Hello everyone, I am Teacher Wang, I have been preparing to write this manuscript, but too many things have been delayed, which has led to procrastination and procrastination. As a result, it has changed from recently to a while ago. It's good now, no one will say that I'm rubbing the heat.
As we all know, Douyin and Weibo began to feature IP attribution a while ago, causing a lot of heated discussions. A large number of veterans abroad have begun to "reveal their true colors" and have been positioned in China. So how is IP ownership achieved? So is the place where the internet celebrities belong? This article helps you find out.
1. Step 1: How to get the real IP of the user
We all know that we generally want to access the public network, and generally must have an Internet access environment. After we open broadband, the operator will assign us an IP address. Generally, we assign IP addresses automatically. So we don't know what the local address is? If you want to know your public IP address, you can check your IP location through Baidu search IP
So here comes the question. How does Baidu know my public IP?
In general, the network topology of users accessing our services is as follows:
Users access the portal through a domain name or IP, and then request to the backend service. In this case, the backend service can obtain the user's ip through the request.getRemoteAddr(); method.
SpringBoot gets the IP as follows:
@RestController
public class IpController {
@RequestMapping("/getIp")
public String hello(HttpServletRequest request) {
String ip = request.getRemoteAddr();
System.out.println(ip);
return ip;
}
}
Deploy the service to the server, and then request the interface to obtain IP information, as shown below:
But why is the IP we obtained different from the one found by Baidu?
1.1 Intranet IP and extranet IP
Open the computer CMD, output the ipconfig command, check the IP address of the machine, and find that the address of our machine is the same as the address obtained by the program.
In fact, the network is also divided into intranet IP and public IP. The intranet is also a local area network. For companies and schools, which generally establish their own local area networks, when transmitting internal information, they communicate with each other through the intranet. Establishing intranet communication in the local area network saves public network IP resources, and the communication efficiency is also greatly improved. . Of course, devices outside the local area network cannot send information to devices on the intranet.
However, when the machine wants to access the resources of the Internet, it needs the machine to have the bandwidth of the external network.
因此,我们把服务部署在同一局域网内,客户端使用内网进行通信,因此获取的就是内网IP地址。但访问百度是需要使用公网访问,因此百度搜出来的IP就是公网IP地址。
1.2.为什么有时候获取到的客户端IP有问题?
当我们兴致勃勃的把IP获取的功能搞上去之后,发现获取的IP都是同一个?这是为什么呢?不可能只是一个用户在访问呀?查询IP信息之后发现,原来是我们部署的一台负载均衡的IP地址。
那么后端服务获取的地址都是负载均衡如nginx的地址。那么怎么透过负载均衡获取真实的地址呢?
透明的代理服务器在将客户端的访问请求转发到下一环节的服务器时,会在HTTP的请求头中添加一条X-Forwarded-For记录,用于记录客户端的IP,格式为X-Forwarded-For:客户端IP。如果客户端和服务器之间有多个代理服务器,则X-Forwarded-For记录使用以下格式记录客户端IP和依次经过的代理服务器IP:X-Forwarded-For:客户端IP, 代理服务器1的IP, 代理服务器2的IP, 代理服务器3的IP, ……。
因此,常见的Web应用服务器可以通过解析X-Forwarded-For记录获取客户端真实IP。
public static String getIp(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
} else if (ip.length() > 15) {
//多次反向代理后会有多个ip值,第一个ip才是真实ip
String[] ips = ip.split(",");
for (int index = 0; index < ips.length; index++) {
String strIp = ips[index];
ip = strIp;
break;
}
}
return ip;
}
第二步:如何解析IP
IP来了,我们怎么解析呢:
IP的解析一般都要借助第三方软件使用了,第三方一般也分为离线库和在线库
- 离线库支持的有如:IPIP,使用离线库的好处是解析效率高,性能好,问题就是IP库要经常更新。如果大家需要我私信我可以提供给大家比较新版本的ip库。
- 在线库则各大云厂商接口能力都有支持。在线版本的好处是更新即时,问题就是接口查询性能和使用TPS有要求。
以下演示借助IP库离线IP解析方式:
借助IP库就可以帮我们实现ip地址的解析。
public static void main(String[] args) {
IpAddrInfo IpAddrInfo = IPAddr.getInstance().putLocInfo("114.103.71.226");
System.out.println(JSONObject.toJSONString(IpAddrInfo));
}
public IpAddrInfo putLocInfo(String ip) {
IpAddrInfo info = new IpAddrInfo();
if (StringUtils.isNotBlank(ip)) {
try {
DistrictInfo addrInfo = db.findInfo(ip, "CN");
info.setCity(addrInfo.getCityName());
info.setCountry(addrInfo.getCountryName());
info.setCountryCode(addrInfo.getChinaAdminCode());
info.setIsp(addrInfo.getIsp());
info.setLat(addrInfo.getLatitude());
info.setLon(addrInfo.getLongitude());
info.setProvince(addrInfo.getRegionName());
info.setTimeZone(addrInfo.getTimeZone());
System.out.println(addrInfo.toString());
} catch (IPFormatException e) {
e.printStackTrace();
} catch (InvalidDatabaseException e) {
e.printStackTrace();
}
}
return info;
}
In fact, IP positioning analysis is actually a huge location library, and the number of IPs is also limited, so the same IP may also be allocated to different areas, so there are several aspects that affect the location accuracy of IP analysis 1. Location library Inaccurate, resulting in large parsing deviations or true regional fields 2. Offline libraries are not updated in a timely manner and overseas ones generally have special offline libraries to support them. Using the same set of offline libraries does not necessarily support the parsing of overseas IPs, so this time is the most affected. The overseas Internet celebrity door has been parsed into various regions of China, and is considered to be fake by everyone, of course, including real fakes. However, it is also beneficial to have this function online. At least the Internet is not a place outside the law. Everyone should surf in an orderly and healthy manner and reject cyber violence.
Well, that's it for today, I'm Wang Laoshi, an engineering lion with ideas and connotations, pay attention to me and learn more technical knowledge.
- I am participating in the recruitment of the creator signing program of the Nuggets Technology Community, click the link to register and submit .