I think I got the answer. All undefined parameters of a custom inherit the values from default class.
In the custom class, if we configure "ALL" then it covers all the parameters which makes all parameters configured and hence no parameters will inherit from default class. All the parameters of the customer class will take the value of "ALL" parameter. With regards Kings On Thu, Sep 9, 2010 at 12:59 PM, Kingsley Charles < [email protected]> wrote: > Hi Tyson > > > Snippet from > http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mngcntxt.html#wp1113989 > > *Snippet 1* > > To set all resource limits (shown in Table 7-1) to be unlimited, enter the > following command: > > hostname(config-resmgmt)# limit-resource all 0 > > > For example, you might want to create a class that includes the admin > context that has no limitations. The default class has all resources set to > unlimited by default. > > > *Snippet 2* > Default Class > > All contexts belong to the default class if they are not assigned to > another class; you do not have to actively assign a context to the default > class. > > If a context belongs to a class other than the default class, those class > settings always override the default class settings. However, if the other > class has any settings that are not defined, then the member context uses > the default class for those limits. > > Snippet 1 tells that "all" covers all the settings. Snippet 2 tells that > custom class inherits values from default class. > > With the following configuration, will the class king's unconfigured > parameters (ssh, xlates, telnet etc) inherit values from class default or > have them unlimited as "All" configured to be "0" > > class default > limit-resource All 0 > limit-resource Mac-addresses 65535 > limit-resource ASDM 5 > limit-resource SSH 5 > limit-resource Telnet 5 > > class king > imit-resource All 0 > limit-resource Conns 3 > limit-resource Hosts 4 > > > > > Table 7-1 Resource Names and Limits > Resource Name > Rate or Concurrent > Minimum and Maximum Number per Context > System Limit1 <#12af5662a03f81f9_wpxref1116353> > Description > > *mac-addresses* > > Concurrent > > N/A > > 65,535 > > For transparent firewall mode, the number of MAC addresses allowed in the > MAC address table. > > *conns* > > Concurrent or Rate > > N/A > > Concurrent connections: See the "Supported Feature Licenses Per Model" > section on page 3-1 <http://license.html#wpxref21892> for the connection > limit for your platform. > > Rate: N/A > > TCP or UDP connections between any two hosts, including connections between > one host and multiple other hosts. > > *inspects* > > Rate > > N/A > > N/A > > Application inspections. > > *hosts* > > Concurrent > > N/A > > N/A > > Hosts that can connect through the security appliance. > > *asdm* > > Concurrent > > 1 minimum > > 5 maximum > > 32 > > ASDM management sessions. > > *Note *ASDM sessions use two HTTPS connections: one for monitoring that is > always present, and one for making configuration changes that is present > only when you make changes. For example, the system limit of 32 ASDM > sessions represents a limit of 64 HTTPS sessions. > > *ssh* > > Concurrent > > 1 minimum > > 5 maximum > > 100 > > SSH sessions. > > *syslogs* > > Rate > > N/A > > N/A > > System log messages. > > *telnet* > > Concurrent > > 1 minimum > > 5 maximum > > 100 > > Telnet sessions. > > *xlates* > > Concurrent > > N/A > > N/A > > Address translations. > > > > With regards > Kings > > > On Wed, Sep 8, 2010 at 9:27 PM, Kingsley Charles < > [email protected]> wrote: > >> Hi Tyson >> >> "All" is configured for 0 which means unlimited. ssh and slates are >> configured for 3. >> >> class king >> limit-resource All 0 >> limit-resource SSH 3 >> limit-resource Xlates 3 >> >> If "All" is the superset then all others for which we have not configured, >> will be unlimited. >> >> But as per cisco docs, the user customer class inherits the values for >> unconfigured paramters from default class. >> >> >> >> With regards >> Kings >> >> >> On Wed, Sep 8, 2010 at 7:32 PM, Tyson Scott <[email protected]> wrote: >> >>> Yes. >>> >>> >>> >>> Regards, >>> >>> >>> >>> Tyson Scott - CCIE #13513 R&S, Security, and SP >>> >>> Managing Partner / Sr. Instructor - IPexpert, Inc. >>> >>> Mailto: [email protected] >>> >>> >>> >>> >>> >>> *From:* [email protected] [mailto: >>> [email protected]] *On Behalf Of *Kingsley >>> Charles >>> *Sent:* Wednesday, September 08, 2010 9:44 AM >>> *To:* [email protected] >>> *Subject:* [OSL | CCIE_Security] class - limit-resource All - >>> multicontext mode >>> >>> >>> >>> Hi all >>> >>> What does "All" refer to when configuring a class? >>> >>> class >>> limit-resource All >>> >>> The various other resources are >>> >>> limit-resource Conns 0 >>> limit-resource Hosts 0 >>> limit-resource Mac-addresses 2 >>> limit-resource SSH 3 >>> limit-resource Xlates 3 >>> limit-resource ASDM 6.0% >>> >>> Is "All" is superset of these resources? >>> >>> >>> >>> With regards >>> Kings >>> >> >> >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
