What is the memory limit for a network extension?

Hi Eskimo,

Does this memory limit also apply on mac OS?

Does this memory limit also apply on mac OS?

It seems memory limits changed for iOS 15, at least for tunnel providers it seems to be 50 MB now. Can you confirm this @eskimo?

for tunnel providers it seems to be 50 MB now.

Indeed. That’s a big bump!

Anyway, here’s what I see on iOS 15.0:

And, just so we’re clear:

IMPORTANT These limits have changed in the past and may well change in the future. I’m posting them to assist in your debugging. You should not hard code knowledge about these limits into your code. The only way to ensure that your provider can run within the system’s memory limits is to thoroughly test it on a wide range of device and OS combinations.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Is ios14 still 15m?

A quick check on iOS 14 (specifically iOS 14.8) indicates that has the same 15 MiB limit for packet tunnel providers as earlier systems.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

@eskimo - Any chance of listing the figures for iOS 16? Any changes?

Any chance of listing the figures for iOS 16?

This is what I’m seeing on iOS 16.0:

Be aware that I tested this on a very modern device, because that’s what I have iOS 16 installed on; it’s possible that the limits are lower on older devices.

And, just so we’re clear:

IMPORTANT These limits have changed in the past and may well change in the future. I’m posting them to assist in your debugging. You should not hard code knowledge about these limits into your code. The only way to ensure that your provider can run within the system’s memory limits is to thoroughly test it on a wide range of device and OS combinations.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi Quinn

Looks like something is changed on iOS 17. Memory limit for Packet tunnel seems to be back to 15 Mb. Please see below logs where network extension is terminating at 12 Mb.Can you please check on your end if its a regression or new kind of restriction?

com.apple.MemoryMonitor default 30 2023-11-05 22:27:13.606499 -0800 UserEventAgent kernel jetsam snapshot note received
com.apple.xpc default 13177 2023-11-05 22:27:13.606503 -0800 com.apple.WebKit.Networking [0xc46648d20] activating connection: mach=true listener=false peer=false name=com.apple.trustd
com.apple.xpc default 134 2023-11-05 22:27:13.606630 -0800 trustd [0xc7ca4bdc0] activating connection: mach=false listener=false peer=true name=com.apple.trustd.peer.0xc7ca4bdc0
com.apple.securityd default 134 2023-11-05 22:27:13.607994 -0800 trustd Leaf has invalid basic constraints
com.apple.xpc default 13129 2023-11-05 22:27:13.609266 -0800 neagent [0xdcaa07ee0] invalidated on xpc_connection_cancel()
 default  2023-11-05 22:27:13.609347 -0800 kernel memorystatus: Looking for highwatermark kills.
 default  2023-11-05 22:27:13.609488 -0800 kernel memorystatus: Looking for highwatermark kills.
com.apple.securityd default 134 2023-11-05 22:27:13.609518 -0800 trustd ocsp responder: (null) did not include status of requested cert
com.apple.networkextension default 13130 2023-11-05 22:27:13.610271 -0800 tunnel [Extension com.test.test.tunnel]: Calling stopTunnelWithReason because: Stop command received



 default  2023-11-05 22:27:13.599524 -0800 kernel memorystatus: Looking for highwatermark kills.
 default  2023-11-05 22:27:13.599989 -0800 kernel memorystatus: killing process 13106 [nesessionmanager] in high band ? (140) - memorystatus_available_pages: 54696
 default  2023-11-05 22:27:13.604593 -0800 kernel 233725.356 memorystatus: killing_highwater_process pid 13106 [nesessionmanager] (highwater 140) 12929KB - memorystatus_available_pages: 56673 compressor_size:126801
 default  2023-11-05 22:27:13.609347 -0800 kernel memorystatus: Looking for highwatermark kills.
 default  2023-11-05 22:27:13.609488 -0800 kernel memorystatus: Looking for highwatermark kills.
 default  2023-11-05 22:27:13.758230 -0800 kernel nehelper[13175] Corpse allowed 1 of 5


 default  2023-11-05 22:27:13.604593 -0800 kernel 233725.356 memorystatus: killing_highwater_process pid 13106 [nesessionmanager] (highwater 140) 12929KB - memorystatus_available_pages: 56673 compressor_size:126801
pid/13106 [nesessionmanage] default 1 2023-11-05 22:27:13.605747 -0800 launchd shutting down
pid/13106 [nesessionmanage] default 1 2023-11-05 22:27:13.605778 -0800 launchd cleaning up
user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606004 -0800 launchd exited with exit reason (namespace: 1 code: 0x2) - JETSAM_REASON_MEMORY_HIGHWATER
user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606009 -0800 launchd process exited in a dirty state
user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606017 -0800 launchd service state: exited
user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606081 -0800 launchd internal event: EXITED, code = 0