JSON-formatted IP Address list of the F5 ADN
F5 needs to establish a public API endpoint capable of returning JSON-formatted responses for the IP ranges, rather than the current provision of a text file containing the F5 ADN IP list. This allows customers to programmatically retrieve the IP addresses if F5 ever modifies their IP address ranges.
Other vendors offer similar API endpoints here's a reference to such API endpoints:
Cloudflare: https://api.cloudflare.com/client/v4/ips
Fastly: https://api.fastly.com/public-ip-list
CloudFront: https://d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips
GCP: https://cloud.google.com/cdn/docs/set-up-external-backend-internet-neg#allow-ip
Imperva: https://docs.imperva.com/bundle/z-kb-articles-km/page/c85245b7.html
-
Kayvan Farzaneh
- Feb 22 2024
Related ideas
I think it's very important to have this on a stable URL and the result to be in a format that can easily be imported on firewalls.
Surprised it's not implemented already as it seems to be a very easy to implement feature.
Formated at least (CSV for example), whatever the format in order to configure in egress FW (Palo Alto for example) a feed list to populate the ip address group object
Also the IP ranges needs to be COMPLETE & should really be driven by the platform.
I've seen traffic sourced from XC (for example traffic from the CDN; 159.60.191.1, 159.60.191.3, 159.60.191.5) that isn't documented in the existing list:
https://docs.cloud.f5.com/docs/reference/network-cloud-ref
https://docs.cloud.f5.com/docs/2c4fcdcc73cea36c71c4df821997399d/ips-domains.txt
These have 159.60.190.0/24 but nothing that overlaps with 159.60.191.0