Guest

Cisco NetFlow Collection Engine

Release Notes for Cisco NetFlow Collector, Release 6.0

  • Viewing Options

  • PDF (394.7 KB)
  • Feedback
Release Notes for Cisco NetFlow Collector, Release 6.0

Table Of Contents

Release Notes for Cisco NetFlow Collector, Release 6.0

Contents

Overview

New Features in This Release

NFC Requirements

System Requirements

Hardware Requirements

Supported Operating Systems and Platforms

Browser Requirements

NFC Licensing

Important Notes

Daylight Saving Time Updates for NFC

Resolved Problems

Known Limitations and Problems

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines


Release Notes for Cisco NetFlow Collector, Release 6.0


September 2007, OL-11397-01

These release notes provide information about new features in the Cisco NetFlow Collector 6.0 release. The NetFlow Collector (NFC) application is used with the NetFlow services data export feature on Cisco routers and Catalyst 5000 and 6000 series switches. NetFlow Collector provides fast, scalable, and economical data collection from multiple export devices exporting NetFlow data records.

In previous releases, this product was referred to as Cisco NetFlow Collection Engine.

Contents

This release note contains the following sections:

Overview

New Features in This Release

NFC Requirements

NFC Licensing

Important Notes

Resolved Problems

Known Limitations and Problems

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines

Overview

Cisco NetFlow Collector, Release 6.0 introduces a tiered netflow collection architecture that provides increased scalability and performance. The role of the first tier (Tier 1) maps to the NFC functionality of Cisco NetFlow Collector 5.0.3 with the addition of new features described in these Release Notes.

NetFlow services consist of high-performance IP switching features that capture a rich set of traffic statistics exported from routers and switches while they perform their switching function. Cisco NetFlow Collector provides fast, scalable, and economical data collection from multiple export devices exporting NetFlow data records.

Cisco NetFlow Collector, Release 6.0 supports new Cisco NetFlow Collector Tier 2 functionality, also referred to as Multi NetFlow Collector. The Multi NetFlow Collector runs on separate server hardware and provides an aggregation layer that correlates data from several Tier 1 instances. For details on Multi NetFlow Collector features and functionality, see the Release Notes for Cisco Multi NetFlow Collector, Release 6.0 and the Cisco Multi NetFlow Collector User Guide:

http://www.cisco.com/en/US/products/sw/netmgtsw/ps1964/tsd_products_support_series_home.html

New Features in This Release

Cisco NetFlow Collector, Release 6.0 includes the following features:

Flow-through (NetFlow packet replication to multiple destinations)

Thresholds

Flexible NetFlow (phase 1) support

Report criteria UI enhancement

Time window for scheduled reports

NetFlow over Stream Control Transmission Protocol (SCTP)

SNMP Trap

Enhanced protocol name resolution

Rate value support in reporting

Custom report template

Licensing

NFC Requirements

The following sections describe the Cisco NetFlow Collector, Release 6.0 requirements.

System Requirements

The following requirements are new for Cisco NetFlow Collector, Release 6.0:

NFC is licensed per host. To obtain licenses for the NFC image, provide a list of collector host IP addresses to the NFC product manager. Refer to the "NFC Licensing" section.


Note For licensing to function properly, the /etc/hosts file must contain separate entries for the loopback and host name address (by default, Red Hat Enterprise Linux configures only a loopback entry in /etc/hosts that is also associated with the hostname).


The amount of system swap space must be greater than the amount of memory specified for the collection process in the file /opt/CSCOnfc/config/nfcmem. The configured amount of memory is now allocated at startup; sufficient swap space must now be available for creating child processes when the collection process starts.

Hardware Requirements

Cisco NetFlow Collector, Release 6.0 has the following hardware requirements:

Minimum: 2 GB RAM, 73 GB disk, dual processor on an entry-level server.

Recommended: 4 to 8 GB RAM, two or more 15K SAS 146 GB or greater disks, dual 3 GHz dual-core (5160) processor entry-level server.

