Table Of Contents
Release Notes for Cisco Network Analysis Module Software, Release 3.6(1b)
Revised: October 29, 2009, OL-11516-07Original Cisco.com date: September 2008
These release notes provide general information about Cisco Network Analysis Module (NAM) software release 3.6 including system requirements, limitations and restrictions, new features, product documentation, and known and resolved anomalies.
Software Product Numbers
(Cisco Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module Software 3.6)
(Cisco Branch Routers Series Network Analysis Module Software 3.6)
NAM 3.6(1b) is a complete software release, not a patch. To upgrade to NAM 3.6(1b) from previous versions of NAM, enter the NAM CLI command upgrade while in maintenance mode. For information about the upgrade command, see the Network Analysis Module 3.6 Command Reference Release at the following URL:
Note For detailed installation and configuration procedures for the NAM, see the list of documentation available in the Product Documentation section.
NAM 3.6(1b) is available as part of new hardware orders or by download from Cisco.com for the following NAM models:
NAM 3.6(1b) is available for NM-NAM devices only by download from Cisco.com.
Throughout this document the following general references apply:
•A reference to a NAM-1 or NAM-2 device indicates any of the following modules:
•A reference to an NME-NAM device indicates any of the following modules:
•A reference to an NM-NAM device means only an NM-NAM module.
This document includes the following sections:
New Features in NAM 3.6
New Features in NAM 3.6(1b)
NAM 3.6(1b) is a complete software release that includes all features available in earlier releases of NAM 3.6 and new feature-based licensing for voice monitoring with the NME-NAM-120S.
NAM 3.6(1b) also provides software improvements to resolve anomalies found in earlier releases of NAM software. See Anomalies Resolved in NAM 3.6(1b) for a list of resolved anomalies.
New Devices Supported
NAM 3.6(1b) adds support for the following:
The new NME-NAM-120S offers superior WAN traffic monitoring throughput, a 120 GB capacity hard disk drive to store more capture data on-board, 1 GB memory, and a Gigabit Ethernet external interface to support high-throughput LAN traffic monitoring in the Empowered Branch. It includes the embedded, web-based Traffic Analyzer GUI, providing anytime, anywhere visibility into network traffic.
The new WS-SVC-NAM-1-250S has 2 GB memory to improve software performance and a 250 GB hard disk drive to increase storage capacity for reports and data captures.
The new WS-SVC-NAM-2-250S has 2 GB memory to improve software performance and a 250 GB hard disk drive to increase storage capacity for reports and data captures.
Voice Monitoring Feature Licensing for NME-NAM-120S
NAM 3.6(1b) adds feature-based licensing for voice monitoring using the new NME-NAM-120S. You can purchase feature licenses for NME-NAM-120S voice monitoring of 50 or 100 RTP streams. See Table 1, NME-NAM-120S Voice Monitoring Feature Licenses, for SKU information.
Table 1 NME-NAM-120S Voice Monitoring Feature Licenses
Voice Monitoring (50 RTP Streams)
Voice Monitoring (100 RTP Streams)
NAM 3.6(1b) uses trust-based licensing. There is no user interaction required to enable the voice monitoring licensing in the NME-NAM-120S.
No license is required to use the voice monitoring features of NAM 3.6(1b) with the NAM-1, NAM-2, NM-NAM, and NME-NAM-80S modules.
New Features in NAM 3.6(1a)
The following sections describe the new features in NAM 3.6(1a):
Conversation Table Enhancement
NAM 3.6(1a) provides a new Application Hosts window under Monitor > Conversations that enables you to collect information about TCP and UDP port usage. This window displays information about conversations between pairs of hosts, including the server, TCP/UDP port in use, and the application protocol as classified by the NAM. This table can grow very large, so the GUI shows only the cumulative counter values for packets and bytes, and you cannot sort it by any arbitrary column header. Entries of interest can be located using the display filtering to show only entries related to a particular host or part of a host address or name.
Use the control buttons to navigate to the starting, next, or previous page, and use Export to export the table in CSV file format to an external host.
Highlights of Conversation Table Enhancements
•Table entries contain source address, destination address, protocol name, and port number
•Collection configurable per data source
•Monitor screen shows pages of data in native sorted order
•Monitor screen shows cumulative packet and byte statistics
•Current rates and topN monitor screens are not available
•Supports export of all data or just a screenful of data to external host in CSV format
Note In some cases multiple port numbers can be used for the same protocol. In these cases, the NAM will display only one conversation entry for that protocol, and it might not be possible to tell all of the server ports that are being used on the network for that application. You can view information about all server ports in use on the new TCP/UDP Port Table window.
TopN Conversation Report
The existing NAM topN Conversation reporting feature has been enhanced to include an optional Application field. If specified, the Application field is used to further refine which conversations you are interested in reporting. The maximum value of N is 200, meaning that the NAM supports reporting on up to the top 200 conversations per interval. You can store up to 100 days of report data onboard the NAM.
Highlights of the TopN Conversation Report Enhancement:
•Interval-based report displayed in a fashion consistent with other NAM reports.
•Export of all report data to an external host in CSV format will be supported.
TCP/UDP Port Table
A new collection feature maintains a list of all the server ports observed on a particular data source. You enable this feature on the Setup > Monitor > Core Monitoring window. The NAM displays the results on the Monitor > Applications > TCP/UDP Port Table window. You can export the results in CSV file format.
Highlights of the TCP/UDP Port Table Enhancement:
•Table entries capture number of packets and bytes observed
•Collection configurable per data source
•Export of all data or just screenful of data to external host in CSV format is supported.
•Current Rates and TopN monitor screens are available as well as Cumulative.
TopN TCP/UDP Port Report
A TopN style report provides up to the Top 200 ports observed on a data source within a reporting interval. You can store up to 100 days of report data onboard the NAM. The report looks similar to the application TopN report supported in earlier releases.
Highlights of the TCP/UDP Port Report Enhancement:
•Interval-based report displayed in a fashion consistent with other NAM reports.
•Export of all report data to an external host in CSV format will be supported.
Support for Catalyst 6500 Virtual Switching System Feature
NAM 3.6(1a) provides support for the Catalyst 6500 Virtual Switching System (VSS) feature which allows the clustering of two physical chassis into a single logically-managed entity. This enables you to to insert the NAM service module into either chassis of the VSS cluster without having to perform any special configuration.
The NAM blade in a VSS cluster behaves very much like the NAM blade in a standalone mode. All NAM features are supported in a VSS cluster and additional GUI information is provided with the switch ID added to the physical address of the NAM GUI windows in a VSS cluster. For example the port location in a VSS cluster is displayed as Switch/Slot/Port compared with Slot/Port in a standalone NAM. This information is required for SPAN session setup and NAM monitoring windows. Also, the NAM health monitor window contains information for slots in both chassis. The chassis operating mode (active vs standby) is transparent to the NAM blade.
Table 2 lists the NAM and IOS software requirements for NAM blades used in a Cisco Virtual Switch System (VSS) environment.
Table 2 NAM and IOS Software Requirements for VSS
NAM NAM Software IOS Software
NAM 3.6.1a or later
IOS 12.2(33) SXH(1) or later
NAM 3.6.1b or later
New Features in NAM 3.6.1
This section lists the new features added to the NAM 3.6.1 release.
Note All features apply to all NAM modules unless otherwise indicated.
•Support for the new NME-NAM-80S
The NME-NAM-80S offers superior WAN traffic monitoring throughput, an 80GB capacity hard disk drive to store capture data on-board, 512 MB memory, and a Gigabit Ethernet external interface to support high-throughput LAN traffic monitoring in the Empowered Branch. It includes the embedded, web-based Traffic Analyzer GUI, providing anytime, anywhere visibility into network traffic.
•Transaction-Aware Application Response Time (ART) Monitoring
The transaction-aware application response time monitoring feature provides visibility into application response time and network latency. The ART feature provides the following metrics: Application Delay, Network Delay, Client Network Delay, Server Network Delay, Total Delay, and the number of network connections. All of the delay metrics are available in Average, Minimum, and Maximum values and can be measured by a single NAM. You can also measure Application Transaction Time, defined as the elapsed time from the first packet of the client request until the last packet of the server response.
