cancel
Showing results for 
Search instead for 
Did you mean: 

BIG-IQ Certificate

Satoshino
Cirrus
Cirrus

Hi all,

 

I'm trying to understand how communications between BIG-IQ and their managed BIG-IPs.

There is a device certificate on BIG-IQ used for this communication? where i can find and replace it?

 

I know that on BIG-IP is present a device certificate for this purpose

 

Thanks you

 

 

1 ACCEPTED SOLUTION

Erik_Novak
F5 Employee
F5 Employee

BIG-IQ and BIG-IP devices talk to each other using REST via the restjavad and restnoded daemons. Both BIG-IP and BIG-IQ systems have /var/log/restjavad.0.log and restjavad-audit.0.log files.

 

When you connect to the BIG-IQ GUI and click and create objects and start tasks it sends REST calls to the REST framework on the BIG-IQ via the restjavad daemon.

 

Here is an example ... The BIG-IQ checks every 20 secs for availability of its managed devices. You can see the REST calls it sends down to its REST framework and subsequently out on the network if you run:

 

# tcpdump -nni lo -s0 -A tcp port 8100 | grep /mgmt/shared/identified-devices/config/device-info/available

 

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes ....GET /mgmt/shared/identified-devices/config/device-info/available HTTP/1.1

View solution in original post

1 REPLY 1

Erik_Novak
F5 Employee
F5 Employee

BIG-IQ and BIG-IP devices talk to each other using REST via the restjavad and restnoded daemons. Both BIG-IP and BIG-IQ systems have /var/log/restjavad.0.log and restjavad-audit.0.log files.

 

When you connect to the BIG-IQ GUI and click and create objects and start tasks it sends REST calls to the REST framework on the BIG-IQ via the restjavad daemon.

 

Here is an example ... The BIG-IQ checks every 20 secs for availability of its managed devices. You can see the REST calls it sends down to its REST framework and subsequently out on the network if you run:

 

# tcpdump -nni lo -s0 -A tcp port 8100 | grep /mgmt/shared/identified-devices/config/device-info/available

 

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes ....GET /mgmt/shared/identified-devices/config/device-info/available HTTP/1.1