Site icon 지락문화예술공작단

NGINX Plus vs F5 BIG-IP: 2018 Price-Performance Comparison

NGINX Plus vs F5 BIG-IP: 2018 Price-Performance Comparison

table.nginx-blog, table.nginx-blog th, table.nginx-blog td {
border: 2px solid black;
border-collapse: collapse;
}
table.nginx-blog {
width: 100%;
}
table.nginx-blog th {
background-color: #d3d3d3;
align: left;
padding-left: 5px;
padding-right: 5px;
padding-bottom: 2px;
padding-top: 2px;
line-height: 120%;
}
table.nginx-blog td {
padding-left: 5px;
padding-right: 5px;
padding-bottom: 2px;
padding-top: 5px;
line-height: 120%;
}
table.nginx-blog td.center {
text-align: center;
padding-bottom: 2px;
padding-top: 5px;
line-height: 120%;
}

Two years ago, we compared the price and performance of NGINX vs. the F5 BIG-IP. Based on our testing, we determined NGINX on commodity hardware exceeded the performance of F5 BIG-IP while providing cost savings of up to 84%.

Since we published that report, F5 has refreshed the BIG-IP line of hardware load balancers, introducing the new BIG-IP iSeries. The iSeries hardware promises better price and performance compared to previous BIG-IP hardware models, along with additional upgrades, such as onboard field programmable gate arrays (FPGAs).

At the same time, the price/performance of commodity servers has also improved: new Intel Xeon processors are faster than their predecessors, and prices have come down significantly as well. So, are the improvements in the new BIG-IP iSeries enough to keep up with the combination of commodity hardware and open source-based software?

In this blog, we’ll again compare three simple, unambiguous performance metrics; HTTP requests per second (RPS), SSL/TLS transactions per second (TPS), and HTTP throughput (measured in gigabits per second [Gbps]). F5’s metrics are from a published datasheet, with pricing from CDW and Carahsoft. The NGINX Plus performance numbers are from our Sizing Guide, and we used hardware pricing based on the list prices of Dell PowerEdge servers, with the same specs as the Intel hardware that achieved the indicated results in our tests.

The bottom line: the NGINX Plus price/performance advantage continues, with cost savings for NGINX over F5 ranging from 78% to 84%. At the same time, the flexibility advantages of software over F5 and other hardware ADCs continue to grow ever more important.

Let’s review the findings in detail.

NGINX Plus vs. F5 BIG-IP i2600

The table compares F5’s entry-level ADC, the F5 BIG-IP i2600, with NGINX Plus running on the Dell PowerEdge R330 with an 8 core Intel® Xeon® 4110 2.1 GHz CPU and an Intel XL710 2×40 Gbe network interface card (NIC).

F5 BIG‑IP i2600 NGINX Plus (Dell R630)
Cost
One-time hardware cost $19,175 $2,200
Annual 8×5 support and software subscription costs $2,300 $2,500
Total Cost (Year 1) $21,475 $4,700
(78% savings)
Total Cost (Year 3) $26,075 $9,700
(63% savings)
Total Cost (Year 5) $30,675 $11,700
(59% savings)
Performance Metrics
HTTP RPS 350,000 350,000
SSL/TLS TPS 2,500 14,0001 (5.6x)
Throughput (Gbps) 10 40 (4x)

1 Using OpenSSL 1.0.2d

The F5 configuration includes a single 10GbE NIC. The NGINX Plus/Dell PowerEdge configuration is specified with 1x40GbE NIC, which may be substituted withwill less expensive 10GbE NICs if desired.

NGINX Plus vs. F5 BIG-IP i5600

The table compares a mid-range BIG-IP appliance, the F5 BIG-IP i5600, with NGINX Plus running on a similarly sized bare-metal server, the Dell PowerEdge R630, with dual 22-core Intel® Xeon® E5-2699 v4 @ 2.2GHz CPUs and dual Intel XL710 2×40 Gbe NICs.

F5 BIG‑IP i5600 NGINX Plus (Dell R630)
Cost
One-time hardware cost $53,000 $10,000
Annual 24×7 support and software subscription costs $9,540 $3,500
Total Cost (Year 1) $62,540
$13,500
(78% Savings)
Total Cost (Year 3) $81,620 $20,500
(75% savings)
Total Cost (Year 5) $100,700 $27,500
(73% savings)
Performance Metrics
HTTP RPS 1.1M 1.2M (1.1x)
SSL/TLS TPS 20,000 61,000 (3.1x)1
Throughput (Gbps) 60 70 (1.2x)

1 Using OpenSSL 1.0.2d

NGINX Plus provides more than three times the SSL transactions per second compared to the equivalent F5 BIG-IP.

Scaling Horizontally for High Availability

Whether you select F5 hardware, or NGINX Plus running on an x86 server, you will most likely want to run a pair of devices for high availability. This doubles the cost of your deployment, making the absolute price difference even greater.

