IP地址范围APNS服务器? [英] IP Address ranges for APNS servers?
问题描述
有没有人有通过苹果推送通知服务使用的所有IP地址的完整列表?
我知道,苹果使用的内容交付网络为s $ P $垫这些请求,DNS查询将返回接近请求者的位置服务器 - 我的问题是定位所有这些服务器用于处理内容的中美国。
例如:
$ NSLOOKUP gateway.push.apple.com非权威的答案:
规范名称= gateway.push-apple.com.akadns.net。地址:17.172.238.216
地址:17.172.238.224
地址:17.172.238.226
等。
这个清单改变我每次查询DNS的时间 - 但所有的地址似乎在同一17.172.238.x范围 - 但有没有保证,明天或下星期我会看到一个不同的范围。
有关测试推送服务器,但是,我已经得到不同子网中的结果。有时候,我得到一组地址:
$ NSLOOKUP gateway.sandbox.push.apple.com非权威的答案:
规范名称= gateway.sandbox.push-apple.com.akadns.net。地址:17.149.34.66
地址:17.149.34.65
和其他时候,我会得到这些地址:
地址:17.172.233.65
地址:17.172.233.66
将使用苹果推送通知服务
我的服务器将是一个企业防火墙后面,我需要打开端口2195和2196的生产和测试网关 - 但是,我的防火墙团队需要特定的IP地址,而不是的主机名。
我很担心,如果我只是问防火墙团队,让我至今见过的IP地址,然后我的服务器将完全停止后,当DNS服务器确定要投放了一天工作或一个星期不同的范围。
如果任何人有两个生产和测试环境中的COM prehensive名单,我会AP preciate它。
更新:我试着问防火墙队打开苹果公司的整个IP块(17.0.0.0/8),但他们不会为我做的 - 我需要缩小地址一点点。
从<一个href=\"http://developer.apple.com/library/ios/#technotes/tn2265/_index.html%23//apple_ref/doc/uid/DTS40010376-CH1-TNTAG41\">Apple's (加强调有趣的一点)文档:
推提供商,iOS设备和Mac计算机通常是防火墙之后。要发送通知,您将需要TCP端口2195打开。为了达到反馈服务,你需要有TCP端口2196打开。设备和计算机连接到Wi-Fi上的推送服务将需要TCP端口5223打开。
对于推送服务的IP地址范围如有更改;期望的是,供应商将通过主机名而不是IP地址连接。推送服务使用产生了相同的主机名不同的IP地址的负载均衡方案。的然而,整个17.0.0.0/8地址块分配给苹果公司,这样你就可以在你的防火墙规则规定的范围。的
17.0.0.0/8是CIDR标记为17.0.0.1到17.255.255.254。
Does anyone have a complete list of all IP addresses used by the Apple Push Notification Service?
I know that Apple uses a content delivery network to spread out these requests, and DNS lookups will return servers close to the requestor's location - the problem I have is in locating all of these servers that handle content for the United States.
For example:
$ nslookup gateway.push.apple.com Non-authoritative answer: canonical name = gateway.push-apple.com.akadns.net. Address: 17.172.238.216 Address: 17.172.238.224 Address: 17.172.238.226etc.
This list changes every time I query DNS - but all of the addresses seem to be in the same 17.172.238.x range - but there's no guarantee that tomorrow or next week I'll see a different range.
For the test push server, however, I already get results in different subnets. Sometimes I get one set of addresses:
$ nslookup gateway.sandbox.push.apple.com Non-authoritative answer: canonical name = gateway.sandbox.push-apple.com.akadns.net. Address: 17.149.34.66 Address: 17.149.34.65and other times, I'll get these addresses:
Address: 17.172.233.65 Address: 17.172.233.66My server that will use the Apple Push Notification Service will be behind a corporate firewall, and I'll need to open up ports 2195 and 2196 for the production and test gateways -- however, my firewall team requires specific IP Addresses instead of host names.
I'm worried that if I just ask the firewall team to allow the IP Addresses I've seen so far, then my server will simply stop working a day or a week from now when the DNS server decides to serve up a different range.
If anyone has a comprehensive list for both the production and test environments, I'd appreciate it.
Update: I've tried asking the firewall team to open Apple's entire IP block (17.0.0.0/8), but they won't do that for me -- I need to narrow down the addresses a little bit.
解决方案From Apple's documentation (emphasis on the interesting bit added):
Push providers, iOS devices, and Mac computers are often behind firewalls. To send notifications, you will need to have TCP port 2195 open. To reach the feedback service, you will need to have TCP port 2196 open. Devices and computers connecting to the push service over Wi-Fi will need to have TCP port 5223 open.
The IP address range for the push service is subject to change; the expectation is that providers will connect by hostname rather than IP address. The push service uses a load balancing scheme that yields a different IP address for the same hostname. However, the entire 17.0.0.0/8 address block is assigned to Apple, so you can specify that range in your firewall rules.
17.0.0.0/8 is CIDR notation for 17.0.0.1 to 17.255.255.254.
这篇关于IP地址范围APNS服务器?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
