Table Of Contents
Release Notes for the Network Analysis Module Software Release 3.6(1a)
Contents
New Features in NAM 3.6
New Features in NAM 3.6(1a)
Conversation Table Enhancement
TopN Conversation Report
TCP/UDP Port Table
TopN UDP/TCP Port Report
New Features in NAM 3.6.1
System Requirements
Hardware Requirements
Software Requirements
NME-NAM-80S Software Requirements
NM-NAM Software Requirements
Browser Requirements
Upgrading NAM Software
Supported Upgrades
Upgrading NAM Software
Upgrading Software Using NAM CLI
Product Documentation
Related Product Documentation
Limitations and Restrictions
Caveats
Known Anomalies in NAM 3.6(1a)
Anomalies Resolved in NAM 3.6(1a)
Anomalies Resolved in NAM 3.6
Release Notes for the Network Analysis Module Software Release 3.6(1a)
Revised: April 2, 2008, OL-11516-04
These release notes provide general information about Cisco Network Analysis Module (NAM) software release 3.6 including system requirements, limitations and restrictions, new features, product documentation, and known and resolved anomalies.
NAM 3.6(1a) is available for NAM-1, NAM-2, and NME-NAM-80S as part of new hardware orders or by download from Cisco.com. For NM-NAM, NAM 3.6(1a) is available via download only on Cisco.com.
Product Numbers
SC-SVC-NAM-3.6
(Cisco Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module Software 3.6)
NME-NAM-SW-3.6
(Cisco Branch Routers Series Network Analysis Module Software 3.6)
CCO Date: Release 3.6(1a), August 2007
NAM 3.6(1a) is a complete software release, not a patch. To upgrade to NAM 3.6(1a) from previous versions of NAM, enter the NAM CLI command upgrade while in maintenance mode. For information about the upgrade command see the Network Analysis Module 3.6 Command Reference Release at the following URL:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_command_reference
_chapter09186a00807ee6c2.html#wp1048351
Note 
For detailed installation and configuration procedures for the NAM, see the Quick Start Guide for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module, Release 3.6 or the Quick Start Guide for the Cisco Branch Routers Series Network Analysis Module, Release 3.6, Installation and Configuration Note for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module Release 3.6 and User Guide for the Network Analysis Module Traffic Analyzer Release 3.6. See Product Documentation for more information.
Contents
This document includes the following sections:
•New Features in NAM 3.6
•System Requirements
–Hardware Requirements
–Software Requirements
–Browser Requirements
•Upgrading NAM Software
•Product Documentation
•Limitations and Restrictions
•Caveats
–Known Anomalies in NAM 3.6(1a)
–Anomalies Resolved in NAM 3.6(1a)
–Anomalies Resolved in NAM 3.6
New Features in NAM 3.6
•New Features in NAM 3.6(1a)
•New Features in NAM 3.6.1
New Features in NAM 3.6(1a)
The following sections describe the new features in NAM 3.6(1a).
Conversation Table Enhancement
NAM 3.6(1a) provides a new Application Hosts window under Monitor > Conversations that enables you to collect information about TCP and UDP port usage. This window displays information about conversations between pairs of hosts, including the server, TCP/UDP port in use, and the application protocol as classified by the NAM. This table can grow very large, so the GUI shows only the cumulative counter values for packets and bytes, and you cannot sort it by any arbitrary column header. Entries of interest can be located using the display filtering to show only entries related to a particular host or part of a host address or name.
Use the control buttons to navigate to the starting, next, or previous page, and use Export to export the table in CSV file format to an external host.
Highlights of Conversation Table Enhancements
•Table entries contain source address, destination address, protocol name, and port number
•Collection configurable per data source
•Monitor screen shows pages of data in native sorted order
•Monitor screen shows cumulative packet and byte statistics
•Current rates and topN monitor screens are not available
•Supports export of all data or just a screenful of data to external host in CSV format
Note In some cases multiple port numbers can be used for the same protocol. In these cases, the NAM will display only one conversation entry for that protocol, and it might not be possible to tell all of the server ports that are being used on the network for that application. You can view information about all server ports in use on the new TCP/UDP Port Table window.
TopN Conversation Report
The existing NAM topN Conversation reporting feature has been enhanced to include an optional Application field. If specified, the Application field is used to further refine which conversations you are interested in reporting. The maximum value of N is 200, meaning that the NAM supports reporting on up to the top 200 conversations per interval. You can store up to 100 days of report data onboard the NAM.
Highlights of the TopN Conversation Report Enhancement:
•Interval-based report displayed in a fashion consistent with other NAM reports.
•Export of all report data to an external host in CSV format will be supported.
TCP/UDP Port Table
A new collection feature maintains a list of all the server ports observed on a particular data source. You enable this feature on the Setup > Monitor > Core Monitoring window. The NAM displays the results on the Monitor > Applications > TCP/UDP Port Table window. You can export the results in CSV file format.
Highlights of the TCP/UDP Port Table Enhancement:
•Table entries capture number of packets and bytes observed
•Collection configurable per data source
•Export of all data or just screenful of data to external host in CSV format is supported.
•Current Rates and TopN monitor screens are available as well as Cumulative.
TopN UDP/TCP Port Report
A TopN style report provides up to the Top 200 ports observed on a data source within a reporting interval. You can store up to 100 days of report data onboard the NAM. The report looks similar to the application TopN report supported in earlier releases.
Highlights of the TCP/UDP Port Report Enhancement:
•Interval-based report displayed in a fashion consistent with other NAM reports.
•Export of all report data to an external host in CSV format will be supported.
New Features in NAM 3.6.1
This section lists the new features added to the NAM 3.6 release.
Note All features apply to NAM-1, NAM-2, NM-NAM, and NME-NAM unless otherwise indicated.
•Support for the new NME-NAM
The new NME-NAM-80S offers superior WAN traffic monitoring throughput, an 80GB capacity hard disk drive to store even more capture data on-board, and a Gigabit Ethernet external interface to support high-throughput LAN traffic monitoring in the Empowered Branch. It includes the embedded, web-based Traffic Analyzer GUI, providing anytime, anywhere visibility into network traffic.
