Is there an upper limit to PF's tables?

[Chris H]

On Mon, 18 Jun 2018 12:21:47 +0200 "Kurt Jaeger" <lists at opsec.eu> said

> Hi!
> 
> > > So loading all entries in to empty table works fine, but reloading 
> > > didn't work.
> > Sorry. Looks like I might be coming to the party a little late. But I'm
> > currently running a 9.3 box that runs as a IP (service) filter for much
> > of a network. While I've patched the box well enough to keep it safe to
> > continue running. I am reluctant to up(grade|date) it to 11, or CURRENT,
> > based on some of the information related to topics like this thread.
> > Currently, the 9.3 box maintains some 18 million entries *just* within
> > the SPAM related table. The other tables contain no less that 1 million.
> 
> > As it stands I have *no* trouble loading pf(4) with all of the tables
> > totaling some 20+ million entries, *even* when the BOX is working with
> > as little 4Gb ram.
> > Has something in pf(4) changed, since 9.3 that would now prevent me
> > from continuing to use my current setup, and tables?
> 
> Well, if you plan to upgrade, I'd suggest you do some tests,
> like dumping those tables and loading them on a new box.
> 
> At all our installations we did use PF in 9.x times and
> had no problems to move to 11.x.
Thanks for the reply, Kurt.
That's good advice, indeed. As that was pretty much my "game plan".
But recently I've seen a few entries on the list, and a few pr(1)'s
regarding the inability to start pf(1), because the tables were too large.
Whereas I hadn't heard anyone mention it in the past. So it seemed prudent
to ask. :-)

Thanks again, Kurt!

--Chris
> 
> -- 
> pi at opsec.eu            +49 171 3101372                    2 years to go !