Supported Operating Systems and Platforms

Cisco NetFlow Collector, Release 6.0 supports the following operating systems and platforms:

Solaris 8, Solaris 9, or Solaris 10 on an entry-level server with dual 1 GHz or greater SPARC processors such as a Sun Fire V240.

Red Hat Enterprise Linux 2.1, 3.0, or 4.0 (ES and AS) on an entry-level server, such as an IBM x3550 or x3650 with dual 2.8 GHz or greater Intel Xeon single-core processor or dual 3 GHz dual-core (5160) processors.

Note that the CPU, RAM, and disk space recommendations above are suggested, and that actual requirements are determined by your configuration and by the volume and uniqueness of NetFlow data that is received. Actual resource usage can vary greatly depending on these factors.


Note To prevent NetFlow data export packet loss, the workstation should be dedicated to the NetFlow Collector and should not be running other applications.


Cisco NetFlow Collector generates output files containing aggregated data. The exact amount of disk space the output files require depends on the flow arrival rate, collection interval, number of aggregation schemes specified, use of compression or not, and data file retention policies.

For more information on planning and managing disk space usage, see the section "Memory Usage" in the Cisco NetFlow Collector User Guide.

Cisco NetFlow Collector, Release 6 supports the Stream Control Transmission Protocol (SCTP) as a message transport service. To use SCTP, you must be running NFC on either the Red Hat Enterprise Linux release 4 (Update3 or greater) or Solaris 10 platforms.

Browser Requirements

The NetFlow Collector, Release 6.0 web-based user interface is compatible with Microsoft Internet Explorer 6 and Mozilla Firefox 1.5 or greater on Windows or UNIX. The web-based UI requires that the browser support a Java virtual machine (JVM) to run applets.


Note The Sun JVM must be used; the JVM version must be 1.5 or higher. You can download Sun JVM 1.5 from the website http://java.sun.com/javase/downloads/index.jsp.


NFC Licensing

A license file is required for each host running Cisco NetFlow Collector, Release 6. The license is specific to the IP address of the host. You can obtain a permanent license at:

http://www.cisco.com/go/license


Note The licensing URL referenced in error logs in the nfc.log file is incorrect. In order to obtain a license, you must use http://www.cisco.com/go/license.


In both cases you must have the IP address of the host on which NetFlow Collector will run. To obtain a permanent license, you must also have the PAK you received after purchasing NetFlow Collector. After you enter the information, a license file is emailed to you. Copy the license file or its contents with no alterations to /opt/CSCOnfc/config/nfc.lic.

The first line of the license file contains either the demo expiration date or the word permanent for a permanent license, and the IP address of the host to which NetFlow Collector is licensed.

If the host running NetFlow Collector has more than one network card and IP address, specify the IP address associated with the hostname when licensing the product.


Note By default, Red Hat Enterprise Linux associates the system hostname with the loopback address 127.0.0.1 in /etc/hosts. However, for licensing to work, the hostname must be associated with the host's IP address. Edit /etc/hosts, remove the hostname from the loopback address entry, and add an entry for the licensed IP address.


The file /etc/nsswitch.conf is normally configured so that hostname lookups are first obtained from files (/etc/hosts).


Note If you are reinstalling Cisco NetFlow Collector, Release 6; the previous license file is not retained in its original directory. The previous license file is saved in the file /opt/CSCOnfc/config/old/nfc.lic.


Important Notes

Daylight Saving Time Updates for NFC

NetFlow Collector's time zone data is include in the bundled Java Runtime Environment (JRE). By default, the NFC 6.0 JRE contains Olson time zone data tzdata2006k.

Time zone data should be updated using the TZupdater tool when NFC is installed and whenever local Daylight Saving Time rules change. For details on updating the JRE Time zone data, see the chapter "Configuring the Cisco NetFlow Collector" in the Cisco NetFlow Collector Installation and Configuration Guide:

http://www.cisco.com/en/US/products/sw/netmgtsw/ps1964/products_installation_and_configuration_guide_book09186a008081d5b7.html

Resolved Problems

Table 1 lists the problems that were resolved in Cisco NetFlow Collector, Release 6.0.

