Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    F5 Networks Big IP 1500

    Scheduled Pinned Locked Moved Hardware
    15 Posts 4 Posters 7.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • _Adrian__
      _Adrian_
      last edited by

      Hey guys…
      This might be another option for those that want a low power unit that's somewhat capable.

      Unit looks like its built around an ATX board with a Intel Celeron, 80GB EIDE drive, 2GB of RAM, Compact flash support, your leaffy green 300W power supply, 4x Gigabit ethernet along 2x Gigabit FC ports...

      ( Not mine, just a random google image)

      Pulling the big old tired IDE drive out and using a Dual CF to IDE converter would wake up the unit… I think...
      Im wondering how this would stack up against a firebox....

      Any insight or input ??

      If it ain't broken, fix it till it is :P

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Interesting looking box.
        It looks loud, many small fans.
        Is that two completely separate boards connected via internal ethernet?
        Broadcom NICs?

        Steve

        1 Reply Last reply Reply Quote 0
        • _Adrian__
          _Adrian_
          last edited by

          Looks like it Steve…
          I think the front PCB acts like a switch meanwhile the back part of the unit does the filtering.
          Also looks like it had an accelerator card of some sort in there...

          Its nice that it can be just unplugged and relocated to the rear of the unit with one of THESE

          EDIT:
          Found some specs on F5's site…

          Processor
          Single 2.5 GHz Celeron

          Network Interface
          4 x 10/100/1000
            2 x Fiber Gigabit Ethernet interface (SFPs)
                                1000BASE-SX - 850 nm (LC Connector
                                1000BASE-LX - 1310 nm (LC Connector, optional)
                  1 x 10/100 Ethernet Management port

          Hard Drive Capacity
          80 GB hard drive

          RAM
          768 MB (expandable to 2 GB)

          Power supply
          300W 100/240 +/- 10% VAC AUTO Switching

          Typical power consumption
          143W

          Heat generated
          488 BTU/hour

          If it ain't broken, fix it till it is :P

          1 Reply Last reply Reply Quote 0
          • _Adrian__
            _Adrian_
            last edited by

            My buddy has a handful of these on the shelf :

            "F5 NETWORKS BIG IP 1500 200-0138-02 LOCAL TRAFFIC MANAGER LOAD BALANCER

            This unit is being sold As-Is due to missing software. The unit boots, but ends up in a boot loop, due to hard-drive being wiped clean.

            Unit is equipped with 80GB WD Hard Drive. 4 Sticks of 512MB DDR memory, 128MB Flash and Channel Well PSG300C-80 Power Supply. etc "

            @Boot:

            System is booting, please wait…
            Press Ctrl-c to stop autoboot:  0
            kernel.core_uses_pid = 0
            kernel.core_pattern = /var/core/%e.sccp.core

            Host Console Shell --- Press <esc>( for command menu.

            PXELINUX/F5 HSIBJ 3.07  Copyright (C) 1994-2005 H. Peter Anvin
            Booting from local disk...

            PXELINUX/F5 HSIBJ 3.07  Copyright (C) 1994-2005 H. Peter Anvin
            Booting from local disk...

            PXELINUX/F5 HSIBJ 3.07  Copyright (C) 1994-2005 H. Peter Anvin
            Booting from local disk...

            etc...

            etc.........</esc>

            Almost wondering if that front board will accept DD-WRT or Open-WRT and with pfSense behind it it would make a hella team :)

            If it ain't broken, fix it till it is :P

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Yep that's a weird box!
              I can find only two pictures of it open, including the one you posted, and in both it has nothing in the CF slot. Presumably it needs something there to boot the front board and you spec states 128MB flash. I would bet that front board is not X86 so, yes, you'd have to go OpenWRT or roll your own FreeBSD for whatever architecture it is.
              The back board looks like a standard of the shelf motherboard with none of the backplate connectors exposed. It has VGA so I'm sure you could boot that part easily enough.

              Do you have any specs for the original boxes performance? That would give you some idea of what contribution the front board may have been making. Did it use some custom ASICS to get multi gigabit throughput for example.

