Instructions

CDN from Scratch (3) Best Cloudflare IPs in China

0. Preface

Tips:
The target readers of this article is Chinese.
Due to the blockade and interference from the Great Firewall of China, Cloudflare's service is not stable to access in China, and the best IP needs to be selected through real-time speed testing.
Therefore if you are in most areas outside of China (where GFW is nonexistent), just select the IP of a Cloudflare Enterprise user for the best experience.

The advantages of Cloudflare need not be repeated again, but the access speed of Cloudflare in mainland China is worrying:

Speed comparison

Cloudflare's mainland access speed can be greatly improved through two methods: Preferred IP and Looking for anti-generation IP.

1. Preferred IP

website:

CloudFlare Premium IP
https://stock.hostmonit.com/CloudFlareYes

Open source warehouse:

GitHub CloudFlare high-quality IP automatic switching
https://github.com/ddgth/cf2dns

The original author has detailed tutorials, and here is only a brief description of the deployment process.

1.1. Installation

Execute in the directory where you want to place the program files (for example: ~/cf/):

Bash 
1
2
3
4
 
mkdir ~/cf/
cd ~/cf/
git clone https://github.com/ddgth/cf2dns
mv ./cf2dns/* ./

Install dependencies:

Bash 
1
 
pip3 install -r requirements.txt

If you don't have pip3 you can try:

Bash 
1
 
pip install -r requirements.txt

1.2. Configuration

The program I use has been modified to load from config.json (the modification method is described later). The original program is configured in cf2dns.py. For configuration, please refer to my config.json:

json 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
 
{
   "cf_api_key": "o1zrmHAF",
   "domains": {
     "tsinbei.com": {
       "test": [
         "CM",
         "CU",
         "CT"
       ]
     }
   },
   "affect_num": 2,
   "dns_server": 1,
   "region_hw": "",
   "region_ali": "",
   "ttl": 600,
   "record_type": "A",
   "secret_id": "YOUR_DNSPOD_ID",
   "secret_key": "YOUR_DNSPOD_SECRET"
}

Notice:

  1. cf_api_key Please go to Store to buy it. For the first time, you need to buy Trial Key. After you have the unique key, recharge your points and then buy Key Recharge.
  2. domains can be multiple root domain names under the same account; CM, CU, CT, AB, and DEF represent China Mobile, China Unicom, Telecom, overseas, and default line respectively. .
  3. affect_num is the number of items set at one time. The free version of DNSPod only has 2 items, and the personal professional version has 5 items.
  4. ttl DNSPod free version has a minimum cost of 600, and a personal professional version has a maximum cost of 60.

1.3. Modification

If the domain name is distributed among multiple accounts, you can modify the source code by referring to the following methods:

Change lines 13-46 of cf2dns.py:

Python 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
#Can be obtained from https://shop.hostmonit.com
KEY = "o1zrmHAF"

#CM:China Mobile CU:China Unicom CT:Telecom AB:Overseas DEF:Default
#Modify the dnspod domain name and subdomain name that need to be changed
DOMAINS = {
     "hostxxnit.com": {"@": ["CM","CU","CT"], "shop": ["CM", "CU", "CT"], "stock": ["CM ","CU","CT"]},
     "484848.xyz": {"@": ["CM","CU","CT"], "shop": ["CM","CU","CT"]}
}

#The number of effective resolutions. Free DNSPod supports up to 2 resolutions on the same line.
AFFECT_NUM = 2

#DNS Service Provider If using DNSPod, change it to 1. If using Alibaba Cloud Analysis, change it to 2. If using Huawei Cloud Analysis, change it to 3.
DNS_SERVER=1

#If you use Huawei Cloud Analytics, you need to obtain it from the API Credentials-Project List
REGION_HW = 'cn-east-3'

#If there is an error when using Alibaba Cloud to parse REGION, then modify it. No modification is required by default https://help.aliyun.com/document_detail/198326.html
REGION_ALI = 'cn-hongkong'

#Parsing effective time, the default is 600 seconds. If you are not a DNS paid version user, do not modify it!!!
TTL=600

#v4 is to filter out the IP of IPv4 v6 is to filter out the IP of IPv6
TYPE = 'v4'

#API key
#TencentCloud backend access https://console.cloud.tencent.com/cam/capi
#Alibaba Cloud Backend Obtain https://help.aliyun.com/document_detail/53045.html?spm=a2c4g.11186623.2.11.2c6a2fbdh13O53 Note that you need to add DNS control permissions AliyunDNSFullAccess
#Huawei Cloud Backend Obtain https://support.huaweicloud.com/devg-apisign/api-sign-provide-aksk.html
SECRETID = 'WTTCWxxxxxxxxxxxxxxxxxxxxx84O0V'
SECRETKEY = 'GXkG6D4X1Nxxxxxxxxxxxxxxxxxxxxxxxx4lRg6lT'

change into:

