8 Replies
2 years ago
have a look at this page -
2 years ago
I have no clue, it can't be too often. if you're using this a white list for security reasons, it would be extremely trivial to spoof
2 years ago
so may I ask what's the usecase?
2 years ago
@brody we're using the ranges via: https://utilities.up.railway.app/cidr-list?value=us-west1
to whitelist. I suspect this isn't a comprehensive list, as some of our replicas don't pass.
Whitelisting ranges is a requirement via our service provider.
Any suggestions on what we can do here?
2 years ago
That list is essentially just a frontend search for this JSON doc directly from Google -
https://www.gstatic.com/ipranges/cloud.json
That was linked to by this page -
https://support.google.com/a/answer/10026322
The /cidr-list page you linked caches its search results for 1 hour, though I just cleared its cache and the result did not change, Are you sure you are using the entire 26 CIDR values?
As mentioned, 26 CIDR ranges that anyone can get an IP within under 5 minutes provides little security benefits over whitelisting 0.0.0.0/0