F5 news

16. 9.
2022
F5 News
Roman Tomášek
roman.tomasek@alef.com
Content
• Introducing F5 r-Series
• VELOS
• F5OS
2
16. 9. 2022
Introducing F5
rSeries
Why Our Customers Choose F5 Hardware

HARDWARE HAS ITS PLACE, EVEN IN A SOFTWARE AND CLOUD-FIRST WORLD
• Best protection and compliance for

regulated environments
• “It just works” simplicity
• Tamper resistant platform with
advanced security First introduced in 2016
• Predictable performance and scalability
First introduced in 2007

4
4
16. 9. 2022
Innovations from F5 Platforms

BUILT FOR MODERN APPLICATIONS
• Container • Modern • Advanced Telemetry

Integration Automation Security Streaming
A Modern Platform
for a Digital World
6
16. 9. 2022
F5 rSeries: A Next-Gen, Fully Automatable Platform

 Bridges between traditional and modern
Rearchitected, modern platform design:
architectures
• API-first architecture; fully automatable
 Delivers agility, performance, and with F5OS API and Automation Toolchain
investment protection for all apps
• More powerful FPGAs and CPU
rSeries r10000 utilization
• Scale to 190 Gpbs total Layer 4-7

Current throughput
rSeries r5000
• Multi-tenancy and flexibility to support
multiple versions
• BIG-IP modularized technology (future)

rSeries r4000
Future • Kubernetes-based F5OS platform
rSeries r2000
software
7
Next Generation Appliance: rSeries
rSeries
• Rearchitected with new
delayered F5OS platform
software
BIG-IP iSeries
• Programmable FPGA (TurboFlex) • Runs current BIG-IP (future:
new BIG-IP modular)
• Improved optics and port
Previous generation configurations • Larger, modern FPGAs
• Traditional BIG-IP platforms
• Around 2x scale over previous • Further improved optics
• Limited Programmable FPGA generation and port configurations
• Runs current gen of BIG-IP software • Up to 2x performance

improvement vs. iSeries
rSeries platform– rSeries 5k/10k and rSeries 2k/4k
8
16. 9. 2022
rSeries Improvements Over iSeries

DESIGNED FOR A NEW APPLICATION LANDSCAPE
iSeries rSeries rSeries Advantage
Hardware Larger FPGAs / 1RU Form Factor 2x enhanced performance
SSL Modern SSL offload hardware Up to 200k SSL TPS
Software New microservices layer (F5OS) Supports modern architecture
Automation API-first design Deployment: weeks to minutes
Licensing Pay-as-you-Grow licensing Higher performance as needed
Architecture Runs current & next-gen BIG-IP Easy migration path
F5 rSeries Platform
10
10
16. 9. 2022
r2000 / r4000 - Front Panel Ports - 25G, 10G, 1G
r4000 – (r4600 / r4800)
4x 10G RJ45 – 10G/1G

4 x 10G/1G 4 x 25G/10G/1G 4x SFP28/SFP+/SFP – 25G/10G/1G
Copper SFP+/SFP28/SFP
r2000 – (r2600 / r2800)
4x 10G RJ45 – 10G/1G

4x SFP28/SFP+/SFP – 25G/10G/1G
4 x 10G/1G 4 x 25G/10G/1G
Copper SFP28/SFP+/SFP 11
11
r2000 Series (r2800) Platform Specs

Runs F5OS-A R2R4 Image
 Total CPU Cores - 8
 Total vCPU’s – No Hyperthreading
 CPU Speed – 2.2Ghz
Tenant Software Tenant 1
 vCPU’s Available for Tenants – 8 CPU
 Total Memory – 32GB RAM
 Disk Type/Capacity – 480GB SSD
 Max Tenants - 1
Platform Software
Ships with support for TMOS 15.1.6 Tenants only

No CPU’s reserved for F5OS platform layer
12
12
16. 9. 2022

Runs F5OS-A R2R4 Image  Total CPU Cores - 8
Tenant Software Tenant 1  Disabled CPU’s (Licensing) - 4
 Max Tenants - 1
Platform Software

13
13
r2000 Series - Front View

10Gb/1Gb 25Gb/10Gb/1Gb
1000BaseT Serial Copper Ports SFP28/SFP+/SFP Fiber LCD Panel
MGMT Port Console Port Ports
1.0 3.0 5.0 7.0
2.0 4.0 6.0 8.0
Serial
Hardwire Port
USB3.0 Port Status LEDs STATUS
(unsupported)
ALARM
POWER1
POWER2
14
14
16. 9. 2022

