Starlink says on their FAQ page[1] for the roaming model that if you roam too far, your connection will be briefly interrupted while they assign you a new IP address.

I think that's because they want every user to have a reasonable experience with all the websites out there that do geoIP lookups. It also gives them flexibility in the future to not act as a worldwide internet backbone for their own users traffic by advertising each set of local IP's only at local POP's.

[1]: https://starlink-enterprise-guide.readme.io/docs/dhcp-config....

> It also gives them flexibility in the future to not act as a worldwide internet backbone for their own users traffic by advertising each set of local IP's only at local POP's.

They'd need multiple ASNs for each of these network islands then, though – is their network actually set up like that?

> if you roam too far, your connection will be briefly interrupted while they assign you a new IP address.

That's an interesting detail: It seems like they might not actually have cross base station roaming/connectivity, unlike e.g. mobile ISPs in large countries (where you can keep the same IP and maintain open connections even as you're driving across the country).

I wonder if Starlink will eventually build out a terrestrial backbone to complement their satellite network for these two scenarios (i.e. very mobile base stations, such as those on airplanes, and terminating their own traffic globally as opposed to locally).

> They'd need multiple ASNs for each of these network islands then, though

No they wouldn’t. They could connect to local transit/IXs in each region and just advertise the regional networks.

If I have AS22, advertising 2.2.2.0/24 out of NY, then I can reach 1.1.1.1, great

I then have 2.2.3.0/24 advertised out of Frankfurt with the same AS. Again I have transit. I can reach 1.1.1.1.

How does a packet from 2.2.2.1 reach 2.2.3.1 -— 2.2.3.0 won’t be advertised by the transit to me in NY as it thinks I’ve already got the route, after all it originated from my AS.

On BGP protocol level, the loop check is on the receiving side - received paths are scanned for local ASN.

The transit may not send you your routes with your ASN due to how its policies are configured, but that is configurable, not protocol-level issue.

And most BGP implementations have knobs to disable the loop check, so on your side you could just disable it.

Presumably since these IPs are in the same AS the operator can implement custom routing logic, since they control the routing on both sides.

They could have something to connect their sites, or even tunnel between them over their transit. But if they only have customers on their network, likely behind nat, they don't need to reach each other.

Peer to peer? Self hosted stuff? (not sure how these work with starlink specifically, but - they should work, even if for whatever reason they don't)

As far as I know, inbound TCP/UDP connections are not supported on Starlink natively. You can of course use a VPN or various types of reverse port forwarding.

That said, you can often still communicate between two NATs using various traversal techniques, although that's generally less likely for carrier-grade NATs, so NAT traversal solutions usually need relays as a fallback anyway.

Afaik you don't get your own public IPv4 address on Starlink.

Oh, I thought it wasn't possible to announce multiple isolated networks on the same ASN without interconnecting them, since ASNs are the routing granularity of BGP?

AS is basic granularity in BGP in the sense that one ASN should not be multiple times in AS PATH, and it is generally assumed that ASs are internally connected (although for non-transit networks, this could be workarounded in several ways)

But basic routing entity in BGP is still prefix/route, and different routes of one AS can be announced in different ways.

One counterexample to this would be Amazon, who have IPs globally under one ASN. While they do have a global backhaul, it seems unlikely they accept traffic for any IP anywhere and route it all on the backhaul.

> accept traffic for any IP anywhere and route it all on the backhaul.

This is actually what they do when you enable Global Accelerator which is a paid feature. In GCP they have similar concept called “Premium Tier”

True! In my post I meant for all traffic.

For something remote it just looks like two different prefixes with a different path to reach them. It's even a commonly used technique for multi homing so you can control which peer ingress traffic comes in on for a specific prefix.

> I wonder if Starlink will eventually build out a terrestrial backbone to complement their satellite network for these two scenarios (i.e. very mobile base stations, such as those on airplanes, and terminating their own traffic globally as opposed to locally).

I think their stated plan is to use laser-links to satellites in higher orbits to do that. Don't know if they'll be bandwidth limited, but there's better latency doing it this way. (light goes faster in the vacuum of space, vs going down an optical fibre)

I don't think you need multiple ASNs for this. The "server" end handles this; if your packet bound for 8.8.8.8 leaves Starlink's network in Tulsa, then you get 8.8.8.8's server in Tulsa (because that is the route that Google advertised to Starlink at that PoP), then the 8.8.8.8 server in Tulsa talks to your own DNS server in Houston, and you only serve the IPs for your Houston datacenter in that reply as a matter of policy. (You might not run the DNS server, of course, but that's what, say, Cloudflare would do for you.) Then an Internet-wide route controls further traffic; if Starlink decides to make that customer's traffic egress in New York, then that packet is stuck going cross-country. It doesn't have to be that way; you could host your personal website on anycast if you wanted to, but it's a lot of work. You don't need an ASN per datacenter, though, you just need to control your route advertisements on a per-datacenter basis.

