Date: Sat, 18 Dec 2004 10:27:59 +0900 From: Pyun YongHyeon <yongari@kt-is.co.kr> To: jon@abccomm.com Cc: freebsd-pf@freebsd.org Subject: Re: problem with table Message-ID: <20041218012759.GA2648@kt-is.co.kr> In-Reply-To: <8eea0408041217104076562192@mail.gmail.com> References: <c7b84f9504121708587bf53721@mail.gmail.com> <8eea0408041217104076562192@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Dec 17, 2004 at 10:40:00AM -0800, Jon Simola wrote: > On Fri, 17 Dec 2004 17:58:00 +0100, ChOcO Bn <choco.bn@gmail.com> wrote: > > i'm using freebsd 5.3 with pf and altq compiled in kernel. > > i'm trying to fill a table with a file containing some range of ips ( > > according to CIDR norms ) > > > > choco ~/ip_guardian# cat guarding.ip | wc -l > > 46916 > > > > and when i try to reload my rules, i can't get it work : > > > > "cannot define table guardian: Cannot allocate memory" > > > > How could i handle this ? > > I'd try various amounts to see how many you can load into a table. I > suspect 47 thousand is a bit much, perhaps trying multiple smaller > tables? During early days of pf porting, I measured table's locking overhead within copyin/copyout using TSC. At that time I used 108000 entries generated by shell script. AFAIK, the number of entries that can be loaded into a table depends on available kernel memory. And there is no limit if your system has enough memory. -- Regards, Pyun YongHyeon http://www.kr.freebsd.org/~yongari | yongari@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041218012759.GA2648>