Maximum "allowed IP addresses" on vCenter server Firewall and within ESXi host Firewall rule
search cancel

Maximum "allowed IP addresses" on vCenter server Firewall and within ESXi host Firewall rule

book

Article ID: 323244

calendar_today

Updated On:

Products

VMware vCenter Server VMware vSphere ESXi

Issue/Introduction

Is there a limit to the number of  "allowed IP addressed"  entries or rules in either the vCenter Server Appliance or ESXi firewalls?

Environment

VMware vCenter Server 7.0.x
VMware vCenter Server 8.0.x
VMware vSphere ESXi 7.0.x

Resolution

vCenter Server Appliance Firewall

There is no enforced limit within kernel and firewall rules.   

Be aware :  The higher number of configured firewall rules the more CPU the VM will require and consume.  Every packet has to be checked against each rule consuming more CPU.  A high number of rules may saturate available CPU resources and cause dropped packets.

 

ESXi Hosts

Maximum allowed IPs per ruleset is 128 on ESXi hosts.

Powered by Wolken Software