GeoIP is a further complication not really related to the Internet. The DNS server in Houston can serve replies for packets coming from anywhere in the country; instead of looking at what network interface they arrived on, it looks in a database, decides 1.2.3.4 is in Oklahoma, and provides IP addresses for the Houston datacenter because of that. For Starlink to provide the best path in that case, it needs to understand what that database looks like; it's likely they populate it themselves in a protocol outside from any Internet machinery. (The most naive databases just look at the ASN of the source address, look at where the address of the ISP is, and decides that's the location of the IP address. But that is too naive to work, so nobody does that exactly.)

I would imagine that most of the CDNs / edge compute providers use some combination of these two data points to route traffic. I have never set anything like this up, so I'm not sure what the state of the art is. But, there are many tools that you can use, and none of them require having an extra ASN.

When I worked at an ISP we did some somewhat-sketchy management around this. The databases often have a flag for "is this address a cloud provider or a residential ISP subscriber?" We would see which of our IP ranges were considered residential (we had 0 residential customers), and then use them for IP transit subscribers that wanted to sell services like scraping Amazon or whatever. Amazon would check their database, say "oh this is just a virus-infected cable modem", and allow the traffic. If the reputation changed, we could just give the address to a transit customer that didn't want to do that kind of stuff. Just going to say, I played no part in this business decision; it existed when I arrived and existed when I left. Gotta pay back the investors somehow, I guess!

(At my next job I was on the other side of this; trying to combat free trial abuse. The databases were largely useless; what happens is that people at high-reputation ISPs get their servers hacked and the attacks end up launched from there. The big cloud providers were like 100% abuse traffic, probably because of free trials of CI systems and things like that. Ultimately, most traffic going through a US-based transit provider got "please contact sales to do a free trial". Actual residential ISPs like Comcast were totally fine; thanks Windows Update! Since it was the pandemic, everyone was working from home, and thus the business ISPs being gated behind "talk to sales" were not a big problem. Oh and BTW, I am certain that most of the abuse was from HN readers; it started the day after we mentioned our product here. That cat and mouse game was some of the most fun I've had at work!)

Starlink has one ASN.

So, bit of digging, StarLink's ASN is 14593 [1]. They show as having 302 V4 blocks and 59 V6 blocks of space [2]. Some of that space (well, most) looks to be GeoLocated in the US, but some show as other countries. Same with the V6 blocks [3]. My guess is that each V4 block is assigned to a given country or Geo Location, and same with a larger V6. Given they use CGNAT, they wont need as much V4 blocks to split out. If you bring your device with you, it will show a new IP Address... Also, as of note, I have seen, at some stage, that it either shows Google's IP range, or that Google was announcing their blocks in Ireland at one stage... I dont have it myself, but did some digging when a someone i know got it...

[1]: https://bgp.he.net/AS14593 [2]: https://bgp.he.net/AS14593#_prefixes [3]: https://bgp.he.net/AS14593#_prefixes6

Geolocation is a fiction, it’s just lists that claim addresses are in some country. Nobody is under any obligation to make sure those claims are true.

Also true, but as someone who ran my own asn and space for 5 years, it can be a pain when it doesn’t work. Spent a good chunk of time making sure my space showed as Ireland, not us or Germany. Netflix, Disney+ and others all didn’t like me to start… but there are ways of fixing it.

how can you run ur own asn ??

It's not that hard. Look up what your local internet registry requires (ARIN, RIPE, APNIC, AfriNIC, LACNIC) to allocate an ASN and allocate a /24 or at least approve a transfer of a /24. Typically you should have a location with two internet providers that will propagate your prefixes via BGP to their peers and transit. Find companies willing to accept your money so you can meet the requirements, also find someone with a /24 to transfer to you assuming your registry doesn't have any.

Tada. You've got an ASN and are running it.

Yep, this - the process isn't hard but it is tedious. W/ ARIN you also have some waiting to do - and must register as a business and pay that registration fee.

I ran as204994.net. There are some details about how i did it still there. I leased the v4 and v6 space due to cost.

Many of Musks companies have access to internal google API's that aren't available to the public.

For example, the in-tesla car map uses various google data sources in ways the regular API doesn't support.

Sure just like any (big) company paying for a contract.

Usually not with Google... If you went to Google and said "I will pay you $1M to make a custom version of Google maps for my company with a pink background but no other changes", they wouldn't do it.

Most teams keep the sales guys a long way from engineering, and one customers request rarely makes it in.

$1m is what - one person-year, two? Sure that's not enough. However it doesn't mean the api is custom. Just not the same as the public one. For your specific example, Tesla renders thier own map tiles.

Could be Waze APIs?

out of curiosity, any other examples?

The Google IPs might be because SpaceX and Google have agreements where Starlink downlinks can use the network connectivity at Google data centers (and vice versa)?

Google paid for Starlink. It's their loon replacement

Are you able to substantiate that claim somehow? I know SpaceX has a commercial arrangement to pay Google for services used to deliver Starlink, I'm not aware of anything close to "Google shut down Loon; Starlink is the replacement; Google is subsidizing/funding Starlink".

I'm not the OP but I also heard rumors that Starlink bought Loon IP specifically the LTE stack. Given that we know Starlink was using the Google network in the early days and Loon was officially shut down months after Starlink beta started, it's not hard to imagine that there's some partnership.

Google invested 900 million into starlink & shut down loon around the same time. There's tech from Google in starlink. Starlink uses Google cloud. In fact starlink used to show up as Google Fi. They now have their own network.

Maybe they meant that google invested to the tune of $1B back in 2016 making it one of the largest spacex investors.

google caching appliances. https://support.google.com/interconnect/answer/9058809?hl=en

I work for IPinfo.io. For geolocating satellite IP addresses, we use a combination of geofeed, rDNS hints etc. Starlink's geofeed data is easily accessible [0] which lists out geolocation information of their IP ranges. We use rDNS hints as well where you can find some geolocation hints from rDNS records.

[0] https://geoip.starlinkisp.net/feed.csv

Using starlink at mcmurdo station in Antarctica. The IP shows as Sydney, Australia.

I would love to learn more about your day to day in Antarctica! Did Starlink really change everything for connectivity there? Do most people stay inside?

Starlink was certainly a game changer for life around here. McMurdo is essentially a small town so many different jobs and routines to make everything go. Some stay inside all the time, some have to work outside a lot.

https://brr.fyi/ is a really good blog from a person nearing the end of a year long deployment who writes much more eloquently than I ever could if you want to read more.

Antarctica: A Year on Ice is an enjoyable film documentary from ~10 years ago.

A Big Dead Place by Nicholas Johnson is also worth a read from the early 2000s.

Probably the coolest answer in this thread! Did Antarctica have any other option for internet, next to the previous gen satellites?

Here at McMurdo we've had 24/7 satellite internet for at least as long as I've been coming down (~10 years). Think roughly a ~30mbps connection shared with ~1000 people with business and science bandwidth prioritized over personal browsing. So starlink has been a game changer for sure.

At South Pole, I believe they don't yet have access to starlink. They also don't have 24 hour coverage for the few internet satellites they do get.

I don't work in IT so don't have direct access to more specific information, and obviously I can't speak for the many other stations scattered throughout the continent.

Woah! So there was just a single "downlink" for the entire station? Are there multiple starlink antennas now? I guess the upside is that you don't have issues with overloaded satellites in your area :')

What kind of bandwidth do you get now with Starlink?

While analysing my web traffic I’ve seen 5 sessions from an IP registered to Starlink in Antarctica specifically

Starlink's RFC 8805 geolocation list is publicly available:

https://geoip.starlinkisp.net/feed.csv

Folks interested in geofencing content and such pull from there.

I had an experience using Starlink at a hotel in the Wadi Rum desert in Jordan. Funnily enough, I only became aware of this after some websites began redirecting me to their German versions - turns out our traffic was being routed through a host with an IP from one of their STRLNK-POP-FRNTDEU1 pools. The list @mkimball linked to doesn't include Jordan, likely because the service hasn't been officially launched in the country. This also means that, for now, you can enjoy a truly anonymous VPN-less browsing experience out of there :)

How would it be anonymous? Spacex ties your account to your traffic and most likely logs quite a bit. Or do you just mean geo-located to the wrong country?

Hidden from your own country in that sense.

Personal experience, it assigns based on where you are connecting from, and it seems they use the lat/long to be precise, as I used it very near the French/Spanish border, and it switched immediately when we crossed. It’s all behind CGNAT anyway, so I use a VPS as a VPN landing point so I can do port forwarding.

There’s also a substantial difference in performance depending on where you are, I assume depending on how saturated the local ground station is - in Portugal, I get near 200Mbps, in Spain, 140, in France, 90.

If this is to be trusted, likely the country the base station you're communicating with is in.

https://www.reddit.com/r/Starlink/comments/jm8iz9/turns_out_...

Each block of IPs probably correspond to a ground station. Your data is probably mostly routed to the closest ground station.

POP. Each POP might have one or multiple blocks

It depends from many things. Most important, satellites before V2 cannot transfer data to other satellite, only between SL hub and subscriber, so they basically share AS of this hub, and if you move too far with your SL terminal, you once sure will switched to other hub and other AS.

For V2 satellites added sat-sat link, but I have not hear, how large share V2 now, so I think, most links now run in compatible mode.

Other thing, for very long time, AS are classless, mean, they could be registered to any Earth GPS coordinate, but could routed via any peer.

For example, few years ago happen issue, Rostelecom announced ASNs of 90% of EU providers and for few hours, 90% of EU traffic directed via Russian links.

Etc, etc..

> but the roaming telcom provider will "tunnel" your connection to your local telcom

+1, I came here out of curiosity to see what others have to say, but ended up learning something new about how roaming works.

I can say that in my experience in western Canada it does show up as Canadian, but never in a city in my province. Generally either Winnipeg or Toronto where I assume they've got ground stations.

The IP address location doesn't have to match the real egress. And it's POP, not ground station

For much of our time in Canada this summer we had a US IP address on Starlink (Seattle PoP).

I imagine if starlink uses local IP address range, it would be bound by local ISP rules. All sorts of censorship and filtering.

And avoiding local ISPs may be major reason to use Starlink!

Countries generally aren't going to allow Starlink to bypass their laws.