 Total CPU Cores - 16
 Max Tenants - 4

15
15

Runs F5OS-A R2R4 Image  Total CPU Cores - 16
 Disabled CPU’s (Licensing) - 8
 Max Tenants - 2

16
16
16. 9. 2022

10Gb/1Gb 25Gb/10Gb/1Gb
1000BaseT Serial Copper Ports SFP28/SFP+/SFP LCD Panel
MGMT Port Console Port Fiber Ports
1.0 3.0 5.0 7.0
2.0 4.0 6.0 8.0
Serial
Hardwire Port
USB3.0 Port Status LEDs STATUS
(unsupported)
ALARM
POWER1
POWER2
17
17

 Total CPU Cores / vCPU’s – 16 / 32
 CPU Speed – 2.4 Ghz
 vCPU’s for F5OS - 6
 vCPU’s Available for Tenants - 26
 Disk Type/Capacity – 1TB – M.2 SSD
 1 Power Supply Included / 2nd Optional
 Max Tenants - 26

6 x vCPU’s reserved for F5OS platform layer
18
18
16. 9. 2022

Runs F5OS-A R5R10 Image  Total CPU Cores / vCPU’s – 16 / 32
 Disabled vCPU’s (Licensing) – 8
 Max Tenants - 18

19
19

 Max Tenants - 8

20
20
16. 9. 2022
100Gb/40Gb 25Gb/10Gb
1000BaseT Serial LCD Panel
QSFP28/QSFP+ SFP28/SFP+
MGMT Port Console Port
Ports Ports
3.0 5.0 7.0 9.0
1.0 2.0 4.0 6.0 8.0 10.0
Serial
Hardwire Port
USB3.0 Port LED KEY 100G Status LEDs STATUS
(unsupported)
40G ALARM
10/25G POWER1
POWER2
21
21

 Disk Type/Capacity – 2 x 1TB U.2 SSD
 RAID1 Mirrored
 2 Power Supplies Included
 Max Tenants – 36

22
22
16. 9. 2022

 RAID1 Mirrored

23
23

 RAID1 Mirrored

24
24
16. 9. 2022

1000BaseT Serial 100Gb/40Gb LED KEY LCD Panel
100G
MGMT Port Console Port QSFP28/QSFP+
40G
Ports
10/25G
3.0 5.0 7.0 9.0 13.0 15.0 17.0 19.0
1.0 2.0 4.0 6.0 8.0 10.0 11.0 12.0 14.0 16.0 18.0 20.0
Serial
Hardwire Port
USB3.0 Port (unsupported) 25Gb/10Gb Status LEDs STATUS
SFP28/SFP+ ALARM
Ports
POWER1
POWER2
25
25
r10000 Series Back View – Fan Tray Removed
Dual SSD’s are accessible once Fan Tray is removed. SSD’s are hot swappable.
26
26
16. 9. 2022
rSeries PAYG
(Pay-as-you-
Grow) Strategy
27
27
rSeries - 3 x Tier Pay-as-you-Grow Structure

Mid-range Appliances High-end Appliances
r5600 r5800 r5900 R10600 R10800 R10900

Feb / March Feb / March Available Now Feb / March Feb / March Available Now
(Low PAYG) (Mid PAYG) (High PAYG) (Low PAYG) (Mid PAYG) (High PAYG)
BIG-IP BIG-IP BIG-IP BIG-IP BIG-IP BIG-IP

i5600 i5800 i7600/i7800 i10600 i10800 i11600
Series Series Series Series Series Series
To achieve PAYG performance goals some CPU’s will be disabled on x600 & x800 models
28
28
16. 9. 2022
rSeries - 2 x Tier Pay-as-you-Grow Structure

Lower Range
r2600 r2800 r4600 r4800
May / June May / June May / June May / June
(Low PAYG) (High PAYG) (Low PAYG) (High PAYG)
BIG-IP BIG-IP BIG-IP BIG-IP

i2600 i2800 i4600 i4800
Series Series Series Series
To achieve PAYG performance goals some CPU’s will be disabled on x600 models, and CPU throttling may be implemented
29
29
rSeries – r10900 - PAYG

*Actual core numbers are different
vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU
1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35
2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36
vCPU vCPU vCPU vCPU vCPU vCPU

