This script outputs all IP ranges used by Google's own services, excluding IP ranges assigned to Google Cloud customers. It is useful for identifying the IPs utilized exclusively by Google's infrastructure.
Google IP Prefix Difference PHP is a robust and efficient PHP script designed to retrieve and process Google's IP prefixes. It calculates the difference between two sets of IP ranges provided by Google, specifically those present in goog.json
but not in cloud.json
.
The script determines the IP ranges used by the default domains for Google APIs and services, such as *.googleapis.com
and *.gcr.io
. These IP ranges are calculated by subtracting the ranges in cloud.json
(external IP ranges for Google Cloud customer resources) from those in goog.json
(the complete list of Google IP ranges available on the internet).
For more information, see the Google Documentation.
Version 2 of the script introduces comprehensive support for both IPv4 and IPv6 addresses, expanding its applicability and ensuring compatibility with modern network configurations.
- Fetches Google Cloud IP ranges from official URLs:
goog.json
: Complete list of Google IP ranges.cloud.json
: External IP ranges for Google Cloud resources.
- Compares the IP ranges in
goog.json
andcloud.json
. - Outputs the resulting CIDR ranges used by Google APIs and services.
- IPv4 and IPv6 Support: Handles both IPv4 and IPv6 prefixes, allowing for comprehensive IP range processing.
- Efficient Range Processing: Merges and sorts cloud IP ranges upfront to minimize redundancy and optimize subtraction operations.
- Optimized Bitwise Operations: Enhancements for both GMP and BCMath extensions to ensure fast and efficient bitwise computations.
- Flexible Math Extensions: Dynamically utilizes either the GMP or BCMath PHP extensions based on availability, preferring GMP for superior performance.
- Easy Integration: Designed to be included in other PHP projects seamlessly, preventing direct access for enhanced security.
- Clear Documentation: Comprehensive comments and documentation to facilitate easy understanding and maintenance.
- PHP 7.4 or higher
- PHP Extensions:
- GMP (preferred for optimal performance) OR
- BCMath
Ensure that at least one of these extensions is enabled in your PHP environment.
- The script fetches the JSON files from:
- It parses the JSON data and extracts the IPv4 prefixes.
- It calculates the difference between the IP ranges in
goog.json
andcloud.json
, determining the IP ranges used by Google APIs and services. - It outputs the resulting prefixes as an array of CIDRs.
- These ranges are allocated dynamically and change often, so it's not possible to define static IP ranges for individual services or APIs.
- Google recommends maintaining an up-to-date list by automating this script to run daily or using alternatives like the
private.googleapis.com
VIP or Private Service Connect.
- Clone this repository:
composer require futureweb/google-ip-prefix-diff-php
- Once installed, the script will be autoloaded by Composer, and you can use it in your project:
<?php require 'vendor/autoload.php'; // Use the functions defined in the script $ip_prefixes = get_google_ip_prefixes_difference(); if ($ip_prefixes !== false) { // Output IPv4 prefixes foreach ($ip_prefixes['ipv4'] as $cidr) { echo $cidr . PHP_EOL; } // Output IPv6 prefixes foreach ($ip_prefixes['ipv6'] as $cidr) { echo $cidr . PHP_EOL; } } else { echo "Failed to retrieve IP prefixes." . PHP_EOL; }
- Clone this repository:
git clone https://github.com/your-username/google-ip-prefix-diff-php.git
- Include the script in your Script:
$ip_prefixes = include 'google_ip_prefix_diff.php'; if ($ip_prefixes !== false) { // Output IPv4 prefixes foreach ($ip_prefixes['ipv4'] as $cidr) { echo $cidr . PHP_EOL; } // Output IPv6 prefixes foreach ($ip_prefixes['ipv6'] as $cidr) { echo $cidr . PHP_EOL; } } else { echo "Failed to retrieve IP prefixes." . PHP_EOL; }
This script downloads large JSON files and processes the differences in IP ranges, which can be time-consuming and resource-intensive. For this reason:
- Do not include the script directly in frequently executed scripts or APIs.
- Implement a local caching mechanism to store the resulting CIDR ranges for repeated use.
- Run the script periodically (e.g., hourly) to generate the CIDR ranges:
php google_ip_prefix_diff.php > google_ip_ranges.txt
- Load the cached results in your executed scripts:
$ip_ranges = file('google_ip_ranges.txt', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); foreach ($ip_ranges as $cidr) { echo $cidr . PHP_EOL; }
- Automate the caching process using a cron job or similar scheduling tool:
# Run the script daily at midnight to refresh the cache 0 0 * * * /usr/bin/php /path/to/google_ip_prefix_diff.php > /path/to/cached_ip_ranges.txt
This is a PHP implementation of the Python script provided by Google: Private Google Access IP Address Defaults
This project is licensed under the MIT License. See the LICENSE file for details.