[187869] in North American Network Operators' Group
Re: google search threshold
daemon@ATHENA.MIT.EDU (Damian Menscher via NANOG)
Fri Feb 26 21:05:41 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <1091559020.49418.1456527681809.JavaMail.yahoo@mail.yahoo.com>
Date: Fri, 26 Feb 2016 18:05:17 -0800
To: Philip Lavine <source_route@yahoo.com>
From: Damian Menscher via NANOG <nanog@nanog.org>
Reply-To: Damian Menscher <damian@google.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Fri, Feb 26, 2016 at 3:01 PM, Philip Lavine via NANOG <nanog@nanog.org>
wrote:
> Does anybody know what the threshold for google searches is before you get
> the captcha?I am trying to decide if I need to break up the overload NAT
> to a pool.
>
There isn't a threshold -- if you send automated searches from an IP, then
it gets blocked (for a while).
So... this comes down to how much you trust your machines/users. If you're
a company with managed systems, then you can have thousands of users share
the same IP without problems. But if you're an ISP, you'll likely run into
problems much earlier (since users like their malware).
Some tips:
- if you do NAT: try to partition users into pools so one abusive user
can't get all your external IPs blocked
- if you have a proxy: make sure it inserts the X-Forwarded-For header,
and is restricted to your own users
- if you're an ISP: IPv6 will allow each user to have their own /64,
which avoids shared-fate from abusive ones
Damian (responsible for DDoS defense)
--
Damian Menscher :: Security Reliability Engineer :: Google :: AS15169
