Table Of Contents
Release Notes for Cisco Network Analysis Module Software, Release 3.6(1b)
Contents
New Features in NAM 3.6
New Features in NAM 3.6(1b)
New Devices Supported
Voice Monitoring Feature Licensing for NME-NAM-120S
New Features in NAM 3.6(1a)
Conversation Table Enhancement
TopN Conversation Report
TCP/UDP Port Table
TopN TCP/UDP Port Report
Support for Catalyst 6500 Virtual Switching System Feature
New Features in NAM 3.6.1
System Requirements
Hardware Requirements
Software Requirements
NME-NAM Software Requirements
NM-NAM Software Requirements
Browser Requirements
Upgrading NAM Software
Supported Upgrades
Upgrading NAM Software
Upgrading Software Using NAM CLI
Product Documentation
Related Product Documentation
Limitations and Restrictions
Configure Local Time Zone
Changing the NAM IP Address
Cisco 7600 With Redundant Supervisor Cards Running IOS Image 12.2(33)SRC2
Running IOS Image Newer Than 12.2(18)SXF5
Using NetFlow As a Data Source
Restrictions for NM-NAM and NME-NAMs
NBAR-PD Feature in NME-NAM
Caveats
Known Anomalies in NAM 3.6(1b)
Anomalies Resolved in NAM 3.6(1b)
Anomalies Resolved in NAM 3.6(1a)
Anomalies Resolved in NAM 3.6
Release Notes for Cisco Network Analysis Module Software, Release 3.6(1b)
Revised: Novemer 14, 2008, OL-11516-06
These release notes provide general information about Cisco Network Analysis Module (NAM) software release 3.6 including system requirements, limitations and restrictions, new features, product documentation, and known and resolved anomalies.
Software Product Numbers
SC-SVC-NAM-3.6
(Cisco Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module Software 3.6)
NME-NAM-SW-3.6
(Cisco Branch Routers Series Network Analysis Module Software 3.6)
CCO Date: Release 3.6(1b), September 2008
NAM 3.6(1b) is a complete software release, not a patch. To upgrade to NAM 3.6(1b) from previous versions of NAM, enter the NAM CLI command upgrade while in maintenance mode. For information about the upgrade command, see the Network Analysis Module 3.6 Command Reference Release at the following URL:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_command_reference_
chapter09186a00807ee6c2.html#wp1048351
Note 
For detailed installation and configuration procedures for the NAM, see the list of documentation available in the Product Documentation section.
NAM 3.6(1b) is available as part of new hardware orders or by download from Cisco.com for the following NAM models:
•WS-SVC-NAM-1
•WS-SVC-NAM-1-250S
•WS-SVC-NAM-2
•WS-SVC-NAM-2-250S
•NME-NAM-80S
•NME-NAM-120S
NAM 3.6(1b) is available for NM-NAM devices only by download from Cisco.com.
Throughout this document the following general references apply:
•A reference to a NAM-1 or NAM-2 device indicates any of the following modules:
–WS-SVC-NAM-1
–WS-SVC-NAM-1-250S
–WS-SVC-NAM-2
–WS-SVC-NAM-2-250S
•A reference to an NME-NAM device indicates any of the following modules:
–NME-NAM
–NME-NAM-80S
–NME-NAM-120S
•A reference to an NM-NAM device means only an NM-NAM module.
Contents
This document includes the following sections:
•New Features in NAM 3.6
•System Requirements
–Hardware Requirements
–Software Requirements
–Browser Requirements
•Upgrading NAM Software
•Product Documentation
•Limitations and Restrictions
•Caveats
–Anomalies Resolved in NAM 3.6(1b)
–Anomalies Resolved in NAM 3.6(1a)
–Anomalies Resolved in NAM 3.6
New Features in NAM 3.6
•New Features in NAM 3.6(1b)
•New Features in NAM 3.6(1a)
•New Features in NAM 3.6.1
New Features in NAM 3.6(1b)
NAM 3.6(1b) is a complete software release that includes all features available in earlier releases of NAM 3.6 and new feature-based licensing for voice monitoring with the NME-NAM-120S.
NAM 3.6(1b) also provides software improvements to resolve anomalies found in earlier releases of NAM software. See Anomalies Resolved in NAM 3.6(1b) for a list of resolved anomalies.
New Devices Supported
NAM 3.6(1b) adds support for the following:
•NME-NAM-120S
The new NME-NAM-120S offers superior WAN traffic monitoring throughput, a 120 GB capacity hard disk drive to store more capture data on-board, 1 GB memory, and a Gigabit Ethernet external interface to support high-throughput LAN traffic monitoring in the Empowered Branch. It includes the embedded, web-based Traffic Analyzer GUI, providing anytime, anywhere visibility into network traffic.
•WS-SVC-NAM-1-250S
The new WS-SVC-NAM-1-250S has 2 GB memory to improve software performance and a 250 GB hard disk drive to increase storage capacity for reports and data captures.
•WS-SVC-NAM-2-250S
The new WS-SVC-NAM-2-250S has 2 GB memory to improve software performance and a 250 GB hard disk drive to increase storage capacity for reports and data captures.
Voice Monitoring Feature Licensing for NME-NAM-120S
NAM 3.6(1b) adds feature-based licensing for voice monitoring using the new NME-NAM-120S. You can purchase feature licenses for NME-NAM-120S voice monitoring of 50 or 100 RTP streams. See Table 1, NME-NAM-120S Voice Monitoring Feature Licenses, for SKU information.
Table 1 NME-NAM-120S Voice Monitoring Feature Licenses
Feature
|
SKU
|
Voice Monitoring (50 RTP Streams)
|
SNAM-50VOICE
|
Voice Monitoring (100 RTP Streams)
|
SNAM-100VOICE
|
NAM 3.6(1b) uses trust-based licensing. There is no user interaction required to enable the voice monitoring licensing in the NME-NAM-120S.