              Steve

              1 Reply Last reply Reply Quote 0
              • _Adrian__
                _Adrian_
                last edited by

                @stephenw10:

                Yep that's a weird box!
                I can find only two pictures of it open, including the one you posted, and in both it has nothing in the CF slot. Presumably it needs something there to boot the front board and you spec states 128MB flash. I would bet that front board is not X86 so, yes, you'd have to go OpenWRT or roll your own FreeBSD for whatever architecture it is.
                The back board looks like a standard of the shelf motherboard with none of the backplate connectors exposed. It has VGA so I'm sure you could boot that part easily enough.

                Do you have any specs for the original boxes performance? That would give you some idea of what contribution the front board may have been making. Did it use some custom ASICS to get multi gigabit throughput for example.

                Steve

                This might help… but this is mainly what i have found so far...

                This F5 LTM bigip 1500 unit has:
                    500 Mbps of Throughput
                    4 - gigabit (10/100/1000) copper ports
                    100 TPS SSL Hardware Acceleration
                    5 MBPS COMPRESSION
                    F5 OS v9

                Server/Node Operating System Compatibility: Load balancing of any TCP/IP OS, including Windows NT, Windows 95, all UNIX platforms and Mac/OS

                Internet/Intranet Protocol Support: All TCP services, UDP, SIP and SSL; nearly all IP-based protocols

                Administrative Environment Support: DNS proxy, SMTP, F-secure SSH, SNMP, dynamic/static network monitoring, scheduled batch job processing, system status reports and alarms event notification

                Network Management & Monitoring: Secure SSL browser-based interface, remote encrypted login and file transfer using F-secure SSH monitor, BIG-IP system network monitoring utilities and additional contributed software; SNMP gets and traps.

                Dynamic Content Support: ASP (active server pages),VB (visual basic script), ActiveX, JAVA,VRML, CGI, Cool Talk, Net Meeting, Real Audio, Real Video, Netshow, Quick Time, PointCast, any HTTP encapsulated data

                BIG-IP LTM Device Redundancy: Watchdog timer card, fail-safe cable (primary & secondary)

                Web Server Application Compatibility: Any IP-based web or application server

                If it ain't broken, fix it till it is :P

                1 Reply Last reply Reply Quote 0
                • _Adrian__
                  _Adrian_
                  last edited by

                  Also found this…

                  Here's the output from bigpipe version:

                  Kernel:
                  Linux 2.4.21-9.4.4.65.0smp
                  Package:
                  BIG-IP Version 9.4.4 65.1
                  Final Edition

                  Enabled Features:
                  QoS and ToS Tagging                   
                  Connection Limits                     
                  OneConnect - Switching and Pooling   
                  Connection Rebinding                 
                  Connection Timeout                   
                  Route Pool                           
                  Last Hop Pool                         
                  Active Active                         
                  Failover                             
                  Pool Min Up Members                   
                  State Mirroring                       
                  VLAN Failsafe                         
                  HTTP traffic classifier               
                  iSNAT - Rules Referencing SNAT Pools 
                  Basic Load Balancing                 
                  Dynamic Ratio Load Balancing         
                  Fastest Load Balancing               
                  L3 Addr Load Balancing               
                  Least Connection Load Balancing       
                  Least Sessions Load Balancing         
                  Observed Load Balancing               
                  LB Pools Maximum Nodes unlimited     
                  Predictive Load Balancing             
                  Priority Load Balancing               
                  Ratio Load Balancing                 
                  Round Robin Load Balancing           
                  UDP Packet Load Balancing             
                  Web Logic Load Balancing             
                  EAV Monitor                           
                  FTP Monitor                           
                  gateway ICMP Monitor                 
                  HTTP Monitor                         
                  HTTPS Monitor                         
                  ICMP Monitor                         
                  IMAP Monitor                         
                  LDAP Monitor                         
                  LDAP Over SSL Monitor                 
                  Microsoft SQL Monitor                 
                  NNTP Monitor                         
                  Oracle Monitor                       
                  POP3 Monitor                         
                  RADIUS Monitor                       
                  RealN Monitor                         
                  Reverse Keyword                       
                  RPC Monitor                           
                  Monitor Rules                         
                  SASP Monitor                         
                  SCRIPTED Monitor                     
                  SIP Monitor                           
                  SMB Monitor                           
                  SMTP Monitor                         
                  SNMP Monitor                         
                  Soap Monitor                         
                  TCP Monitor                           
                  TCP Echo Monitor                     
                  TCP Half Open Monitor                 
                  Transparent Device Monitor           
                  UDP Monitor                           
                  WAP Monitor                           
                  WMI Monitor                           
                  Monitors                             
                  Network Address Translation           
                  Persistence                           
                  Cookie Persistence                   
                  Simple Persistence                   
                  SIP Persistence                       
                  SSL Session ID Persistence           
                  Sticky Persistence                   
                  Universal Persistence                 
                  WTS Persistence                       
                  Pools                                 
                  HTTP Content Transformation           
                  Fast L4                               
                  FTP                                   
                  HTTP Header Transformation           
                  HTTP                                 
                  Probe Control - IDS Traffic Management
                  HTTP Redirection                     
                  SIP                                   
                  TCP                                   
                  UDP                                   
                  RTSP switching                       
                  L4 iRules                             
                  L7 iRules                             
                  User-Defined Statistics               
                  iRules                               
                  SCTP support                         
                  SNAT Standard                         
                  Address Translation                   
                  Port Translation                     
                  Transparent Device Load Balancing     
                  Local Traffic Manager                 
                  Interface Mirroring                   
                  Spanning Tree Protocol               
                  PVA Enable                           
                  SSL Mbps 4000                         
                  SSL Total TPS 100                     
                  HTTP Compression 5                   
                  SSL client certificate authorization via LDAP
                  DDoS Connection Limits               
                  Dynamic Connection Reaping           
                  Packet Filter                         
                  SYN Check                             
                  SSL Support

