EDIT: I experimentally confirmed that opendns and google dns, which claim to block dns rebinding attacks, do not block xip.io or subdomains thereof
I have just checked, and my pfSense firewall (which claims to block DNS rebinding) blocks local addresses from resolving through xip.io (tested with loopback and several RFC1918. All blocked, regardless of whether they match the subnet in use). External addresses (e.g. 18.104.22.168.xip.io) resolve fine.
I would kill to be able to specify wildcards in /etc/hosts file. That seems to be the sweet-spot.
A good alternative to ngrok is Serveo, which has a public instance of self-hosting options: https://serveo.net/
It's not feature-parity with Ngrok, but it does what's needed.
(It's possible that you'll sometimes run into applications that do their own /etc/host parsing.)
We sell a SaaS e2e testing product for large enterprises (clients like Microsoft/Wix/JPM etc) and this use case (serving the dev environment to the CI or between computers) was so common that we baked it into our CLI.
Personally I just set up (dev machine is always running some Debian or derivatives) Traefik as a reverse proxy and set up local dev websites/app with *.localhost. I don't bother adding localhost self-signed certs to FF though (never really could make it work anyway). Easier to click "yes, trust that certificate for that localhost subdomain).
dig 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.xip.io. in aaaa
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
7f000001.ip.continuous.pw has address 127.0.0.1
fc00.ip6.continuous.pw has IPv6 address fc00::
fc0014c0000001abcde.ip6.continuous.pw has IPv6 address fc00:14c0:0:1ab:cde0::
Sources available at https://github.com/continuouspw/continuous-dns/tree/master/p...
Also allows you to set up vhosts if your quickie server is stood up behind something like nginx.
xip.io runs a custom DNS server on the public Internet."
Is there a way to provide wildcard DNS without sending internal LAN IP addresses to a closed source "custom DNS server" over the public Internet?
Yes. If you are a djbdns^1 user, and you wanted all subdomains of xip.io to resolve to 10.0.0.1:
# Assuming _dnscache and _tinydns are the configuration folders and tinydns listens on 127.0.0.1
cat << eof > _tinydns/root/data
echo 127.0.0.1 > _dnscache/root/servers/xip.io
# Assuming unbound listens on 10.0.0.2
echo > _dnscache/env/FORWARDONLY
echo 10.0.0.2 > _dnscache/root/servers/@
Are there security implications to this?
If you already have a cloud provider, why would you leverage this instead of just creating real DNS records w/ reasonable TTLs?
HTTP 1xx codes are informational, not error, codes, and 105 doesn't exist.