Previous page

Next page

Locate page in Contents

Print this page


numiptent: number of NETFILTER (IP packet filtering) entries.

The barrier should be set equal to the limit. There is a restriction on the total number of IP packet filtering entries in the system. It depends on the amount of other allocations in so called the vmalloc memory area and constitutes about 250,000 entries. Violation of this restriction may cause failures of operations with IP packet filter tables (execution of iptables(8)) in any Container or the host system, or failures of Container starts. Also, high numiptent settings cause considerable slowdown of processing of network packets. It is not recommended to set the numiptent limit to more than 200-300.

Please send us your feedback on this help page