Rotating proxy using fck-nat #69
Comments
|
That would be very useful indeed. I would like the NAT instance to have some external IPs within an "IP list" (allow-list). Then, for example, a Lambda inside that NAT would address the outside with "one of these public IPs" (randomly chosen each time). |
|
This can be done with snat, but I'm worried about breaking existing users and consumers of the |
|
Thank you Andrew for the update. Do you think it is somehow possible to achieve the same result with the current version of fck-nat? Maybe by spinning up I'm not sure, do you think this is feasible? |
|
@fl0wo It wouldn't be possible as you've described. You get only one default route per subnet. So while you could have many subnets each with a default route pointing to a different fck-nat, it wouldn't quite be the behavior requested in the initial submission. |
|
AWS just introduced the ability to dynamically remove and add EIPs to EC2 instances. I believe this feature could be a game-changer for implementing a rotating proxy with fck-nat. |
|
I don't see how that feature changes anything here? |
|
My understanding is that if you replace the EIP, you are essentially changing the public IP address of the NAT instance. Consequently, any traffic routed through the NAT instance, including traffic from your Lambda functions, will use the new EIP for internet access. To clarify, this method could be used to rotate the NAT instance EIP at a predetermined interval (every X minutes). This is different from the approach that was mentioned earlier, which involved selecting a random EIP from a pool for each individual request. Both methods offer IP diversification, but they achieve it in distinct ways. |
Can you link 5 Elastic IP addresses to your EC2 instance? The scenario involves an AWS Lambda function invoking the NAT Instance, which then selects a random EIP for internet requests, effectively creating a rotating proxy system.
The text was updated successfully, but these errors were encountered: