Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

SSL offload question regarding licence

We have a cluster of BIG-IP 1600 with 2 tmms and licence for 500 ssl tps. According to the kb below, we should be able to manage up to 1000 ssl tps. Is that correct? Am I missing anything?

https://support.f5.com/csp/article/K6475

show sys license detail | grep -i perf_SSL_total_TPS perf_SSL_total_TPS [500]

show sys tmm-info global | grep -i 'TMM count' TMM Count 2

Thanks in advance and regards, Pablo.

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Sort of. The problem is that the 1600 is a pretty old platform, and the TLS hardware only natively supports 1k asymmetric keys. In general, for 2k keys (which is standard today), performance is reduced by about 75%. Having said that, if you license the system for maximum TLS support, it should be able to achieve ~1000 TPS for 2k keys.

Assuming your certificates use 2k keys, you might want to consider a hardware refresh (particularly since the 1600 is now past End of Software Development.

0