[gbuk2013]

Pretty much everything. :)

L4-L7 load balancing, distributed DNS, SSL offload, WAF, DPI, data centre firewall and other things. With a nice WebUI to configure all that.

The Tcl iRules allow you to hook into pretty much any stage of the request or the response L4-L7 at FPGA speeds to do whatever you wanted to the request / response data.

It's a very powerful product.

[zinkem]

> any stage of the request or the response L4-L7 at FPGA speeds

I also work at F5, and used to work on the FPGA. This is unfortunately not true for TCL iRules. The FPGA basically only operates on L2-4, L7 is all software.

There was some talk about doing L7/iRules in an FPGA but prototypes never produced compelling enough performance gains to make it worth it.

[gbuk2013]

I learn something new today - thanks.

[tommu]

"..a nice WebUI"

I challenge that assertion!

[throw0101a]

> I challenge that assertion!

For simple things it's adequate, but the fact that one can SSH is also helpful as there's a RHEL/CentOS base to work on. We're able to get Let's Encrypt working with a bash-only ACME client (dehydrated) is short order.

Heck, run Ansible on it:

* https://www.ansible.com/integrations/networks/f5 * https://github.com/F5Networks/f5-ansible

[gbuk2013]

And you probably have a point, but it's all relative to configuring all that stuff by hand in the CLI, or worse using some other enterprise vendor's attempt at a "usable" UI ... ;)