Migration from ACE to F5 - virtual contexts

Question

Hello everyone, I am looking for some advice.&nbsp;
I am going to migrate the existing services on Cisco ACE loadbalancer to new F5 devices and I was wondering if F5's are capable of virtual contexts. The current ACE uses 3 independed virtual contexts.&nbsp;
I haven´t found any info about virtual contexts capability on F5´s (using F5 BIG-IP LTM 4200V) the only feature which could work for me are the route domains but I have no experience with this yet so I am looking for an advice on that.&nbsp;
Thanks in advace for you reply,&nbsp;
 &nbsp;
Regards,&nbsp;
Marcus&nbsp;

nitass · Answer

I haven´t found any info about virtual contexts capability on F5´s (using F5 BIG-IP LTM 4200V) the only feature which could work for me are the route domains but I have no experience with this yet so I am looking for an advice on that.
is there any specific question? so, any people here who know can help.&nbsp;

marco_octavian_ · Answer

This is always the first concern you hear on when migrating to F5 from ACE. Route domains AND partitions are definitely your starting  points to research. The 4200v does not support vcmp, yet. "Supposedly" it's on the roadmap but that is not official. The 5200v is the smallest platform that supports vcmp today.

marcus_131199 · Answer

To nitass - The question are in my post -  
&nbsp;  
&nbsp; 1.Is F5 capable of virtual contexts?  
&nbsp; 2. If not, what is the best way to migrate from ACE using virtual contexts to F5 (can route domains be applied or a redesign of existing network is required). 
&nbsp;  
&nbsp; To marco_octavian - Thanks for your reply. I will look into it.

marco_octavian_ · Answer

1. Virtual Context  = vcmp in F5 world. F5 vcmp, when compared to ACE virtual contexts or Netscreen virtualization, etc, isn't exactly apples-to-apples.  Initially, you may be surprised that the F5 can do so few  guest instances using vcmp but when you think about all the modules/functionality the F5 provide, it makes more sense.It's a multi-os/multi-app platform. 
&nbsp;  
&nbsp; 2.) Route domains can be applied. No need to redseign. On the 4200v, you will be limited to route domains (vrf equiv)  and partitions(separate containers for objects) if you want/need to keep that separation. The few customers I have worked with on these migrations really loved the features/functionality once they got past the initial learning curve.  
&nbsp;  
&nbsp; Keep in mind that you don't necessarily have to use route domains. If this is for internal use only (single tenant), you can securely keep traffic seprate via vlans/objects. The LTM is like a router but hardened in many ways. The VS can be configured to only speak on specific vlans. Of course, in your case, preconfiguring route domains would make it an easy "drop-in-place" solution. 
&nbsp;  
&nbsp; By now, you have probably researched all this but I wanted to make sure you got a follow-up as well. Thanks, &nbsp;

marcus_131199 · Answer

Yes, I did review documentation related to this topic but it is always good to hear from the more experienced engineers to make sure I am going to right direction. Thanks for your advice.

Forum Discussion

Migration from ACE to F5 - virtual contexts

5 Replies

Recent Discussions

Pricing when used with aws waf

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Related Content

Getting Started with BIG-IP Next: Migrating an Application Workload

F5 BIG-IP per application Red Hat OpenShift cluster migrations

Migration F5-DNS-VM from a Virtual Machine to other Virtual Machine

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

Edge to Pulse: IP Geolocation Database Migration