- Identity Awareness kernel tables are limited to the following by default:
pdp_super_sessions: limited for 30,000 entries.
pdp_sessions: limited for 3 X pdp_super_sessions limit (90,000 entries by default).
- Until R80.10 GA, Identity Awareness can associate up to 30,000 IPs (=pdp_super_session entry) per gateway. Therefore, we have limited the kernel tables.
- In some cases, even when the environment has less than 30,000 IPs, the kernel tables are overflowed. This usually happened due to service accounts.