                  Also found out that they update the switch card control processor (SCCP) manually.
                  As of yet I have no clue whats on the drive… time to dig deeper and check out the OpenWRT forums :)

                  If it ain't broken, fix it till it is :P

                  1 Reply Last reply Reply Quote 0
                  • _Adrian__
                    _Adrian_
                    last edited by

                    Also found this…
                    @F5:

                    The SCCP is a separate subsystem that controls the F5 switch hardware. The following examples include ways you can use the SCCP:

                    Change the system boot device
                        Halt or reboot the system
                        Perform a number of other specialized tasks that F5 Technical Support may request when troubleshooting your system

                    Warning: Some SCCP options can cause damage to your system. Do not use any SCCP option unless you are specifically instructed to do so in an AskF5 article or by an F5 Technical Support Engineer.

                    Accessing SCCP through secure shell (SSH)

                    Note:  By default, the SCCP is not configured to allow access through SSH from the network. To enable SCCP access from the network using SSH, refer to SOL3753: Configuring the switch card control processor (SCCP) so that it can be accessed over the network.

                    You can access the SCCP from the command line when you are connected directly to the console port or remotely through SSH.

                    Log in to the command line of the BIG-IP system.
                        Connect through SSH to the SCCP by typing the following command:

                    ssh sccp
                        An sccp# prompt displays appearing similar to the following example:

                    Last login: Mon Jan 01 01:23:45 2006 from host
                        Welcome to the F5Networks SCCP!
                        sccp#
                        Enter the SCCP Host Console Shell by typing the following command:

                    hostconsh
                        The output appears similar to the following example:

                    [hostconsh] Attempting to acquire the host processor console…
                        Host Console Shell --- Press <esc>( for command menu.
                        Display the SCCP menu by pressing the ESC key once, then press and hold down the SHIFT key while pressing the 9 key.

                    The SCCP menu appears similar to the following example:

                    [hostconsh] Command Menu:
                        1 –- Connect to Host subsystem console
                        2 --- Select Host subsystem boot mode: boot from local drive
                        3 --- Select Host subsystem boot mode: netboot from SCCP
                        4 --- Select Host subsystem boot mode: netboot from external server
                        5 --- Reboot Host subsystem (sends reboot command)
                        6 --- Halt  Host subsystem (sends halt command)
                        7 --- Reset  Host subsystem (issues hardware reset--USE WITH CARE!)
                        8 --- Reboot SCCP subsystem (issues hardware reset--USE WITH CARE!)
                        9 --- Halt  SCCP subsystem (issues hardware shutdown--USE WITH CARE!)
                        Q --- Exit Host subsystem console shell
                        [hostconsh] Enter command:

                    Important: This menu selection is limited; for a full menu selection, you can access the SCCP menu from the console.
                        Either select the desired SCCP menu item or exit the menu by pressing the q key and then pressing the y key to confirm exit. You return to the SCCP sccp# prompt.
                        Exit the SCCP by typing the following command:

                    exit

                    Accessing SCCP from the console

                    Note: You are not required to log in at the console prompt for the following procedure.