No license is required to use the voice monitoring features of NAM 3.6(1b) with the NAM-1, NAM-2, NM-NAM, and NME-NAM-80S modules.
New Features in NAM 3.6(1a)
The following sections describe the new features in NAM 3.6(1a):
•Conversation Table Enhancement
•TopN Conversation Report
•TCP/UDP Port Table
•TopN TCP/UDP Port Report
•Support for Catalyst 6500 Virtual Switching System Feature
Conversation Table Enhancement
NAM 3.6(1a) provides a new Application Hosts window under Monitor > Conversations that enables you to collect information about TCP and UDP port usage. This window displays information about conversations between pairs of hosts, including the server, TCP/UDP port in use, and the application protocol as classified by the NAM. This table can grow very large, so the GUI shows only the cumulative counter values for packets and bytes, and you cannot sort it by any arbitrary column header. Entries of interest can be located using the display filtering to show only entries related to a particular host or part of a host address or name.
Use the control buttons to navigate to the starting, next, or previous page, and use Export to export the table in CSV file format to an external host.
Highlights of Conversation Table Enhancements
•Table entries contain source address, destination address, protocol name, and port number
•Collection configurable per data source
•Monitor screen shows pages of data in native sorted order
•Monitor screen shows cumulative packet and byte statistics
•Current rates and topN monitor screens are not available
•Supports export of all data or just a screenful of data to external host in CSV format
Note In some cases multiple port numbers can be used for the same protocol. In these cases, the NAM will display only one conversation entry for that protocol, and it might not be possible to tell all of the server ports that are being used on the network for that application. You can view information about all server ports in use on the new TCP/UDP Port Table window.
TopN Conversation Report
The existing NAM topN Conversation reporting feature has been enhanced to include an optional Application field. If specified, the Application field is used to further refine which conversations you are interested in reporting. The maximum value of N is 200, meaning that the NAM supports reporting on up to the top 200 conversations per interval. You can store up to 100 days of report data onboard the NAM.
Highlights of the TopN Conversation Report Enhancement:
•Interval-based report displayed in a fashion consistent with other NAM reports.
•Export of all report data to an external host in CSV format will be supported.
TCP/UDP Port Table
A new collection feature maintains a list of all the server ports observed on a particular data source. You enable this feature on the Setup > Monitor > Core Monitoring window. The NAM displays the results on the Monitor > Applications > TCP/UDP Port Table window. You can export the results in CSV file format.
Highlights of the TCP/UDP Port Table Enhancement:
•Table entries capture number of packets and bytes observed
•Collection configurable per data source
•Export of all data or just screenful of data to external host in CSV format is supported.
•Current Rates and TopN monitor screens are available as well as Cumulative.
TopN TCP/UDP Port Report
A TopN style report provides up to the Top 200 ports observed on a data source within a reporting interval. You can store up to 100 days of report data onboard the NAM. The report looks similar to the application TopN report supported in earlier releases.
Highlights of the TCP/UDP Port Report Enhancement:
•Interval-based report displayed in a fashion consistent with other NAM reports.
•Export of all report data to an external host in CSV format will be supported.
Support for Catalyst 6500 Virtual Switching System Feature
NAM 3.6(1a) provides support for the Catalyst 6500 Virtual Switching System (VSS) feature which allows the clustering of two physical chassis into a single logically-managed entity. This enables you to to insert the NAM service module into either chassis of the VSS cluster without having to perform any special configuration.
The NAM blade in a VSS cluster behaves very much like the NAM blade in a standalone mode. All NAM features are supported in a VSS cluster and additional GUI information is provided with the switch ID added to the physical address of the NAM GUI windows in a VSS cluster. For example the port location in a VSS cluster is displayed as Switch/Slot/Port compared with Slot/Port in a standalone NAM. This information is required for SPAN session setup and NAM monitoring windows. Also, the NAM health monitor window contains information for slots in both chassis. The chassis operating mode (active vs standby) is transparent to the NAM blade.
New Features in NAM 3.6.1
This section lists the new features added to the NAM 3.6.1 release.
Note All features apply to all NAM modules unless otherwise indicated.
•Support for the new NME-NAM-80S
The NME-NAM-80S offers superior WAN traffic monitoring throughput, an 80GB capacity hard disk drive to store capture data on-board, 512 MB memory, and a Gigabit Ethernet external interface to support high-throughput LAN traffic monitoring in the Empowered Branch. It includes the embedded, web-based Traffic Analyzer GUI, providing anytime, anywhere visibility into network traffic.
•Transaction-Aware Application Response Time (ART) Monitoring
The transaction-aware application response time monitoring feature provides visibility into application response time and network latency. The ART feature provides the following metrics: Application Delay, Network Delay, Client Network Delay, Server Network Delay, Total Delay, and the number of network connections. All of the delay metrics are available in Average, Minimum, and Maximum values and can be measured by a single NAM. You can also measure Application Transaction Time, defined as the elapsed time from the first packet of the client request until the last packet of the server response.
•Live Reporting
NAM 3.6 includes an updated historical reporting capability that provides highly granular visibility into network traffic, including individual applications and end-users. Enabling operations staff to identify anomalies in network traffic that can disrupt business operations, the Cisco NAM live reporting capability exposes potential problems that would otherwise be masked if critical report updates occurred less frequently than one minute. This feature applies to all reports, except TopN reports.
•Voice Quality Monitoring Enhancement with Support for CallManager 5.0 with SCCP
This enhancement enables you to view metrics for the following:
–Audio, video (when available), and data channels quality (packet loss and jitter)
–Active calls
Drill-down to obtain information on such fields as call reference value, media (audio/video/data) receiving address and port, and line instance.
–Top (up to 20) worst quality calls
–Known phones and the details of the five last-ended calls per known phone
•Increased GUI configuration support for up to 1500 VLANs (NAM-1 and NAM-2 modules only)
This usability enhancement permits the configuration of up to 1500 VLANs using the NAM GUI.