37 39 41 43 45 47
r10900 vCPU
38
vCPU
40
vCPU
42
vCPU
44
vCPU
46
vCPU
48
30
30
16. 9. 2022

1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35
2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36

37 39 41 43 45 47
r10800 vCPU
38
vCPU
40
vCPU
42
vCPU
44
vCPU
46
vCPU
48
31
31

1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31 33 35
2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36

37 39 41 43 45 47
r10600 vCPU
38
vCPU
40
vCPU
42
vCPU
44
vCPU
46
vCPU
48
32
32
16. 9. 2022

vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU vCPU
1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31
vCPU
2
vCPU
4
vCPU
6
vCPU
8
vCPU
10
vCPU
12
vCPU
14
vCPU
16
vCPU
18
vCPU
20
vCPU
22
vCPU
24
vCPU
26
vCPU
28
vCPU
30
vCPU
32
r5900
33
33

1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31
vCPU
2
vCPU
4
vCPU
6
vCPU
8
vCPU
10
vCPU
12
vCPU
14
vCPU
16
vCPU
18
vCPU
20
vCPU
22
vCPU
24
vCPU
26
vCPU
28
vCPU
30
vCPU
32
r5800
34
34
16. 9. 2022
1 3 5 7 9 11 13 15 17 19 21 23 25 27 29 31
vCPU
2
vCPU
4
vCPU
6
vCPU
8
vCPU
10
vCPU
12
vCPU
14
vCPU
16
vCPU
18
vCPU
20
vCPU
22
vCPU
24
vCPU
26
vCPU
28
vCPU
30
vCPU
32
r5600
Max Tenants = 8
35
35
r4800
No Hyperthreading
CPUs
Maximum Tenants 4
No Dedicated Cores for F5OS Platform Layer
36
36
16. 9. 2022
r4600
No Hyperthreading
CPUs
Maximum Tenants = 2
37
37
No Hyperthreading r2800
1 Tenant CPUs

38
38
16. 9. 2022
No Hyperthreading r2600
1 Tenant with 4 CPUs

39
39
rSeries Licensing
40
40
16. 9. 2022
rSeries Licensing
• Licensing in rSeries follows the same model as iSeries
• The entire appliance is licensed, and tenants will inherit licenses from the appliance
• Multitenancy is supported on all rSeries models (except for r2000 which supports max of 1 tenant
• iSeries Only supported multitenancy (vCMP) on the x800 models, and only on specific models
• This provides value to customers as they grow, they don’t need to purchase additional licenses
• ASM is being replaced with AWAF for standalone and bundled SKU’s (BEST)
• AAM is not supported on rSeries as it is EoS, it wasn’t supported on iSeries, bur some Bourne
customers may be utilizing it
41
41
rSeries Networking
42
42
16. 9. 2022
rSeries - Out of Band Management

F5OS can only be managed via out-of-band-network
Out-of-band Management
rSeries Tenant-1 Tenant-2 Tenant-3 Tenant-4
Tenants inherit VLANs
VLANs
F5OS
VLANs, Interfaces, LAG’s configured @ F5OS layer
LAG Interface
43
43
Port Groups and Unbundling Restrictions r10000
Both adjacent ports (1.0 & 2.0) or (11.0 & 12.0) must be SFP28 ports support any combination of 10G or 25G optics
40Gb or 100Gb no mix and match (SFP28 backward compatible to SFP+)
QSFP28/QSFP+ ports don’t support breakout cables

(no unbundling) to 4 x 25Gb or 4 x 10Gb
44
44
16. 9. 2022
Port Groups and Unbundling Restrictions r5000

Both adjacent ports (1.0 & 2.0) must be SFP28 ports support any combination of 10G or 25G optics
40Gb or 100Gb no mix and match (SFP28 backward compatible to SFP+)
QSFP28/QSFP+ ports don’t support breakout cables

(no unbundling) to 4 x 25Gb or 4 x 10Gb
45
45
Key Benefits
and Use Cases
46
46
16. 9. 2022
Key Benefits and Use Cases for Adaptive Apps Platforms

MOVING TO A HIGHLY AUTOMATABLE ARCHITECTURE WITH A LOWER TCO
Future-Proof your Investment & Enhanced Automation Highest Platform

