Sunday, October 13, 2013

How many IP addresses does Google have?

This will be a very technical post, but I wanted to note this somewhere (and even make it useful for others!). Still, even if you're no command line whiz-kid but you're curious in the answer I got, skip to the end!

Let's start at the beginning. What is Google's IP address, you might have wondered at some point. Domain names are ways of referring you to an IP address, so google.com must lead you to one, right? Well yes, except it leads you to many. Each time you go to google.com, your computer looks up its IP address and it often gets a different answer each time. Google has so much traffic that it has many IP addresses for its servers, and gives you the address of the closest (or least busy) one whenever you ask.

So how many does it have in total, and what are they? Well, you can try asking a bunch of times and writing them down. I actually wrote a wrote a script to do that, before I realized maybe I should, say, Google for an answer. (To be fair, I'd done that before but came up short.) What I found was a page from Google's own help documents titled "Google IP address ranges." This page points out a useful trick: SPF records.

Without getting into too much detail, SPF records are an anti-spam tactic that allows the owner of a domain name to say "Here are the IP addresses allowed to send email from my domain. If you get email from a different IP, it's spoofing me." They do that automatically with information stored in DNS, just like IP address information. So Google has always-up-to-date records of all its IPs* readily available with a DNS query.

And here's exactly how to get it.

There are several command-line DNS query tools, but my favorite is Unix's dig, so that's what I'll use here. First, you query all TXT records from a special google.com subdomain: _spf.google.com
$ dig @8.8.8.8 TXT +short _spf.google.com
"v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all"
The "@8.8.8.8" isn't super-necessary, but to be safe, it ensures that you're getting the information from Google's own DNS servers. Anyway, this returns a text string. The _netblocks subdomains are what we're interested in. These are the actual DNS servers that hold the SPF records. You can get one by making a simple TXT query again:
$ dig TXT +short _netblocks.google.com
This returns another string, but it's a bit messy, and it's only from one of the subdomains. To fix the latter problem, we can use a bash shell expansion trick. Since the subdomains Google gave us all start with _netblocks, followed by nothing, 2, and 3, if we write "_netblocks{,2,3}" then bash will expand that into "_netblocks _netblocks2 _netblocks3". Then we'll use tr and grep to clean up the output:
$ dig TXT +short _netblocks{,2,3}.google.com | tr ' ' '\n' | grep '^ip4:'
ip4:216.239.32.0/19
ip4:64.233.160.0/19
ip4:66.249.80.0/20
ip4:72.14.192.0/18
ip4:209.85.128.0/17
ip4:66.102.0.0/20
ip4:74.125.0.0/16
ip4:64.18.0.0/20
ip4:207.126.144.0/20
ip4:173.194.0.0/16
These are the all the actual IP addresses used by Google at the moment,* in CIDR notation. How many is that, in total? To save you the effort of calculating it yourself, here is a full script that will do it for you:
$ total=0
for slash in $(dig TXT +short _netblocks{,2,3}.google.com | tr ' ' '\n' | grep '^ip4:' | cut -d '/' -f 2); do
  total=$((total+$(echo "2^(32-$slash)" | bc -l)))
done
echo $total
What does it give us? 212,992.

TL;DR:
Google controls over 200,000 IP addresses as of October, 2013. It may not be making use of all of them at the moment, but that's the total number of answers you could possibly get when you ask "what is google.com's IP address?"


*Caveats: it's entirely possible that Google owns more IPs than are noted in its SPF records. The only requirement of its SPF listing is that these are all the IPs Google uses to send Gmail from. Still, I would imagine that for simplicity, they'd add every IP address block they've been allocated, to give them maximum flexibility in what servers they can use for Gmail.

17 comments:

  1. I checked through Ip-details.com and got a list of IP's that Google uses....
    74.125.239.34
    74.125.239.36
    74.125.239.33
    74.125.239.38
    74.125.239.40
    74.125.239.41
    74.125.239.46
    74.125.239.35
    74.125.239.32
    74.125.239.39

    ReplyDelete
    Replies
    1. WoW m8 thats alot of ips

      Delete
  2. thanks for this post. It saves me a lot of time.

    ReplyDelete
  3. Now, how to block a website that uses multiple IP addresses through your router.

    ReplyDelete
  4. A much better way to determine the IPs used by an entity is to take a look at its BGP announcements e.g. at BGP.He.net

    A look up of Google's As 15169, keep in mind they might be using more than one, tells your that at least to Hurrican Electric a total of 768000 IPs is announced. In the tab Preises you can find the actual IP ranges.

    ReplyDelete
  5. That is a really large number of IP addresses to own. It makes e curious to know what they do with all those addresses. Are there an infinite number of IP addresses? That would also be interesting to know.
    http://iptrading.com/services/buying-address-space/

    ReplyDelete
    Replies
    1. 0.0.0.0-255.255.255.255 i originally thought 255255255255 but search Google for "how many ipv4 addresses are there?" Then for newer ipv6 (not everyone has it enabled so when we run out and our ISP gets complaints about not being able to connect to servers or getting unreasonable traffic, turn it on, and hope. What I thought was Google only owned 8.*.*.* But I guess that wasn't enough.

      Delete
  6. I'm trying to use this method on Microsoft.com & Facebook.com & Line.me but it doesn't work. Could anyone explain why?

    ReplyDelete
  7. Its a good reference to answer these kind of tricky job interview questions. Thanks

    ReplyDelete
  8. get us know about the real ip

    ReplyDelete
  9. This comment has been removed by the author.

    ReplyDelete
  10. Really helpful, but ...

    ip4:216.239.32.0/19
    ip4:64.233.160.0/19
    ip4:66.249.80.0/20 <-- not correct, must be changed into 66.249.64.0/19 (important part of range for crawling)
    ip4:72.14.192.0/18
    ip4:209.85.128.0/17
    ip4:66.102.0.0/20
    ip4:74.125.0.0/16
    ip4:64.18.0.0/20
    ip4:207.126.144.0/20
    ip4:173.194.0.0/16

    Greetinx

    OscarTheFish(p@k)

    ReplyDelete
  11. what is the google ip addresses for Damian setting???

    ReplyDelete
  12. Don't forget this one:

    ipv4:172.217.4.238
    ipv4:172.217.4.0/16

    tend to use this one to snoop if you block all their adservices.

    ReplyDelete
  13. # ping -c 1 75.6.199.104.bc.googleusercontent.com
    PING 75.6.199.104.bc.googleusercontent.com (104.199.6.75) 56(84) bytes of data.
    64 bytes from 75.6.199.104.bc.googleusercontent.com (104.199.6.75): icmp_seq=1 ttl=57 time=26.3 ms

    Why is this IP not in the ranges posted?

    ReplyDelete