The internet is often described as a decentralised network built to withstand disruption. In practice, however, its day-to-day operation depends on a surprisingly small number of organisations.
New research from internet analyst Geoff Huston suggests that just 50 network operators were responsible for roughly one-third of all observed IPv4 routing update activity worldwide during the final months of 2025.
The findings offer a rare glimpse into the hidden infrastructure that keeps global data flowing — and reveal how concentrated parts of the internet have become.
At the heart of the issue is the Border Gateway Protocol (BGP), the routing system that tells networks how to reach one another. Every time a network changes how traffic should be directed, it announces a routing update.
Most of these updates are routine. But excessive update activity, often referred to as routing churn, can indicate instability, misconfiguration, outages or other operational issues.
According to Huston’s analysis, the problem is highly concentrated. Fewer than 5% of unstable network routes generated approximately half of all routing updates observed across the global internet.
In other words, while the internet consists of millions of interconnected networks, a relatively small group of operators generate a disproportionate amount of the activity that routers worldwide must process and react to.
The Operators Driving the Most Routing Activity
The 50 networks identified in the research span cloud providers, telecommunications carriers, content delivery networks, hosting companies and regional internet providers.
Among the operators generating the highest levels of routing update activity were:
- Microsoft
- Amazon Web Services (AWS)
- Meta
- Cloudflare
- Akamai
- Lumen Technologies
- Cogent Communications
- Hurricane Electric
- NTT Communications
- Telia
- Tata Communications
- Orange
- Deutsche Telekom
- Telefónica
- Vodafone
- AT&T
- Verizon
- Comcast
- Charter Communications
- China Telecom
- China Unicom
- China Mobile
- SoftBank
- KDDI
- Singapore Telecommunications (Singtel)
- Telstra
- Spark New Zealand
- Reliance Jio
- Bharti Airtel
- Zayo
- GTT Communications
- Arelion
- PCCW Global
- Interoute
- Fastly
- DigitalOcean
- OVHcloud
- Hetzner
- Equinix
- CoreWeave
- Oracle Cloud Infrastructure
- Alibaba Cloud
- Tencent Cloud
- IBM Cloud
- Rackspace
- Leaseweb
- IONOS
- Scaleway
- Vultr
Collectively, these organisations operate many of the critical pathways through which internet traffic travels between cloud platforms, websites, mobile networks and enterprise systems.
While the specific ranking changes over time, the broader pattern remains consistent: a relatively small group of operators has an outsized influence on the stability and performance of the global routing system.
A Growing Internet With Concentrated Risk
The findings come as the internet’s routing infrastructure continues to expand at a remarkable pace.
The global IPv4 routing table has grown from roughly 300,000 advertised prefixes in 2011 to around 1.2 million prefixes in early 2026. Yet the growth in routing information has not been accompanied by an equal distribution of operational responsibility.
Instead, routing instability appears concentrated within a comparatively small set of networks.
For network engineers, this concentration creates practical challenges. Every routing update must be processed, validated and distributed by routers across the internet.
Large bursts of update activity can increase hardware load, consume memory and processing resources, and in extreme cases contribute to wider service disruptions.
For governments and policymakers, the findings raise a different concern: concentration risk.
Public debate about digital infrastructure tends to focus on cloud computing giants, semiconductor manufacturers and social media platforms. Far less attention is paid to the routing layer that determines how information moves between them.
Yet routing failures have repeatedly demonstrated their ability to cause widespread disruption. A single configuration error, route leak or accidental advertisement can affect connectivity across multiple countries within minutes.
Security Concerns Remain
The research also arrives amid ongoing concerns about internet routing security.
Experts have long warned that BGP was designed in an era when trust between network operators was largely assumed. As a result, the system remains vulnerable to route hijacks, leaks and misconfigurations that can redirect traffic or make services unreachable.
Recent guidance from the U.S. National Institute of Standards and Technology (NIST) has urged broader adoption of technologies such as Resource Public Key Infrastructure (RPKI) and Route Origin Validation (ROV), which help verify whether routing announcements are legitimate.
Progress has been made, but deployment remains uneven. Researchers continue to identify weaknesses in routing security infrastructure, while recent academic work has demonstrated potential ways attackers could evade some automated detection systems.
The Hidden Backbone of the Internet
To most internet users, these issues remain invisible.
Emails still arrive. Websites still load. Streaming services continue to play video without interruption.
But beneath that apparent simplicity sits a complex routing system increasingly influenced by a relatively small number of organisations.
The internet may appear massively distributed from the outside. At some of its most critical infrastructure layers, however, it is becoming more concentrated.
Most of the time, nobody notices.
Until a routing leak, misconfiguration or outage suddenly reminds the world just how much depends on a handful of networks quietly holding the internet together.