Lower TCO with a Modern Leads to Rapid Reliability and Security
Platform Design Deployment
Consolidate infrastructure Reduce deployment time Hardware detection of more than

and app services with fewer from weeks to minutes 100 types of attack vectors
appliances, reducing TCO
API-first, fully automatable Industry-leading SSL/TLS
Up to 2x performance and architecture processing manages increasing
scalability as compared to iSeries encrypted application traffic
Existing and modern F5 Automation Toolchain makes it

BIG-IP on same next-gen. platform easy to deploy and configure F5 Enhanced protection keeps mission
design application services critical apps up and running
47
47
Rearchitected with Modern Hardware

ENHANCED PERFORMANCE IN rSERIES
 F5 rSeries delivers up to 2x scale and
performance improvement over the
previous generation iSeries platforms
 Larger, modern FPGAs for hardware

acceleration
 More efficient CPU resource
utilization
 Higher performance to meet
demands
 Greater scalability for peak volumes
 1 RU form factor provides a high-density New FPGA’s,

solution, with added support to 100G and Latest Intel
25G interfaces CPU/Crypto
48
48
16. 9. 2022
F5 rSeries Platform Performance
(Compared to i11600)* (Compared to i7800)*
(1.2-2X) (2X)
(2.6X) (2X)
(1.3X) (2X)
(1.2X)1 (2X)
*Model comparisons provided for similar price points 49
49
Flexible Ports, Maximum Flexibility

ENHANCED PORT CONFIGURATION
r10000 Series
Maximum flexibility
with port
configurations
4x QSFP28/QSFP+
2 x 100G/40G 8 x 25G/10G 2 x 100G/40G 8 x 25G/10G 16 SFP28/SFP+
Ability to access lower QSFP28/QSFP+ SFP+/SFP28 QSFP28/QSFP+ SFP+/SFP28
speed interface
Increased redundancy r5000 Series

Shortened time to
deploy new
applications
2x QSFP28/QSFP+
2 x 100G/40G 8 x 25G/10G 8 SFP28/SFP+
QSFP28/QSFP+ SFP+/SFP28
50
50
16. 9. 2022
Tiered Licensing: Pay-as-you-Grow

TIERED SOFTWARE LICENSE KEYS
Mid-Range Appliances High-End Appliances

Avail. Late Q1CY22 Avail. Now Avail. Late Q1CY22 Avail. Now
r5600 r5800 r5900 r10600 r10800 r10900
(Low PAYG) (Mid PAYG) (High PAYG) (Low PAYG) (Mid PAYG) (High PAYG)
BIG-IP BIG-IP BIG-IP BIG-IP BIG-IP BIG-IP

i5600 i5800 i7600/i7800 i10600 i10800 i11600
Series Series Series Series Series Series
To achieve PAYG performance goals some CPU’s will be disabled on x600 & x800 models, and CPU throttling may be implemented 51
51
Upgrade and Consolidate Legacy Products

Lower TCO
BIG-IP Refresh Example
BIG-IP i5600 F5 r5900

Consolidation Benefits
Number
Up to 6
consolidated
OpEx Savings
• F5 ADC with Local Traffic • F5 ADC with LTM module $139K
(4 years)
Manager (LTM) module and future proof w/next-gen.
• 1.1M L7 RPS each • 4.3M L7 RPS each
• $50K each x 8 = $400K • $98K each x 2 = $196K
• Annual support: $68K total • Annual support: $33.3K total
52
52
16. 9. 2022
Key Customer Benefits of Adaptive Apps Platforms


Consolidate infrastructure and Reduce deployment time Hardware detection of more than
app services with fewer from weeks to minutes 100 types of attack vectors

53
53
Rearchitected with Delayered Platform Software

MODERN SOFTWARE ARCHITECTURE IN rSERIES
• Multitenant by default architecture

• API-first design: full automation at the
new F5OS platform layer
Existing and Next-Gen BIG-IP on Same Appliance
• Leverages microservices architecture to
break beyond constraints of TMOS Existing BIG-IP application Next-Gen BIG-IP application
services software services software
o Kubernetes manages workloads but is
abstracted from the admin
New Platform Layer (Kubernetes-based)
o No microservices knowledge required to
manage New Hardware Offload Services / FPGA
• Lays the foundation for next-gen BIG-IP