•Transaction-Aware Application Response Time (ART) Monitoring
The transaction-aware application response time monitoring feature provides visibility into application response time and network latency. The ART feature provides the following metrics: Application Delay, Network Delay, Client Network Delay, Server Network Delay, Total Delay, and the number of network connections. All of the delay metrics are available in Average, Minimum, and Maximum values and can be measured by a single NAM. You can also measure Application Transaction Time, defined as the elapsed time from the first packet of the client request until the last packet of the server response.
•Live Reporting
NAM 3.6 includes an updated historical reporting capability that provides highly granular visibility into network traffic, including individual applications and end-users. Enabling operations staff to identify anomalies in network traffic that can disrupt business operations, the Cisco NAM's live reporting capability exposes potential problems that would otherwise be masked if critical report updates occurred less frequently than one minute. This feature applies to all reports, except TopN reports.
•Voice Quality Monitoring Enhancement with Support for CallManager 5.0 with SCCP
This enhancement enables you to view metrics for the following:
–Audio, video (when available), and data channels quality (packet loss and jitter)
–Active calls
Drill-down to obtain information on such fields as call reference value, media (audio/video/data) receiving address and port, and line instance.
–Top (up to 20) worst quality calls
–Known phones and the details of the five last-ended calls per known phone
•Increased GUI configuration support for up to 1500 VLANs (NAM-1 and NAM-2 only)
This usability enhancement permits the configuration of up to 1500 VLANs using the NAM GUI.
•Data Source Persistence
This usability enhancement permits you to view the last selected data source when browsing multiple Monitor windows that include a drop-down data source list. This feature is especially useful when large numbers of data sources have been configured, yet monitoring is focused on a particular data source. It saves time locating the same data source of interest to monitor when navigating among Monitor windows. The data source persists until you select another data source from the drop-down data source list.
•Support for new protocols
This enhancement enables you to monitor, capture, and decode the following protocols:
–tivconnect
–ulp
–componentstatusprotocol
–oicq
–ipfix
–esp-null including esp.tcp, esp.udp. and esp.unknown
–Diameter including diameter-common, nasreq, diameter-mip, diameter-baseacct, diameter-cc, diameter-eap, diameter-sip, and diameter-unknown
–SMPP
–SSMPP
•GUI Enhancements
A Refresh button is added to the Setup > Data Source > SPAN window when you create and edit SPAN data sources. Use the Refresh button to update switch configuration information in case there has been a configuration change on the switch.
System Requirements
This section describes the hardware, software, and browser requirements for NAM 3.6.
Hardware Requirements
Table 1 identifies the hardware modules and platforms required to use NAM 3.6(1).
Table 1 NAM Hardware Compatibility
Module
|
Platform or Devices
|
WS-SVC-NAM-1
WS-SVC-NAM-2
|
•Catalyst 6000 Series
•Catalyst 6500 Series
•Cisco 7600 Series
|
NM-NAM
|
•Cisco 262xXM
•Cisco 265xXM
•Cisco 2691 Multiservice Platform
•Cisco 2811 Integrated Services Router
•Cisco 2821 Integrated Services Router
•Cisco 2851 Integrated Services Router
•Cisco 3660 Multiservice Platform
•Cisco 3725 Multiservice Access Router
•Cisco 3745 Multiservice Access Router
•Cisco 3825 Integrated Services Router
•Cisco 3845 Integrated Services Router
|
NME-NAM-80S
|
•Cisco 2811 Integrated Services Router
•Cisco 2821 Integrated Services Router
•Cisco 2851 Integrated Services Router
•Cisco 3725 Multiservice Access Router
•Cisco 3745 Multiservice Access Router
•Cisco 3825 Integrated Services Router
•Cisco 3845 Integrated Services Router
|
Software Requirements
This section describes the switch or router (system) software required to use NAM 3.6. Table 2 lists the minimum system software versions required to use NAM 3.6.
Table 2 Software Requirements for Minimum OS Versions
Module
|
Software
Release
|
Orderable Product Number
|
Minimum IOS Software Versions Supported
|
Minimum CatOS Software Versions Supported
|
WS-SVC-NAM-1
WS-SVC-NAM-2
|
NAM 3.6
|
SC-SVC-NAM-3.6
|
•Release 12.1(13)E1 or later with a Supervisor Engine 2 with an MSFC2.
•Release 12.2(14)SX1 or later with a WS-SUP720.
•Release 12.2(18)SXF or later for Catalyst 6500 with SUP32
•Release 12.2(33)SXH1 or later with SUP720-10G
•Release 12.2(33)SRA or later for Cisco7600 with SUP32 or SUP720
•Release 12.2(33)SRC or later for Cisco7600 with RSP720-1G
|
•Release 7.3(1) or later with Supervisor Engine 2.
•Release 8.2(1) or later with a WS-SUP720.
|
NM-NAM
|
Not applicable2
|
•Release 12.3(7)T or later or 12.4(1) or later
|
Not applicable
|
NME-NAM-80S
|
NME-NAM-SW-3.6
|
•Release 12.4(9)T1 or later
|
Not applicable
|
Table 3 lists the Cisco IOS and CatOS versions used on the Catalyst 6500 Series and Cisco 7600 Series (except as noted) when testing and developing NAM 3.6.
Table 3 Latest Supported IOS and Cat OS Versions
Modules
|
Cisco IOS
Versions
|
Catalyst OS
Versions
|
WS-SVC-NAM-1
WS-SVC-NAM-2
|
12.2(18)SXD4
12.2(18)SXD7
12.2(18)SXE4
12.2(18)SXF3
12.2(18)SXF4 (Modular IOS)
12.2(18)SXF5
12.2(18)SXF7 (ION)
12.2(18)SXF9
12.2(18)SXF9 (ION)
12.2(18)SXF10
12.2(18)SXF11
12.2(33)SXH1
12.2(33)SRA for Cisco 7600
12.2(33)SRB for Cisco 7600
12.2(33)SRC for Cisco 7600
|
CatOS 8.5
CatOS 8.6(1)
|
The software versions in Table 3 are the specific versions used in testing NAM 3.6. All system software releases from the minimum to the latest version tested are officially supported. Note the following conditions and exceptions:
•Cisco IP Phone firmware 6.0 and above is required for SIP voice packet quality monitoring.
•IOS 12.2(18)SXE4, at minimum, is required to support the ERSPAN feature. Dependencies and limitations for ERSPAN can be found in Configuring Local SPAN, RSPAN, and ERSPAN, Guidelines and Restrictions, at:
http://www.cisco.com/ef/cc/td/doc/product/lan/cat6000/122sx/swcg/span.htm
•IOS 12.2(18)SXD or CatOS 8.5 are required to support the Virtual SPAN feature.
•IOS releases 12.2(33)SRB and 12.2(33)SRB! on the Cisco 7600 Series Route Switch Processor 720 (RSP 720) do not support NAM-1 and NAM-2.
NME-NAM-80S Software Requirements
The minimum software version required to use NME-NAM-80S modules with NAM 3.6 is Cisco IOS Version 12.4(9)T or later.
Note The NME-NAM-80S has been tested with IOS 12.4(10).
NM-NAM Software Requirements
The minimum software version required to use NM-NAM modules with NAM 3.6 is Cisco IOS Version 12.3(7)T or later or 12.4(1) or later.
Note The NM-NAM has been tested with IOS 12.4(9)T and 12.4(11)T.
Browser Requirements
Table 4 describes the browser requirements for all platforms. Cisco recommends you use the Internet Explorer browser, but Mozilla and Firefox are also supported.
Table 4 Browser Requirements
Browser
|
Versions
|
Platform
|
Internet Explorer (recommended)
|
6.0, 7.0
|
•Windows
•Windows XP Professional
|
Mozilla
|
1.7
|
•Windows
•Windows XP Professional
•Solaris
|
Firefox
|
1.5, 2.0
|
•Windows
•Windows XP Professional
•Solaris
•Redhat Enterprise Linux
|
Note Although Traffic Analyzer does not require a Java plug-in, you might be required to use the Java Virtual Machine (JVM). The Java plug-in versions listed have been tested for browsers that require a plug-in for the JVM. Cisco recommends JRE Version 5.0 Update 6.
Upgrading NAM Software
This section provides the following topics:
•Supported Upgrades
•Upgrading Software Using NAM CLI
Supported Upgrades
NAM 3.6 supports the following upgrades:
•You can upgrade WS-SVC-NAM-1 and WS-SVC-NAM-2 modules to NAM 3.6 from NAM 3.4 and NAM 3.5 software releases (with any patches).
•You can upgrade NM-NAM modules to NAM 3.6 from NAM 3.4 and NAM 3.5 software releases (with any patches).
Note NAM 3.6 does not support upgrades from NAM 3.3 or below.
Upgrading NAM Software
If you are upgrading WS-SVC-NAM-1 or WS-SVC-NAM-2 module, follow the Catalyst 6000 NAM software upgrade procedures described in the chapter Administering the Network Analysis Module in the following documents:
•For NAMs installed in IOS switch:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide
_chapter09186a00805e34fd.html#wp1035516
•For NAM installed in CatOS switch:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide
_chapter09186a00805e34fd.html#wp1036152
For NM-NAMs, follow the software upgrade procedures documented in the section Upgrading the NAM Software-Full Image of the NM-NAM Feature Guide.
http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature
_guide09186a00801d6096.html#wp1088954
Upgrading Software Using NAM CLI
To upgrade software using the NAM CLI, go to maintenance mode and enter the NAM CLI command upgrade. For information about the upgrade command see the Network Analysis Module Command Reference, Release 3.6 at the following URL:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_command_reference
_chapter09186a00807ee6c2.html#wp1048351
You can apply the NAM 3.6.1 Crypto K9 patch, nam-app.3-6.cryptoK9.patch.1-0.bin, on top of
NAM 3.6.1 using NAM CLI command patch.
Product Documentation
Note We sometimes update the printed and electronic documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. You can find product documentation for all NAM software releases at the following URL:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/tsd_products_support_series_home.html
Your product shipped with a Documentation CD-ROM. The Documentation CD-ROM contains product documentation that you can access and print.
The following is a list of the documentation for Cisco Network Analysis Module, Release 3.6. You can access the URLs listed for each document on the Documentation CD-ROM and at www.cisco.com at the following URLs:
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/tsd_products_support_series_home.html
We recommend you refer to the documentation in the following order:
•Documentation Guide for the Cisco Network Analysis Module, Release 3.6 (78-17882-01)
http://preview.cisco.com/en/US/products/sw/cscowork/ps5401/products_documentation
_roadmap09186a00807ed524.html
•Release Notes for the Cisco Network Analysis Module, Release 3.6 (OL-11516-02), this document
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/prod_release
_note09186a00807ed386.html
•Quick Start Guide for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module, Release 3.6 (OL-11517-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_quick
_start09186a00807ee748.html
•User Guide for the Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module, Release 3.6 (OL-11519-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_user_guide
_book09186a00807ed53e.html
•Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module Command Reference, Release 3.6 (OL-11521-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_command_reference
_book09186a00807ee642.html
•Cisco Branch Router Series (NME-NAM) Installation and Configuration Note (OL-11624-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_installation_and
_configuration_guide09186a00807ee90a.html
•Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module Installation and Configuration Note, Release 3.6 (OL-12753-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_installation_and
_configuration_guide_book09186a00807ed3c6.html
•Copyright Notices for the Cisco Network Analysis Module, Release 3.6 (78-17782-01)
http://www.cisco.com/en/US/products/sw/cscowork/ps5401/products_regulatory_approvals_and
_compliance09186a00807ed399.html
Related Product Documentation
The following is a list of related documentation.
