How did u select / configure only google traffic to go to wireguard tunnel ?
I'm starting to have issues again
uh oh.... the 429 errors back?
have you tried adding new ips in hosts?
Maybe not, it's 403s which after a Google means I've hit some upload API limit. I'll tell you tomorrow.
1 Like
Its easy, if you are using wireguard you can define which IP-Networks should be routed through wireguard, on my client I added the following networks as AllowedIPs:
xx.xx.xx.xx/24, 142.250.0.0/15, 172.217.0.0/16, xxxx:xxxx:xxxx::/64, 2a00:1450:4000::/37
The first IPv4 is the internal wireguard net, the other two are from google, the first IPv6 is also my internal wireguard net and the second IPv6 is the google net.
@PogMoThoin22 thats the reason why I switched to my wireguard solution.
@David_M yes, the 429ers are back, and they will come back more often. Adding the IPs to the hosts file is not really solving the problem at all.
yea the 403's don't worry me : )
it's 429's : ) : (
weird... so far i haven't had any issues for like 7 or 8 days... maxing out upload till my 403s hit...
i'm back to using the hetzner dns servers... what dns servers are you using now?
Well, in the end it doesn´t matter which DNS Servers you use. They are just needed to resolve the hostname www.googleapis.com. It matters from which IP (and which net) you are connecting to the Google API. If the whole IP-network in which your IP is is on the Blacklist you´ll get 429's.
And the reason for Google blacklisting Hetzners IP-Ranges is simple: Not only the users which are abusing GSuite/GDrive for Malware/Spam etc. are the reason for this, also the users which are always hitting there API/Upload Limits. If a lot of users are doing this from a specific IP-Range it is normal that Google is blacklisting this.
It was at least the 5th or 6th time this happens to me and my servers in the last 12 Months .... and now I did something so that I won´t run into this anymore. It just costs a few Euros/Dollars (Dedicated Server, vServer und Webserver â webtropia.com) per month for a decent VPS and some work to setup an own wireguard server.
i currently have the same problem. the download and browsing goes without problems, but the upload goes only very shortly.
i have tested all public dns servers. i even set up one myself but without success. of course i also installed a proxy on a rather unknown vps provider squid http server but that didn't work either. I also edited the hosts file with the resolved google ip addresses but again no solution in sight since I use my gdrive alone and I do not have much api queries I just do not understand it. the problem also exists only for a few days before there were never problems.
if anyone has any advice i would be very grateful.
"reason": "RATE_LIMIT_EXCEEDED"
as a note i use the current rclone version and have ipv6 disabled so i only use ipv4
You just had to look into the post before yours.
- Rent a good, cheap VPS with at least 1Gbps Bandwidth and enough included Traffic
- Setup a wireguard network using this: How to install WireGuard VPN on Ubuntu Server - MMOAPI.COM
- Once you´ve got your wireguard network running add the following networks to your clients wireguard configuration AllowedIPs:
IPv4: 142.250.0.0/15, 172.217.0.0/16
IPv6: 2a00:1450:4000::/37
Done.
Now you can route all your traffic for Google through your VPS using wireguard.
403 or 429 error?
403 just means you've hit the 750gb daily limit..
i'm confused by why my server is working fine after adding the ips to the host file... havent had a problem in like 10 days... : (
Man ... really... it´s 429 ... not 403:
"Flush error: googleapi: got HTTP response code 429"
I added all these IPs to my hosts File months ago, changed the DNS ... it was working sometimes and sometimes not. But since about 10 Days nothing is working anymore. That´s why I just rerouted the Google Traffic now...
sorry.. that wasn't meant for you (smoon)... was asking PatriotM if it was 403's, as he said he was getting "rate limit exceeded"
that's the 403 error isn't it?
i can't actually remember what error 429's give... : ) : (
Ah sorry, misunderstood it then.
Rate Limit Exceeded is 403.
thats what i thought : )
what is the 429 error? i forget at this point...
i'm FSN1-DC12... and have been running smooth as silk for like 10 or 11 days... after the hosts edit/ips added... maxing out upload every day... speeds normal (i cap my upload at 35mb's fyi)
i just wonder why upload from my server is still working? only variable i can think of... is i switched back to hetzner's dns servers.... ?
i dread having to do the wireguard thing... but figure its just a matter of time.. : (
I've been getting 429s on and off the past week or so. I get them on uploads but I've also had them on trying to play content stored on Google drive through Plex. I get a 429 response in that case too, the message is
"We're sorry... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now".
It seems like there's some kind of intermittent blocking of hetzner IPs which sucks. I am trying to decide now whether to move back to my previous provider (OneProvider) but the hetzner auction server I've got now is much better for the money.
If it gets to the point of having to rent another VPS to route Google traffic though that feels a bit of a pain in the butt generally! Hoping for miracles..!!
I setup a VPS with Wireguard yesterday. It's working well. I'm seeing 350mbit-400mbit across the tunnel which is perfect for me
1 Like
Any guide to how you achieved this?
Well, that depends in which IP-Range your Server is. I did some research and got answers from several other users at Hetzner in different DCs in FSN, NBG and even HEL experiencing the 429's.
There is just a simple reason why Google is blacklisting these IP-Ranges: A lot of users are daily reaching there API/Upload Limits (at least 8 out of 10!) and running into the 403's. If more and more users are showing such behaviour Google will blacklist more and more IP-Ranges.
To avoid such Problems there are normally some simple rules every user should follow:
- Do NOT run into your limits every day!
- Do NOT share your things on your personal or Teamdrives!
- Do NOT hammer the API with tons of requests around the clock!
3 simple rules .... and if everyone would obeying them ... we wouldn´t have the problem now.
Just fyi: I tried to switch the routing of my google traffic back to the hetzner network ... and gues what: Still getting the 429's today.
Yes, there is:
You just had to look into the post before yours.
- Rent a good, cheap VPS with at least 1Gbps Bandwidth and enough included Traffic
- Setup a wireguard network using this: How to install WireGuard VPN on Ubuntu Server - MMOAPI.COM
- Once you´ve got your wireguard network running add the following networks to your clients wireguard configuration AllowedIPs:
IPv4: 142.250.0.0/15, 172.217.0.0/16
IPv6: 2a00:1450:4000::/37
Done.
Now you can route all your traffic for Google through your VPS using wireguard.
1 Like
If setting Wireguard be careful of the AllowedIPs = 0.0.0.0/0 this forwards all your traffic over the VPN tunnel!