                    From the console, display the SCCP menu by pressing the ESC key once, then press and hold down the SHIFT key while pressing the 9 key.

                    You see output that appears similar to the following example:

                    [hostconsh] Command Menu:
                        1 –- Connect to Host subsystem console
                        2 --- Select Host subsystem boot mode: boot from local drive
                        3 --- Select Host subsystem boot mode: netboot from SCCP
                        4 --- Select Host subsystem boot mode: netboot from external server
                        5 --- Reboot Host subsystem (sends reboot command)
                        6 --- Halt Host subsystem (sends halt command)
                        7 --- Reset Host subsystem (issues hardware reset--USE WITH CARE!)
                        8 --- Reboot SCCP subsystem (issues hardware reset--USE WITH CARE!)
                        9 --- Halt SCCP subsystem (issues hardware shutdown--USE WITH CARE!)
                        B --- SCCP baud rate configurator
                        L --- SCCP login
                        N --- SCCP network configurator
                        [hostconsh] Enter command:

                    Important: When you access the SCCP through the console, the SCCP menu contains additional selections that were not provided on the menu when you accessed the SCCP through SSH.

                    Select the desired SCCP menu item, or type 1 to exit the menu.

                    If you select 1 to exit, you see output that appears similar to the following example:

                    Host Console Shell –- Press <esc>( for command menu.
                        Press the Enter key to return to the console prompt.

                    Displaying SCCP version information

                    To display the SCCP version information, connect to the SCCP using one of the methods described above, and type the following command:

                    uname -a</esc></esc>

                    Also after a bit of digging it looks like the card in the picture is a Broadcom SSL Crypto card…

                    If it ain't broken, fix it till it is :P

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      So it looks like there's a good chance you can just use the switch board as is and run pfSense on the rear board. It looks to be connected via serial internally (the black braided cable) as well as via ethernet. Of course you'll need a good grasp on how it's configured and how it can be changed.
                      The crypto card may be supported by the ubsec(4) driver.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • _Adrian__
                        _Adrian_
                        last edited by

                        Good thing i have a decent IP-KVM and can use one of these…

                        hidden inside the case and adding 2 of those neutrik case connector ( one for WAN and one for KVM ) at the back

                        I think I'm going to pull the trigger and see what can I get out of this box :P

                        If it ain't broken, fix it till it is :P

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          Don't spend too much, you could end up with a massive paper weight if you can't get the front board to play nicely. Also even if you can the whole box working the performance is never going to be anything special with that single Celeron.

                          Steve

                          1 Reply Last reply Reply Quote 0
                          • D
                            Darkk
                            last edited by

                            @stephenw10:

                            Don't spend too much, you could end up with a massive paper weight if you can't get the front board to play nicely. Also even if you can the whole box working the performance is never going to be anything special with that single Celeron.

                            Steve

                            It looks like a standard motherboard in the back so if performance is an issue he could just swap the board out with something a bit newer.  Very odd set up but it does have some advantages.  Mainly able to swap out the motherboard.

                            1 Reply Last reply Reply Quote 0
                            • _Adrian__
                              _Adrian_
                              last edited by

                              I think I see some SATA connectors at behind the last PCI slot…

                              BUT...
                              with that being said I didnt have one open, I just posted an image off the net.
                              Ther are roughly going for $50 plus shipping on ebay.

                              I'm looking for something like a firebox.
                              Whats your guys take on the XTM810 ?

                              Then I can actually use the DL380 for MS Exchange and free up my DL360 and let it handle DNS/DHCP/AD instead of running pfSense.

                              If it ain't broken, fix it till it is :P

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S
                                stephenw10 Netgate Administrator
                                last edited by

                                The XTM8 series are nice boxes. There is a gotcha with the install because the serial console port is actually com2 and Nano is hard coded to use com1. It all detailed in the XTM8 thread.

                                Steve

                                1 Reply Last reply Reply Quote 0
                                • T
                                  TeknikL
                                  last edited by

                                  Did you try to boot the pfsense cd with a usb cdrom?

                                  I have a Bigip 6400 and it boots off the disc, trying with a nanobsd serial console version now… will update.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.