NAM 3.6 includes an updated historical reporting capability that provides highly granular visibility into network traffic, including individual applications and end-users. Enabling operations staff to identify anomalies in network traffic that can disrupt business operations, the Cisco NAM live reporting capability exposes potential problems that would otherwise be masked if critical report updates occurred less frequently than one minute. This feature applies to all reports, except TopN reports.
•Voice Quality Monitoring Enhancement with Support for CallManager 5.0 with SCCP
This enhancement enables you to view metrics for the following:
–Audio, video (when available), and data channels quality (packet loss and jitter)
Drill-down to obtain information on such fields as call reference value, media (audio/video/data) receiving address and port, and line instance.
–Top (up to 20) worst quality calls
–Known phones and the details of the five last-ended calls per known phone
•Increased GUI configuration support for up to 1500 VLANs (NAM-1 and NAM-2 modules only)
This usability enhancement permits the configuration of up to 1500 VLANs using the NAM GUI.
•Data Source Persistence
This usability enhancement permits you to view the last selected data source when browsing multiple Monitor windows that include a drop-down data source list. This feature is especially useful when large numbers of data sources have been configured, yet monitoring is focused on a particular data source. It saves time locating the same data source of interest to monitor when navigating among Monitor windows. The data source persists until you select another data source from the drop-down data source list.
•Support for new protocols
This enhancement enables you to monitor, capture, and decode the following protocols:
–esp-null including esp.tcp, esp.udp. and esp.unknown
–Diameter including diameter-common, nasreq, diameter-mip, diameter-baseacct, diameter-cc, diameter-eap, diameter-sip, and diameter-unknown
A Refresh button is added to the Setup > Data Source > SPAN window when you create and edit SPAN data sources. Use the Refresh button to update switch configuration information in case there has been a configuration change on the switch.
This section describes the hardware, software, and browser requirements for NAM 3.6 software.
Table 3 identifies the hardware modules and platforms required to use NAM 3.6(1).
WS-SVC-NAM-1 and WS-SVC-NAM-2 Modules Require Memory Upgrade
WS-SVC-NAM-1 and WS-SVC-NAM-2 modules require a memory upgrade to use the NAM 3.6(1b) release. You can find information about how to upgrade your memory in the document NAM Memory Upgrade Install Note at the following URL:
Using NME-NAMs with Cisco Integrated Services Routers
This section describes the requirements to use NME-NAMs with Cisco Integrated Services Router (ISR) and ISR Generation Two (G2) Platforms.
You can deploy the NME-NAM-120S and NME-NAM-80S in any network module slot in the Cisco router platforms indicated in Table 4. A Network Module (NM) Adapter Card, SM-NM-ADPTR, is required to successfully integrate the NME-NAM into supported ISR G2 platforms. The NME-NAM supports the router platforms using NAM 3.6 or later. See Table 4, Supported Routers, for the minimum IOS software requirements to support NME-NAM. Only one Cisco NAM can be installed in a Cisco branch router.
Table 4 Supported Routers
Router Platform Network Module Adapter
Cisco 3845 ISR
Cisco 3825 ISR
Cisco 2851 ISR
Cisco 2821 ISR
Cisco 2811 ISR
Cisco 3745 MSR
Cisco 3725 MSR
To install an NME-NAM-120S network module in supported ISR G2 platforms using the NM Adapter Card, see Installing Cisco Network Modules and Service Modules, section "Using Network Modules in Service Module Slots on Cisco 2900 Series and Cisco 3900 Series Routers":
This section describes the switch or router (system) software required to use NAM 3.6. Table 5 lists the minimum system software versions required to use NAM 3.6.
Table 5 Software Requirements for Minimum OS Versions
Orderable Product Number Minimum IOS Software Versions Supported Minimum CatOS Software Versions Supported
•Release 12.1(13)E1 or later with a Supervisor Engine 2 with an MSFC2.