•Data Source Persistence
This usability enhancement permits you to view the last selected data source when browsing multiple Monitor windows that include a drop-down data source list. This feature is especially useful when large numbers of data sources have been configured, yet monitoring is focused on a particular data source. It saves time locating the same data source of interest to monitor when navigating among Monitor windows. The data source persists until you select another data source from the drop-down data source list.
•Support for new protocols
This enhancement enables you to monitor, capture, and decode the following protocols:
–tivconnect
–ulp
–componentstatusprotocol
–oicq
–ipfix
–esp-null including esp.tcp, esp.udp. and esp.unknown
–Diameter including diameter-common, nasreq, diameter-mip, diameter-baseacct, diameter-cc, diameter-eap, diameter-sip, and diameter-unknown
–SMPP
–SSMPP
•GUI Enhancements
A Refresh button is added to the Setup > Data Source > SPAN window when you create and edit SPAN data sources. Use the Refresh button to update switch configuration information in case there has been a configuration change on the switch.
System Requirements
This section describes the hardware, software, and browser requirements for NAM 3.6 software.
Hardware Requirements
Table 2 identifies the hardware modules and platforms required to use NAM 3.6(1).
Table 2 NAM Hardware Compatibility
Module
|
Platform or Devices
|
WS-SVC-NAM-1
WS-SVC-NAM-1-250S
WS-SVC-NAM-2
WS-SVC-NAM-2-250S
|
•Catalyst 6500 Series Switches
•Cisco 7600 Series Routers
|
NM-NAM
|
•Cisco 262xXM Routers
•Cisco 265xXM Routers
•Cisco 2691 Multiservice Platform
•Cisco 2811 Integrated Services Router
•Cisco 2821 Integrated Services Router
•Cisco 2851 Integrated Services Router
•Cisco 3660 Multiservice Platform
•Cisco 3725 Multiservice Access Router
•Cisco 3745 Multiservice Access Router
•Cisco 3825 Integrated Services Router
•Cisco 3845 Integrated Services Router
|
NME-NAM-80S
NME-NAM-120S
|
•Cisco 2811 Integrated Services Router
•Cisco 2821 Integrated Services Router
•Cisco 2851 Integrated Services Router
•Cisco 3725 Multiservice Access Router
•Cisco 3745 Multiservice Access Router
•Cisco 3825 Integrated Services Router
•Cisco 3845 Integrated Services Router
|
WS-SVC-NAM-1 and WS-SVC-NAM-2 Modules Require Memory Upgrade
WS-SVC-NAM-1 and WS-SVC-NAM-2 modules require a memory upgrade to use the NAM 3.6(1b) release. You can find information about how to upgrade your memory in the document NAM Memory Upgrade Install Note at the following URL:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/hardware/Config_Notes/
78_18630.html
Software Requirements
This section describes the switch or router (system) software required to use NAM 3.6. Table 3 lists the minimum system software versions required to use NAM 3.6.
Table 3 Software Requirements for Minimum OS Versions
Module
|
Software
Release
|
Orderable Product Number
|
Minimum IOS Software Versions Supported
|
Minimum CatOS Software Versions Supported
|
WS-SVC-NAM-1
WS-SVC-NAM-1-250S
WS-SVC-NAM-2
WS-SVC-NAM-2-250S
|
NAM 3.6
|
SC-SVC-NAM-3.6
|
•Release 12.1(13)E1 or later with a Supervisor Engine 2 with an MSFC2.
•Release 12.2(14)SX1 or later with a SUP720.
•Release 12.2(18)SXF or later for Catalyst 6500 with SUP32
•Release 12.2(33)SXH1 or later with SUP720-10G
•Release 12.2(33)SRA or later for Cisco7600 with SUP32 or SUP720
•Release 12.2(33)SRC or later for Cisco7600 with RSP720-1G
|
•Release 7.3(1) or later with Supervisor
Engine 2.
•Release 8.2(1) or later with a SUP720.
|
NM-NAM
|
Not applicable2
|
•Release 12.3(7)T or later or 12.4(1) or later
|
Not applicable
|
NME-NAM-80S
NME-NAM-120S
|
NME-NAM-SW-3.6
|
•Release 12.4(9)T1 or later
|
Not applicable
|
Table 4 lists the Cisco IOS and CatOS versions used on the Catalyst 6500 Series and Cisco 7600 Series (except as noted) when testing and developing NAM 3.6.
Table 4 Latest Supported IOS and CatOS Versions
Modules
|
Cisco IOS
Versions
|
Catalyst OS
Versions
|
WS-SVC-NAM-1
WS-SVC-NAM-1-250S
WS-SVC-NAM-2
WS-SVC-NAM-2-250S
|
12.2(18)SXD4
12.2(18)SXD7
12.2(18)SXE4
12.2(18)SXF3
12.2(18)SXF4 (Modular IOS)
12.2(18)SXF5
12.2(18)SXF7 (ION)
12.2(18)SXF9
12.2(18)SXF9 (ION)
12.2(18)SXF10
12.2(18)SXF11
12.2(18)SXF13
12.2(18)SXH2a
12.2(33)SXH1
12.2(33)SRA for Cisco 7600
12.2(33)SRB for Cisco 7600
12.2(33)SRC for Cisco 7600
|
CatOS 8.5
CatOS 8.6(1)
|
The software versions in Table 4 are the specific versions used in testing NAM 3.6. All system software releases from the minimum to the latest version tested are officially supported. Note the following conditions and exceptions:
•Cisco IP Phone firmware 6.0 and above is required for SIP voice packet quality monitoring.
•IOS 12.2(18)SXE4, at minimum, is required to support the ERSPAN feature. Dependencies and limitations for ERSPAN can be found in Configuring Local SPAN, RSPAN, and ERSPAN, Guidelines and Restrictions, at the following URL:
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/
guide/span.html
•Either IOS 12.2(18)SXD or CatOS 8.5 is required to support the Virtual SPAN feature.
