eey0re
May 26, 2017Cirrostratus
46.116.101.183 in BIG-IQ REST requests to BIG-IP
BIG-IQ CM 5.1 managing BIG-IP 11.6.1 makes several requests a minute to the BIG-IP REST API:
POST /mgmt/shared/inflate?em_server_ip=46.116.101.183&em_server_auth_token=[long token] HTTP/1.1
My questions are..
What is
46.116.101.183
? It appears to belong to an ISP in Israel. It has nothing to do with our environment as far as I can tell.
Does everyone else's BIG-IQ CM do this too? You can check by running a capture like this on your BIG-IP for a few minutes, and loading it up in Wireshark:
tcpdump -i lo -s 0 -w /var/tmp/rest.pcap port 8100
And lastly, what is the
/mgmt/shared/inflate
REST endpoint? I can't find it documented.I opened a case about this and was told the following:
Regarding the 'em_server_ip=46.116.101.183' question, this is just a method that BigIQ implements to hash device group names into ipv4 addresses. That IP address does not correspond to any real communication - it's just a numeric hash of a string. Nothing to worry about, per our Engineering.