Noticed something strange this morning. My IP that shows up in the bottom right corner of the posts intermittently changes from my true, routable public IP (207.255.X.X) to a private, non-routable IP (10.20.30.X) like some part of the GeekHack setup is not passing along my true client ip.



I'm making some assumptions about the GH infrastructure here so it's possible I'm totally off the mark but I wonder if this is related to the throttling issues people have been having. If everyone appears to the GH servers as coming from a small pool of internal NAT/SNAT addresses I could see where the web server(s) could have issues thinking one of those internal addresses is posting to much due to the IP's getting reused. Essentially when another user makes a post less than 10 seconds before I make mine, the server sees the internal NAT IP as having been the poster for both and therefore activating the throttling mechanism. I would assume there's a pool of IP's being used so not every user would have issues every time there was a post less than 10 seconds before, but if the pool is small enough I could see this happening intermittently.



Edit - this post has my true client ip, but pretty much every other post I've made so far this morning has had the same internal 10. address from above.



Edit2 - Another thought just occurred to me. When I was having all the issues with not being able to get photos to completely load that had been uploaded to GH, I noticed chrome would always have the status message "Waiting for available socket" when it was trying to load those photos. Assuming I'm a little wrong above and GH is configured to use one internal NAT IP, I wonder if that photo loading issue was something like ephemeral port exhaustion on that lone NAT IP. Looking through my posts I only ever see one internal IP show up (other than my true public IP) which would lead me to believe there is not a pool of SNAT/NAT addresses in use, unless the the session/user IP mapping is extremely long lived.



Edit3 - Another thought. This issue could also affect the ability to IP ban someone. Two possible scenarios could happen:

- Someone who has been IP banned in the past can now get back in since the forum software only sees the internal NAT IP

- A mod/admin tries to IP ban someone and accidentally bans the internal NAT IP and ends up blocking tons of legitimate traffic



Assuming the forum software handles the banning and not a firewall device ...



Edit4 - Looks like this just started yesterday morning (Sep-6). The earliest post of mine that I can find with the internal IP is from 8:51AM EST on Sep-6.