modular technology in H2 2022
54
54
16. 9. 2022
Automated App Services

AUTOMATE AND ACCELERATE MANUAL
PROCESSES
NetOps / SecOps
Automation Toolchain
Many imperative
Single commands
declarative
statement
BENEFITS
F5 Automation
Toolchain
Orchestration
Tools
Instance Onboarding & App F5 rSeries Reduce deployment times from weeks
Services Configuration Appliance to minutes
Reduce need for BIG-IP domain
TOOLCHAIN FEATURES
knowledge
Declarative Onboarding (DO) – Automate L1-L3
device onboarding
Prevent deployment/configuration errors
Application Services 3 Extensions (AS3) –
Automate L4-L7 app services configuration
Easily integrate with mainstream A&O
Telemetry Streaming (TS) – Stream telemetry to
leading analytics solutions tools like Ansible, Terraform, etc.
F5 Application Services Templates (FAST) –
Next-gen, declarative config templating
AS3 Configuration Converter (AS3) 55
55
Automate CUSTOMER STORY

Everything
LARGE EUROPEAN BANK
• “By leveraging F5’s automation capabilities across thousands

of our applications, we can more rapidly and reliably provide
IMPROVING PROGRAMMABILITY & high-quality financial services to our customers. Secured
application service deployments that previously required up to
AUTOMATABILITY 6 weeks can now take as little as 5 minutes.” IT LEADER, LARGE
EUROPEAN BANK
62% •
•
Created a self-service catalog
Deployed new application

services within minutes when
… of organizations stated the it previously took 6 weeks
need to automate
network operations to • Automated infrastructure,
deployed 3000+ new
keep pace with application services within 1
accelerating app deployments year; no manual interaction
56 | ©2021 F5, INC. 56
56
16. 9. 2022
Key Customer Benefits of Adaptive Apps Platforms


Consolidate infrastructure and Reduce deployment time Hardware detection of more than
app services with fewer from weeks to minutes 100 types of attack vectors

57
57
Advanced Application Protection

BUILT-IN SECURITY FOR YOUR APPLICATION ENVIRONMENT
Hardware detection and mitigation of more than 100 types of

attack vectors, denial-of-service (DoS) and DDoS attacks, SYN flood
and more
Industry-leading SSL crypto capabilities of up to 200k SSL TPS with

enhanced offload of elliptical curve cryptography (ECC) processing
High availability keeps critical apps up and running; enhanced performance

handles traffic spikes, blocking attackers from bypassing security protocols
58
58
16. 9. 2022
rSeries SSL Improvements

DESIGNED FOR A MODERN SECURITY ENVIRONMENT
iSeries i7800 rSeries r5900 Improvement

Enhanced offload of
ECC 25k TPS ECC 70k TPS 250% increase / 3.5X*
elliptical curve
cryptography (ECC)
processing iSeries i11600 rSeries r10900 Improvement
ECC 30k TPS ECC 140k TPS 192% increase / 2.9X*

Industry-leading SSL traffic
processing for peak 40k SSL RSA-2k TPS 100k SSL RSA 2k TPS 150% increase*
utilization
37k SSL RSA-2k TPS 200k SSL RSA 2k TPS 441% increase*
*Model comparisons provided for similar price points 59
59
Modern SSL CUSTOMER STORY

Performance LARGE EUROPEAN GOVERNMENT BANK
• Ongoing constraints related to encrypted traffic processing

IMPROVING PROCESSING
POWER & SCALABILITY during peak utilization
• Needed a scalable security architecture to mitigate cyber
security risks and accommodate growth
86% • With F5’s industry-leading SSL power, the bank experienced

the following benefits:
… of web page loads are now • Consolidated application delivery capabilities into one
encrypted with SSL integrated platform
• Increased scalable SSL performance
• Gained WAF capabilities to protect banks assets and data
• Just in time scalable hardware platform
60 | ©2021 F5, INC. 60
60
16. 9. 2022
rSerie Performance
and Sizing
61
61
rSeries r5600 / r5800 / r5900 – Performance

