NetScaler Appliance System Limits
Article ID: CTX118716
Updated On:
Description
This article contains information about various system limits for a NetScaler appliance with NetScaler software release 13.1 installed on the appliance.
- LSN Entities and Bindings
- Base System Limits
- Base Networking Limits
- Load Balancing and Monitoring Limits
- Advanced Policy/Expression Limits
- Rewrite Limits
- Responder Limits
- HTTP callout Limits
- Classic Policy Engine Limits
- Content Filtering and Compression Policy Limits
- Global Server Load Balancing Limits
- Secure Socket Layer Limits
- Domain Naming System Limits
- Integrated Caching Limits
- User Interface Clients
- Policy-Based Routing
- Traffic Domains
- Admin Partitions
- Password String Length
LSN Entities and Bindings
| Item | System Limit |
| NetScaler 13.1 | |
| LSN clients | 1024 entities |
| LSN pools | 128 entities |
| LSN groups | 1024 entities |
| Subscriber networks that can be bound to an LSN client | 64 entities |
| Extended ACLs that can be bound to an LSN client | 1024 entities |
| NAT IP addresses in a Pool | 4096 entities |
| LSN pools that can be bound to an LSN group | 8 entities |
| LSN groups that can use the same LSN pool | 16 entities |
| LSN transport profiles that can be bound to an LSN group | 3 entities (one each for TCP, UDP, and ICMP protocols) |
| LSN groups that can use same LSN transport profile | 8 entities |
| LSN application profiles that can be bound to an LSN group | 64 entities |
| LSN groups that can use same LSN application profile | 8 entities |
| Port ranges that can be bound to an LSN application profile | 8 entities |
| Logprofile | 1024 entities |
| httpheaderprofile | 1024 entities |
| ip6profile | 1024 entities |
| sipalg and rtsp alg profiles | 1024 entities |
| Map Domains | 1024 entities |
| Basic Mapping Rule (BMR) | 1024 entities |
| Default Mapping Rule (DMR) | 1024 entities |
| BMR Network Bindings | 1024 entities |
| Map Domain BMR Bindings | 128 entities |
Base System Limits
| Item | Maximum Size |
| Virtual Server name | 127 characters |
| Service name | 127 characters |
| Server name | 127 characters |
| SVC group name | 127 characters |
| Monitor name | 63 characters |
| Entity comment | 255 characters |
| HTTP header data parsed | 62 KB |
| Size of the buffer used for compression | 54 KB. After this size, the response is chunked. |
Base Networking Limits
| Item | System Limits |
| Access Control List (ACL) | 10,000 entities |
| Simple ACLs | Depends on the available memory of the appliance (hash table of 64,000 size). |
| Static routes | Depends on the available memory of the appliance. |
| Dynamic routes | Depends on the available memory of the appliance. |
| ARP entries | 64,000 (hash table of 4,096 size) |
| ARP timeout | 20 minutes |
| ARP refresh | 16 minutes |
| Bridge table entries | 8,192 |
| Bridge table timeout | 5 minutes |
| VLANs | 4,096 entities |
| IP owned | Depends on the available memory of the appliance. |
| IPv6 IP owned | Depends on the available memory of the appliance. |
| First port number | 1,024 entities |
| Last port number | 65,535 entities |
| PMTUD entries | 64,000 |
| The default ICMP rate | 100 per 10ms (10,000/s) |
| IPv6 default routes | 16 entities (6 can be static) |
| NAT connections | Depends on the available memory of the appliance (hash table of 4 MB size). |
| TCP connections | Depends on the available memory of the appliance (hash table of 4 MB size). |
| VXLANs | 4096 Extended VXLANs entities 2048 Individual VXLANs entities |
Load Balancing and Monitoring Limits
| Item | System Limits | |
| NetScaler 13.1 | ||
| Virtual Servers | 100,000* entities | |
| Services/Servers | 100,000* entities | |
| Service Groups | 100,000* entities | |
| Service/Service group bindings to a single Virtual Server | 100,000* entities | |
| Persistence groups | 100,000* entities (This includes the number of Virtual Servers) | |
| TCP sessions | Depends on the available memory of the appliance | |
| NAT sessions | Depends on the available memory of the appliance. | |
| Persistent | nCore: 250,000/Packet Engine*** | |
| Unique monitors | 16,360 entities | |
| Monitor bindings | 150,000 entities | |
| Service bindings | 150,000 entities | |
| SNMP trap destination | 20 per trap-type (generic and specific) | |
| SNMP Managers | 105 entities (100 for IP based managers and 5 for domain based managers) | |
| Object Rate | 1,000,000 entities | |
|
*The sum total of virtual servers, services, service groups together cannot exceed 100,000. For example, if you configure 4,000 virtual servers, then you cannot configure more than 96,000 services or service groups. **Number of virtual servers includes Load Balancing, Content Switching, Domain Name System (DNS) name servers, Global Server Load Balancing (GSLB) Virtual Servers, SSL VPN Virtual Servers, RTSP virtual servers and persistence groups. ***250,000 per core is the default for NetScaler 10.1 and 10.5. To configure 1 million session entries per PE, run the following command: | ||
