On Tue, Feb 17, 2015 at 10:22 PM, Bryan D. <[email protected]> wrote: > I have a relatively low-traffic pfSense 2.1.5 i386 setup on a system with 1.5 > GB of memory that always shows <50% used. > > This setup has normally been reliable but, since upgrading to 2.1.5, today is > the 4th time I've run into a problem after making changes to some aliases. > For some reason that I've been unable to see much pattern to, pfSense will > suddenly report a rash of errors similar to: > --- > [ There were error(s) loading the rules: pfctl: DIOCADDRULE: Invalid argument > - The line in question reads [0]: ] > --- > and/or an error indicating that it can't allocate memory (but there's over > 50% reported as being available). > > > When this happens, the following kind of error will occur during the reboot > while first configuring the firewall ... > --- > pfi_table_update cannot set <x> new addresses into table <blah>: <x> > --- > where "<blah>" varies, even with the same config being rebooted, and seems to > be either an interface name or "self". The error continues to recur with a > considerable "blocking" pause (up to 10's of seconds) each time it > (apparently) attempts a reload. >
It sounds like something in 32 bit isn't happy with very large table sizes. Can't say we've tried large tables on 32 bit, nor do I know of others who have offhand. Where there is a need for large table sizes, you're almost always running 64 bit hardware and the 64 bit version. Is that not a 64 bit CPU? If it is, reinstalling with 64 bit and restoring your backup should be a quick, proven solution. If you wouldn't mind sharing your aliases, email that portion of your config to me off-list. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