•Cisco Network Modules Hardware Installation Guide
http://www.cisco.com/en/US/products/hw/modules/ps2797/products_installation_guide
_book09186a008078719d.html
•Cisco Network Modules and Interface Cards Regulatory Compliance and Safety Information
http://www.cisco.com/en/US/products/hw/modules/ps2797/products_regulatory_approvals_and
_compliance09186a0080183b96.html
Limitations and Restrictions
Before using the NAM, read the Quick Start Guide for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module and Installation and Configuration Note for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module Release 3.6.
The following are limitations and restrictions for NAM software release 3.6 users:
•You must now configure the local time zone for the NAM regardless of the time synchronization source (switch or NTP). For more information on configuring the local time zone using Traffic Analyzer, see the User Guide for the Network Analysis Module Traffic Analyzer Release 3.6.
•If you change the NAM IP address, the default gateway resets to 0.0.0.0. Enter the new default gateway for the new IP address to an address other than one on the current subnet.
Before using the NM-NAM, please read the Cisco Network Modules Quick Start Guide, NM-NAM Feature Module, and the Quick Start Guide for the Cisco Branch Router Series Network Analysis Module.
The following are limitations and restrictions for NM-NAM software release 3.6 users:
•If you change the NAM IP address, the default gateway resets to 0.0.0.0. Enter the new default gateway for the new IP address.
•The NBAR-PD feature is supported in the NM-NAM only and requires the IOS version 12.3(7)T or later.
Caveats
This section provides information about active and resolved anomalies in the NAM 3.6 software.
Note To obtain more information about known problems, access the Cisco Software Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/home.pl. (You will be prompted to log in to Cisco.com.)
This section provides the following:
•Known Anomalies in NAM 3.6(1a)
•Anomalies Resolved in NAM 3.6(1a)
•Anomalies Resolved in NAM 3.6
Known Anomalies in NAM 3.6(1a)
Table 6 describes anomalies known to exist in NAM 3.6 software. Each anomaly listed includes symptoms, conditions, and any workaround available.
Table 5 Known Anomalies in NAM 3.6(1a)
Bug ID
|
Description
|
CSCsm69310
|
A known IOS issue might cause you to lose connectivity to the NAM.
Typical symptoms are:
•CLI login attempts to the NAM fail.
•You cannot launch the NAM GUI.
•Pings to the NAM IP address fail.
•You are able to create a NAM session from the supervisor CLI
Packet forwarding from Sup720-10GE uplink ports to Fabric-enabled (65xx) linecards card can fail when all of the following conditions are met:
Conditions for 12.2(33)SXH:
1. Sup720-10GE is running 12.2(33)SXH release.
2. There is at least one Legacy-based linecard (61xx/62xx/63xx), and the number of fabric enabled (65xx) linecards in the system is less than the truncated mode threshold (default threshold is 2).
3. There is no dCEF720 (DFC-based) linecard in the system.
Conditions for 12.2(33)SXH1:
1. Sup720-10GE is running 12.2(33)SXH1 release.
2. There is at least one Legacy-based linecard (61xx/62xx/63xx), and the number of fabric enabled (65xx) linecards in the system is less than the truncated mode threshold (default threshold is 2).
3. There is no dCEF720 (DFC-based) linecard in the system.
4. With 12.2(33)SXH1 release, if you have changed the default threshold configuration using a value of ">2" with a global command like the following:
fabric switching-mode allow truncated threshold <value>
and the number of fabric enabled (65xx) linecards in the system is less than the configured threshold, you will experience the packet forwarding problems described above.
With 12.2(33)SXH1, if the default threshold configuration has not been changed (remains set to 2), you will not experience the packet forwarding problems.
Workaround for 12.2(33)SXH:
Use the following configuration CLI:
Router(config)# fabric switching-mode allow truncated threshold 1
Workaround for 12.2(33)SXH1
No workaround is needed if you use the default configuration (threshold set to 2).
If you do change the default configuration is issued, set the threshold to 1.
|
|
|
|
CSCse04668
|
The NAM is unable to identify span ports for SIP-600/SPA-10X1GE and similar hardware.
Symptom: NAM uses SNMP object moduleNumPorts to locate span interfaces and moduleNumPorts is not available on the 7600-SIP-600/SPA-10X1GE and similar hardware (such as ES20). Newer versions of Cisco IOS use ENTITY-MIB, and the NAM should also query for these values to locate spannable interfaces.
The Setup > Data Sources > Switch Modules window does not list SPA-10X1GE as an available module with available sources.
Conditions: This occurs during normal operating conditions.
Workaround: Create the span using CLI monitor session commands like the following:
monitor session 1 source GigabitEthernet 1/0/1
monitor session 1 destination 7/7
|
CSCsh44373
|
UserDefinedProtocol: Defined protocol always has port range equal to 1
Symptom: The Setup > Protocol Directory > Autolearned Applications window has Enable Autolearned Protocol enabled. Go to the Setup > Protocol Directory > Individual Protocol window, click Create, and try to create a TCP or UDP protocol with Port Range greater than 1. The protocol created always has a Port Range equal to 1.
Conditions: This occurs when you try to create a protocol that has already been learned by the NAM. This happens from both the CLI and the GUI.
Workaround:
1. Go to the Setup > Protocol Directory > Autolearned Applications window.
2. Uncheck the Enable Autolearned Protocol check box, and confirm.
3. Create the protocol from the Setup > Protocol Directory > Individual Applications window.
4. Return to the Setup > Protocol Directory > Autolearned Applications window and re-enable Autolearned Applications.
The cause of this issue is that the protocol you are trying to define or create has already been learned by the the NAM autolearn feature. Due to the autolearn, there is already a protocol entry in the NAM protocol directory matching the protocol you are trying to define. The NAM does not allow you to modify Port Range of existing protocol entry.
|
CSCsh76977
|
Mozilla and Firefox: TopN conversation report does not show data.