Performance Metric R5600 r5800 r5900
L4 Throughput 95 Gbps 95 Gbps 95 Gbps
Compression 35 Gbps 40 Gbps 50 Gbps
(QAT compress + verify) (QAT compress + verify) (QAT compress + verify)
SSL Bulk Throughput 35 Gbps 45 Gbps 50 Gbps
SSL RSA-2k TPS 60k TPS 80k TPS 100k TPS
ECDHE P-256-ECDSA TPS 30k TPS 50k TPS 70k TPS
ECDHE P-256-RSA-2k TPS 30k TPS 50k TPS 55k TPS
L4 FastL4 CPS 1M CPS 1.4M CPS 1.8M CPS
L4 FastL4 Gbps 95 Gbps 95 Gbps 95 Gbps
L7 FastHTTP (inf-inf) RPS 2.5M RPS 3.3M RPS 4.3M RPS
L7 FastHTTP Gbps 95 Gbps 95 Gbps 95 Gbps
L7 (1 – 1) CPS 350k CPS 490k CPS 650k CPS
L7 (1 - 1) Gbps 60 Gbps 85 Gbps 95 Gbps
62
62
16. 9. 2022
rSeries r10600 / 10800 / r10900 – Performance

Performance Metric r10600 r10800 r10900
Compression 80 Gbps 80 Gbps 90 Gbps
(QAT compress + verify) (QAT compress + verify) (QAT compress + verify)
SSL Bulk Throughput 75 Gbps 80 Gbps 95 Gbps
SSL RSA-2k TPS 115k TPS 150k TPS 200k TPS
ECDHE P-256-ECDSA TPS 90k TPS 110k TPS 140k TPS
ECDHE P-256-RSA-2k TPS 90k TPS 110k TPS 110k TPS
L4 FastL4 CPS 2M CPS 2.1M CPS 2.5M CPS
L4 FastL4 Gbps 190 Gbps 190 Gbps 190 Gbps
L7 FastHTTP (inf-inf) RPS 4.5M RPS 5.5M RPS 6.6M RPS
L7 FastHTTP Gbps 170 Gbps 175 Gbps 190 Gbps
L7 (1 – 1) CPS 680k CPS 800k CPS 1M CPS
L7 (1 - 1) Gbps 125 Gbps 145 Gbps 190 Gbps
63
63
VELOS
64
64
16. 9. 2022
Where We’ve Been

F5 VIPRION
• Unparalleled performance and scalability

for 10+ years
• Single, most powerful ADC chassis-based
solution that can add or remove capacity
without disrupting users or apps
• Unique chassis-based virtualization with
flexibility to scale linearly on demand with
high-density multi-tenancy (vCMP)
• More than $100M in revenue contribution
per year for a decade
65
65
Application Landscape is Changing

Trends of Application Economy So App Services Must Adapt
Cater to the needs of

Increased adoption of both modern and
Multi-Cloud strategy monolithic apps
Acceleration of Interoperate with 3rd

Automation and party tools, services and
Orchestration ecosystems
Multifunctional Scale for explosive

collaboration in IT growth from app demand
Elevated security
threats and IT Move at the speed of
complexity DevOps
BUT NO CHASSIS PLATFORM CAN MEET ALL THESE CUSTOMER NEEDS 66
66
16. 9. 2022
VELOS: Highest Performance With Modern Architecture

• Kubernetes-based platform software
CX410 Chassis
• API first architecture, fully automatable
• Higher density resources per rack unit
• Multi-Tbps total Layer 4-7 throughput
• Flexible support for multi-tenancy and

BX110 Blade
blade groupings
• Redundant System Controllers, mix

and match blades on single chassis
67
67
VELOS Chassis
CX410 Chassis – 4RU supporting up to 8x B110 blades
1 2 3 4
Controller 1 Controller 2 Redundant
6 7 System Controllers
5 8
PSU1 PSU2 PSU3 PSU4
Configurable to N+N
Power Supplies
Fan Tray 1
Fan Tray
1
1 2
2 33
68
68
16. 9. 2022
System Controller (VELOS CX410 Chassis)
69
69
Future Proof
VELOS Provides Flexibility: Multiple Chassis Partitions within a

Single Chassis
• Unlike VIPRION, the VELOS chassis can be Blade1 Blade2

split into multiple Chassis Partitions
• Within VIPRION all blades formed a single “cluster”
Blade3 Blade4
• This allows for complete resource isolation,
service chaining, and the ability to run both
BIG-IP and BIG-IP MA within the same
chassis*
• Provides another layer of segmentation not
previously available in VIPRION Blade1 Blade2 Blade3 Blade4
Blade5 Blade6 Blade7 Blade8
*BIG-IP & BIG-IP MA cannot be mixed in the same Chassis Partition initially 70
70
16. 9. 2022
VELOS Improvements Over VIPRION