•IOS 12.2(33) SXH1 or later is required with VS-S720-10G and WS-X6708-GE line card to support the Cisco Catalyst 6500 Virtual Switching System (VSS).
NME-NAM Software Requirements
The minimum software version required to use NME-NAM-80S and NME-NAM-120S modules with NAM 3.6 is Cisco IOS Version 12.4(9)T or later.
Note For NAM3.6(1b) the NME-NAM-120S was tested with IOS 12.4(15)T, and the NME-NAM-80S was tested with IOS 12.4(10)T.
NM-NAM Software Requirements
The minimum software version required to use an NM-NAM module with NAM 3.6 is Cisco IOS Version 12.3(7)T or later or 12.4(1) or later.
Note The NM-NAM has been tested with IOS 12.4(9)T and 12.4(11)T.
Browser Requirements
Table 5 describes the browser requirements for all platforms. Cisco recommends you use the Internet Explorer browser, but Mozilla and Firefox are also supported.
Table 5 Browser Requirements
Browser
|
Versions
|
Platform
|
Internet Explorer (recommended)
|
6.0, 7.0
|
•Windows
•Windows XP Professional
|
Mozilla
|
1.7
|
•Windows
•Windows XP Professional
•Solaris
|
Firefox
|
1.5, 2.0
|
•Windows
•Windows XP Professional
•Solaris
•Redhat Enterprise Linux
|
Note Although Traffic Analyzer does not require a Java plug-in, you might be required to use the Java Virtual Machine (JVM). The Java plug-in versions listed have been tested for browsers that require a plug-in for the JVM. Cisco recommends JRE Version 5.0 Update 6.
Upgrading NAM Software
This section provides the following topics:
•Supported Upgrades
•Upgrading Software Using NAM CLI
Supported Upgrades
NAM 3.6 supports the following upgrades:
•You can upgrade all NAM-1 and NAM-2 modules to NAM 3.6 from the NAM 3.4 and NAM 3.5 software releases (with any patches).
Note New WS-SVC-NAM-1-250S and WS-SVC-NAM-2-250S modules ship from the factory with NAM 3.6(1b) already installed.
•You can upgrade NM-NAM modules to NAM 3.6 from NAM 3.4 and NAM 3.5 software releases (with any patches).
Note NAM 3.6 does not support upgrades from NAM 3.3 or below.
Upgrading NAM Software
If you are upgrading a NAM-1 or a NAM-2 module, follow the software upgrade procedures described in the chapter Administering the Network Analysis Module in the following documents:
•For NAM-1 and a NAM-2 modules installed in IOS switch:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_
chapter09186a00805e34fd.html#wp1035516
•For NAM-1 and a NAM-2 modules installed in CatOS switch:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_
chapter09186a00805e34fd.html#wp1036152
If you are upgrading an NME-NAM, follow the software upgrade procedures described in the section Upgrading the NAM Software-Full Image of the Cisco Branch Router Series (NME-NAM) Installation and Configuration Note.
http://www.cisco.com/en/US/docs/net_mgmt/network_analysis_module_software/3.6/branch_
router/configuration/guide/BR_incfg.html#wp1149443
If you are upgrading an NM-NAM, follow the software upgrade procedures described in the section Upgrading the NAM Software-Full Image of the NM-NAM Feature Guide.
http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_
guide09186a00801d6096.html#wp1088954
Upgrading Software Using NAM CLI
To upgrade software using the NAM CLI, go to maintenance mode and enter the NAM CLI command upgrade. For information about the upgrade command see the Network Analysis Module Command Reference, Release 3.6 at the following URL:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_command_reference_
chapter09186a00807ee6c2.html#wp1048351
You can apply the NAM 3.6.1 Crypto K9 patch, nam-app.3-6.cryptoK9.patch.1-0.bin, on top of
NAM 3.6.1 using NAM CLI command patch.
Product Documentation
We sometimes update the product documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. You can find product documentation for all NAM software releases at the following URL:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/tsd_products_support_series_home.html
Your product shipped with a Documentation CD-ROM. The Documentation CD-ROM contains product documentation that you can access and print.
The following is a list of the documentation for Cisco Network Analysis Module, Release 3.6. You can access the URLs listed for each document on the Documentation CD-ROM and at www.cisco.com at the following URLs:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/tsd_products_support_series_home.html
We recommend you refer to the documentation in the following order:
•Documentation Guide for the Cisco Network Analysis Module, Release 3.6 (78-17882-01)
http://www.cisco.com/en/US/docs/net_mgmt/network_analysis_module_software/3.6/roadmap/
docguide.html
•Release Notes for the Cisco Network Analysis Module, Release 3.6 (OL-11516-02), this document
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/prod_release_
note09186a00807ed386.html
•Quick Start Guide for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module, Release 3.6 (OL-11517-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_quick_
start09186a00807ee748.html
•User Guide for the Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module, Release 3.6 (OL-11519-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_user_guide_
book09186a00807ed53e.html
•Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module Command Reference, Release 3.6 (OL-11521-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_command_reference_
book09186a00807ee642.html
•Cisco Branch Router Series (NME-NAM) Installation and Configuration Note (OL-11624-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_installation_and_
configuration_guide09186a00807ee90a.html
•Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module Installation and Configuration Note, Release 3.6 (OL-12753-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_installation_and_
configuration_guide_book09186a00807ed3c6.html
•Copyright Notices for the Cisco Network Analysis Module, Release 3.6 (78-17782-01)
http://www.cisco.com/en/US/docs/net_mgmt/network_analysis_module_software/3.6/copyright/
notice/copyrite.html
Related Product Documentation
The following is a list of related documentation.
•Catalyst 6500 Series Switch Software Configuration Guide
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/
span.html
•Catalyst 6500 Series Switch Software Configuration Guide.
