PIA VPN Service Server IP's
 Page :   [ 1 ]    [ 2 ]  

This was done as part of another project I was working on for proxying.  Writing about it separately was just for convenience and to keep the other article a bit shorter.

PIA has a network list here that shows all the domain names that can be used to connect to their network in different regions.

I was interested in only the ones in USA as shown here:

They use a round robin DNS that rotates the actual IP's used for these domains.  I needed to get a list of those IP's for the project I was doing.

us-california.privateinternetaccess.com
us-chicago.privateinternetaccess.com
us-east.privateinternetaccess.com
us-florida.privateinternetaccess.com
us-midwest.privateinternetaccess.com
us-newyorkcity.privateinternetaccess.com
us-seattle.privateinternetaccess.com
us-siliconvalley.privateinternetaccess.com
us-texas.privateinternetaccess.com
us-west.privateinternetaccess.com

Use "dig" to find the authorative nameserver for these guys:  

dig ns privateinternetaccess.com

 Shows us this:

privateinternetaccess.com. 76975 IN	NS	ns4.p28.dynect.net.
privateinternetaccess.com. 76975 IN	NS	ns1.p28.dynect.net.
privateinternetaccess.com. 76975 IN	NS	ns3.p28.dynect.net.
privateinternetaccess.com. 76975 IN	NS	ns2.p28.dynect.net.

 Now lets look at some IP's for a domain using an authorative nameserver with this:

dig +nocmd +noall +answer us-chicago.privateinternetaccess.com @ns1.p28.dynect.net

 Yields this: 

us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.103
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.102
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.105
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.95
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.82
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.87
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.88
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.96
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.97
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.85
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.83
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.81
us-chicago.privateinternetaccess.com. 300 IN A	104.200.153.74

Querying the name server at your local ISP or using a public name server (i.e. 8.8.8.8) would take a long time because as you can see avove therere is a 300 second TTL.  Waiting for the name server to refresh the IP's every 300 seconds then querying it enough times to eventually get all the different IP's is just not practical.  Much better to just query the authorative name server using "dig" (as above).

To do this I made a crude but effective procedural PHP script.

First heres the simple database schema to store the data we retrieve:

create table domain(
    domainId    int unsigned not null primary key auto_increment,
    domainName  varchar(128) unique,
    ipCount     int unsigned);


create table ip (
    ipId      int unsigned not null primary key auto_increment,
    domainId  int unsigned,
    ipAddress varchar(32) );

create unique index ix_domain_ip on ip (domainId, ipAddress);

create index ix_domain_domainid on domain(domainId);

Check out the PHP Script on the next page.

 (Page 1 of 2)