•Release 12.2(14)SX1 or later with a SUP720.
•Release 12.2(18)SXF or later for Catalyst 6500 with SUP32
•Release 12.2(33)SXH1 or later with SUP720-10G
•Release 12.2(33)SRA or later for Cisco7600 with SUP32 or SUP720
•Release 12.2(33)SRC or later for Cisco7600 with RSP720-1G
•Release 7.3(1) or later with Supervisor
•Release 8.2(1) or later with a SUP720.
•Release 12.3(7)T or later or 12.4(1) or later
•Release 12.4(9)T1 or later with supported Cisco 2800, Cisco 3700, and Cisco 3800 Series ISRs
•Release 15.0(1)M or later with supported Cisco 2900 and Cisco 3900 Series ISRs
1 If you are running a 12.1(13)E-based release, Cisco recommends a later 13E release such as 12.1(13)E11 over 12.1(13)E3.
2 NAM 3.6 is available for NM-NAM users only by download from Cisco.com.
Table 6 lists the Cisco IOS and CatOS versions used on the Catalyst 6500 Series and Cisco 7600 Series (except as noted) when testing and developing NAM 3.6.
The software versions in Table 6 are the specific versions used in testing NAM 3.6. All system software releases from the minimum to the latest version tested are officially supported. Note the following conditions and exceptions:
•Cisco IP Phone firmware 6.0 and above is required for SIP voice packet quality monitoring.
•IOS 12.2(18)SXE4, at minimum, is required to support the ERSPAN feature. Dependencies and limitations for ERSPAN can be found in Configuring Local SPAN, RSPAN, and ERSPAN, Guidelines and Restrictions, at the following URL:
•Either IOS 12.2(18)SXD or CatOS 8.5 is required to support the Virtual SPAN feature.
•IOS 12.2(33) SXH1 or later is required with VS-S720-10G and WS-X6708-GE line card to support the Cisco Catalyst 6500 Virtual Switching System (VSS).
NME-NAM Software Requirements
The minimum software version required to use NME-NAM-80S and NME-NAM-120S modules with NAM 3.6 is Cisco IOS Version 12.4(9)T or later.
Note For NAM3.6(1b) the NME-NAM-120S was tested with IOS 12.4(15)T, and the NME-NAM-80S was tested with IOS 12.4(10)T.
NM-NAM Software Requirements
The minimum software version required to use an NM-NAM module with NAM 3.6 is Cisco IOS Version 12.3(7)T or later or 12.4(1) or later.
Note The NM-NAM has been tested with IOS 12.4(9)T and 12.4(11)T.
Table 7 describes the browser requirements for all platforms. Cisco recommends you use the Internet Explorer browser, but Mozilla and Firefox are also supported.
Note Although Traffic Analyzer does not require a Java plug-in, you might be required to use the Java Virtual Machine (JVM). The Java plug-in versions listed have been tested for browsers that require a plug-in for the JVM. Cisco recommends JRE Version 5.0 Update 6.
Upgrading NAM Software
This section provides the following topics:
NAM 3.6 supports the following upgrades:
•You can upgrade all NAM-1 and NAM-2 modules to NAM 3.6 from the NAM 3.4 and NAM 3.5 software releases (with any patches).
Note New WS-SVC-NAM-1-250S and WS-SVC-NAM-2-250S modules ship from the factory with NAM 3.6(1b) already installed.
•You can upgrade NM-NAM modules to NAM 3.6 from NAM 3.4 and NAM 3.5 software releases (with any patches).
Note NAM 3.6 does not support upgrades from NAM 3.3 or below.
Upgrading NAM Software
If you are upgrading a NAM-1 or a NAM-2 module, follow the software upgrade procedures described in the chapter Administering the Network Analysis Module in the following documents:
•For NAM-1 and a NAM-2 modules installed in IOS switch:
•For NAM-1 and a NAM-2 modules installed in CatOS switch:
If you are upgrading an NME-NAM, follow the software upgrade procedures described in the section Upgrading the NAM Software-Full Image of the Cisco Branch Router Series (NME-NAM) Installation and Configuration Note.