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/
nde.html
•NAM Memory Upgrade Install Note
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/hardware/Config_Notes/
78_18630.html
•Connecting Cisco NAM Enhanced Network Modules to the Network
http://www.cisco.com/en/US/docs/routers/access/interfaces/nm/hardware/installation/guide/
namnme_ps2797_TSD_Products_Module_Installation_Guide.html
•Cisco Network Modules and Interface Cards Regulatory Compliance and Safety Information
http://www.cisco.com/en/US/docs/routers/access/interfaces/rcsi/IOHrcsi.html
Limitations and Restrictions
Before using NAM-1 or NAM-2 devices, read the Quick Start Guide for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module and Installation and Configuration Note for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module Release 3.6.
Before using the NME-NAM or NM-NAM, please read the Cisco Network Modules Quick Start Guide, NM-NAM Feature Module, and the Quick Start Guide for the Cisco Branch Router Series Network Analysis Module.
The following are limitations and restrictions of NAM software release 3.6:
•Configure Local Time Zone
•Changing the NAM IP Address
•Cisco 7600 With Redundant Supervisor Cards Running IOS Image 12.2(33)SRC2
•Running IOS Image Newer Than 12.2(18)SXF5
•Using NetFlow As a Data Source
•Restrictions for NM-NAM and NME-NAMs
•NBAR-PD Feature in NME-NAM
Configure Local Time Zone
You must now configure the local time zone for the NAM regardless of the time synchronization source (switch or NTP). For more information on configuring the local time zone using the NAM Traffic Analyzer, see the User Guide for the Network Analysis Module Traffic Analyzer Release 3.6.
Changing the NAM IP Address
If you change the NAM IP address, the default gateway resets to 0.0.0.0. Change the new default gateway IP address to an address other than one on the current subnet.
Cisco 7600 With Redundant Supervisor Cards Running IOS Image 12.2(33)SRC2
You might experience an error condition with a Cisco 7600 chassis that has redundant supervisor cards running the 12.2(33)SRC2 IOS image and a NAM service blade. The error occurs when you perform a sequential boot of the two supervisor cards because the secondary (standby) supervisor does not go into proper standby mode.
You can find more information about this issue in Field Notice #63179.
This problem does not occur:
•When you boot the two supervisor cards in parallel
•When you boot the standby supervisor card after the primary supervisor is up
•When the Cisco 7600 router runs the 12.2SRC1 image
•When only one supervisor card is installed in the Cisco 7600 chassis
Problem Symptom
When the primary supervisor functions as a standalone with the secondary supervisor card in RPR mode, the Cisco 7600 chassis functions normally (as if it has a standalone supervisor card). A switchover causes the system to be unavailable for up to three minutes because the secondary supervisor card is not in proper standby mode.
Note When both supervisors are booted simultaneously, the system will go to Hot Standby status. The primary supervisor will reboot when you issue the redun force-switchover command which causes the redundant supervisor to boot up to be the primary and the primary to be the redundant.
Solution
This problem requires you to downgrade the IOS image from 12.2SRC2 to 12.2SRC1. Account teams will help you do this if needed.
This problem should be fixed in 12.2SRC3, targeted for mid-January, 2009. When IOS image 12.2SRC3 is available, upgrade the image from 12.2SRC1 to 12.2SRC3 at your earliest opportunity.
Running IOS Image Newer Than 12.2(18)SXF5
If you upgrade your IOS to an image newer than 12.2(18)SXF5, you remain vulnerable to a security issue where IOS switches the SNMP communication between the NAM and the SUP from inband to EOBC.
Due to this issue, you should not apply the NAM CLI command supervisor address <sup-address>. To remove this configuration from the NAM, use the negating form of the command,
no supervisor address.
Using NetFlow As a Data Source
An anomaly exists (described in CSCsd75273) where using NetFlow as a Data Source does not receive NetFlow data from the switch. The default NetFlow Device chosen has the EOBC address of the form 127.0.0.xxx. It appears that the switch does not forward the NetFlow data using this EOBC address.
To work around this problem, use the NetFlow Listening Mode to view the additional IP addresses of the devices able to send the NDE packets to the NAM. When such interface is learned, add that interface to the NetFlow Listening Mode table. Use the learned device as a Data Source for the NetFlow data.
Restrictions for NM-NAM and NME-NAMs
Note This restriction applies only to traffic that is monitored through the internal NAM interface.
The NAM Traffic Analyzer (web GUI) provides Layer 3 and higher layer information about the original packets. The Layer 2 header is modified by the router when it forwards the packets to the NAM, so the Layer 2 information that the NAM records is not applicable to the original packets.
NBAR-PD Feature in NME-NAM
The NBAR-PD feature in the NME-NAM requires IOS 12.4(9)T or later. The NM-NAM requires IOS version 12.3(7)T or later.
Caveats
This section provides information about active and resolved anomalies in the NAM 3.6 software. To obtain more information about known problems, access and log in to the Cisco Software Bug Toolkit at the following URL:
http://www.cisco.com/pcgi-bin/Support/Bugtool/home.pl.
This section provides the following:
•Known Anomalies in NAM 3.6(1b)
•Anomalies Resolved in NAM 3.6(1b)
•Anomalies Resolved in NAM 3.6(1a)
•Anomalies Resolved in NAM 3.6
Known Anomalies in NAM 3.6(1b)
Table 8 describes anomalies known to exist in NAM 3.6(1b) software. Each anomaly listed includes symptoms, conditions, and any workaround available.
Table 6 Known Anomalies in NAM 3.6(1b)
Bug ID
|
Description
|
CSCsd91293
|
The NETFLOW as a Data Source does not receive NetfFow data from the switch.
Symptom: The default NetFlow Device chosen has the EOBC address of the form 127.0.0.xxx. It appears that the switch does not forward the netflow data using this EOBC address.
