Skip to content

Dynamic IP Rotation #1670

New issue
New issue
Open
Feature
Open
Dynamic IP Rotation#1670
Feature
Labels
circumvention effectiveness
@emohandesi

Description

@emohandesi
emohandesi
opened on Jul 9, 2025

Is there an existing issue that is already proposing this?

  • I have searched the existing issues

Application

Outline Manager

What are you trying to do? What is your use case?

The IP of the VPN server is frequently detected by the censorship authorities in repressive states. One way to get around this issue is to assign a new IP to the server.

Is your feature request related to a problem? Please describe it.

Jigsaw-Code/outline-apps#1862 is a related issue.

Describe the solution you'd like.

Summary

Write a script that does the following:

  1. Run the following every period hours:
    i. Generate a new IP within the cloud provider of choice and assign it to the VPN server
    At this point, both the old IP and the new IP belong to the VPN server, and both should connect the users to the VPN server.
    iii. Point our domain to the new IP.
    iv. Remove the old IP.

Cloud Provider

This script has been written for MS Azure using both Python and PowerShell. However, that same script cannot be used if the cloud provider is something else, such as AWS, DigitalOcean, Linode, Vultr, etc.
MS Azure charges ~$80 for each TB of data, while the rate for 1 TB of data is around $5 in many other VPS providers such as DigitalOcean and Vultr. Therefore, if we want this feature to be useful for regular users, we need it to work on common VPS providers.
Research is needed to see which one of such VPS providers is a good choice to write this script for. Vultr is a good one because its IPs are less blocked compared to DigitalOcean, Linode, and AWS, in my experience.

Activating the feature

This feature can be added to the install_server.sh script as new input arguments. The following shows sample input arguments:

  --hostname             The domain name to be used to access the management API and access keys (this is already implemented)
  --ip-rotation-period   The period to point the domain name
  --dynamic-ip-rotation  Enables dynamic IP rotation that assigns a new IP to the server and points the hostname to the new IP
  --cloudflare-zone-id   The zone ID used when doing IP rotation in Cloudflare
  --cloudflare-record-id The record ID used when doing IP rotation in Cloudflare
  --cloudflare-api-token The API Token used when doing IP rotation in Cloudflare
  --cloud-provider       The name of the VPS provider that new IPs should be generated in for the IP rotation
... A bunch of other input arguments are needed for the API of the VPS provider to connect and generate new IPs.

Additional Work

  • Change the Outline Manager app so that IP rotation can be added to it even after the server is created.
  • Add other VPS providers to extend this feature as much as possible.

Describe alternatives you've considered

#1671 is an alternative, but not a replacement, and these two features are sort of complements.

Metadata

Metadata

Assignees

No one assigned

    Labels

    circumvention effectiveness

    Type

    Feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions