too many internal hosts (601) detected - affecting performance?

[cdooer]

Hello. We are currently getting this error message on one of our firewalls. We know why it is being caused, but it will take us some time to fix it. Does anyone know if this is affecting performance? This firewall is in front of numerous very busy websites, and they don't seem to be performing like they should.

Thanks.

 

[stooo]

The firewall is saying it can see 601 internal ip's and isn't licensed to protect that many. This can have serious performance implications.

You can clear down the internal host table using the following:

stop the firewall "cpstop" and remove the files: $FWDIR/database/fwd.h and $FWDIR/database/fwd.host

Start the firewall "cpstart" and then run the command "fw tab -t host_table -x" this should then ask you if you want to clear the table.

This won’t fix the problem permanently if there are too many internal hosts!!!

 

[cdooer]

Hello again. Thanks for the response. I was just wondering though, is there a technical explanation describing why this affects performance? I have a change scheduled this weekend that should fix the problem, but I was wondering exactly how a license problem would affect performance, instead of just nagging at me.

I've read a lot of articles stating that this will negatively affect performance, but none of them explain why.

Thanks.