. Internet Fundamentals & Anatomy (05:00–07:17)

Networks of Networks: The Internet as an aggregation of autonomous systems (ASNs), each identified by a number, functioning independently but interconnecting via peering or transit agreements.
Hierarchy: Tier 1 networks (Telia, GTT, NTT), regional ISPs, and content/network service providers like Cloudflare.
- “Tier one… are networks that can reach the entire Internet without having to pay any money.” (06:18, Erik Seidel)
Cloudflare’s Role: Both a customer of tier ones and a peer to many, aiming to maximize reach and minimize latency for users globally.

3. Border Gateway Protocol (BGP) Explained (07:30–12:12)

Core Concept: BGP enables different autonomous systems to exchange routing information (“the roadmap of the Internet”).
- “BGP… is building the roadmap of the Internet. It's telling everyone where the IP address is.” (09:58, Erik Seidel)
Network Edges: Edge routers mediate between different networks at their borders. BGP sessions exchange “prefixes” (blocks of IPs), enabling routing paths.
Dynamism: Changes in BGP routing tables frequent at higher tiers, less so for small regional ISPs. Over a million IPv4 and 200k IPv6 prefixes, changing constantly.
- “Anytime a customer of a customer of a customer makes a change that'll get propagated up to one of their sessions… it can be very dynamic.” (11:03, Erik Seidel)

4. Peering vs. Transit (13:11–15:29)

Peering: Settlement-free exchange of traffic between networks—limited to the peers and their direct customers.
Transit: Paid relationship granting access to the full Internet routing table (“full view of the Internet”).
- “You pay them and they give you what we call a full table or a full view of the Internet.” (13:57, Erik Seidel)
Cloudflare Needs Both: Must guarantee global reach, requiring both types of relationships across all data centers.

5. Cloudflare’s Global Infrastructure (16:46–24:41)

Product Evolution: From CDN and DDoS mitigation at the edge (“OG way”), expanding into deeper network and security services.
- “We provide a lot of security services for them… We provide like the CDN edge, where basically we sit between our customers, origin servers, like their web servers.” (16:46, Erik Seidel)
Points of Presence: Hundreds of global PoPs (data centers), each able to provide the complete Cloudflare stack.
Data Center Topology:
- Placement mirrors population/network density—major hubs (e.g., DFW, Ashburn) see big concentrations of interconnection.
- “They want to park their infrastructure close to where the connections are happening. Because the closer you are… the quicker it is to get your data onto the customer network.” (21:15, Erik Seidel)
Edge Routers & Redundancy: Critical infrastructure placed at high-connectivity sites. Subsea cable failures can impact capacity, so redundancy is planned across multiple cable networks/providers.
- “The thing about it, it does span the globe, circumscribes the entire globe… We have like backbone links going through multiple different subsea cable networks.” (24:41, Erik Seidel)

6. The China Exception (27:07–34:31)

Distinct Model: Contrasts “globally seamless” networks elsewhere; in mainland China, access is tightly controlled by three major carriers (China Telecom, China Unicom, China Mobile), and all data egress/ingress is subject to the Great Firewall.
- “You’re going through… those big three networks. And that in itself creates a special case because again, we’ve moved away from just operating our own globe spanning network that grows into China.” (28:30, Erik Seidel)
- “Even when the great firewall… is not blocking it or anything… it can kind of be a lot of loss, a lot of like connectivity issues… not the most enjoyable experience.” (31:34, Erik Seidel)
Cloudflare in China: Operates via a partner network (not managed directly by Cloudflare), only available as an enterprise product, not for self-serve/freemium as elsewhere.

7. DDoS Mitigation & Anycast Architecture (35:50–43:22)

DDoS Threat: Botnets, often comprised of hundreds of thousands of compromised devices, bombard targets with overwhelming traffic.
Anycast Defense: Multiple servers globally advertise the same IP prefix. Attack traffic is automatically distributed (“disaggregated”) by the Internet’s own routing, making it manageable across Cloudflare’s fleet.
- "When this botnet attacks, its strength, its distributed network kind of almost in a way becomes a weakness… All of these hundreds of thousands of devices will be taking different paths, ending up at different Cloudflare data centers…” (39:25, Erik Seidel)
Filtering: All servers are identically configured, ensuring a consistent service and mitigation process worldwide.