Symptoms: In the Firefox (Mozilla) browser, the TopN Conversation reports do not show the bar graphs if the values are too small.
Conditions: This happens when the values to be plotted are too small.
Workaround: Read the numeric values showed in the left side of the TopN report.
|
CSCsj64804
|
NAM does not display ports with double quotes when you create a data source.
Symptom: NAM does not seem to understand the double quote character correctly in data source creation.
Conditions: This is seen on NAM 3.6(1), other versions may also be affected.
Workaround: None.
|
CSCsj75220
|
The Setup > Switch Parameters > NBAR window occasionally shows a digit for interface type
Symptom: On the Setup > Switch Parameters > NBAR window, the port type is occasionally shown as a number instead of a string representation.
Conditions: This occurs under normal operating conditions.
Workaround: Refresh the screen a few times.
|
CSCsh44373
|
UserDefinedProtocol: Defined protocol always has port range equal to 1
Symptom: The Setup > Protocol Directory > Autolearned Applications window has Enable Autolearned Protocol enabled.
Go to the Setup > Protocol Directory > Individual Protocol window. Click Create, then try to create a TCP or UDP protocol with Port Range more than 1. The end result is that the protocol created with Port Range equals 1.
Conditions: This might occur when creating a protocol that has already learned by the NAM.
The root cause of this issue is that the protocol user is trying to define/create has already been learned by the the NAM autolearn feature. As the result of the autolearn, there is already a protocol entry in the NAM protocol directory which matches the protocol that the user is trying to define. The NAM does not allow modify Port Range of existing protocol entry.
Workaround:
1. Go to the Setup > Protocol Directory > Autolearned Applications window.
2. Uncheck the Enable Autolearned Protocol check box, and confirm.
3. Create the protocol from the Setup > Protocol Directory > Individual Applications Create window.
4. Enable back the Autolearned Applications.
|
CSCsh76977
|
Using the Mozilla and Firefox browser, the TopN conversation report does not show data
Symptom: In the Firefox (or Mozilla) browser, the TopN Conversation reports do not show the bar graphs if the values are too small.
Conditions: This happens when the values to be plotted are small.
Workaround: Read the numeric values showed in the left side of the TopN report instead.
|
CSCsj72118
|
NAM Automate Response Time shows wrong transaction time counters
NAM 3.6(1) may show different average and maximum transaction times in the Monitor >
Response Time > Server > Client Application window compared to the average and maximum transaction times in the Response Time Server / Client Application details window. Both the main Server / Client Application and the Details page should show the same information.
Symptom: NAM 3.6(1a) might show different average and maximum transaction times in the Monitor >
Response Time > Server > Client Application window compared to the average and maximum transaction times in the Response Time Server / Client Application details window.
Both the main Server / Client Application and the Details window should show the same information.
Conditions: Viewing display of Average and Maximum Transaction Times.
Workaround: None.
|
CSCsj75220
|
Interface type on Setup > Switch Parameters > NBAR window occasionally shows a number instead of a string.
Symptom: The Setup > Switch Parameters > NBAR window occasionally shows the port type as a number rather than the string representation.
Conditions: This occurs under normal operating conditions.
Workaround: Refresh the browser window a few times.
|
CSCsj83682
|
Cannot capture ERSPAN packets when attempting to capture from Monitor > Conversations window.
Symptom: Cannot capture ERSPAN packets from Monitor > Conversations window.
Conditions: This occurs during normal operations.
Workaround: Set up captures through the Capture tab.
|
CSCsj87440
|
Need to verify the Read/Write Community String on the Router Information page.
Symptom: On Setup > Router Parameters window, the user must enter the read/write community string. If the user enters the read string only, there is no indication that the write string is not there. That particular screen reads data from the router and displays it on the screen. So it will not show that the user actually entered the read only string.
The problem shows up when the user tries to change configuration on the router, like from the
Setup > Router > NBAR window. The Submit function will not work, because you cannot change router configuration if no write string has been entered.
There is no error message to indicate that the write string is missing. The only way the NAM can detect this is by changing an object on the router and testing to see if the change took place. This is invasive to the router.
Conditions: This occurs under normal operating conditions.
Workaround: Enter the correct read/write community string.
|
CSCsj87458
|
No active SPAN session is seen after upgrading NAM image.
Symptom: When upgrading the NAM image and immediately going to the web GUI, the switch information is occasionally not yet available. This is seen on any screen that requires switch information. It is a timing situation where the synchronization between the switch and the NAM is not yet completed.
Conditions: This might occur after you upgrade the NAM image.
Workaround: Wait a few minutes and then refresh the window.
|
CSCsk08953
|
The CSV export function does not work on the Monitor > Applications > TCP/UDP Port Table window.
Symptom: When you click the CSV Export icon on the Monitor > Applications > TCP/UDP Port Table window (upper-right corner), the export does not begin and an error message displays in the Tech Support window.
Conditions: This occurs when you select the default data sources for the display, such as ALL SPAN on the NAM-1 and NAM-2 platforms.
Workaround: Click on any column header to sort by that column. After doing so, the CSV export function will work normally.
|
CSCsl71489
|
When displaying the VSS power information, the chassis information is reversed.
Symptom: When displaying the redundant power on a VSS system, chassis 1 and chassis 2 information is reversed.
Conditions: This occurs when you attempt to display power information on the Switch Information window under Monitor > Switch > Health on a VSS system using NAM 3.6(1a) Patch 2.
Workaround: None
|
CSCsl73571
|
NAM cannot communicate with RMON after attempting to enable URL collection failure and getting an error and clicking Apply a few more times.
Symptom: Cannot communicate with RMON.
Conditions: This occurs with NAM 3.6(1a) when you attempt to enable a URL collection after several repeated failures from the Setup > Monitor > URL Collection window. The following error messages might also display:
Error Communicating with RMON deamon
Lost communication with RMON
Workaround: None, but after a few minutes, RMON will come up automatically, and the system will function normally again.
|
Anomalies Resolved in NAM 3.6(1a)
Table 6 describes anomalies known to exist in NAM 3.6 software. Each anomaly listed includes symptoms, conditions, and any workaround available.
