Difference Between f5 vm and Hardware

which differences in detail?

First there are performance differences. The Appliance is much more powerful because it can use the dedicated hardware.

Second there are little feature differences. For example on VM Edition you cannot use LACP config, this have to be done from host-system. Also FIPS is not available on VM.

For detailed information take a look at the datasheets.

Here's my list of what is not in VE;

•CMP (until v11.3) •Spanning Tree Protocols (vSwitches don’t run STP; interestingly it’s also not supported on the 2000s, 2200s, 4000s or 4200v hardware platforms) •Link Aggregation Control Protocol (LACP) – but Trunking is still available •The hard-wired failover functionality and interface •Federal Information Processing Standards (FIPS) 140-2 compliance (specific hardware is required) •Interface mirroring •The Serial console interface •Always On Management (AOM) •Use of more than 4Gb of memory (until v11.3) •Throughput of more than 1Gb (until…???) •There may be downgrade restrictions depending on your hypervisor. •Link Controller (LC) •Advanced SSL functions •Advanced TCP profile settings

Also I'd suggest you do some research on SR-IOV, LRO and TSO, where the host's NICs are concerned.

Its obvious but worth stating you lose all hardware acceleration and assistance for traffic (except: see above line) and SSL processing.

You may be able to mitigate this in some ways as I suggest above and by using processors that support the Advanced Encryption Standard Instruction Set and ensuring its use is enabled/supported in your hypervisor of choice.

Expect things to improve on the processor front rapidly.

Hey WLB,

That's good info. Thanks for the reply.

On a tangent, we actually have some improvements coming in 11.6 for the 2000 and 4000 series platforms:

• STP (Spanning tree Protocol) which prevents L2 loops
• LLDP (Link Layer Discovery Protocol) which enables the use of standard management tools to make physical topology information available
• ARL (Address Resolution Table) which supports better troubleshooting with forwarding database and ARL table lookups.
• tmsh show net fdb now shows meaningful data.
• Full support for Link Down on failover feature which supports faster failover when interconnecting with legacy switches.

Note: Port mirroring is still not currently supported on these two platforms. Please contact your F5 SE if this is a feature you'd like to see F5 potentially provide in a future release

Look for the 11.6 release soon.

Thanks, Aaron