DESIGNED FROM THE GROUND UP FOR THE NEW APPLICATION LANDSCAPE
VIPRION VELOS
FPGAs / Line Card
Interfaces
Resources
Switching
QoS
Data Path Paradigm
TBD
In-Line Crypto
Packet Processing Pipeline
Backplane
71
71
B2150 vs B2250 vs VELOS BX110

COMPARISON PER SINGLE BLADE
L7 RPS (K) MAX SSL TPS (RSA 2K)
4M 100K
3.3x B2150 90K 9x B2150

3M
1.7x B2250 2x B2250
80K
3M
70K
2M 60K 90K
3,3M 50K
2M
40K
1M 2,0M 30K ECC

50K
20K 44K
500K 1,0M
10K
K 10K
B2150 B2250 VELOS BX110 K 72
B2150 B2250 VELOS BX110
72
16. 9. 2022
B2150 vs B2250 vs VELOS BX110

COMPARISON FOR FULL CHASSIS
L7 RPS (K) MAX SSL TPS (RSA 2K)
30M 800K
6.4x B2150 18x B2150

700K
25M 3.2x B2250 4x B2250
600K 720K
20M
500K
15M 400K
25,6M
300K
10M
200K
ECC
400K
5M
8,0M
100K
4,0M
176K
K K 40K
B2150 B2250 VELOS BX110 B2150 B2250 VELOS BX110 73
73
Providing Flexibility and Investment Protection

BIG-IP 14.x Modular BIG-IP
LTM WAF DNS AFM

VM Tenant (BIG-IP)
CP
Guest kernel, TMOS & TMM DP DP DP DP
Platform SW (VELOS) Platform SW (VELOS)
Hardware Hardware
Existing BIG-IP and Modular BIG-IP can run within same VELOS chassis
74
74
16. 9. 2022
The Promise of VELOS

PERFORMANCE Up to 5x higher computational power per Chassis; Up to 5x higher total L4/L7 throughput per Chassis
VERSATILITY Support for multi-speed (10/25/40/100GbE)
FAULT TOLERANCE Reduced Failure Domain by decoupling Compute (Blade) and Fabric (System Controller)
PLATFORM SECURITY Multiple layers of tenancy providing fully isolated traffic
FLEXIBILITY Ability to mix and match different VELOS Blade generations
WIRE SPEED FABRIC Non-Blocking Backplane
AUTOMATION API-first architecture / fully automatable
TENANT SCALE Flexible multi-tenancy (future support to 100s of Tenants per blade)
MODERN ARCHITECTURE K8s Appliance Container (cBIP/mBIP for different tenants, and a path to 3rd party applications)
75
75
F5OS
76
76
16. 9. 2022
More Than Just a Hardware Refresh

 Leverages microservices architecture
to break beyond constraints of TMOS
 Common F5OS architecture layer with
VELOS
 Kubernetes manages workloads, but is
abstracted from the admin, no
microservices knowledge required to
manage rSeries
 Multitenant by default architecture
 API First design – Full automation @
the F5OS layer
 Lays the foundation for next
generation BIG-IP software: BIG-IP
Next
77
77
F5OS Management
 New F5OS platform layer can be managed
via CLI, API, or GUI
 Intuitive GUI, CLI & API provides initial
platform setup, monitoring, and tenant
lifecycle
 TMOS Tenants are still managed as they are
on existing platforms
 Similar to a vCMP guest management
experience Boston-r10900-1# show running-config
cluster disk-usage-threshold config warning-limit 85
cluster disk-usage-threshold config error-limit 90
cluster disk-usage-threshold config critical-limit 97
cluster disk-usage-threshold config growth-rate-limit 10
cluster disk-usage-threshold config interval 60
cluster nodes node node-1
config name node-1
config enabled
!
fdb mac-table entries entry 00:94:a1:69:59:27 500 tag_type_vid
config mac-address 00:94:a1:69:59:27
78
78
16. 9. 2022
VELOS / F5OS – API Support
https://clouddocs.f5.com/api/velos-api/velos-api-index.html 79
79
F5OS Software Lifecycle
• F5OS Platform layer software uses semantic versioning, which includes a platform type followed by a
three-digit software version
• Versions use the following syntax: F5OS-PLATFORM_TYPE-MAJOR.MINOR.PATCH-LTS, LTS is optional
• LTS releases will typically occur on an annual basis after declaring the initial LTS release
• The Standard Support phase of an LTS release begins with the Introduction Date and ends in three years
• More frequent STS releases will typically occur on a quarterly basis and include backwards compatible
feature additions, enhancements, and bug fixes
• The STS releases usually have standard support phase of six months, or three months from the next STS
release, whichever is longer
SOL will be updated soon:
https://support.f5.com/csp/article/K21501912
80
80
16. 9. 2022
F5OS / TMOS Tenant Compatibility