8. IPv6 & Technical Evolution (43:22–44:42)

IPv6 Adoption: Cloudflare is fully dual-stack, with increasing internal preference for IPv6. Most DDoS attacks still on IPv4, but the technical infrastructure now accommodates both seamlessly.
- “We're fully dual stack, we're fully go on IPv6.” (44:32, Erik Seidel)

9. Trends in DDoS & Security Threats (44:42–47:04)

Rising DDoS Scale: Attack volumes continue to increase, corresponding with more Internet-connected devices.
Motivations: Many attacks appear to be competitor-driven, especially in gaming and gambling sectors.
- “There were cases… where like DDoS attacks and the suspicion was… some competitor hired a botnet herder… to launch an attack on them.” (45:51, Erik Seidel)
Specialized Products: Cloudflare’s Spectrum designed to help customers (such as gaming networks) protect non-HTTP protocols from massive attacks.

10. Notable Quotes & Advice

On Network Fundamentals:

“At the most basic level, the Internet is just a big collection of networks.” (05:00, Erik Seidel)
“A tier one is a network that… can reach any other part of the Internet without paying.” (12:44, Erik Seidel)

On Problem-Solving in Engineering:

“Throughout this whole episode, you’re always framing it as, well, what’s the problem?” (34:31, Gregor Vand)
“Start with the problem that it solves… that's the best way.” (07:32, Erik Seidel)

11. Erik Seidel’s Closing Reflections (47:53–50:56)

On Burnout and Work-Life Balance:
- “When I was young I kind of took like a sort of blase attitude to burn… by the end… I already kind of burnt myself out… The thing I've learned now is to have a like much better work life balance…” (47:53, Erik Seidel)
Encouragement for a Well-Rounded Life: Erik advocates for avoiding burnout by seeking balance, acknowledging growth from time spent outside tech.

Key Timestamps for Major Segments

Erik’s Background & Early Networking – 02:04–04:23
Internet Topology & Tier 1 Networks – 05:00–07:17
BGP & Routing Fundamentals – 07:30–12:12
Peering vs. Transit – 13:11–15:29
Cloudflare Product and Architectural Overview – 16:46–24:41
Global Data Center Design & Network Redundancy – 20:25–24:41
China’s Unique Network Model – 27:07–34:31
How Anycast Mitigates DDoS Attacks – 35:50–43:22
IPv6 Transition – 43:22–44:42
Trends in DDoS Scale and Motivations – 44:42–47:04
Reflections on Career, Burnout, and Life Lessons – 47:53–50:56

Memorable Moments

Erik’s comparison between network peering/transit arrangements and a city’s urban/rural densities—making the architecture relatable (21:15).
Analogizing DDoS mitigation using Anycast to “water flowing through rivers,” dispersing the force before it can overwhelm any one point (41:24).
Candid advice on burnout and the value of work/life balance, drawing from personal experience outside and within tech (47:53).

Conclusion

The episode demystifies the Internet’s global network architecture, from the basics of BGP and peering to the specific complexities of operating in China and the technical underpinnings of DDoS protection. Erik Seidel’s hands-on insights and propensity to “start with the problem” make this a valuable listen for any engineer seeking a real-world understanding of Internet-scale networking.

Podcast Summary: The Architecture of the Internet with Erik Seidel

Podcast: Software Engineering Daily
Episode Date: November 6, 2025
Host: Gregor Vand
Guest: Erik Seidel, Network Engineer at Cloudflare

Overview

Episode Highlights

1. Erik Seidel’s Journey & Background (02:04–04:23)

Non-traditional Path: Erik describes his circuitous route into tech—starting with classics studies, teaching in China, then returning to the U.S. and joining Cloudflare as a customer support engineer, before moving into systems engineering.
Hands-on Networking in China: Developing an interest in networking while in China, setting up an autonomous system (ASN) and running public IP addresses there.
- “I ended up building up my own ASN in China and running it with public IP addresses… That's really where I got into networking to begin with.” (03:52, Erik Seidel)

2. Internet Fundamentals & Anatomy (05:00–07:17)

Networks of Networks: The Internet as an aggregation of autonomous systems (ASNs), each identified by a number, functioning independently but interconnecting via peering or transit agreements.
Hierarchy: Tier 1 networks (Telia, GTT, NTT), regional ISPs, and content/network service providers like Cloudflare.
- “Tier one… are networks that can reach the entire Internet without having to pay any money.” (06:18, Erik Seidel)
Cloudflare’s Role: Both a customer of tier ones and a peer to many, aiming to maximize reach and minimize latency for users globally.