Python 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
default_conf = {
     "cf_api_key": "CF_API_KEY",
     "domains": {"YOUR_DOMAIN":
                 {"YOUR_SUBDOMAIN": ["CM", "CU", "CT"]}
                 },
     "affect_num": 2,
     "dns_server": 1,
     "region_hw": "",
     "region_ali": "",
     "ttl": 600,
     "record_type": "A",
     "secret_id": "YOUR_DNSPOD_ID",
     "secret_key": "YOUR_DNSPOD_SECRET"
}

if len(sys.argv) == 2:
     conf_name = sys.argv[1]
else:
     conf_name = "config.json"

#Add configuration file
if not os.path.exists(conf_name):
     with open(conf_name, "w") as f:
         json.dump(default_conf, f)
         log_error("Configuration file has been initialized, please modify config.json")
         exit()
else:
     with open(conf_name) as f:
         conf = json.load(f)
         log_info("Loading successfully "+conf_name)



# Available from https://shop.hostmonit.com
KEY = conf["cf_api_key"]

# CM: China Mobile CU: China Unicom CT: Telecom AB: Overseas DEF: Default
# Modify the DNSPod domain name and subdomain name that need to be changed
DOMAINS = conf["domains"]

# Number of effective resolutions. Free DNSPod supports up to 2 resolutions on the same line.
AFFECT_NUM = conf["affect_num"]

# DNS service provider If using DNSPod, change it to 1. If using Alibaba Cloud Analysis, change it to 2. If using Huawei Cloud Analysis, change it to 3.
DNS_SERVER = conf["dns_server"]

# If you use Huawei Cloud Analytics, you need to obtain it from the API credentials-project list.
REGION_HW = conf["region_hw"]

# If there is an error when using Alibaba Cloud to parse REGION, modify it. No modification is required by default https://help.aliyun.com/document_detail/198326.html
REGION_ALI = conf["region_ali"]

# The resolution effective time, the default is 600 seconds. If you are not a DNS paid version user, do not modify it!!!
TTL = conf["ttl"]

# A is the IP that filters out IPv4 AAAA is the IP that filters out IPv6
RECORD_TYPE = conf["record_type"]

# API key
# Tencent Cloud backend acquisition https://console.cloud.tencent.com/cam/capi
# Alibaba Cloud background acquisition https://help.aliyun.com/document_detail/53045.html?spm=a2c4g.11186623.2.11.2c6a2fbdh13O53 Note that you need to add DNS control permission AliyunDNSFullAccess
# Huawei Cloud backend acquisition https://support.huaweicloud.com/devg-apisign/api-sign-provide-aksk.html
SECRETID = conf["secret_id"]
SECRETKEY = conf["secret_key"]

This supports loading from the configuration file and specifying the configuration file name, which will be explained in detail later.

1.4. Use

Whether modified or not, you can use:

Bash 
1
2
 
cd ~/cf/
python3 cf2dns.py

To start the program, it is recommended to test the startup in the command line, and then set it as a Cron task after confirming it is correct.

After modification, the same command will be used to load config.json in the same directory. If the configuration file is specified:

Bash 
1
2
 
cd ~/cf/
python3 cf2dns.py my_conf.json

my_conf.json in the same directory will be loaded.

After the test is normal, just put the command content into the Cron task.

In addition, each time consumption is 1 point (0.01 yuan), and the API update frequency is 15 minutes. Therefore, the Cron interval is at least 15 minutes, which costs about 30 yuan per year. After observation, setting the frequency to 1 to 2 hours does not affect the optimization effect.

Preferred results: The average dialing test time of the three networks nationwide is 1.2~1.5s.

2. Find anti-generation IP

Use the website:

Fofa search engine
https://fofa.info

Reference search syntax (you need to combine and modify it according to actual needs):

Comment first then view it after your comment is approved. Join QQ Group to display all hidden texts.

Note: The IP searched may not be valid. It is recommended to use the domain name accessed by your own CNAME on the dial test platform, specify the IP searched by the above method, and see the national dial test results.

In addition, most of the domain names searched by this method , only some ports are proxying Cloudflare ports, for example: 80, 8080, 443, 8443. Therefore, building a website may lead to problems such as only HTTP/HTTPS access, so choose carefully; in addition, as always, we condemn the use of Cloudflare for international networking, which is an abuse that violates the TOS.

Preferred results: (Hong Kong) The average time for dialing the three networks nationwide is 0.4~0.5s. If it is from mainland China, it can be faster.

CDN from Scratch (3) Best Cloudflare IPs in China

https://blog.tsinbei.com/en/archives/763/

Author
Hsukqi Lee
Posted on

2023-11-19

Edited on

2023-11-19

Licensed under

CC BY-NC-ND 4.0

Send QQ Messages on Go-CQHTTP with QSign API Server
ICP Registrations for Mobile Applications in China

Comments

Name
Mail
Site
None yet
×
Pages
Columns This page collects some high-qua... Copyright Issues 1. Statement1. When publishing o... Subscribe Articles on this site are synchr... User Agreement Tsinbei Blog User AgreementWe he... Privacy Policy Tsinbei Blog Privacy Policy1. Ex...
Tags
Programing 31 posts Cpp 20 posts OpenJudge 20 posts NOI 20 posts NOIP 20 posts