[HN Gopher] Icanhazip: A simple IP address tool survived a delug...
___________________________________________________________________
Icanhazip: A simple IP address tool survived a deluge of users
(2021)
Author : broken_codez
Score : 107 points
Date : 2023-07-31 20:16 UTC (2 hours ago)
(HTM) web link (blog.apnic.net)
(TXT) w3m dump (blog.apnic.net)
| Snawoot wrote:
| Why not use protocols which are specifically designed to report
| mapped IP address like STUN? It's faster as UDP exchange is
| shorter than 3-way TCP handshake (or even TCP+TLS handshake).
|
| Here is an implementation which uses parallel STUN queries to
| report address reliably as fast as possible:
| https://github.com/Snawoot/myip
| msm_ wrote:
| Nice tool! Looks like a great solution.
|
| But unfortunately I don't have it in a random docker/kubernetes
| containers or random internal servers, and these are the
| contexts where I personally usually want to check my external
| IP.
| zie wrote:
| For ridiculously easy things like this, I think it's smarter for
| you to just host it yourself. This way you are not forcing other
| people to carry your burden.
|
| nginx config example: location /ip {
| add_header Content-Type "application/json"; return 200 '{
| "host":"$server_name","ip":"$remote_addr","port":"$remote_port","
| server_ip":"$server_addr","server_port":"$server_port
|
| "}\n'; }
|
| Which will return something like this in JSON format:
| {"host":"www.example.org","ip":"199.200.200.14","port":"7990","se
| rver_ip":"199.200.100.229","server_port":"443"}
|
| This is all done 100% within NGINX, and I include a lot of stuff
| you probably don't want or care about. Other web servers probably
| have similar capabilities.
| nurettin wrote:
| I have something very similar, and all my projects depend on
| that. I also made a copy of httpbin which I host on a server.
| Useful for unit testing. And a gateway for hookback urls that I
| use for relaying/logging oauth and similar things to internal
| vpns. All very useful gadgets that have been running for over
| half a decade on arch.
| brandonp0 wrote:
| I made a site like this to mess with a guy at work. Everyone knew
| of IPChicken, and his last name is Herring, so I created
| IPHerring. I'd put Photoshopped images of him on the site for
| different holidays and coworkers always thought it was hilarious.
| They would even send me ideas of what to put next.
|
| Now I sometimes use AI image generation tools to really make it
| stand out. It's been a lot of fun. A lot of the tech folks in my
| area are using it now.
| sunshinekitty wrote:
| A great tool I've used countless times after learning about it
| while working at Rackspace a decade ago . It was great to learn
| about how it's grown over the years, what an ordeal!
|
| Cloudflare is at the top of the list of custodians I would want
| if in a similar position, glad it's found a new steward.
| LeoPanthera wrote:
| tl;dr: Bought by Cloudflare.
| cryne wrote:
| ...for a symbolic price because "the fun totally dried up" for
| the author and he felt the site would be in good hands at
| Cloudflare.
| alpb wrote:
| > Their sponsorship of icanhazip.com has saved me tens of
| thousands of dollars per month.
|
| Can someone please explain how does returning a few hundred
| bytes of plaintext response can cost thousands of dollars?
| Either I'm really bad at estimating things or there's some
| hidden cost somewhere I'm not seeing.
|
| Also why could it not work fine behind a Cloudflare free tier?
| veave wrote:
| >Also why could it not work fine behind a Cloudflare free
| tier?
|
| Eh, how would that even work? You have to serve the requests
| anyway.
| karamanolev wrote:
| > In 2021, the traffic I once received in a month started
| arriving in 24 hours. The site went from a billion requests
| per day to 30-35 billion requests per day over a weekend.
|
| 30 billion times 350 bytes (size of my response) is equal to
| 10.5 terabytes (base-10) a day. 84 terabits per day,
| 84000/3600/24 ~= 1 gigabit if my math is right. A fully
| saturated 1 gigabit pipe of worldwide internet costs a lot.
| So, there.
| akho wrote:
| [flagged]
| deadbunny wrote:
| Go read TFA?