Table 1 Resolved Problems in Release 6.0  

DDTS Number
Description

CSCeh06905

UI: add screen shown for source group after host error on modify.

CSCeh21403

Pass IP address string to SNMP Java API.

CSCeh65319

NFC Source group addition is not reflected in nfc-config.xml file.

CSCei33224

Linux: use—force option with rpm for linux install.

CSCin86677

UI: rows per page sets back to default value after an operation.

CSCin87712

Config: Check Validity of source-name in NDE source access list.

CSCsb32860

Custom Report UI broken: changing aggregator avail keys box empty.

CSCsb55393

UI: can not add more than three addresses to NDE source access list.

CSCsb57432

Collector fails to start with Not connected to daemon tibco error.

CSCsb70983

UI: source group removed regardless of dependency.

CSCsb93709

Scheduled report page error when changing aggregator.

CSCsc12536

Collector does perform Disk space availability.

CSCsc14083

Prevent negative sum value builder value on counter rollover.

CSCsc31250

Java reader with direct buffers consumes additional memory.

CSCsc48242

Fatal log for normal shutdown.

CSCsc82367

Reporting enhancements and fixes.

CSCsd11673

Interface name mapping fails when export IP resolves with subdomain.

CSCsd38092

DST transition, GMT offset in NFC ouput file name.

CSCsd67744

Hang at memory limit may be due to nonstop garbage collection.

CSCsd75253

nfcollector shutdown: nfcollector start all fails to restart collector.

CSCsd91003

Check for zero flowset length in v9 header.

CSCse05615

nfcollector shutdown fails to return in timely fashion.

CSCse40739

Config update from UI overrides manual changes to configuration.

CSCse45624

ndeget reports utc secs in residual nanos field.

CSCse52152

Can not run postprocessing script on Solaris platforms.

CSCse73866

Field removed from field list cannot be added again.

CSCse99317

FNF: NFC needs to support multiple ports from a device.

CSCsf08349

The optionsdata_fileready file was not created.

CSCsf13113

BGP default route 0.0.0.0/0 causes ClassCastException.

CSCsf13281

NFC reports exception when the key's output name has space.


Known Limitations and Problems

This section contains information about the limitations and problems known to exist in the Cisco NetFlow Collector, Release 6.0 product.

CSCsd98816—A reporting error is displayed after an aggregation scheme is updated.

Description: Changing the aggregation scheme definition changes the type and/or number of columns in NFC output files. Reporting code reports an error when a change in type and/or number of output file columns is detected.

Workaround: Remove or move previous output files after updating an aggregation scheme so that columns in NFC output files for the report are consistent.

CSCse59846—Unpredictable UI behavior when adding or editing ranges for key builder definitions.

Description: Web UI inconsistencies are seen when editing key ranges.

Workaround: If you experience this problem, add or edit ranges by editing the /opt/CSCOnfc/config/nfc-config.xml file.

CSCse93615—Threshold expression for protocol-map-key does not work. Filter expression for protocol-map-key does not work.

Description: If a string key for a threshold or a filter is configured, an error popup is displayed.

Workaround: None. String keys for thresholds and filters are not supported in this release.

CSCsf06068—Configure for NDE v9 over SCTP will show missed packets.

Description: When V9 over SCTP is configured, NFC reports missed and out-of-sequence packets even though all packets are received.

Workaround: The received packet count is still correct in this case. Ignore the missed and out-of-sequence numbers reported for V9 over SCTP.

CSCsf07812—Modifying a BGP remote peer IP address results in a new BGP peer being created.

Description: The user interface does not distinguish between adding and editing a BGP peer.

Workaround: Do not modify the BGP peer entry using the web UI to change the IP address. Delete the existing peer then create a new one, or edit the /opt/CSCOnfc/config/nfcbgp.xml file.

CSCsf09442—When editing a BGP key builder and the attribute type is changed, the following error message is displayed: error: operation did not succeed - no such object: [name].

