Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    TLD Domain count exceeded - plenty of RAM

    Scheduled Pinned Locked Moved pfBlockerNG
    7 Posts 2 Posters 969 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michmoor LAYER 8 Rebel Alliance
      last edited by

      Hello
      I am getting the following error
      204c408a-cb03-4b1b-8066-1851c2d0327c-image.png

      From the pfsense stats, i have plenty of available memory left.

      a07d175b-ac5c-4d6d-92c9-3ceb9511e5dd-image.png

      Any ideas?

      Firewall: NetGate,Palo Alto-VM,Juniper SRX
      Routing: Juniper, Arista, Cisco
      Switching: Juniper, Arista, Cisco
      Wireless: Unifi, Aruba IAP
      JNCIP,CCNP Enterprise

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @michmoor
        last edited by

        @michmoor What is "Firewall Maximum Table Entries" set to in Advanced/Firewall & NAT? Use a minimum of 2 million with pfBlocker.

        note there's a bug, where it says "On this system the default size is" that is always whatever number is in the field.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        M 1 Reply Last reply Reply Quote 0
        • M
          michmoor LAYER 8 Rebel Alliance @SteveITS
          last edited by

          @steveits Hey Steve,
          2040f48d-fc28-4db8-a5d2-84a7ddfa1e00-image.png

          Thanks for the quick response.

          Firewall: NetGate,Palo Alto-VM,Juniper SRX
          Routing: Juniper, Arista, Cisco
          Switching: Juniper, Arista, Cisco
          Wireless: Unifi, Aruba IAP
          JNCIP,CCNP Enterprise

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS Galactic Empire @michmoor
            last edited by

            @michmoor Yeah set that to 2m and try. It's probably running out of table space to store the entries. If that doesn't work try larger values, and/or look at Diagnostics/Tables and you can find a count for each.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            M 1 Reply Last reply Reply Quote 0
            • M
              michmoor LAYER 8 Rebel Alliance @SteveITS
              last edited by

              @steveits Hey steve,
              Seems to not have helped much. still getting the errors after increasing

              0cb132b7-4570-4fae-8463-7a0925d54526-image.png

              Firewall: NetGate,Palo Alto-VM,Juniper SRX
              Routing: Juniper, Arista, Cisco
              Switching: Juniper, Arista, Cisco
              Wireless: Unifi, Aruba IAP
              JNCIP,CCNP Enterprise

              S 1 Reply Last reply Reply Quote 0
              • S
                SteveITS Galactic Empire @michmoor
                last edited by

                @michmoor Searching found this: https://www.reddit.com/r/pfBlockerNG/comments/lrd6ah/comment/goldqij/ which sounds like RAM while it's reading a big list.

                Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                Upvote 👍 helpful posts!

                M 1 Reply Last reply Reply Quote 1
                • M
                  michmoor LAYER 8 Rebel Alliance @SteveITS
                  last edited by michmoor

                  @steveits thats what it is. It was the OISD feed. Once removed the error went away and I now see my custom list being used as well solving another issue i posted.
                  This feels like a bug as the memory was never reaching close to 4GB (4100 Max). There should still be plenty of memory available for the OISD feed.
                  @BBcan177 can chime in if he has free cycles.

                  Thanks for pointing me in the right direction.

                  Firewall: NetGate,Palo Alto-VM,Juniper SRX
                  Routing: Juniper, Arista, Cisco
                  Switching: Juniper, Arista, Cisco
                  Wireless: Unifi, Aruba IAP
                  JNCIP,CCNP Enterprise

                  1 Reply Last reply Reply Quote 0
                  • M michmoor referenced this topic on
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.