Cisco Catalyst 6500 Series Configuration Manual page 89
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Chapter 5
Managing Security Contexts
To set the resource limits, see the following options:
Step 2
•
•
Table 5-1
Resource Names and Limits
Minimum and Maximum
Resource Name
Number per Context
mac-addresses
N/A
conns
N/A
fixups
N/A
hosts
N/A
ipsec
1 minimum
5 maximum concurrent
OL-6392-01
To set all resource limits (shown in
FWSM(config-resmgmt)# limit-resource all { number % | 0}
The number is an integer greater than or equal to 1. 0 (without a percent sign (%)) sets the resources
to unlimited. You can assign more than 100 percent if you want to oversubscribe the device.
To set a particular resource limit, enter the following command:
FWSM(config-resmgmt)# limit-resource [rate] resource_name number [%]
For this particular resource, the limit overrides the limit set for all. Enter the rate argument to set
the rate per second for certain resources. See
per second.
Table 5-1
lists the resource types and the limits. See also the show resource types command.
Total Number for System
65 K concurrent
999,900 concurrent
102,400 per second (rate)
10,000 per second (rate)
256 K concurrent
10 concurrent
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
Table
5-1), enter the following command:
Table 5-1
for resources for which you can set the rate
Description
For transparent firewall mode, the number of
MAC addresses allowed in the MAC address
table.
TCP or UDP connections between any two
hosts, including connections between one host
and multiple other hosts.
For concurrent connections, the FWSM
Note
allocates half of the limit to each of two
network processors (NPs) that accept
connections. Typically, the connections
are divided evenly between the NPs.
However, in some circumstances, the
connections are not evenly divided, and
you might reach the maximum
connection limit on one NP before
reaching the maximum on the other. In
this case, the maximum connections
allowed is less than the limit you set.
The NP distribution is controlled by the
switch based on an algorithm. You can
adjust this algorithm on the switch (see
the
Interface" section on page
can adjust the connection limit upward
to account for the inequity.
Application inspection.
Hosts that can connect through the FWSM.
IPSec sessions
Configuring Resource Management
"Customizing the FWSM Internal
2-11), or you
5-15
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Cisco Catalyst 6500 Series
Related Products for Cisco Catalyst 6500 Series
- Cisco 6503 - Catalyst Firewall Security Sys
- Cisco 6503-E - Catalyst Chassis With Supervisor Engine 32 Switch
- Cisco 6504-E - Catalyst Chassis With Supervisor Engine 32 Switch
- Cisco 6506 - Catalyst Chassis Switch
- Cisco 6513 - Catalyst Switch
- Cisco Catalyst 6509
- Cisco Catalyst 6513-E
- Cisco Catalyst 6500-E Series