[LINK] Google-Cloud IP addressing
Hamish Moffatt
hamish at moffatt.email
Wed Oct 14 10:08:06 AEDT 2020
On 13/10/20 10:37 pm, David Lochrin wrote:
> I searched for 23.236.62.147 on https://dnslytics.com/reverse-ip as you suggested, and that site reported "Found 6,281,493 domains hosted on IP address 23.236.62.147". Over six million IP domains hanging on one address!!
>
> I can't imagine the designers of HTTP 1.1 had that in mind 23 years ago when the RFC was published, and there must surely be some compromises. What on earth has happened to IP6?
To be honest, virtual hosting is so well developed that I don't see it
going away even with IPv6. If you were to allocate each of those sites
their own addresses then you need extra configuration of the network
stack and changes to the DNS config and I don't think there is a lot of
value.
Besides, there is a privacy advantage to IP address sharing anyway. With
an encrypted connection (HTTPS), when you connect to 23.236.62.147, your
ISP (and your government) doesn't know which of the 6,281,493 domains
you are looking at. Are you looking for a recipe for sourdough or for a
bomb?
For full privacy, you need DNS over TLS or DNS over HTTPS (DoT/DoH) to
hide your DNS requests from your ISP (and your government), and you need
encrypted SNI. The former is out there and now built-in to Firefox, the
latter is coming too.
Hamish
More information about the Link
mailing list