[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Google APIs Rate Limit - Was: Re: google search threshold

  Something similar to this topic.
  The other day working with Google APIs (geolocation [1] ) I thought
that in order to promote a little bit IPv6, Google (and others) might do
something like:

  Google Maps Geocoding API Usage Limits

With IPv4:
2,500 free requests per day (from IPv4 clients)
10 requests per second (from IPv4 clients)

With IPv6
5,000 free requests per day (from ipv6 clients)
20 requests per second (from ipv6 clients)

  Summary: increase rate limit to v6 clients



El 2/29/2016 a las 11:23 AM, Philip Lavine via NANOG escribi?:
> I have about 2000 users behind a single NAT. I have been looking at netflow, URL filter logs, IDS logs, etc. The traffic seems to be legit. 
> I am going to move more users to IPv6 and divide some of the subnets into different NATS and see if that alleviates the traffic load.
> Thanks for the advice.
> -Philip
>       From: Damian Menscher <damian at google.com>
>  To: Philip Lavine <source_route at yahoo.com> 
> Cc: "nanog at nanog.org" <nanog at nanog.org>
>  Sent: Friday, February 26, 2016 6:05 PM
>  Subject: Re: google search threshold
> On Fri, Feb 26, 2016 at 3:01 PM, Philip Lavine via NANOG <nanog at nanog.org> wrote:
> Does anybody know what the threshold for google searches is before you get the captcha?I  am trying to decide if I need to break up the overload NAT to a pool.
> There isn't a threshold -- if you send automated searches from an IP, then it gets blocked (for a while).
> So... this comes down to how much you trust your machines/users.  If you're a company with managed systems, then you can have thousands of users share the same IP without problems.  But if you're an ISP, you'll likely run into problems much earlier (since users like their malware).
> Some tips:   - if you do NAT: try to partition users into pools so one abusive user can't get all your external IPs blocked  - if you have a proxy: make sure it inserts the X-Forwarded-For header, and is restricted to your own users  - if you're an ISP: IPv6 will allow each user to have their own /64, which avoids shared-fate from abusive ones
> Damian (responsible for DDoS defense)-- Damian Menscher :: Security Reliability Engineer :: Google :: AS15169