F5BigCneAddresslist¶

Overview¶

The F5BigCneAddresslist Custom Resource (CR) is useful for creating larger, more complex lists of IP addresses. This can be used in the Denial of Service (DoS/DDoS) event detection and mitigation CR, F5BigDdosGlobal CR.

Parameters¶

The CR spec parameters used to configure the Service Proxy TMM static routing table are:

Parameter	Description
`addresses`	The IPv4 or IPv6 addresses included in the address list: host 2002::10:10:10:1, subnet 2002::10:10:0:0/96, or range 2002::10:10:10:1-2002::10:10:10:20.
`addressLists`	This is a string which refers to another addresslist that consists of either IP addresses or child addresslists.

Sample CR¶

apiVersion: "k8s.f5net.com/v1"
kind: F5BigCneAddresslist
metadata:
   name: "outbound-nat"
   namespace: "my-gateway"
spec:
   addresses:
     - "192.168.1.0-192.168.1.10"
     - "10.10.10.0/24"
     - "192.168.2.1"
   addressLists:
     -      “addressList1”
     -      “addressList2”
 
apiVersion: "k8s.f5net.com/v1"
kind: F5BigCneAddresslist
metadata:
   name: "addressList1"
   namespace: "my-gateway"
spec:
   addresses:
     - "3002::33:22-3002::33:52"
     - "3004::/64"
   addressLists:
     -      “addressList3”
     -      “addressList4”

Create and apply F5BigCneAddresslist CR¶

Copy the sample CR into a YAML <bnk-address-list.yaml> file.
Apply the F5BigCneAddresslist CR:

kubectl apply -f bnk-address-list.yaml

The log message indicates that the F5BigCneAddresslist CR was added/updated:

I0607 12:00:00.12345 1 event.go:282] Event(v1.ObjectReference{Kind:"F5AddressList",
F5AddressListProfile cnf-gateway/outbound-nat was added/updated

Previous Next