If you are upgrading an NM-NAM, follow the software upgrade procedures described in the section Upgrading the NAM Software-Full Image of the NM-NAM Feature Guide.
Upgrading Software Using NAM CLI
To upgrade software using the NAM CLI, go to maintenance mode and enter the NAM CLI command upgrade. For information about the upgrade command see the Network Analysis Module Command Reference, Release 3.6 at the following URL:
You can apply the NAM 3.6.1 Crypto K9 patch, nam-app.3-6.cryptoK9.patch.1-0.bin, on top of
NAM 3.6.1 using NAM CLI command patch.
We sometimes update the product documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. You can find product documentation for all NAM software releases at the following URL:
Your product shipped with a Documentation CD-ROM. The Documentation CD-ROM contains product documentation that you can access and print.
The following is a list of the documentation for Cisco Network Analysis Module, Release 3.6. You can access the URLs listed for each document on the Documentation CD-ROM and at www.cisco.com at the following URLs:
We recommend you refer to the documentation in the following order:
•Documentation Guide for the Cisco Network Analysis Module, Release 3.6 (78-17882-01)
•Release Notes for the Cisco Network Analysis Module, Release 3.6 (OL-11516-02), this document
•Quick Start Guide for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module, Release 3.6 (OL-11517-01)
•User Guide for the Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module, Release 3.6 (OL-11519-01)
•Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module Command Reference, Release 3.6 (OL-11521-01)
•Cisco Branch Router Series (NME-NAM) Installation and Configuration Note (OL-11624-01)
•Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module Installation and Configuration Note, Release 3.6 (OL-12753-01)
•Copyright Notices for the Cisco Network Analysis Module, Release 3.6 (78-17782-01)
Related Product Documentation
The following is a list of related documentation.
•Catalyst 6500 Series Switch Software Configuration Guide
•Catalyst 6500 Series Switch Software Configuration Guide.
•NAM Memory Upgrade Install Note
•Connecting Cisco NAM Enhanced Network Modules to the Network
•Cisco Network Modules and Interface Cards Regulatory Compliance and Safety Information
Limitations and Restrictions
Before using NAM-1 or NAM-2 devices, read the Quick Start Guide for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module and Installation and Configuration Note for the Catalyst 6500 Series and Cisco 7600 Series Network Analysis Module Release 3.6.
Before using the NME-NAM or NM-NAM, please read the Cisco Network Modules Quick Start Guide, NM-NAM Feature Module, and the Quick Start Guide for the Cisco Branch Router Series Network Analysis Module.
The following are limitations and restrictions of NAM software release 3.6:
Configure Local Time Zone
You must now configure the local time zone for the NAM regardless of the time synchronization source (switch or NTP). For more information on configuring the local time zone using the NAM Traffic Analyzer, see the User Guide for the Network Analysis Module Traffic Analyzer Release 3.6.
Changing the NAM IP Address
If you change the NAM IP address, the default gateway resets to 0.0.0.0. Change the new default gateway IP address to an address other than one on the current subnet.
Cisco 7600 With Redundant Supervisor Cards Running IOS Image 12.2(33)SRC2
You might experience an error condition with a Cisco 7600 chassis that has redundant supervisor cards running the 12.2(33)SRC2 IOS image and a NAM service blade. The error occurs when you perform a sequential boot of the two supervisor cards because the secondary (standby) supervisor does not go into proper standby mode.
You can find more information about this issue in Field Notice #63179.
This problem does not occur:
•When you boot the two supervisor cards in parallel
•When you boot the standby supervisor card after the primary supervisor is up
•When the Cisco 7600 router runs the 12.2SRC1 image
•When only one supervisor card is installed in the Cisco 7600 chassis
When the primary supervisor functions as a standalone with the secondary supervisor card in RPR mode, the Cisco 7600 chassis functions normally (as if it has a standalone supervisor card). A switchover causes the system to be unavailable for up to three minutes because the secondary supervisor card is not in proper standby mode.
