[LINK] Google-Cloud IP addressing
Hamish Moffatt
hamish at moffatt.email
Tue Oct 13 14:27:45 AEDT 2020
On 13/10/20 1:59 pm, David Lochrin wrote:
> I presume Google-Cloud has sub-allocated a space containing 23.236.62.147 to wix.com, and wix.com is even sharing that specific address between <covidaustralia.com>, <covid19data.com.au>, and no doubt others by parsing DNS lookups.
>
> I know I'm retired and rapidly becoming out of touch, but if true, that scheme doesn't sound to me like a good idea. The world's domestic and SME routers rely on masquerading for security, and that assumes each IP address corresponds one system or organisation. It also allows Google to immediately identify traffic for it's own universe of users and possibly expedite it.
>
> Do Linkers have a more informed view? Is hacking the DNS like that allowed by the relevant RFCs?
This is name-based virtual hosting, and has been part of HTTP since 1.1
and HTTPS since more recently. It is necessary because there's nowhere
near enough IPv4 address space for every web site in existence (in
addition to all the client devices). It is not a DNS hack.
When your browser connects to 23.236.62.147, part of the HTTP request is
the Host: header which says you are trying to access covid19data.com.au.
There are other sites hosted on that same IP and the Host header is used
to indicate which one you want. It is more complicated with HTTPS
because the server needs to know which certificate to use before
negotiating the secure connection. A mechanism called SNI (server name
indication) is used, where your browser sends the name of the server it
wants unencrypted, so the server can use the right certificate.
Try this site and enter covid19data.com.au as the address to check:
https://dnslytics.com/reverse-ip .. it lists that IP address as serving
nearly 7 million domains!
Hamish
More information about the Link
mailing list