Furthermore, you will need a recovery plan if a hardware appliance or server fails and you need to restore your previous level of high availability. Because the NGINX Plus software is portable, the cost of maintaining spare hardware is significantly lower with NGINX Plus. In the unlikely event of total hardware failure, NGINX Plus can be redeployed promptly on any other available x86 server, on bare metal, in a virtual machine, or in a container instance.

On the other hand, F5 cold spares are an additional sunk cost. The alternative of relying on a warranty turnaround for hardware failure may leave you exposed for several days without the protection of high availability.

NGINX Plus, leveraging general-purpose hardware, provides a High-Availability solution that is significantly more cost-effective, and offers much faster recovery in the event of hardware failure.

Scaling Horizontally for Additional Performance

A single NGINX Plus instance running on a high-end x86 server can achieve 1.2M HTTP requests per second, 61K SSL transactions per second, and 70 Gbits of throughput. If you wish to specify a cluster that can handle more than this level of traffic, you can deploy NGINX Plus in a multiple-active, multiple-redundant fashion. This is commonly referred to as an N+1 deployment, where there are N active instances and one redundant system.

NGINX Plus in an N+1 deployment is much more cost effective than running a highly-available pair (1+1) of high-end F5 devices. For example, should we need to plan capacity for 2M HTTP requests per second, the costs compare as follows, using the Dell PowerEdge R630, with dual 22-core Intel® Xeon® E5-2699 v4 @ 2.2GHz CPUs and dual Intel XL710 2×40 Gbe NICs:

F5 BIG‑IP i11600
1+1 appliances
(1 active device)
NGINX Plus (Dell R630)
2+1 servers
(2 active devices)
Cost
One-time hardware cost $264,000
($132,000 each)
$30,000
($10,000 each)
Annual 24×7 support and software subscription costs $47,520
($23,760 each)
$10,500
($3,500 each)
Total Cost (Year 1) $311,520 $40,500
(87% Savings)
Total Cost (Year 3) $226,492 $61,500
(85% savings)
Total Cost (Year 5) $501,600 $82,500
(84% savings)
Performance Metrics
HTTP RPS 2.5M 2.4M
SSL/TLS TPS 37,000 122,0001
Throughput (Gbps) 80 140

1 Using OpenSSL 1.0.2d

NGINX Plus Flexibility

There are numerous “soft” benefits to NGINX Plus as well. Here are a few of the most important ones:

Increasingly, F5 BIG-IP and other hardware ADCs stick out like a sore thumb in an otherwise fungible, flexible, and fast-moving world of application delivery and development.

Conclusion

F5 has served the IT industry well for more than 20 years. But the industry has moved away from hardware appliances and towards cloud-native software solutions, leaving F5 BIG-IP as a legacy component in the datacenter. Whereas the F5 BIG-IP was once a solution that helped reduce costs for organizations, it is now cost-prohibitive.

Our own performance measurements and pricing analysis support this. For the simple use cases we examined, we saw Year 1 cost savings ranging from 78% to 88%, when comparing F5 BIG-IP to NGINX Plus.

Our customers report that they see similar cost savings when switching from hardware appliances to equivalent NGINX Plus solutions. They also related advantages, such as greater flexibility and easier manageability.

The price-performance advantages of an NGINX Plus-based solution, while immense, are only one reason to switch from hardware to software. Manageability, flexibility, the need for cloud solutions, the availability of trained personnel, and reducing the risk of using technology that may be nearing or reaching end of life are other important reasons for moving to software.

With NGINX Plus you are free to select the most cost-effective hardware for your needs. We don’t force you to accept hardware that doesn’t meet your company’s internal standards, nor are you obliged to over-provision the hardware now in anticipation of growth in traffic or application complexity that may arise in 2 to 3 years’ time.

And lastly, a special thank you to Intel for providing the servers we used to complete this testing.

Appendix

Testing Details

The data used to create this cost comparison was gathered from multiple sources:

The hardware used to benchmark NGINX Plus was loaned by Intel.

Performance Metrics

The following performance metrics are compared in this report:

Perfect Forward Secrecy

In accordance with current SSL/TLS best practices, we measured NGINX Plus’ SSL/TLS transactions per second (TPS) using the ECDHE-RSA-AES256-GCM-SHA384 cipher suite, which uses Ephemeral Elliptic curve Diffie–Hellman key exchange (ECDHE), AES, and SHA384. We also used an RSA 2048-bit key for valid comparison with the performance figures on the F5 datasheets.

This cipher provides Perfect Forward Secrecy (PFS), which ensures that encrypted traffic captured now can’t be decrypted at a later time, even if the private key is compromised. PFS is becoming a ‘must have’ in the current security climate. For example, Apple is mandating that iOS9 apps communicate using PFS.

F5 does not reveal the cipher used in their datasheet performance tests, and previous F5 benchmarks have not used PFS, which adds a performance penalty.

Readers should bear in mind the challenge of comparing SSL performance when different ciphers offer a tradeoff between security and speed.

The post NGINX Plus vs F5 BIG-IP: 2018 Price-Performance Comparison appeared first on NGINX.

Source: NGINX Plus vs F5 BIG-IP: 2018 Price-Performance Comparison

Exit mobile version