Note When both supervisors are booted simultaneously, the system will go to Hot Standby status. The primary supervisor will reboot when you issue the redun force-switchover command which causes the redundant supervisor to boot up to be the primary and the primary to be the redundant.
This problem requires you to downgrade the IOS image from 12.2SRC2 to 12.2SRC1. Account teams will help you do this if needed.
This problem should be fixed in 12.2SRC3, targeted for mid-January, 2009. When IOS image 12.2SRC3 is available, upgrade the image from 12.2SRC1 to 12.2SRC3 at your earliest opportunity.
Running IOS Image Newer Than 12.2(18)SXF5
If you upgrade your IOS to an image newer than 12.2(18)SXF5, you remain vulnerable to a security issue where IOS switches the SNMP communication between the NAM and the SUP from inband to EOBC.
Due to this issue, you should not apply the NAM CLI command supervisor address <sup-address>. To remove this configuration from the NAM, use the negating form of the command,
no supervisor address.
Using NetFlow As a Data Source
An anomaly exists (described in CSCsd75273) where using NetFlow as a Data Source does not receive NetFlow data from the switch. The default NetFlow Device chosen has the EOBC address of the form 127.0.0.xxx. It appears that the switch does not forward the NetFlow data using this EOBC address.
To work around this problem, use the NetFlow Listening Mode to view the additional IP addresses of the devices able to send the NDE packets to the NAM. When such interface is learned, add that interface to the NetFlow Listening Mode table. Use the learned device as a Data Source for the NetFlow data.
NAM Shows Incorrect Protocol Usage for Hosts
In some cases on the Host detail popup window, the Application Protocol Usage pie chart might not look consistent with the data in the table for Conversations from known protocols. This occurs because the pie chart and the tabular listing take their contents from different internal tables within the NAM storage.
If one or both of these tables becomes full, the entries might not correlate with complete accuracy. One solution is to increase the Max Entries values for Hosts and Conversations on the Setup > Monitor window to avoid the tables becoming full. Doing so, however, causes the NAM to store a large amount of data in these tables. A large number of table entries can have an adverse effect on the GUI responsiveness for the Monitor > Hosts and Monitor > Conversations windows, causing slow display of these tables and occasional timeouts.
Note This limitation has been eliminated in NAM 4.0.
Restrictions for NM-NAM and NME-NAMs
Note This restriction applies only to traffic that is monitored through the internal NAM interface.
The NAM Traffic Analyzer (web GUI) provides Layer 3 and higher layer information about the original packets. The Layer 2 header is modified by the router when it forwards the packets to the NAM, so the Layer 2 information that the NAM records is not applicable to the original packets.
NBAR-PD Feature in NME-NAM
The NBAR-PD feature in the NME-NAM requires IOS 12.4(9)T or later. The NM-NAM requires IOS version 12.3(7)T or later.
This section provides information about active and resolved anomalies in the NAM 3.6 software. To obtain more information about known problems, access and log in to the Cisco Software Bug Toolkit at the following URL:
This section provides the following:
Known Anomalies in NAM 3.6(1b)
Table 8 describes anomalies known to exist in NAM 3.6(1b) software. Each anomaly listed includes symptoms, conditions, and any workaround available.
Table 8 Known Anomalies in NAM 3.6(1b)
Bug ID Description
The NETFLOW as a Data Source does not receive NetfFow data from the switch.
Symptom: The default NetFlow Device chosen has the EOBC address of the form 127.0.0.xxx. It appears that the switch does not forward the netflow data using this EOBC address.
Conditions: It appears that the default NetFlow device has the local EOBC address after the commit of CSCsd75273. Since the 127.0.0.xxx address is not the routable address, the netflow data are not sent to the NAM where NETFLOW is configured as a Data Source. Prior to the commit of CSCsd75273, the default NetFlow device had a routable IP address which was forwarding the netflow data to the NAM NETFLOW Data Source.
Workaround: Use the NetFlow Listening Mode to view the addtional IP addresses of the devices able to send the NDE packets to NAM. When such interface is learned, add that interface to the NetFlow Listening Mode table. Use the learned device as a Data Source for the netflow data.