Conditions: It appears that the default NetFlow device has the local EOBC address after the commit of CSCsd75273. Since the 127.0.0.xxx address is not the routable address, the netflow data are not sent to the NAM where NETFLOW is configured as a Data Source. Prior to the commit of CSCsd75273, the default NetFlow device had a routable IP address which was forwarding the netflow data to the NAM NETFLOW Data Source.
Workaround: Use the NetFlow Listening Mode to view the addtional IP addresses of the devices able to send the NDE packets to NAM. When such interface is learned, add that interface to the NetFlow Listening Mode table. Use the learned device as a Data Source for the netflow data.
|
CSCsh44373
|
UserDefinedProtocol: Defined protocol always has port range equal to 1
Symptom: The Setup > Protocol Directory > Autolearned Applications window has Enable Autolearned Protocol enabled. Go to the Setup > Protocol Directory > Individual Protocol window, click Create, and try to create a TCP or UDP protocol with Port Range greater than 1. The protocol created always has a Port Range equal to 1.
Conditions: This occurs when you try to create a protocol that has already been learned by the NAM. This occurs using either the CLI or the GUI.
Workaround:
1. Go to the Setup > Protocol Directory > Autolearned Applications window.
2. Uncheck the Enable Autolearned Protocol check box, and confirm.
3. Create the protocol from the Setup > Protocol Directory > Individual Applications window.
4. Return to the Setup > Protocol Directory > Autolearned Applications window and re-enable Autolearned Applications.
The cause of this issue is that the protocol you are trying to define or create has already been learned by the NAM autolearn feature. Due to the autolearn, there is already a protocol entry in the NAM protocol directory matching the protocol you are trying to define. The NAM does not allow you to modify the Port Range of parameter of an existing protocol entry.
|
CSCsh76977
|
Mozilla and Firefox: TopN conversation report does not show data
Symptoms: In the Firefox (Mozilla) browser, the TopN Conversation reports do not show the bar graphs if the values are too small.
Conditions: This occurs when the values to be plotted are too small.
Workaround: Read the numeric values showed in the left side of the TopN report.
|
CSCsj75220
|
The Setup > Switch Parameters > NBAR window occasionally shows a digit for interface type
Symptom: On the Setup > Switch Parameters > NBAR window, the port type is occasionally shown as a number instead of a string representation.
Conditions: This occurs under normal operating conditions.
Workaround: Refresh the screen a few times.
|
CSCsj87440
|
Need to verify the Read/Write Community String on the Router Information window.
Symptom: On Setup > Router Parameters window, you must enter the read/write community string. If you enter the read string only, there is no indication that the write string is not there. That particular screen reads data from the router and displays it on the screen. So it will not show that you actually entered the read only string.
The problem occurs when you try to change configuration on the router using the Setup > Router > NBAR window. The Submit function does not work because you cannot change the router configuration if no write string has been entered.
There is no error message to indicate that the write string is missing. The only way the NAM can detect this is by changing an object on the router and testing to see if the change took place. This is invasive to the router.
Conditions: This occurs under normal operating conditions.
Workaround: Enter the correct read/write community string.
|
CSCsj87458
|
No active SPAN session is seen after upgrading NAM image.
Symptom: When upgrading the NAM image and immediately going to the web GUI, the switch information is occasionally not yet available.
Conditions: This might occur after you upgrade the NAM image. This occurs on any window that requires switch information. It is a timing situation where the synchronization between the switch and the NAM has not yet completed.
Workaround: Wait a few minutes and then refresh the window.
|
CSCsk08953
|
The CSV export function does not work on the Monitor > Applications > TCP/UDP Port Table window.
Symptom: When you click the CSV Export icon on the Monitor > Applications > TCP/UDP Port Table window (upper-right corner), the export does not begin and an error message displays in the Tech Support window.
Conditions: This occurs when you select the default data sources for the display, such as ALL SPAN on NAM-1 and NAM-2 devices.
Workaround: Click on any column header to sort by that column. After doing so, the CSV export function will work normally.
|
CSCsk71253
|
Extra characters are displayed when you create an RSPAN session using the NAM GUI
Symptom: Extra characters (Rx) are displayed on the Setup > SPAN window when you add a second port to an existing RSPAN session or create a second RSPAN session with two VLANs.
Conditions: This occurs under normal operating conditions on all NAM platforms.
Workaround: None
|
CSCsk99499
|
NAM displays unwanted messages under apache error_log.
Symptom: The NAM show tech file occasionally contains many harmless debug messages under the tag of Apache error log. This does not impact NAM operation.
Conditions: Depending on the your interaction with the NAM GUI, software debug messages are shown in the show tech file.
Workaround: None.
|
CSCsl90999
|
Incorrect setting of the template file of Monitor > DiffServ window
Symptom: An incorrect setting exists on a Cisco voice template file (CiscoVoice_1) of the
Monitor > DiffServ window. The aggregation groups of CiscoVoice_1 template should be DSCP 26 and 46, but show as DSCP 0 instead.
Conditions: This occurs with NAM software release 3.6(1a) on the of Monitor > DiffServ window and affects all NAM platforms.
Workaround: None
|
CSCsq16020
|
LACP Portchannel in a virtual switch system (VSS) does not show up in Create Data Sources list
Symptom: When you attempt to configure a monitor session in a VSS, the Setup > Data Sources > Create window takes you to the Create SPAN Session window. Select SPAN-type EtherChannel, and the available data sources does not include LCAP portchannel configured on the switch.
Conditions: This occurs in VSS switch systems when you attempt to configure the LACP portchannel as a data source.
Workaround: Use the CLI to configure the LACP portchannel as a data source.
|
CSCsr05322
|
NAM fails to preserve enabled monitoring of TCP/UDP port
Symptom: The NAM upgrade process does not preserve the enabling of the TCP/UCP port monitoring feature.
