1. Home
  2. Networking
  3. Check Point FireWall

Memory Used for State Tables

If you are manually tweaking the configuration or want to know how much memory to have available in your firewall system, it would be useful to know how much memory each connection takes. The memory requirements for various types of connections are outlined in Table E.1.

Assuming the worst-case scenario (NAT), you would need to allocate at least 57.7MB to handle 100,000 connections.

Table E.1. Approximate memory requirements for specific connections

Connection Type

Memory Requirement

Simple (e.g., accept, no NAT)

325 bytes

NAT (e.g., a standard connection with NAT)

542 bytes

Resources (authentication, content security, and so on)

401 bytes

Encrypted connections

399 bytes

General overhead (not per-connection)

6MB



    		Frequently Asked Questions
    		Preface
    		Chapter 1. Introduction to Firewalls
    		Chapter 2. Planning Your FireWall-1 Installation
    		Chapter 3. Installing FireWall-1
    		Chapter 4. Building Your Rulebase
    		Chapter 5. Logging and Alerting
    		Chapter 6. Common Issues
    		Chapter 7. Remote Management
    		Chapter 8. User Authentication
    		Chapter 9. Content Security
    		Chapter 10. Network Address Translation
    		Chapter 11. Site-to-Site VPN
    		Chapter 12. SecuRemote and SecureClient
    		Chapter 13. High Availability
    		Chapter 14. INSPECT
    		Appendix A. Securing Your Bastion Host
    		Appendix B. Sample Acceptable Usage Policy
    		Appendix C. 'firewall-1.conf' File for Use with OpenLDAP v1
    		Appendix D. 'firewall-1.schema' File for Use with OpenLDAP v2
    		Appendix E. Performance Tuning
    		Number of Entries Permitted in Tables
    		Memory Used for State Tables
    		Tweaks for Specific Operating Systems
    		Appendix F. Sample 'defaultfilter.pf' File
    		Appendix G. Other Resources
    		Appendix H. Further Reading