
Show HN: Which-cloud, what cloud does an ip address belong to? - BenjaminCoe
https://github.com/bcoe/which-cloud
======
ereyes01
This code seems to rely on IP ranges and whois lookups, which won't work if
you're running on a network / VPC that has no internet access

Some clouds provide a metadata api accessible via a link-local address. These
are accessibly regardless of what network your instance is in.

AWS Metadata API:
[http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-insta...](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-
metadata.html)

GCE Metadata API:
[https://cloud.google.com/compute/docs/metadata](https://cloud.google.com/compute/docs/metadata)

Azure Metadata API: [https://azure.microsoft.com/en-us/blog/what-just-
happened-to...](https://azure.microsoft.com/en-us/blog/what-just-happened-to-
my-vm-in-vm-metadata-service/)

This library only appears to support detecting AWS/GCE/Azure, so perhaps
trying URLs in each metadata API with no / minimal timeout is a more robust
way of accomplishing this instead of relying on whois, and could provide the
same functionality as is currently supported in the library.

The downside of this approach is that maybe some clouds/VPS's don't have
metadata APIs accessible in this manner. Maybe this doesn't work for some more
obscure services, if you want to be super comprehensive.

~~~
booop
The tool doesn't look like it's meant to be run within a cloud. Instances in a
VPC without internet access would have only private IP addresses within the
CIDR range of the subnet in which they are launched.

It's to find out which cloud a public IP address belongs to, for which the
public data source/whois lookup seems the only option.

PS: the metadata (in case of AWS) can be accessed only within the instance
itself.

------
pyvpx
what does this add instead of using whois?

~~~
BenjaminCoe
AWS ([http://docs.aws.amazon.com/general/latest/gr/aws-ip-
ranges.h...](http://docs.aws.amazon.com/general/latest/gr/aws-ip-
ranges.html)), GCE
([https://cloud.google.com/compute/docs/faq#where_can_i_find_s...](https://cloud.google.com/compute/docs/faq#where_can_i_find_short_product_name_ip_ranges)),
and other clouds maintain an up-to-date list of the ip blocks within their
data-centers -- providing for more accurate data than a whois lookup.

however! I just added whois as a fallback, this seems like a really good idea:

[https://github.com/bcoe/which-cloud/pull/10](https://github.com/bcoe/which-
cloud/pull/10)

~~~
teddyh
What are you doing to prevent others using you as a whois proxy?

Alternately, how are you planning to evade the (rather restrictive) rate
limits which whois servers impose?

~~~
BenjaminCoe
it's a goal to use the advertised IP blocks of cloud providers where possible,
with whois simply as a fallback.

Will happily accept patches for other providers.

~~~
ugexe
You realize that the majority of IPs submitted may not be from a known cloud
provider/test suite, and so you're still dealing with the rate limiting from
falling back for most requests?

~~~
BenjaminCoe
I built this library to track signups for an application that has a fairly low
request rate.

if you need a higher request rate 🤷 ¯\\_(ツ)_/¯ pitch in and help add support
for a wider variety of cloud providers.

------
ers35
See also: The Hurricane Electric BGP Toolkit shows the ISP based on the AS
number from which the IP address is announced:
[http://bgp.he.net/](http://bgp.he.net/)

Example:
[http://bgp.he.net/ip/104.196.27.39](http://bgp.he.net/ip/104.196.27.39)

