Is there any limit regarding number of rules or size of config.boot file from which performance starts degrading?

Hi colleagues,

I have several Vyos acting as firewall with some heavy rulesets (some of them with more than 3000 rules and more than 1 MB of config.boot file).

I’ve experienced some bad performance like large waiting meanwhile vyos commits, or random issues with firewall rules (not being applied in memory, but being present in config file…)

Do you know if there are some limits regarding the number of rules or the size of config.boot file?

Thanks and regards

As far as I know, there are no limits on the number of rules in VyOS.
However, such a large set of rules requires allocation of appropriate resources.
As for Firewall performance, it was greatly improved in the latest versions of VyOS-1.4
What version of VyOS do you have?