Table 6 Anomalies Resolved in NAM 3.6(1a)
Bug ID
|
Description
|
CSCsj08353
|
The NAM-1 and NAM-2 should provide a way to save the gateway and host name information
Symptom: The file named network on the /nvram/config partition on the hard disk is occasionally corrupted, causing loss of network configuration.
Conditions: This occurs under normal operating conditions.
Workaround: Reinstall the NAM image.
Note You will lose previously-existing data when you reinstall the NAM image.
|
CSCsj42259
|
When monitoring MPLS traffic, some GUI screens show no data.
Symptom: When monitoring traffic on an MPLS-enabled network, some of the Monitor screens in the NAM web interface do not show any data, such as the Hosts and Conversations screens.
Conditions: This occurs while viewing Monitor data after selecting anything other than an appropriate MPLS data source, such as All Span, Data Port 1, or Data Port 2. It only occurs if the traffic being monitored is tagged with MPLS labels.
Workaround: You might create one or more MPLS data sources, representing VRFs, VCs, or raw label values. The data will then be properly displayed when selecting those data sources on the affected Monitor windows.
Additional Information: MPLS is often used in service provider environments where the same IP addresses might actually be in use by different hosts on different subscriber networks. The traffic differs only in the MPLS labels. In this scenario, it would not make sense to group together all the counters for these different hosts and conversations simply because they are using the same IP addresses. Therefore, the counters are only available on the appropriate MPLS data sources. In the future, an option might be added to aggregate the counters and show Hosts and Conversations data even if the MPLS tags differ.
|
CSCsj42301
|
When viewing application statistics for MPLS under the ALL SPAN data source, the values for the MPLS protocol counters are twice what they should be.
Conditions: This anomaly occurs with all MPLS-tagged traffic.
Workaround: None
|
CSCsj42593
|
The counters on the Monitor > Applications > TCP/UDP Port Table > Current Rates window are all zeroes.
Symptom: The Monitor TCP/UDP port table had entries with zeroes in the counters, although the Monitor > Applications window showed the same entries increasing.
Conditions: This occurs under normal operation.
Workaround: Disable the TCP/UDP port table from the Setup > Monitor window.
|
CSCsj42889
|
NAM should prevent you from adding a second instance of a port already configured in the Selected Sources.
Symptom: On the Create and Edit windows of Setup > Datasource, you can enter the same datasource with different directions (Transmit and Both). However, only the first datasource added to the selection list is accepted. There were no error messages to indicate that you could not add the same datasource with different directions when you add instances of a datasource you have already configured.
Conditions: In the case of direction (Receiving), the code worked correctly and you would not be able to add the same datasource twice.
Workaround: None.
|
CSCsj44197
|
Filter selection is incorrectly labeled on the Monitor > Conversations > Application Hosts window. The selection should be Source, Destination, and Source and Destination.
Symptom: Filter selections on the Monitor > Conversations > Application Hosts window are labeled Client, Server, and Client and Server. However, the headers show Source and Destination so the selection box should be labeled Source, Destination, and Source and Destination
Conditions: This occurs under normal operating conditions.
Workaround: None.
|
CSCsj49921
|
An empty Basic Conversation TopN report is seen with the default Period
Symptom: Report with 8-hour polling interval cannot be seen with the default report period and granularity settings.
Conditions: This happens when the reports are configured with a polling interval greater than the default granularity (1 hour).
Workaround: Select different report periods (weekly, monthly) that have granularity higher than 8 hours.
|
CSCsj51193
|
Modify some time displays of from 00:00 to 24:00 on the topN report page
Symptom: The TopN report should display 24:00 instead of 00:00 as the last hour of the day in TopN report.
Conditions: This occurs when working with TopN reports.
Workaround: None.
|
CSCsj59453
|
The Add Dest. Port 2 function is not working with a large number of VLANs configured on the
Setup > Data Sources > SPAN window.
Instead of the SPAN being created, an Invalid syntax error displays.
Symptom: Add Dest Port 2 does not work when a lot of vlans are configured on Dest Port 1.
Conditions: This only happens when there are an excessive number of VLANs with browsers handling large strings.
Workaround: None.
|
CSCsj69018
|
Ports to be added to the Selected Sources list are blocked on the Edit window.
Symptom: When editing datasources, if the direction was Transmit or Both, nothing would happen when you tried to add more datasources to the selection list. The Receive worked fine.
Conditions: This occurs under normal operating conditions.
Workaround: Delete the previously added datasource, and use create to add a block of datasources.
|
CSCsj69260
|
Operation status and Administrator status are not in text.
On the On the setup > Switch Parameters > NBAR window, when selecting an interface and going to the detail screen, sometimes the operational status, administrator status and interface type show as integers rather than strings.
Conditions: This occurs under normal operating conditions.
Workaround: Repeatedly click on the interface a few times. Eventually the correct information will be displayed.
|
CSCsj69329
|
The Application Protocol Usage chart is missing from the Network Hosts window.
Symptom: On the Monitor > Conversations > Network hosts window, when selecting a host and bringing up the pop-up details, there was no pie chart showing application usage.
Conditions: This occurs under normal operations.
Workaround: None.
|
CSCsj71015
|
Refresh button on the Setup > Switch Parameters > Mini-RMON window causes an error
Symptoms: On the Setup > Switch Parameters > Mini-RMON window, the Refresh button causes an error and unknown or invalid url to display on the screen.
Conditions: This occurs under normal operations.
Workaround: None.
|
CSCsj72118
|
NAM Automate Response Time shows wrong transaction time counters
NAM 3.6(1) may show different average and maximum transaction times in the Monitor >
Response Time > Server > Client Application window compared to the average and maximum transaction times in the Response Time Server / Client Application details window. Both the main Server / Client Application and the Details page should show the same information.
