Cisco 7604 Configuration Manual page 623
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Appendix A
Specifications
CLS Rule
-----------+---------+----------+---------
Policy NAT
ACL
Filter
Fixup
Est Ctl
Est Data
AAA
Console
-----------+---------+----------+---------
Total
Partition Limit - Configured Limit = Available to allocate
To view the number of rules currently being used so you can plan your reallocation, enter one of the
Step 2
following commands.
In single mode or within a context, enter the following command:
•
hostname(config)# show np 3 acl count 0
In multiple context mode system execution space, enter the following command:
•
hostname(config)# show np 3 acl count partition_number
For example, the following is sample output from the show np 3 acl count command, and shows the
number of inspections (Fixup Rule) close to the maximum of 9216. You might choose to reallocate some
access list rules (ACL Rule) to inspections.
hostname(config)# show np 3 acl count 0
-------------- CLS Rule Current Counts --------------
CLS Filter Rule Count
CLS Fixup Rule Count
CLS Est Ctl Rule Count
CLS AAA Rule Count
CLS Est Data Rule Count
CLS Console Rule Count
CLS Policy NAT Rule Count
CLS ACL Rule Count
CLS ACL Uncommitted Add
CLS ACL Uncommitted Del
...
Note
To reallocate rules between features, enter the following command (in multiple context mode, enter it in
Step 3
the system execution space). If you increase the value for one feature, then you must decrease the value
by the same amount for one or more features so the total number of rules does not exceed the system
limit. See
hostname(config)# resource rule nat {max_policy_nat_rules | current | default | max}
acl {max_ace_rules | current | default | max}
filter {max_filter_rules | current | default | max}
fixup {max_inspect_rules | current | default | max}
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Default
Configured
Limit
Limit
2498
2498
100567
100567
3747
3747
5621
5621
624
624
624
624
8744
8744
2498
2498
124923
124923
124923
-
124923
The established command creates two types of rules, control and data. Both of these types are
shown in the display, but you allocate both rules by setting the number of established
commands; you do not set each rule separately.
Step 1
to use the show resource rule command for the total number of rules allowed.
Absolute
Max
10000
100567
7494
10000
624
624
10000
4996
=
0
:
0
:
9001
:
4
:
15
:
4
:
16
:
0
:
30500
:
0
:
0
Rule Limits
A-9
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
