Skip to content

CONCEPT Cited by 1 source

ASN rotation

Definition

An autonomous system number (ASN) identifies a network under a single administrative policy for BGP routing. ASN rotation is the practice of sourcing request traffic from multiple different ASNs to defeat origin-side rules that block by ASN.

ASN-level blocks are a coarser-grained but harder-to-rotate- around enforcement primitive than IP blocks:

  • A single ASN can span tens of thousands of IPs; blocking the ASN blocks them all.
  • ASN is a property of the path the packet takes, not of the source IP — harder to spoof than a UA string.
  • Rotating ASNs requires actually holding resources in multiple ASes (cloud-egress pools across providers, residential-proxy networks, VPN exit-node farms).

The cost of rotation is what makes ASN blocks useful — but a sufficiently motivated operator can pay that cost.

Canonical instance

Perplexity AI's stealth crawler (Cloudflare, 2025-08-04): "In addition to rotating IPs, we observed requests coming from different ASNs in attempts to further evade website blocks." ASN rotation kicked in in response to Cloudflare's block, not as a steady-state distribution — evidence of deliberate evasion, not accidental multi-homing. See concepts/stealth-crawler / patterns/stealth-on-block-fallback.

Countermeasures

  • Content-independent fingerprints ( ML bot fingerprinting) — TLS signatures, HTTP/2 frame shapes, timing patterns — survive ASN changes.
  • Gossip- propagation of fingerprints across POPs so a new-ASN source hitting a different POP doesn't get a fresh start.
  • Cryptographic identity (Web Bot Auth) — moves identity off the network layer entirely; ASN becomes irrelevant for verified traffic.

Seen in

Last updated · 200 distilled / 1,178 read