We have a cluster of BIG-IP 1600 with 2 tmms and licence for 500 ssl tps.
According to the kb below, we should be able to manage up to 1000 ssl tps. Is that correct? Am I missing anything?
show sys license detail | grep -i perf_SSL_total_TPS
show sys tmm-info global | grep -i 'TMM count'
TMM Count 2
Thanks in advance and regards,
Sort of. The problem is that the 1600 is a pretty old platform, and the TLS hardware only natively supports 1k asymmetric keys. In general, for 2k keys (which is standard today), performance is reduced by about 75%. Having said that, if you license the system for maximum TLS support, it should be able to achieve ~1000 TPS for 2k keys.
Assuming your certificates use 2k keys, you might want to consider a hardware refresh (particularly since the 1600 is now past End of Software Development.