UserDefinedProtocol: Defined protocol always has port range equal to 1
Symptom: The Setup > Protocol Directory > Autolearned Applications window has Enable Autolearned Protocol enabled. Go to the Setup > Protocol Directory > Individual Protocol window, click Create, and try to create a TCP or UDP protocol with Port Range greater than 1. The protocol created always has a Port Range equal to 1.
Conditions: This occurs when you try to create a protocol that has already been learned by the NAM. This occurs using either the CLI or the GUI.
1. Go to the Setup > Protocol Directory > Autolearned Applications window.
2. Uncheck the Enable Autolearned Protocol check box, and confirm.
3. Create the protocol from the Setup > Protocol Directory > Individual Applications window.
4. Return to the Setup > Protocol Directory > Autolearned Applications window and re-enable Autolearned Applications.
The cause of this issue is that the protocol you are trying to define or create has already been learned by the NAM autolearn feature. Due to the autolearn, there is already a protocol entry in the NAM protocol directory matching the protocol you are trying to define. The NAM does not allow you to modify the Port Range of parameter of an existing protocol entry.
Mozilla and Firefox: TopN conversation report does not show data
Symptoms: In the Firefox (Mozilla) browser, the TopN Conversation reports do not show the bar graphs if the values are too small.
Conditions: This occurs when the values to be plotted are too small.
Workaround: Read the numeric values showed in the left side of the TopN report.
The Setup > Switch Parameters > NBAR window occasionally shows a digit for interface type
Symptom: On the Setup > Switch Parameters > NBAR window, the port type is occasionally shown as a number instead of a string representation.
Conditions: This occurs under normal operating conditions.
Workaround: Refresh the screen a few times.
Need to verify the Read/Write Community String on the Router Information window.
Symptom: On Setup > Router Parameters window, you must enter the read/write community string. If you enter the read string only, there is no indication that the write string is not there. That particular screen reads data from the router and displays it on the screen. So it will not show that you actually entered the read only string.
The problem occurs when you try to change configuration on the router using the Setup > Router > NBAR window. The Submit function does not work because you cannot change the router configuration if no write string has been entered.
There is no error message to indicate that the write string is missing. The only way the NAM can detect this is by changing an object on the router and testing to see if the change took place. This is invasive to the router.
Conditions: This occurs under normal operating conditions.
Workaround: Enter the correct read/write community string.
No active SPAN session is seen after upgrading NAM image.
Symptom: When upgrading the NAM image and immediately going to the web GUI, the switch information is occasionally not yet available.
Conditions: This might occur after you upgrade the NAM image. This occurs on any window that requires switch information. It is a timing situation where the synchronization between the switch and the NAM has not yet completed.
Workaround: Wait a few minutes and then refresh the window.
The CSV export function does not work on the Monitor > Applications > TCP/UDP Port Table window.
Symptom: When you click the CSV Export icon on the Monitor > Applications > TCP/UDP Port Table window (upper-right corner), the export does not begin and an error message displays in the Tech Support window.
Conditions: This occurs when you select the default data sources for the display, such as ALL SPAN on NAM-1 and NAM-2 devices.
Workaround: Click on any column header to sort by that column. After doing so, the CSV export function will work normally.
Extra characters are displayed when you create an RSPAN session using the NAM GUI
Symptom: Extra characters (Rx) are displayed on the Setup > SPAN window when you add a second port to an existing RSPAN session or create a second RSPAN session with two VLANs.
Conditions: This occurs under normal operating conditions on all NAM platforms.
NAM displays unwanted messages under apache error_log.
Symptom: The NAM show tech file occasionally contains many harmless debug messages under the tag of Apache error log. This does not impact NAM operation.
Conditions: Depending on the your interaction with the NAM GUI, software debug messages are shown in the show tech file.
Incorrect setting of the template file of Monitor > DiffServ window
Symptom: An incorrect setting exists on a Cisco voice template file (CiscoVoice_1) of the
Monitor > DiffServ window. The aggregation groups of CiscoVoice_1 template should be DSCP 26 and 46, but show as DSCP 0 instead.
