Forum Discussion
AltocumulusRestful API call takes too long
Hi everyone:
I encountered the problem of the API call taking too long when using the RESTful API. The entire call process took more than forty seconds. As shown in the figure below:
All the APIs have this problem. API call runs successfully but the TTFB part exceeds 40s.
However, after I tried adding the default route, the problem disappeared.
I tried testing in another environment and found that regardless of whether the default route was configured, the API calls worked fine.
But I don't know what configurations in the original environment might have caused this problem. Does F5 have any configurations that cause internet access when calling a RESTful API?
Is there anyone who can help me explain this problem?
Best regards
ecolauce
2 Replies
- Nikoolayy1
MVP
You may see https://my.f5.com/manage/s/article/K13284 as maybe the lookup if there is a management or tmm routes causes this and if you have more specific route (for the pc subnet where you are doing the auromation) you will not hit this issue as well.
------
F5 recommends that you add static routes for management traffic whose destination does not match the directly-connected management network. This configuration is useful, for example if you need to send syslog, SNMP or LDAP traffic to a destination on a non directly-connected network,, or have other network services that are hosted on networks that are not accessible through the TMM self IP interfaces.
--------
ecolauceThank you for your reply!
I read your reply and checked the relevant configurations, such as DNS, AAA, syslog, SNMP, NTP, and other settings that might be related to routing.
I noticed that only the DNS was configured with 8.8.8.8, the others were not configured. So I tried removing the DNS configuration. I retried the API call, and the result took a normal amount of time. (At this time, the device is not configured with a default route.) So I concluded that the API call might use DNS, because accessing 8.8.8.8 requires needs to use the default route. Therefore, I set the default route or simply did not configure a DNS server, and the API call worked normally.
As shown in the figure above, when I capture packets while calling the API, I found that F5 requests the domain api.bcti.brightcloud.com.. This domain seems to be a cloud service for performing threat intelligence queries on IPs/URLs, when I call the API, F5 will request this service to determine whether the caller poses a threat.
So I want to know, regarding RESTful API calls, when such behavior would occur. As far as I remember, there are no security features enabled on the device, nor have any security modules been provisioned.