Advanced Policy/Expression Limits
| Item | System Limits |
| Number of actions that can be configured | Depends on the available memory of the appliance. |
| Number of policies that can be configured | Depends on the available memory of the appliance. |
| Number of policies that can be bound to various objects | Depends on the available memory of the appliance. |
| Number of times the same action can be used in different policies | 65,535 |
| Length of the policy rule | 1,499 |
| Length of the policy String Literals | 8191 |
| Length of the Policy/Action name | 127 |
| Number of Patset/Dataset bindings | 5000 |
| Length of the "add policy" command expression | 1,499 |
Rewrite Limit
| Item | System Limits |
|---|---|
| Length of the action pattern | 255 |
| Length of the action target(search) | 1,499 |
| Length of the action StringBuilderExpression | 8,191 |
| Length of the refine search | 1,499 |
Responder Limit
| Item | System Limits |
|---|---|
| Length of the "respond with" expression | 8,191 |
| Number of headers | 8 |
| Length of header expressions | 255 |
| Length of the reason phrase expression | 8,191 |
HTTP Callout Limits
| Item | System Limits |
|---|---|
| Number of headers | 8 |
| Number of parameters | 8 |
| Length of header expressions | 255 |
| Length of parameter expressions | 255 |
| Length of host expression | 255 |
| Length of URL stem expression | 8,191 |
| Length of body expression | 8,191 |
| Length of full request expression | 8,191 |
| Length of the result expression | 8,191 |
Classic Policy Engine Limits
| Item | System Limits | ||
| NetScaler 13.1 | |||
| Length of the policy expression name | 127 characters | ||
| Length of the rule | 1,499 characters | ||
| Number of the policy expressions | Depends on the available memory of the appliance | ||
Content Filtering and Compression Policy Limits
| Item | System Limits |
| Length of the Content Filtering policy name | 127 characters |
| Length of the rule | 1,499 characters |
| Number of the content filtering actions | Depends on the available memory of the appliance. |
| Number of the content filtering policies | Depends on the available memory of the appliance. |
Note: Content filtering is removed in 13.1
Global Server Load Balancing Limits
| Item | System Limits |
| NetScaler 13.1 | |
| GSLB Sites | 32 parent sites maximum, 1,024 child sites maximum. |
| GSLB LDNS entries | 30,000 per Policy Engine |
| GSLB VServers | 60,000* entities |
| GSLB services | 60,000* entities |
| Location table entries | 10,000,000 in the location database and 3000 custom location entries |
| Location cache entries | 4,096 |
| GSLB Backup Parent per Child Site | 5 |
| *The sum total of virtual servers and services cannot exceed 60,000. For example, if you configure 4,000 virtual servers, then you cannot configure more than 56,000 services. | |
Secure Socket Layer Limits
| Item | System Limits |
| Bit size of SSL Certificates | 4,096 (server and CA certificates only), 4,096-bit for Client certificates(VPX Only) |
| SSL Certificates | Depends on the available memory of the appliance. |
| SSL linked Certificates | 9 per chain |
| CRL revocations | Depends on the available memory of the appliance. |
| SSL Sessions | Depends on the available memory of the appliance. |
Domain Naming System Limits
| Item | System Limits |
| DNS entries | Depends on the available memory of the appliance. Note: Though there is no limit on overall DNS entries, there is a limit on number of records in an RR set. This limit depends on the type of record. |
| DNS hash table size | 1 MB |
| Length of the DNS name | 256 characters |
| Domain TTL | 604,800 |
| Domain name length | 256 characters |
| Retries | 5 |
| DNS views | 8 |
Integrated Caching Limits
| Item | System Limits |
| Cache URL size | 220 characters |
| Cache object number | Depends on the cache memory limit or object size. |
| Cache Policies | 2,048 entities |
| Content Group | 5,000 entities |
| Selectors | Depends on memory size |
| Selector expression / Selector | 8 |
User Interface Clients
| Item | System Limits |
| Command Line Interface/Graphical User Interface/Dashboard/NitroAPI | 20 clients |
| Session Tokens(GUI,NITRO) | 1,000 clients |
Policy Based Routing
| Item | System Limits |
| Maximum number of Policy Based Routing rules | 8192 |
Traffic Domains
| Item | System Limits |
| Maximum number of Traffic Domains | 4094 |
Admin Partitions
| Item | System Limits |
| Maximum number of Admin Partitions | 512 |
Password String Length
| Item | System Limit |
| Maximum password string length | 83 characters |
Issue/Introduction
This article contains information about various system limits for a NetScaler appliance with NetScaler software release 13.1 installed on the appliance.
Was this article helpful?
Yes
No
Powered by