Description: An error is reported by the web UI when modifying a BGP key attribute.

Workaround: Create a new BGP key instead of editing the original BGP key; or first delete the original BGP key and then recreate it.

CSCsf09633—Error not flagged when incorrect parameter is entered for bgp-post-agg-key.

Description: Validation of key dependencies is not performed when the aggregation scheme containing a BGP post-aggregation key is edited.

Workaround: When editing a BGP post-aggregation key that is referenced by an aggregation scheme, verify that the key builders referenced by the BGP key are contained in aggregation scheme.

CSCsh72814—Scheduled reports can be created in the NFC web UI but do not run.

Description: Scheduled reports can be created in the NFC web UI even though "re" is not configured to run in the process watcher.

Workaround: Edit the file /opt/CSCOnfc/config/nfcpw.xml after installing NFC 6.0. Change the <autostart> element for <managed-process id="re"> to true.

CSCsi07979—If /opt/CSCOnfc is symbolically linked from another location, the uninstall.sh script removes only the link but the content remains in the original location.

Description: The uninstall script removes /opt/CSCOnfc. When /opt/CSCOnfc is a link, only the link is removed.

Workaround: Remove the directory that /opt/CSCOnfc is linked to after running the uninstall script.

CSCsi36119—The cleanup period DAYS_TO_KEEP and TZ override settings are not retained when migrating from previous versions.

Description: Optional NFC configuration parameters are kept in files in /opt/CSCOnfc/bin, such as the cleanup period and TZ override setting. Files in the bin directory are not retained across upgrades.

Workaround: If you have changed the DAYS_TO_KEEP setting in /opt/CSCOnfc/bin/nfc_clean_up_job.sh from the default of 7 days, or have added a TZ override setting in /opt/CSCOnfc/bin/nfcenv.sh, you must migrate these changes yourself after upgrading to NFC Release 6.

CSCsi84104—An error popup is displayed when a custom report is run.

Description: An error occurred when accessing the custom report Report: [reportid]: java.lang.Exception: Error: com.cisco.nfc.report.ReportException: Unexpected error

The following error is logged in the nfcrd.log file:

[2007-05-03 00:35:37 BST] ERROR com.cisco.nfc.report.ReportBuilder - An unexpected 
error occurred.
java.lang.IllegalArgumentException: cannot interpret value of field [fieldname]:
at 
com.cisco.nfc.report.ReportFieldInterpreter$IntegerFieldInterpreter.getAggField(Report
FieldInterpreter.java:48)
...
[2007-05-03 00:35:37 BST] ERROR com.cisco.nfc.report.ReportDaemon - ReportGenerator: 
error, id=Report: [reportid]: com.cisco.nfc.report.ReportException: Unexpected error
...
Caused by: java.lang.IllegalArgumentException: cannot interpret value of field 
[field]:
at 
com.cisco.nfc.report.ReportFieldInterpreter$IntegerFieldInterpreter.getAggField(Report
FieldInterpreter.java:48)
...

Workaround: One or more integer key builders referenced by the aggregation scheme have the is-null-allowed attribute set to true and some integer columns in NFC output files contains an empty string as a result. Do not choose an integer key for reporting that contain null values in output. Note that address and string keys still work in this case.

CSCsj16525—expose device-name-format in UI, save on updates

Description: Devices are reported in NFC files as IP addresses but customer wants to display the DNS name when possible.

Workaround: In the file /opt/CSCOnfc/config/nfc-types.xsd locate the entry:

xs:attribute name="device-name-format" type="device-name-format-type" default="address" use="optional"

Change the default from address to name. Note that this change is not propagated across upgrades.

Related Documentation

Use these Release Notes with the Cisco NetFlow Collector Installation and Configuration Guide, Part Number OL-11398-01 and the Cisco NetFlow Collector User Guide, Part Number OL-11399-01. These documents are available online through Cisco Connection Online at the following URL:

http://www.cisco.com/en/US/products/sw/netmgtsw/ps1964/tsd_products_support_series_home.html

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html