Forum Discussion

uni's avatar
uni
Icon for Altostratus rankAltostratus
Jun 11, 2010

Update CRL with cron via route domain

Under 9.x I ran a cron job on the LTM which retrieved a crl.

 

Now we are using 10.1 and have implemented route domains. The crl is only available through route domain %2. Is there a way I can route to this from cron (i.e. the linux shell)?

 

 

config
design
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Jun 11, 2010
    Hi Stephen,

    If you must use a route domain and the utility you're testing with (curl) supports IPv6 addresses, you can use a script to convert the destination address to IPv6 as described in SOL10467.

    
SOL10467: Userland applications on a BIG-IP system cannot connect to hosts in non-default route domains   
https://support.f5.com/kb/en-us/solutions/public/10000/400/sol10467.html 
 
BIG-IP versions 10.1.0 and later
2620:0000:0C10:F501:0000:< Route Domain ID >:< IPv4 IP upper 2 bytes >:< IPv4 IP lower 2 bytes >
In the example IPv6 address, 
the < Route Domain ID > entry is the hexadecimal equivalent to the Route Domain ID, 
and the < IPv4 IP upper 2 bytes > and < IPv4 IP lower 2 bytes > 
entries are the hexadecimal equivalent to the IPv4 IP address.

    Here is an adaption of a script F5 Support provided to do this conversion:

    
!/bin/bash
 v10.1.0+
F5_RD_HEADER="2620:0:c10:f501:0:"
 pre-v10.1.0
F5_RD_HEADER="2610:0:c10:f501:0:"
HOST_ADDRESS=${1/\%*}
ROUTE_DOMAIN=${1/*\%}
if [ ! -z $ROUTE_DOMAIN ]; then
    host_parts=($(echo $HOST_ADDRESS | grep -Po "\d+"))
    printf "%s%x:%x:%x" $F5_RD_HEADER $ROUTE_DOMAIN $(((${host_parts[0]} << üòé + ${host_parts[1]})) $(((${host_parts[2]} << üòé + ${host_parts[3]}))
    exit 0
fi

    If you save that as rdip.sh in a script in your path, you can then use it like this (untested):

    curl -kg6 https://[`rdip.sh 1.1.1.1%20`]/file.html

    Aaron