Symptom: NAM 3.6(1a) might show different average and maximum transaction times in the Monitor >
Response Time > Server > Client Application window compared to the average and maximum transaction times in the Response Time Server / Client Application details window.
Both the main Server / Client Application and the Details window should show the same information.
Conditions: Viewing display of Average and Maximum Transaction Times.
Workaround: None.
|
CSCsi07827
|
The Create SPAN data source window should still display after clicking the Refresh button.
Symptoms: Create SPAN data source window does not retain values.
Conditions: This problem occurs on the Setup > Data Sources > Create SPAN window after you click Create and select SPAN Type of VLAN and click Refresh. The window returns with SPAN type Switch Port and SPAN Destination Interface DATA PORT 1 when the window should remain on the previous setting.
Workaround: None. We suggest that you hit Refresh before saving your selections.
|
CSCsi09392
|
The NAM GUI does not allow more than one Transmit monitoring session.
Symptoms: The GUI only allows you to add one Transmit session. This restriction applied to older versions of the switch. Currently, the switch does not have this restriction.
Conditions: This occurs under normal operations.
Workaround: Use the CLI to configure more than one Transmit session.
|
CSCsi74356
|
NAM exception occurs for fragmented GRE-encapsulated packets
NAM sometimes has exception events when fragmented GRE-encapsulated packets are span/VACL/RSPAN/ERSPAN to the NAM.
Symptom: In some cases, if fragmented tunneled packets (such as GRE) are received, one of the NAM processes might crash and be restarted later by a watchdog.
Conditions: This defect might occur when a fragmented IP datagram is received for monitoring or when a capture taken inside a tunnel such as GRE.
Workaround: None.
|
CSCsi97446
|
A device's physical address is not readable.
Symptom: On the Monitor > Switch > Mini-Rmon detail window, the physical address was being shown as garbage.
Conditions: This occurs under normal operating conditions.
Workaround: The problem occasionally goes away after you bring up a new Details window.
|
Anomalies Resolved in NAM 3.6
Table 7 describes anomalies found in earlier releases of NAM that were resolved in NAM 3.6.
Table 7 Anomalies Resolved in NAM 3.6
Bug ID
|
Description
|
CSCse90874
|
Several PHP errors occur when monitor collection is not configured.
Symptoms: The Show Tech window displays PHP errors for several monitor windows when the particular monitor table is not enabled or there is no data for that table.
Conditions: This only happens when there is no monitor data for a particular window.
Workaround: A workaround is not necessary. These errors do not affect data being displayed properly when it is available. It is a matter of the code trying to read the array of data when there is no array of data. Therefore, a PHP error is generated.
|
CSCse90896
|
Setup > Preferences window has PHP errors if values in file are 0.
Symptoms: PHP errors occur if you modify the Setup > Preferences information.
Conditions: This only happens when the database is being updated with a false value and the value is already false.
Workaround: No workaround is necessary. A minor change in the file calls will correct the error messages. But the correct values of false are still being saved in the database file.
|
CSCse97810
|
NAM 3.5(1) remote-storage CLI throws errors on exit when nothing is done.
Symptoms: If you use the CLI command remote-storage then exit without doing anything, the following errors occur:
root@myname(sub-rs-nfs)# exit
ERROR: NFS description is not set.
To provide NFS description, use 'descr' subcommand.
Conditions: This is only an issue for NAM 3.5(1). Older versions do not support remote-storage functions and are not affected.
Workaround: Ignore the errors.
|
CSCse97829
|
NAM 3.5(1) GUI throws errors when adding an NFS drive directory with a dash character (-) in its name.
Symptoms: NAM remote-storage CLI allows a directory name is allowed to have a dash character (-).
However, if you try to use the NAM GUI interface and create an NFS drive using a directory name of something like nam-dir, you will see the errors.
Conditions: This is only an issue for the NAM 3.5(1). Older versions are not affected.
Workaround: Ignore the errors, or use the CLI command remote-storage instead of the GUI interface.
|
CSCsf02903
|
Enhancement request to add support for StationCallInfoV2Message for SCCP.
Symptoms: When using Cisco Unified CallManager 5.0.2 to manager SCCP phones, NAM cannot detect SCCP calls because StationCallInfoMessage (0x8F) is replaced by StationCallInfoV2Message (0x14A). NAM does not currently support StationCallInfoV2Message.
Conditions: This occurs if StationCallInfoV2Message is used by CallManager.
Workaround: None
|
CSCsf03723
|
If the control index (etherStatsIndex) of the etherStatsHighCapacityTable is larger than 65535, an SNMP walk on the etherStatsHighCapacityTable will loop (get-next returns index smaller or identical than previous one).
Symptoms: SNMP walk on etherStatsHighCapacityTable loops (get-next returns smaller or equal index).
Conditions: This occurs when etherStatsIndex is larger than 65535.
Workaround: Remove etherStatsEntry rows with etherStatsIndex larger than 65535.
Further Problem Description: The valid values for etherStatsIndex is 1-65535. The NAM fails to check for indices larger than 65535 and fails to handle them well when walking the etherStatsHighCapacityTable.
|
CSCsg52033
|
On WS-SVC-NAM-1 the packet length reported in capture through SNMP and the web GUI decode window is wrong for jumbo packets.
Symptoms: Packet length for captured packets on WS-SVC-NAM-1 is wrong for packets larger than 2048 bytes.
Conditions: This only affects the WS-SVC-NAM-1 and only for packets larger than 2048 bytes. The statistics in Monitor and Reports are not affected, only capture (both SNMP and in the web GUI). The capture file is not affected.
Workaround: Capture to file.
|
CSCsg54607
|
Creating a new etherStats entry with etherStatsStatus = valid(1) fails.
Symptoms: Creating a new etherStats entry with initial etherStatsStatus = valid(1) fails.
Conditions: This problem affects all NAM platforms under normal operation.