Conditions: This occurs with NAM software release 3.6(1a) on the of Monitor > DiffServ window and affects all NAM platforms.
LACP Portchannel in a virtual switch system (VSS) does not show up in Create Data Sources list
Symptom: When you attempt to configure a monitor session in a VSS, the Setup > Data Sources > Create window takes you to the Create SPAN Session window. Select SPAN-type EtherChannel, and the available data sources does not include LCAP portchannel configured on the switch.
Conditions: This occurs in VSS switch systems when you attempt to configure the LACP portchannel as a data source.
Workaround: Use the CLI to configure the LACP portchannel as a data source.
NAM fails to preserve enabled monitoring of TCP/UDP port
Symptom: The NAM upgrade process does not preserve the enabling of the TCP/UCP port monitoring feature.
Conditions: This occurs when you upgrade NAM software from NAM 3.5 or NAM 3.6(1) to NAM 3.6(1a) without using the install option and affects only the TCP/UDP port monitoring function. This occurs on all NAM platforms.
Workaround: After the software upgrade is completed and you boot up NAM 3.6(1a), manually enable TCP/UDP port monitoring located using the Setup > Monitor > TCP/UDP Port window. You can click on any column header to sort by that column. After manually enabling TCP/UDP port monitoring, the CSV export will function correctly.
An error occurs when you set up the NAM to synchronize NAM system time with Network Time Protocol (NTP) Server
Symptom: You receive the following error message when you attempt to synchronize NAM System Time with NTP server."Hostname(s) x.x.x.x are not resolvable with current DNS settings and may be invalid. Please enter a valid NTP server."
Workaround: Use CLI commands.
Some NAM switchport reports might show incorrect values.
Symptom: The NAM switchport reports might show incorrect bytes and packets values.
Conditions: This problem affects only NAM-1 and NAM-2 modules and only some target switchport reports.
Workaround: Go to the Report > Basic Report window, and view the TopN report.
The NAM-2 GUI occasionally shows CPU Utilization to be 100%.
Symptom: The System Overview (Admin > System > System Resources) occasionally shows the CPU Utilization to be 100%.
Conditions: This occurs under normal operating conditions on the NAM-2 when running NAM 3.5, 3.6(1a), or 3.6(1b) software.
Workaround: Restart the NAM
The NAM CLI command show version shows the wrong amount of memory
Symptom: The NAM CLI command show version shows 2 GB of memory when it should show 1 GB.
Conditions: This occurs on the NME-NAM-120S under normal operating conditions.
Workaround: Use the NAM CLI command show memory on the NME-NAM-120S instead.
NAM might show incorrect Protocol Usage for hosts
Symptom: From the NAM GUI window at Monitor > Hosts, click any host.
Check the Application Protocol Usage and compare that value with the protocol usage on the left-hand side (From/To column). Some of the the values might not match up correctly.
Conditions: This occurs on NAMs running NAM 3.6(1a) and NAM 3.6(1b).
Note This issue has been eliminated in NAM 4.0.
Workaround: Try to increase maximum entries for host and conversation by clicking Setup > Monitor on the NAM GUI, or set to Max Possible. Doing so might not help and can cause NAM performance issues. See NAM Shows Incorrect Protocol Usage for Hosts for more detailed information.
Anomalies Resolved in NAM 3.6(1b)
Table 9 describes anomalies that existed in earlier releases of NAM software that have been resolved in the NAM 3.6(1b) software release. Each anomaly listed includes symptoms, conditions, and any workaround available.
Anomalies Resolved in NAM 3.6(1a)
Table 10 describes anomalies resolved in NAM 3.6(1a) software. Each anomaly listed includes symptoms, conditions, and any workaround available.
Anomalies Resolved in NAM 3.6
Table 11 describes anomalies found in earlier releases of NAM that were resolved in NAM 3.6.
This document is to be used in conjunction with the documents listed in the "Product Documentation" and "Related Product Documentation" sections.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2009 Cisco Systems, Inc. All rights reserved.