3. Border Gateway Protocol (BGP) Explained (07:30–12:12)

Core Concept: BGP enables different autonomous systems to exchange routing information (“the roadmap of the Internet”).
- “BGP… is building the roadmap of the Internet. It's telling everyone where the IP address is.” (09:58, Erik Seidel)
Network Edges: Edge routers mediate between different networks at their borders. BGP sessions exchange “prefixes” (blocks of IPs), enabling routing paths.
Dynamism: Changes in BGP routing tables frequent at higher tiers, less so for small regional ISPs. Over a million IPv4 and 200k IPv6 prefixes, changing constantly.
- “Anytime a customer of a customer of a customer makes a change that'll get propagated up to one of their sessions… it can be very dynamic.” (11:03, Erik Seidel)

4. Peering vs. Transit (13:11–15:29)

Peering: Settlement-free exchange of traffic between networks—limited to the peers and their direct customers.
Transit: Paid relationship granting access to the full Internet routing table (“full view of the Internet”).
- “You pay them and they give you what we call a full table or a full view of the Internet.” (13:57, Erik Seidel)
Cloudflare Needs Both: Must guarantee global reach, requiring both types of relationships across all data centers.

5. Cloudflare’s Global Infrastructure (16:46–24:41)

Product Evolution: From CDN and DDoS mitigation at the edge (“OG way”), expanding into deeper network and security services.
- “We provide a lot of security services for them… We provide like the CDN edge, where basically we sit between our customers, origin servers, like their web servers.” (16:46, Erik Seidel)
Points of Presence: Hundreds of global PoPs (data centers), each able to provide the complete Cloudflare stack.
Data Center Topology:
- Placement mirrors population/network density—major hubs (e.g., DFW, Ashburn) see big concentrations of interconnection.
- “They want to park their infrastructure close to where the connections are happening. Because the closer you are… the quicker it is to get your data onto the customer network.” (21:15, Erik Seidel)
Edge Routers & Redundancy: Critical infrastructure placed at high-connectivity sites. Subsea cable failures can impact capacity, so redundancy is planned across multiple cable networks/providers.
- “The thing about it, it does span the globe, circumscribes the entire globe… We have like backbone links going through multiple different subsea cable networks.” (24:41, Erik Seidel)

6. The China Exception (27:07–34:31)

Distinct Model: Contrasts “globally seamless” networks elsewhere; in mainland China, access is tightly controlled by three major carriers (China Telecom, China Unicom, China Mobile), and all data egress/ingress is subject to the Great Firewall.
- “You’re going through… those big three networks. And that in itself creates a special case because again, we’ve moved away from just operating our own globe spanning network that grows into China.” (28:30, Erik Seidel)
- “Even when the great firewall… is not blocking it or anything… it can kind of be a lot of loss, a lot of like connectivity issues… not the most enjoyable experience.” (31:34, Erik Seidel)
Cloudflare in China: Operates via a partner network (not managed directly by Cloudflare), only available as an enterprise product, not for self-serve/freemium as elsewhere.

7. DDoS Mitigation & Anycast Architecture (35:50–43:22)

DDoS Threat: Botnets, often comprised of hundreds of thousands of compromised devices, bombard targets with overwhelming traffic.
Anycast Defense: Multiple servers globally advertise the same IP prefix. Attack traffic is automatically distributed (“disaggregated”) by the Internet’s own routing, making it manageable across Cloudflare’s fleet.
- "When this botnet attacks, its strength, its distributed network kind of almost in a way becomes a weakness… All of these hundreds of thousands of devices will be taking different paths, ending up at different Cloudflare data centers…” (39:25, Erik Seidel)
Filtering: All servers are identically configured, ensuring a consistent service and mitigation process worldwide.

8. IPv6 & Technical Evolution (43:22–44:42)

IPv6 Adoption: Cloudflare is fully dual-stack, with increasing internal preference for IPv6. Most DDoS attacks still on IPv4, but the technical infrastructure now accommodates both seamlessly.
- “We're fully dual stack, we're fully go on IPv6.” (44:32, Erik Seidel)

9. Trends in DDoS & Security Threats (44:42–47:04)

Rising DDoS Scale: Attack volumes continue to increase, corresponding with more Internet-connected devices.
Motivations: Many attacks appear to be competitor-driven, especially in gaming and gambling sectors.
- “There were cases… where like DDoS attacks and the suspicion was… some competitor hired a botnet herder… to launch an attack on them.” (45:51, Erik Seidel)
Specialized Products: Cloudflare’s Spectrum designed to help customers (such as gaming networks) protect non-HTTP protocols from massive attacks.

