The Future of F5 Networks: SDN, iRules & Node.js

Unlike some others in the network industry (until lately at least), those dealing with F5 Networks’ products are probably well accustomed to change – significant and fast paced change at that. F5 are not a company to shy away from rapid change and replacing old technology and tools with newer, better ones. The change from the bigpipe legacy CLI command-set to the far superior tmsh (the best CLI I’ve ever used) is just one example. F5 also tend to be quick to market with new protocol support, demonstrated by their support for Google’s SPDY, VXLAN and others. So, is the company known for fast-paced change and  integrating well with open standards, protocols and other vendors likely to make a fundamental change to one of its core product features: iRules?

Before we get to the detail (actually, the guessing), allow me to give you an overview of what iRules are. iRules are available with F5’s Local Traffic Manager (LTM – a very advanced load balancer) and other TMOS system modules including GTM and ASM. They are user-created Tool Command Language (Tcl) programs or scripts that are assigned to a Virtual Server and run (or are triggered) by one or more user-specified events related to that Virtual Server, such as a new TCP connection or HTTP GET request. These event-driven Tcl scripts (a programmer might call them event handlers) can contain any number of commands that can be used to make load balancing decisions, modify packet content, direct traffic flow, collect statistics and do just about anything else you can think of between layers two through seven and beyond. This makes your network, traffic, routing and application flow programmable and contextual (at the point the LTM handles it at least). This gives you a great deal of power and control.

iRules are pretty old now in IT terms, but are as popular as ever. In my view (and theirs), iRules are a ‘killer’ feature for F5. However, the use of Tcl has often been questioned; it’s not a particularly popular or contemporary language (it’s actually 25 years old). Despite that, Tcl has served its purpose well. But consider the shadow of SDN, virtualisation and a programmable network drawing ever nearer, and F5’s expansion and growth attempts in other markets such as security and service provider. Perhaps the time is ripe for Tcl’s replacement? Two of F5’s most prolific company bloggers: Don and Lori MacVittie certainly seem very excited about Node.js.*

F5 acquired SDN-related company LineRate Systems in early 2013, and that company’s products use Node.js for their equivalent of iRules (not that a comparison is as straightforward as you might think). Node.js is built for high performance, is extensible like Tcl, it is modular (unlike iRules), advanced, asynchronous (unlike Tcl in the main) and very popular. If the base iRules language were ever to be replaced, I’d bet some money on and be quite happy to see Node.js take its place. But will it happen? Considering the investment many (if not all) of F5’s customers have made in iRules and their likely critical nature, moving to Node.js not a step to be taken lightly. But if backward compatibility (or even dual platforms) and their customer’s investments can be maintained whilst the language, its capabilities and performance are moved forward, it’s a wise move.

Of course, I can’t ignore Software Defined Networking (SDN). Despite the similarities between the iRules programming language, the iControl API and upcoming BIG-IQ ‘platform’ and some aspects of SDN, F5 still have a lot to do to keep themselves relevant in this space and in the future. Greg already thinks that “F5 is yesterday’s technology“, although I beg to differ. F5 have a great foundation to build upon. The general SDN focus on open standards blends well with F5’s approach, and can offer a significant benefit to smaller players in the network industry like itself. The SDN concepts of centralised control, programmability and intelligence all play to F5’s strengths, and I sincerely hope that the company takes full advantage. In case you didn’t know, I’m a bit of a fan of F5; they are (mostly) everything some other vendors I could mention are not; customer focussed, open, agile, sometimes humorous (really) and quick to respond to and adapt to change.

But F5 need to adapt even more and even more quickly. As well as providing benefits to smaller vendors, SDN also presents a grave risk, especially where L4-7 products are concerned. If all the intelligence is going to be at or north of the controller (or spread between the two), F5 need to ensure they are relevant and have products to sell in this new market. The competition is likely to be fierce, but luckily that’s nothing new to the company. However, the competition won’t be like anything they’ve seen before.

F5’s BIG-IP hardware – like Stella Artois lager (commonly known as ‘wife beater’ in the UK) – is reassuringly expensive and, along with its multiple operating systems and feature modules, pretty complex. It’s not something F5 would like to relinquish to some no-name companies, but ultimately, that option should already be on the table however unattractive. It’s interesting to note that in the near future, F5’s professional services will probably generate more revenue than their hardware. I’ve no idea how virtual edition (VE) sales are accounted for, so perhaps hardware is already a minority revenue stream.

F5’s history and approach suggest they can seize their share as long as they choose to enter the SDN marketplace in the first place. As much as I’m against revolution, I believe F5 need to do something radical to ensure they don’t become irrelevant in this new world and market. Replacing the language that iRules is based upon to something more likely to suit a different kind of network engineer and integrate even better with programmable network control and virtualisation systems might be a good start. But then, perhaps doing something with the iControl API makes more sense? Better yet, tear it all up and blend the best of LineRate and F5’s technologies together to create something completely new.

I’m reasonably sure F5’s wizards have something up their sleeve, but it would be good to know what the plan or the vision is so that customers can assess the future with a little bit more confidence and knowledge. I like this vendor. Whatever the future holds, I’d like to see them be a part of it. Adele might think she can find “somebody like you,” but I have my doubts.

*As evidenced by these recent posts;


  1. Stacky says

    Great post. Love the Stella reference :) But seriously, getting knee deep into F5 LTM at the moment and iRules really is king. I think no matter what language, tcl or Node.js or anything else. This level flexibility in application networking is a great introduction to some basic ideas of what SDN is and might become, and something every network engineer should aspire to become at least familiar with.

    PS, Greg is wrong. F5 leads the way in this arena!

    • says

      Thanks Stephen, it’s appreciated. I couldn’t agree more but I’d like to see F5 take full advantage of the strength and maturity of it’s SDN-like/-compatible technologies and and do/announce something (hell – anything) in the SDN space that extends their reach into this area. Their current lack of involvement and any kind of roadmap or announcements is disappointing and a real shame.

      Hopefully any moves into SDN would also benefit customer who are a long way from it, through an extended command set, a better iRules base language, improvements to iControl or Enterprise Manager or something else entirely. I’ve got my fingers crossed. =]

    • says

      Funnily enough I am planning a post on the future of employment in the industry as a whole but it’s a few weeks away. Right now I’m not sure whether it’s going to be positive or negative.

Leave a Reply

Your email address will not be published. Required fields are marked *