Conditions: This occurs when you upgrade NAM software from NAM 3.5 or NAM 3.6(1) to NAM 3.6(1a) without using the install option and affects only the TCP/UDP port monitoring function. This occurs on all NAM platforms.
Workaround: After the software upgrade is completed and you boot up NAM 3.6(1a), manually enable TCP/UDP port monitoring located using the Setup > Monitor > TCP/UDP Port window. You can click on any column header to sort by that column. After manually enabling TCP/UDP port monitoring, the CSV export will function correctly.
|
CSCsr22826
|
An error occurs when you set up the NAM to synchronize NAM system time with Network Time Protocol (NTP) Server
Symptom: You receive the following error message when you attempt to synchronize NAM System Time with NTP server.
"Hostname(s) x.x.x.x are not resolvable with current DNS settings and may be invalid.
Please enter a valid NTP server."
Workaround: Use CLI commands.
|
CSCsr27717
|
Some NAM switchport reports might show incorrect values.
Symptom: The NAM switchport reports might show incorrect bytes and packets values.
Conditions: This problem affects only NAM-1 and NAM-2 modules and only some target switchport reports.
Workaround: Go to the Report > Basic Report window, and view the TopN report.
|
CSCsr57890
|
The NAM-2 GUI occasionally shows CPU Utilization to be 100%.
Symptom: The System Overview (Admin > System > System Resources) occasionally shows the CPU Utilization to be 100%.
Conditions: This occurs under normal operating conditions on the NAM-2 when running NAM 3.5, 3.6(1a), or 3.6(1b) software.
Workaround: Restart the NAM
|
CSCsu22357
|
The NAM CLI command show version shows the wrong amount of memory
Symptom: The NAM CLI command show version shows 2 GB of memory when it should show 1 GB.
Conditions: This occurs on the NME-NAM-120S under normal operating conditions.
Workaround: Use the NAM CLI command show memory on the NME-NAM-120S instead.
|
Anomalies Resolved in NAM 3.6(1b)
Table 8 describes anomalies that existed in earlier releases of NAM software that have been resolved in the NAM 3.6(1b) software release. Each anomaly listed includes symptoms, conditions, and any workaround available.
Table 7 Anomalies Resolved in NAM 3.6(1b)
Bug ID
|
Description
|
CSCse04668
|
The NAM is unable to identify span ports for SIP-600/SPA-10X1GE and similar hardware.
Symptom: NAM uses SNMP object moduleNumPorts to locate span interfaces and moduleNumPorts is not available on the 7600-SIP-600/SPA-10X1GE and similar hardware (such as ES20). Newer versions of Cisco IOS use ENTITY-MIB, and the NAM should also query for these values to locate interfaces that can be spanned.
The Setup > Data Sources > Switch Modules window does not list SPA-10X1GE as an available module with available sources.
Conditions: This occurs during normal operating conditions.
Workaround: Create the span using CLI monitor session commands like the following:
monitor session 1 source GigabitEthernet 1/0/1
monitor session 1 destination 7/7
|
CSCsj64804
|
NAM does not display ports with double quotes when you create a data source.
Symptom: NAM does not seem to understand the double quote character correctly in data source creation.
Conditions: This is seen on NAM 3.6(1), other versions may also be affected.
Workaround: None.
|
CSCsj72118
|
NAM Application Response Time shows wrong transaction time counters
NAM 3.6(1) may show different average and maximum transaction times in the Monitor >
Response Time > Server > Client Application window compared to the average and maximum transaction times in the Response Time Server / Client Application details window. Both the main Server / Client Application and the Details window should show the same information.
Symptom: NAM 3.6(1a) might show different average and maximum transaction times in the Monitor >
Response Time > Server > Client Application window compared to the average and maximum transaction times in the Response Time Server / Client Application details window.
Both the main Server / Client Application and the Details window should show the same information.
Conditions: Viewing display of Average and Maximum Transaction Times.
Workaround: None.
|
CSCsj83682
|
Cannot capture ERSPAN packets when attempting to capture from Monitor > Conversations window.
Symptom: Cannot capture ERSPAN packets from Monitor > Conversations window.
Conditions: This occurs during normal operations.
Workaround: Set up captures through the Capture tab.
|
CSCsl71489
|
When displaying the VSS power information, the chassis information is reversed.
Symptom: When displaying the redundant power on a VSS system, chassis 1 and chassis 2 information is reversed.
Conditions: This occurs when you attempt to display power information on the Switch Information window under Monitor > Switch > Health on a VSS system using NAM 3.6(1a) Patch 2.
Workaround: None
|
CSCsl73571
|
NAM cannot communicate with RMON after attempting to enable a URL collection after several repeated failures
Symptom: The NAM does not communicate with RMON.
Conditions: This occurs with NAM 3.6(1a) when you attempt to enable a URL collection after several repeated failures from the Setup > Monitor > URL Collection window. The following error messages might also display:
Error Communicating with RMON deamon
Lost communication with RMON
Workaround: None, but after a few minutes, RMON will come up automatically, and the system will function normally again.
|
CSCsm69310
|
A known IOS issue might cause you to lose connectivity to the NAM.
Typical symptoms are:
•CLI login attempts to the NAM fail.
•You cannot launch the NAM GUI.
•Pings to the NAM IP address fail.
•You are able to create a NAM session from the supervisor CLI
Packet forwarding from Sup720-10GE uplink ports to Fabric-enabled (65xx) linecards can fail when all of the following conditions are met:
Conditions for 12.2(33)SXH:
1. Sup720-10GE is running 12.2(33)SXH release.
2. There is at least one Legacy-based linecard (61xx/62xx/63xx), and the number of fabric enabled (65xx) linecards in the system is less than the truncated mode threshold (default threshold is 2).
3. There is no dCEF720 (DFC-based) linecard in the system.
Conditions for 12.2(33)SXH1:
1. Sup720-10GE is running 12.2(33)SXH1 release.
2. There is at least one Legacy-based linecard (61xx/62xx/63xx), and the number of fabric enabled (65xx) linecards in the system is less than the truncated mode threshold (default threshold is 2).
