Does each machine under a single app get their own individual public ip address? In the sense that if I proxy a request through each machine, my original ip will be masked like a rotating socks proxy.
Use case:
For websites that block multiple requests from the same ip address, I should be able to mask my ip using fly machines.
This is probably an admin question.
I have gone through this doc and I didn’t find the answer I’m looking for. I just need a yes or no answer to my question. Can I start a vpn service based on fly machines under one single app?
those docs have information about both inbound and outbound ips, they’re pretty comprehensive. add far as i can tell, there’s nothing technically limiting creating a VPN using fly. but again, there might be other limiting constraints on how well a VPN service would work, because fly is a public cloud. (also be sure to check out the bandwidth egress charges)
a proof of concept should be pretty straightforward to test out and should only take a couple dozen dollars to test out with a few machines
After rigorous testing and lots of dollars spent on lots of machines, we arrive at the same place. We used tired proxy on the machines and yet we couldn’t get what we want.
Please admin, if we want to use the machines for vpn, what do we need to add to the image to make each machine kind of a unique vm?
not an admin, but what do you mean? each machine is a firecracker VM of the OCI image provided when the user deploys.
What specific problem(s) are you running into, what are you seeing that is not what you expect to see?
For testing, I use the machine to crawl AI news website but when too much request come from the same ip or device, the website block the request. so the machines are supposed to bypass that by acting as unique devices for each request. Yet i get blocked after a few requests.
That’s a pretty different use-case than a “VPN company based on machines” real VPN traffic from end-users wouldn’t crawl sites they would have long pauses between clicks and execute javascript etc so the comparison between the “testing” and declared use-case are pretty different.
Ignoring that for a moment. The Outbound IP addresses section of the link @catgirl shared probably has some things to help.
I do think it’s worth pointing out this section:
… we discourage the use of our outbound IPs to bypass firewalls
Hammering news sites with crawlers with the intent to mask the crawler with ephemeral IP addresses is attempting to bypass firewalls. If the volume of traffic you’re sending is too high, fly will receive an abuse notice from the sites you’re testing on and at best i’d expect you’d get some inquiries from the staff.
so then as to getting blocked: by my read, each individual machine will receive it’s own IPv6 address but my guess is there are fewer IPv4 addresses (this could be tested with curl pretty readily from a vm) and if the requests goes out over IPv4 the receiving site will see a ton of traffic from a few IPv4 addresses. but the sites may not be blocking simply by IP address, modern web application firewalls are good at bot detection and a ton of crawling traffic coming from the same IP blocks owned by Fly (or leased by Fly) is going to be a strong signal of traffic worth blocking, additionally if the requests look automated (like crawling) the firewalls’ll detect and block the traffic.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.