Best practices
Learn about best practices to improve security and performance when using the Switch VTN webhooks.
Subscribe to minimum number of events
You should only subscribe to the webhook events that you need. This will reduce the amount of work your VEN needs to do. For more information about subscribing to events, see the Switch VTN API reference.
Use HTTPS and SSL verification
You should ensure that your VEN uses an HTTPS connection. By default, Switch will verify SSL certificates when delivering webhooks. Switch recommends that you leave SSL verification enabled.
Private IP address for callback URL host
The callback URL host defined in your subscription should not resolve to an IP address from a private range of IP addresses.
The following IP address ranges are not allowed:
10.0.0.0/8
10.0.0.0 - 10.255.255.255
172.16.0.0/12
172.16.0.0 - 172.31.255.255
192.168.0.0/16
192.168.0.0 - 192.168.255.255
Request timeout
The Switch VTN API is configured with a timeout when making requests to the VEN client as a webhook consumer. The nature of webhooks suggests that they execute relatively quickly, and if additional processing is done, the webhook receiver should offload the processing to another component/service and return a response to the VTN as soon as possible.
The Switch VTN API is configured to timeout the request after 30 seconds if no response is received from the VEN.
In these cases, when the VEN does not respond in the alloted time of 30 seconds, the VTN will retry the same request up to 5 times.
Last updated
Was this helpful?