| Zetice wrote:
| At $0.085 per GB (some us-east-1 exfil cost Google gave
| me), 10TB is... ~$1k/day?
|
| Yeah sorry, I would not pay $30k/mo so y'all could track
| your external IP addresses...
| alpb wrote:
| Really interesting. I never heard of this website and was
| surprised to hear this volume of traffic it's getting. (I
| always used curlmyip.org or whatsmyip.net|.com). I wonder
| what is the rationale for providing a non-rate limited
| service that can be easily abused like this. The volume
| almost suggests some stuff like IoT devices or other
| software use this to test internet connectivity. Or
| botnets?
| thefifthsetpin wrote:
| I believe that creating a traffic rate-limiting system,
| which is more cost-effective than simply echoing back the
| requestor's IP address, is likely to be a complex task.
| However, I haven't personally performed the calculations
| to confirm this.
| bunga-bunga wrote:
| It mentions 2 petabytes of data per month, plus compute for a
| trillion requests per month. It sounds like all kinds of
| optimizations were made so probably it can't be much cheaper.
| My guess is that the "tens of thousands" is calculated on CF
| Workers prices though.
| ChrisClark wrote:
| For $8.
| ChrisArchitect wrote:
| This is a re-blog; Original post:
| https://news.ycombinator.com/item?id=27415537
| ddrager wrote:
| Wow, I didn't realize the little article I wrote for Lifehacker
| would have such a big impact on this project. Also didn't realize
| he had passed on the project to Cloudflare. They're a great team
| so I'm happy it's in their capable hands now!
| blibble wrote:
| if some AS is taking the piss: start returning random addresses
| just for them?
|
| they'd soon learn
| metadat wrote:
| Discussed at the time:
|
| _A New Future for Icanhazip_
|
| https://news.ycombinator.com/item?id=27415537 (2 years ago, 253
| comments)
| politelemon wrote:
| That's a great read, the author had a passion project and stuck
| by it. I'd love to read more of these
| [deleted]
| renewiltord wrote:
| It's funny that there are so many of these. I use
| curl ifconfig.me
| jamesponddotco wrote:
| It's a fun project if you want to learn to code, which is why I
| think there're so many of them around. I built and run
| Accio127[1][2] for the same reason.
|
| [1] https://api.accio127.com/v1/ip/
|
| [2] https://git.sr.ht/~jamesponddotco/accio127
| ComputerGuru wrote:
| Not related to the story of scaling the tech but rather to the IP
| business in 2023:
|
| I'm not affiliated with any of these services, but my goto has
| been ip4.me, ip6.me, and ip6only.me because they're short and
| memorable and because they acknowledge the IPv4/IPv6 split. The
| first two domains give you your v4 and v6 IP respectively and the
| latter only resolves over IPv6 (useful to ensure your IPv6 is off
| when using a VPN). You can tack on /api to any of them to get a
| plaintext response.
| 0x6A75616E wrote:
| the issue is that these return a bunch of html so using them
| from the command line is not ideal.
|
| I made wgetip.com back in 2008 to solve this. icanhaz must've
| been pretty suboptimal back then to have issues with traffic.
| wgetip still gets about 3M requests per hour. All from a single
| $5 droplet.
| zokier wrote:
| ip4.me and ip6.me have /api endpoint for programmatic access
| SadTrombone wrote:
| The /api endpoint seems to return me a 301 error from the
| command line.
| jffry wrote:
| curl https://ip4.me/api/
|
| works for me
| ComputerGuru wrote:
| That's a redirect, not an error. Probably to /api/ with a
| trailing slash. Or use the -l flag to curl to have it
| auto redirect.
| NelsonMinar wrote:
| https://www.ipify.org/ is my go to, mostly because it has a
| really simple JSON version. Funny how many ways there are to do
| this simple thing.
| pests wrote:
| Does Chrome not recognize the .me TLD? I just tried to type
| that ip4.me domain twice and it just sent me to search results.
___________________________________________________________________
(page generated 2023-07-31 23:00 UTC)