Workaround: Create new entry with etherStatsStatus = createRequest(2) and then change it to valid afterwards.
|
CSCsg54624
|
Creating a new channel entry with initial channelStatus = createRequest(2) fails.
Symptoms: Creating a new channel entry with initial channelStatus of createRequest(2) fails.
Conditions: This problem affects NAM platforms that use SNMP to do this configuration.
Workaround: Create a new channel entry with channelStatus of valid(1).
|
CSCsg62683
|
TopN data duplication is caused by old data are not properly removed for NAM-2 Reports.
Symptoms: The TopN data are occasionally duplicated from one interval to the next. The duplication is caused by old data not being properly removed.
Conditions: This occurs on TopN data reports of very active data sources.
Workaround: There is no workaround except to restart the NAM to fix the problem temporarily (by flushing out old data). The problem might eventually return.
|
CSCsg64270
|
The NAM does not respond to Keepalive polling after a switch reload.
Symptoms: NAM-1 or NAM-2 are powered down and the supervisor log reports that NAM was shut down due to missed Keepalive responses:
The NAM-2 module is power cycled because it does not respond to keepalive polling after a switch reload or when using output-intensive commands from a supervisor session.
This problem is more frequent with ION images than the IOS images. The module might power-cycle several times prior to becoming operational.
%OIR-SP-3-PWRCYCLE: Card in module 7, is being power-cycled off (Module not responding to Keep
Alive polling)
Conditions: WS-SVC-NAM-1 or WS-SVC-NAM-2 in Catalyst 6500 or 7600 family chassis with Supervisor 720 running IOS. Most often seen when NAM or switch is reloading (starting up) or when using session from supervisor to NAM and running commands with a lot of output (like show tech-support), but could happen at any time there is a lot of traffic on the EOBC.
Further Problem Description: The problem is caused by the EOBC MAC transmit queue getting stuck due to missing configuration. The timeout of the MAC to detect the problem is about the same time (5 seconds) as the Keepalive polling timeout. The Transmit queue seems to get stuck when there is a lot of traffic on the EOBC.
Workaround: Keep reloading or powering up the NAM. Or from the SP CLI (remote login switch) issue the command:
debug oir no-reset-on-crash <NAM module #>
You can also use Telnet or SSH to the NAM CLI for output-intensive commands.
|
CSCsg97421
|
Adopt new default daylight savings time (DST) rules from Energy Policy Act of 2005.
Symptoms: The impact of these changes is that the default values, which have been set for U.S. Standards, will be incorrect until the default values are changed in later versions of code. Furthermore, those systems that reside within time zones that are currently congruent with the United States definitions might no longer be so. This means that later versions of code might require the use of the summertime command to properly reflect current local time.
Conditions: For operating systems that have not been updated with the new DST policy changes, product time stamps will exhibit a one-hour time clock delay lasting three weeks beginning at 2 a.m. on the second Sunday in March of 2007 and as a one-hour clock delay lasting one week beginning at 2 a.m. on the first Sunday in November.
Workaround: None
|
CSCsg99886
|
HTTP header parsing is looping.
Symptoms: The message HTTP header parsing is looping! displays in the output of show tech-support command.
Conditions: This occurs with certain malformed HTTP request packets.
Further Problem Description: The impact is minimal as the parser detects the loop and aborts further parsing of the packet.
Workaround: None
|
CSCsg99868
|
Packet counters wrong for aged-out and relearned entries.
The rate calculated (in polld) is wrong for entries that are aged-out and then relearned later. This might happen when a lot of entries come back to the Monitor windows after some time.
Symptoms: Counters in the NAM web GUI Monitor Current Rate windows are too high.
Conditions: This problem occurs after returning to the current rate window after more than one hour and the collections are full (entries are being aged out). The rate calculated (in polld) is wrong for entries that are aged-out and then relearned later.
Workaround: Wait a few refresh intervals for data to settle.
|
CSCsh18288
|
UDP port 139 misclassified for NDE.
Symptoms: No statistics for UDP ports 139 and TCP port 445 are shown in the monitor application windows for NDE (NetFlow export) data sources.
Conditions: This only affects the NAM web GUI. SNMP will report the counters. NDE classifies UDP port 139 as nbt-session but should use nb-unknown. The same issues affects port TCP port 445. The NAM classifies these applications as nbt-session instead as nb-unknown. An nbt-session is not a leaf protocol in the protocolDir. Only leaf protocols are shown in the NAM web GUI.
Workaround: None.
|
CSCsh31426
|
ssh is disabled after a reboot.
Symptoms: you cannot ssh to the NAM card after a reboot.
Conditions: This problem occurs on all NAM hardware platforms (WS-SVC-NAM-1, WS-SVC-NAM-2 and NM-NAM) using NAM software version 3.5(1A) with nam-app.3-5.cryptoK9.patch.1-0.bin applied and ssh enabled (exsession on ssh).
Workaround: Enable ssh on the card after rebooting by using session from supervisor.
|
CSCsh49604
|
Error occurs when connecting to RMON daemon while creating a datasource for MPLS VRF.
Symptoms: When trying to create an MPLS data source from an imported VRF or VC, the following error message displays:
Error connecting to RMON daemon while creating Datasource.
When this occurs, the GUI will be unresponsive for up to a few minutes and all existing MPLS and VLAN datasources will be lost.
Conditions: This anomaly occurs very rarely.
Workaround: Wait for the GUI to become responsive again, re-import the MPLS information from the router (or a file), then recreate the data sources you want to monitor.
|
CSCsj69580
|
Granularity should be set to the same or greater value of the polling interval for the TopN reports
Symptom: Report with 8-hour polling interval cannot be seen with the default report period and granularity settings.
Conditions: This happens when the reports are configured with a polling interval greater than the default granularity (1 hour).
Workaround: Select different report periods (weekly, monthly) that have granularity higher than 8 hours.
|
CCDE, CCENT, Cisco Eos, Cisco StadiumVision, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn is a service mark; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0803R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2008 Cisco Systems, Inc. All rights reserved.
