- When running in Kernel mode, the firewall instances are loaded into the driver (when running as USFW it is a dynamic loaded library).
- There are only 2GB of memory to load drivers and at least 500M is used by the OS.
2G is for all drivers loaded, including SecureXL (4 and 6) and FW (4 and 6 per instance).
- The issue occurs when the device reaches the maximum size (2G). It results in a memory allocation failure that causes the OS to revert to init mode 1.
Contributing factors triggering the issue:
- Non-VSX Firewall operating in Kernel mode.
- High instance count (32, 36 etc).
- IPv6 is enabled - which means additional firewall instances and SIM module are loaded.