SSL offload question regarding licence

Question

We have a cluster of BIG-IP 1600 with 2 tmms and licence for 500 ssl tps. 
According to the kb below, we should be able to manage up to 1000 ssl tps. Is that correct? Am I missing anything?&nbsp;
https://support.f5.com/csp/article/K6475&nbsp;
show sys license detail | grep -i perf_SSL_total_TPS
perf_SSL_total_TPS [500]&nbsp;
show sys tmm-info global | grep -i 'TMM count'
  TMM Count               2&nbsp;
Thanks in advance and regards,
Pablo.&nbsp;

vernonwells · Answer

Sort of.  The problem is that the 1600 is a pretty old platform, and the TLS hardware only natively supports 1k asymmetric keys.  In general, for 2k keys (which is standard today), performance is reduced by about 75%.  Having said that, if you license the system for maximum TLS support, it should be able to achieve ~1000 TPS for 2k keys.&nbsp;
Assuming your certificates use 2k keys, you might want to consider a hardware refresh (particularly since the 1600 is now past End of Software Development.&nbsp;

Forum Discussion

SSL offload question regarding licence

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Question & Answer: Regarding CVE-2020-5902

SSL Offloading and Backend pool https

Question regarding the F5 vulnerabilities page API

Renewing SSL certificate for SSL offload - question regarding CSR creation

HTTPS offload rewriting

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS