Support Center > Search Results > SecureKnowledge Details
How Connections Table limit capacity behaves in CoreXL
Symptoms
  • Aggressive Aging is activated in IPS profile, or new connections may be dropped for the reason that the Connections Table is full when a given CoreXL Firewall instance has far fewer connection entries than the Connections Table limit, or the 80% threshold to activate Aggressive Aging as seen in the output of 'fw ctl multik stat' command.
Cause

CoreXL cumulatively counts the number of connections across all running CoreXL Firewall instances. This counter value is used to enforce Aggressive Aging when it is activated, and when the Connection Table is full, based upon the Connections Table limit defined for the Security Gateway in SmartDashboard.


Solution

No fix is required; the system is functioning as designed.

CoreXL limits the Connections Table capacity to the value defined for the Security Gateway in SmartDashboard, and is not impacted by the number of running CoreXL Firewall instances.

 

Related solutions: 

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment