cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1538
Views
0
Helpful
2
Replies

FWSM v3.1 Resource ACL-Partition

KatoNakatomi
Level 1
Level 1

If a FWSM is using the default 12 partitions and there are contexts in ALL the paritions, what would be the impact of entering "resource acl-partition 6" on the contexts in partitions 6-11?

Would they automatically get re-assigned to partitions 0-5?

2 Replies 2

Kureli Sankar
Cisco Employee
Cisco Employee

Only after a reload.

http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/qr.html#wp1656867


Note Changing the number of partitions requires you to reload the FWSM.

How Repartitioning Works

When increasing the number of partitions, the default size of each partition is reduced. If you manually configured the partition sizes using the size command, the sizes you set might not be compatible with the new smaller partition sizes. If the current configured sizes do not fit into the new partitions, then the FWSM rejects the resource acl-partition command. The FWSM also checks the rule allocation (see the resource rule or rule command). If you manually allocated rules between features so that the total number of rules allocated is now greater than those available, then the FWSM rejects the resource acl-partition command. Similarly, if the absolute maximum number of rules for a feature is now exceeded, then the FWSM rejects the resource acl-partition command.

-KS

Panos Kampanakis
Cisco Employee
Cisco Employee

To cut a long story short, they ACLs of the contexts will be reassigned on a round robin fashion for each context.

Notethat your total (not per context) available ACL space will be reduced alittle because you are using a bigger redundancy partition.

I hope it helps.

PK

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: