Changing Between Contexts And The System Execution Space - Cisco 7604 Configuration Manual

Chapter 4 Configuring Security Contexts
When you assign a context to a partition, then the partition becomes exclusive. An exclusive partition
only includes contexts that you specifically assign to it. Partitions that do not have contexts specifically
assigned to them are non-exclusive and contexts are allocated to them in a round-robin fashion.
Note
For example, to assign the context to the first partition, enter the following command:
hostname(config-ctx)# allocate-acl-partition 0
The following example sets the admin context to be "administrator," creates a context called
"administrator" on the internal flash memory, and then adds two contexts from an FTP server:
hostname(config)# admin-context administrator
hostname(config)# context administrator
hostname(config-ctx)# allocate-interface vlan10
hostname(config-ctx)# allocate-interface vlan11
hostname(config-ctx)# config-url disk:/admin.cfg
hostname(config-ctx)# context test
hostname(config-ctx)# allocate-interface vlan100 int1
hostname(config-ctx)# allocate-interface vlan102 int2
hostname(config-ctx)# allocate-interface vlan110-vlan115 int3-int8
hostname(config-ctx)# config-url ftp://user1:passw0rd@10.1.1.1/configlets/test.cfg
hostname(config-ctx)# member gold
hostname(config-ctx)# allocate-acl-partition 0
hostname(config-ctx)# context sample
hostname(config-ctx)# allocate-interface vlan200 int1
hostname(config-ctx)# allocate-interface vlan212 int2
hostname(config-ctx)# allocate-interface vlan230-vlan235 int3-int8
hostname(config-ctx)# config-url ftp://user1:passw0rd@10.1.1.1/configlets/sample.cfg
hostname(config-ctx)# member silver

Changing Between Contexts and the System Execution Space

If you log in to the system execution space (or the admin context using Telnet or SSH), you can change
between contexts and perform configuration and monitoring tasks within each context. The running
configuration that you edit in a configuration mode, or that is affected by the copy or write commands,
depends on your location. When you are in the system execution space, the running configuration
consists only of the system configuration; when you are in a context, the running configuration consists
only of that context. For example, you cannot view all running configurations (system plus all contexts)
by entering the show running-config command. Only the current configuration displays. You can,
however, save all context running configurations from the system execution space using the write
memory all command.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
If you assign contexts to all partitions, then they are all exclusive. However, if you later add a
context that is not assigned to a partition, then contexts are allocated to exclusive partitions in a
round-robin fashion, and the first best-fit exclusive partition available is used for the allocation
of the new context. However, if none of the exclusive partitions can accommodate the rules of
the new context, then it is assigned to partition 0 by default, even though partition 0 also cannot
accommodate the context rules. The context rules will not load completely, so you need to
manually adjust the way contexts are assigned tomake room.
Changing Between Contexts and the System Execution Space
4-31