• F5OS-C Supports v14.1.4 and later, and v15.1.4 and
later, the next major version will be v17.1
• F5OS-A 5k/10k supports v15.1.5 and later, the next
major version will be v17.1
• F5OS-A 2k/4k supports v15.1.6 and later, the next
major version will be v17.1
• None of these platforms will support v16.0, 16.1, or
17.0
https://support.f5.com/csp/article/K9476 81
81
F5OS-C vs. F5OS-A

• F5OS-C (Chassis) is for VELOS
• F5OS-C CONTROLLER
• F5OS-C PARTITION
• F5OS-A (Appliance) is for rSeries
• R5R10 – For r10000/r5000
• R2R4 - For r2000/r4000
• They have different version numbering so
please qualify F5OS-A or F5OS-C
82
82
16. 9. 2022
Q&A
83
83
Thank you
84

F5 news

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

F5 news

Uploaded by

Copyright:

Available Formats

16. 9.

Why Our Customers Choose F5 Hardware

• Best protection and compliance for

• Predictable performance and scalability

First introduced in 2007

Innovations from F5 Platforms

• Container • Modern • Advanced Telemetry

F5 rSeries: A Next-Gen, Fully Automatable Platform

• Scale to 190 Gpbs total Layer 4-7

• BIG-IP modularized technology (future)

Next Generation Appliance: rSeries

• Runs current gen of BIG-IP software • Up to 2x performance

rSeries platform– rSeries 5k/10k and rSeries 2k/4k

rSeries Improvements Over iSeries

iSeries rSeries rSeries Advantage

Hardware Larger FPGAs / 1RU Form Factor 2x enhanced performance

SSL Modern SSL offload hardware Up to 200k SSL TPS

Software New microservices layer (F5OS) Supports modern architecture

Automation API-first design Deployment: weeks to minutes

Licensing Pay-as-you-Grow licensing Higher performance as needed

Architecture Runs current & next-gen BIG-IP Easy migration path

r2000 / r4000 - Front Panel Ports - 25G, 10G, 1G

r4000 – (r4600 / r4800)

4x 10G RJ45 – 10G/1G

r2000 – (r2600 / r2800)

4x 10G RJ45 – 10G/1G

r2000 Series (r2800) Platform Specs

Ships with support for TMOS 15.1.6 Tenants only

r2000 Series (r2600) Platform Specs

Ships with support for TMOS 15.1.6 Tenants only

r2000 Series - Front View

1.0 3.0 5.0 7.0

2.0 4.0 6.0 8.0

r4000 Series (r4800) Platform Specs

Ships with support for TMOS 15.1.6 Tenants only

r4000 Series (r4600) Platform Specs

Ships with support for TMOS 15.1.6 Tenants only

r4000 Series - Front View

1.0 3.0 5.0 7.0

2.0 4.0 6.0 8.0

r5000 Series (r5900) Platform Specs

Ships with support for TMOS 15.1.5 Tenants only

r5000 Series (r5800) Platform Specs

Ships with support for TMOS 15.1.5 Tenants only

r5000 Series (r5600) Platform Specs

Ships with support for TMOS 15.1.5 Tenants only

r5000 Series - Front View

3.0 5.0 7.0 9.0

1.0 2.0 4.0 6.0 8.0 10.0

r10000 Series (r10900) Platform Specs

Ships with support for TMOS 15.1.5 Tenants only

r10000 Series (r10800) Platform Specs

Ships with support for TMOS 15.1.5 Tenants only

r10000 Series (r10600) Platform Specs

Ships with support for TMOS 15.1.5 Tenants only

r10000 Series - Front View

3.0 5.0 7.0 9.0 13.0 15.0 17.0 19.0

r10000 Series Back View – Fan Tray Removed

rSeries - 3 x Tier Pay-as-you-Grow Structure

r5600 r5800 r5900 R10600 R10800 R10900

BIG-IP BIG-IP BIG-IP BIG-IP BIG-IP BIG-IP

rSeries - 2 x Tier Pay-as-you-Grow Structure

BIG-IP BIG-IP BIG-IP BIG-IP

rSeries – r10900 - PAYG