FWSM v3.1 Resource ACL-Partition

Unanswered Question
Feb 23rd, 2010

If a FWSM is using the default 12 partitions and there are contexts in ALL the paritions, what would be the impact of entering "resource acl-partition 6" on the contexts in partitions 6-11?


Would they automatically get re-assigned to partitions 0-5?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kureli Sankar Tue, 02/23/2010 - 11:08

Only after a reload.


http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/qr.html#wp1656867



Note Changing the number of partitions requires you to reload the FWSM.


How Repartitioning Works

When increasing the number of partitions, the default size of each partition is reduced. If you manually configured the partition sizes using the size command, the sizes you set might not be compatible with the new smaller partition sizes. If the current configured sizes do not fit into the new partitions, then the FWSM rejects the resource acl-partition command. The FWSM also checks the rule allocation (see the resource rule or rule command). If you manually allocated rules between features so that the total number of rules allocated is now greater than those available, then the FWSM rejects the resource acl-partition command. Similarly, if the absolute maximum number of rules for a feature is now exceeded, then the FWSM rejects the resource acl-partition command.


-KS

Panos Kampanakis Tue, 02/23/2010 - 14:31

To cut a long story short, they ACLs of the contexts will be reassigned on a round robin fashion for each context.

Notethat your total (not per context) available ACL space will be reduced alittle because you are using a bigger redundancy partition.


I hope it helps.


PK

Actions

This Discussion

Related Content