Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TLD Domain count exceeded - plenty of RAM

    Scheduled Pinned Locked Moved pfBlockerNG
    7 Posts 2 Posters 1.2k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      michmoor LAYER 8 Rebel Alliance
      last edited by

      Hello
      I am getting the following error
      204c408a-cb03-4b1b-8066-1851c2d0327c-image.png

      From the pfsense stats, i have plenty of available memory left.

      a07d175b-ac5c-4d6d-92c9-3ceb9511e5dd-image.png

      Any ideas?

      Firewall: NetGate,Palo Alto-VM,Juniper SRX
      Routing: Juniper, Arista, Cisco
      Switching: Juniper, Arista, Cisco
      Wireless: Unifi, Aruba IAP
      JNCIP,CCNP Enterprise

      S 1 Reply Last reply Reply Quote 0
      • S Offline
        SteveITS Galactic Empire @michmoor
        last edited by

        @michmoor What is "Firewall Maximum Table Entries" set to in Advanced/Firewall & NAT? Use a minimum of 2 million with pfBlocker.

        note there's a bug, where it says "On this system the default size is" that is always whatever number is in the field.

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
        Upvote 👍 helpful posts!

        M 1 Reply Last reply Reply Quote 0
        • M Offline
          michmoor LAYER 8 Rebel Alliance @SteveITS
          last edited by

          @steveits Hey Steve,
          2040f48d-fc28-4db8-a5d2-84a7ddfa1e00-image.png

          Thanks for the quick response.

          Firewall: NetGate,Palo Alto-VM,Juniper SRX
          Routing: Juniper, Arista, Cisco
          Switching: Juniper, Arista, Cisco
          Wireless: Unifi, Aruba IAP
          JNCIP,CCNP Enterprise

          S 1 Reply Last reply Reply Quote 0
          • S Offline
            SteveITS Galactic Empire @michmoor
            last edited by

            @michmoor Yeah set that to 2m and try. It's probably running out of table space to store the entries. If that doesn't work try larger values, and/or look at Diagnostics/Tables and you can find a count for each.

            Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
            Upvote 👍 helpful posts!

            M 1 Reply Last reply Reply Quote 0
            • M Offline
              michmoor LAYER 8 Rebel Alliance @SteveITS
              last edited by

              @steveits Hey steve,
              Seems to not have helped much. still getting the errors after increasing

              0cb132b7-4570-4fae-8463-7a0925d54526-image.png

              Firewall: NetGate,Palo Alto-VM,Juniper SRX
              Routing: Juniper, Arista, Cisco
              Switching: Juniper, Arista, Cisco
              Wireless: Unifi, Aruba IAP
              JNCIP,CCNP Enterprise

              S 1 Reply Last reply Reply Quote 0
              • S Offline
                SteveITS Galactic Empire @michmoor
                last edited by

                @michmoor Searching found this: https://www.reddit.com/r/pfBlockerNG/comments/lrd6ah/comment/goldqij/ which sounds like RAM while it's reading a big list.

                Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
                Upvote 👍 helpful posts!

                M 1 Reply Last reply Reply Quote 1
                • M Offline
                  michmoor LAYER 8 Rebel Alliance @SteveITS
                  last edited by michmoor

                  @steveits thats what it is. It was the OISD feed. Once removed the error went away and I now see my custom list being used as well solving another issue i posted.
                  This feels like a bug as the memory was never reaching close to 4GB (4100 Max). There should still be plenty of memory available for the OISD feed.
                  @BBcan177 can chime in if he has free cycles.

                  Thanks for pointing me in the right direction.

                  Firewall: NetGate,Palo Alto-VM,Juniper SRX
                  Routing: Juniper, Arista, Cisco
                  Switching: Juniper, Arista, Cisco
                  Wireless: Unifi, Aruba IAP
                  JNCIP,CCNP Enterprise

                  1 Reply Last reply Reply Quote 0
                  • M michmoor referenced this topic on
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.