10. Notable Quotes & Advice

On Network Fundamentals:

“At the most basic level, the Internet is just a big collection of networks.” (05:00, Erik Seidel)
“A tier one is a network that… can reach any other part of the Internet without paying.” (12:44, Erik Seidel)

On Problem-Solving in Engineering:

“Throughout this whole episode, you’re always framing it as, well, what’s the problem?” (34:31, Gregor Vand)
“Start with the problem that it solves… that's the best way.” (07:32, Erik Seidel)

11. Erik Seidel’s Closing Reflections (47:53–50:56)

On Burnout and Work-Life Balance:
- “When I was young I kind of took like a sort of blase attitude to burn… by the end… I already kind of burnt myself out… The thing I've learned now is to have a like much better work life balance…” (47:53, Erik Seidel)
Encouragement for a Well-Rounded Life: Erik advocates for avoiding burnout by seeking balance, acknowledging growth from time spent outside tech.

Key Timestamps for Major Segments

Erik’s Background & Early Networking – 02:04–04:23
Internet Topology & Tier 1 Networks – 05:00–07:17
BGP & Routing Fundamentals – 07:30–12:12
Peering vs. Transit – 13:11–15:29
Cloudflare Product and Architectural Overview – 16:46–24:41
Global Data Center Design & Network Redundancy – 20:25–24:41
China’s Unique Network Model – 27:07–34:31
How Anycast Mitigates DDoS Attacks – 35:50–43:22
IPv6 Transition – 43:22–44:42
Trends in DDoS Scale and Motivations – 44:42–47:04
Reflections on Career, Burnout, and Life Lessons – 47:53–50:56

Memorable Moments

Erik’s comparison between network peering/transit arrangements and a city’s urban/rural densities—making the architecture relatable (21:15).
Analogizing DDoS mitigation using Anycast to “water flowing through rivers,” dispersing the force before it can overwhelm any one point (41:24).
Candid advice on burnout and the value of work/life balance, drawing from personal experience outside and within tech (47:53).

The Architecture of the Internet with Erik Seidel

Powered by Wave AI

Summary

Podcast Summary: The Architecture of the Internet with Erik Seidel

Overview

Episode Highlights

1. Erik Seidel’s Journey & Background (02:04–04:23)

2. Internet Fundamentals & Anatomy (05:00–07:17)

3. Border Gateway Protocol (BGP) Explained (07:30–12:12)

4. Peering vs. Transit (13:11–15:29)

5. Cloudflare’s Global Infrastructure (16:46–24:41)

6. The China Exception (27:07–34:31)

7. DDoS Mitigation & Anycast Architecture (35:50–43:22)

8. IPv6 & Technical Evolution (43:22–44:42)

9. Trends in DDoS & Security Threats (44:42–47:04)

10. Notable Quotes & Advice

On Network Fundamentals:

On Problem-Solving in Engineering:

11. Erik Seidel’s Closing Reflections (47:53–50:56)

Key Timestamps for Major Segments

Memorable Moments

Conclusion

Summary

Podcast Summary: The Architecture of the Internet with Erik Seidel

Overview

Episode Highlights

1. Erik Seidel’s Journey & Background (02:04–04:23)

2. Internet Fundamentals & Anatomy (05:00–07:17)

3. Border Gateway Protocol (BGP) Explained (07:30–12:12)

4. Peering vs. Transit (13:11–15:29)

5. Cloudflare’s Global Infrastructure (16:46–24:41)

6. The China Exception (27:07–34:31)

7. DDoS Mitigation & Anycast Architecture (35:50–43:22)

8. IPv6 & Technical Evolution (43:22–44:42)

9. Trends in DDoS & Security Threats (44:42–47:04)

10. Notable Quotes & Advice

On Network Fundamentals:

On Problem-Solving in Engineering:

11. Erik Seidel’s Closing Reflections (47:53–50:56)

Key Timestamps for Major Segments

Memorable Moments

Conclusion