3. There is no dCEF720 (DFC-based) linecard in the system.
4. With 12.2(33)SXH1 release, if you have changed the default threshold configuration using a value greater than 2 with a global command like the following:
fabric switching-mode allow truncated threshold <value>
and the number of fabric enabled (65xx) linecards in the system is less than the configured threshold, you will experience the packet forwarding problems described above.
With 12.2(33)SXH1, if the default threshold configuration has not been changed (remains set to 2), you will not experience the packet forwarding problems.
Workaround for 12.2(33)SXH:
Use the following configuration CLI:
Router(config)# fabric switching-mode allow truncated threshold 1
Workaround for 12.2(33)SXH1
No workaround is needed if you use the default configuration (threshold set to 2).
If you do change the default configuration is issued, set the threshold to 1.
|
|
|
|
CSCso70237
|
WS-SVC-NAM-1 and WS-SVC-NAM-2 modules experience timeouts and reboots when capturing to local disk.
Note Although this problem was found during NAM 3.6(1b) development, you might experience this problem if you upgrade your NAM-1 or NAM-2 memory to 2 GB, but do not upgrade your software to NAM 3.6(1b).
Symptom: After enabling continuous capture to local disk, WS-SVC-NAM-1 and WS-SVC-NAM-2 modules start thrashing memory after a while and becomes unresponsive to the user and the supervisor. The supervisor module might even reset the NAM because of missing keep-alive timeouts.
Conditions: This occurs with WS-SVC-NAM-1 and WS-SVC-NAM-2 devices that have upgraded memory to 2 GB and are running continuous captures with NAM 3.6(1a) (or earlier) software.
Workaround: None
|
Anomalies Resolved in NAM 3.6(1a)
Table 8 describes anomalies resolved in NAM 3.6(1a) software. Each anomaly listed includes symptoms, conditions, and any workaround available.
Table 8 Anomalies Resolved in NAM 3.6(1a)
Bug ID
|
Description
|
CSCsj08353
|
NAM-1 and NAM-2 modules should provide a way to save the gateway and host name information
Symptom: The file named network on the /nvram/config partition on the hard disk is occasionally corrupted, causing loss of network configuration.
Conditions: This occurs under normal operating conditions.
Workaround: Reinstall the NAM image.
Note You will lose previously-existing data when you reinstall the NAM image.
|
CSCsj42259
|
When monitoring MPLS traffic, some GUI screens show no data.
Symptom: When monitoring traffic on an MPLS-enabled network, some of the Monitor screens in the NAM web interface do not show any data, such as the Hosts and Conversations screens.
Conditions: This occurs while viewing Monitor data after selecting anything other than an appropriate MPLS data source, such as All Span, Data Port 1, or Data Port 2. It only occurs if the traffic being monitored is tagged with MPLS labels.
Workaround: You might create one or more MPLS data sources, representing VRFs, VCs, or raw label values. The data will then be properly displayed when selecting those data sources on the affected Monitor windows.
Additional Information: MPLS is often used in service provider environments where the same IP addresses might actually be in use by different hosts on different subscriber networks. The traffic differs only in the MPLS labels. In this scenario, it would not make sense to group together all the counters for these different hosts and conversations simply because they are using the same IP addresses. Therefore, the counters are only available on the appropriate MPLS data sources. In the future, an option might be added to aggregate the counters and show Hosts and Conversations data even if the MPLS tags differ.
|
CSCsj42301
|
When viewing application statistics for MPLS under the ALL SPAN data source, the values for the MPLS protocol counters are twice what they should be.
Conditions: This anomaly occurs with all MPLS-tagged traffic.
Workaround: None
|
CSCsj42593
|
The counters on the Monitor > Applications > TCP/UDP Port Table > Current Rates window are all zeroes.
Symptom: The Monitor TCP/UDP port table had entries with zeroes in the counters, although the Monitor > Applications window showed the same entries increasing.
Conditions: This occurs under normal operation.
Workaround: Disable the TCP/UDP port table from the Setup > Monitor window.
|
CSCsj42889
|
NAM should prevent you from adding a second instance of a port already configured in the Selected Sources.
Symptom: On the Create and Edit windows of Setup > Datasource, you can enter the same datasource with different directions (Transmit and Both). However, only the first datasource added to the selection list is accepted. There were no error messages to indicate that you could not add the same datasource with different directions when you add instances of a datasource you have already configured.
Conditions: In the case of direction (Receiving), the code worked correctly and you would not be able to add the same datasource twice.
Workaround: None.
|
CSCsj44197
|
Filter selection is incorrectly labeled on the Monitor > Conversations > Application Hosts window. The selection should be Source, Destination, and Source and Destination.
Symptom: Filter selections on the Monitor > Conversations > Application Hosts window are labeled Client, Server, and Client and Server. However, the headers show Source and Destination so the selection box should be labeled Source, Destination, and Source and Destination
Conditions: This occurs under normal operating conditions.
Workaround: None.
|
CSCsj49921
|
An empty Basic Conversation TopN report is seen with the default Period
Symptom: Report with 8-hour polling interval cannot be seen with the default report period and granularity settings.
Conditions: This happens when the reports are configured with a polling interval greater than the default granularity (1 hour).
Workaround: Select different report periods (weekly, monthly) that have granularity higher than 8 hours.
|
CSCsj51193
|
Modify some time displays of from 00:00 to 24:00 on the topN report window
Symptom: The TopN report should display 24:00 instead of 00:00 as the last hour of the day in TopN report.
Conditions: This occurs when working with TopN reports.
Workaround: None.
|
CSCsj59453
|
The Add Dest. Port 2 function is not working with a large number of VLANs configured on the
Setup > Data Sources > SPAN window.
Instead of the SPAN being created, an Invalid syntax error displays.
|
