Table Of Contents
Release Notes for Cisco Network Analysis Module Software, Release 5.0
January 25, 2011, OL-21577-01
These release notes provide general information about Cisco Network Analysis Module (NAM) software release 5.0 including new features and enhancements, system requirements, software upgrade, limitations and restrictions, caveats, and product documentation.
The Cisco Network Analysis Module (NAM) Traffic Analyzer software enables network managers to understand, manage, and improve how applications and services are delivered to end users. The NAM combines flow-based and packet-based analysis into one solution. The NAM can be used for traffic analysis of applications, hosts, and conversations, performance-based measurements on application, server, and network latency, quality of experience metrics for network-based services such as Voice over IP (VoIP) and video, and problem analysis using deep, insightful packet captures. The Cisco NAM includes an embedded, web-based Traffic Analyzer GUI that provides quick access to the configuration menus and presents easy-to-read performance monitoring and analysis on web, voice, and video traffic.
NAM 5.0 introduces a redesigned interface and user experience, with more intuitive workflows and interactive reporting capabilities. The dashboard-style layouts show multiple charts in one window, thereby giving you the ability to view a lot of information at once. All of the new features are described in the section New Features and Enhancements in NAM 5.0.
Table 1 lists the software product numbers for NAM 5.0.
The NAM 5.0 software does not support any upgrade paths from NAM 3.x or NAM 4.x releases.
The following models differ in memory, performance, disk size, and other capabilities. Therefore, some allow for more features and capabilities (for example, the amount of memory allocated for capture).
NAM 5.0 software supports the following NAM models (SKU):
•Cisco NAM 2204 Appliances
•Cisco NAM 2220 Appliance
•Cisco 6500 Series Switches and Cisco 7600 Series Routers
•Cisco Branch Routers
•Cisco WAAS NAM Virtual Service Blade
Note The Cisco Nexus 1010 Virtual Services Appliance is not supported with NAM Traffic Analyzer Release 5.0. The suggested upgrade path for Nexus 1010 NAM 4.2 users is from NAM 4.2 to 4.2(1N), and then to NAM 5.1 (when available).
This document includes the following sections:
New Features and Enhancements in NAM 5.0
The Cisco NAM Traffic Analyzer, Release 5.0 introduces a redesigned interface and user experience, with more intuitive workflows and interactive reporting capabilities. The dashboard-style layouts show multiple charts in one window, thereby giving you the ability to view a lot of information at once.
There are two types of dashboards in NAM 5.0: One type is the "summary" view found under the Monitor menu, and the other type is the "over time" view found under the Analyze menu. The Monitor dashboards allow you to view network traffic, application performance, site performance, and alarms at a glance. From there, you can isolate one area, for example an application with response time issues, and then drill-down to the Analyze dashboard for further investigation.
Figure 1 shows an example of one of the Monitoring dashboards in the NAM 5.0 release.
Figure 1 Dashboard in NAM 5.0
The Analyze dashboards allow you to zoom or pan to reselect the range. As you change the range, the related graphs at the bottom will update.
The dashboards can be extracted as a PNG. You can also create a Scheduled Export to have the dashboards extracted regularly and sent to you in CSV or HTML format.
Cisco NAM Traffic Analyzer 5.0 introduces the capability for you to define a site, with which you can aggregate and organize performance statistics. A site is a collection of hosts (network endpoints) partitioned into views that help you monitor traffic and troubleshoot problems. A site can be defined as a set of subnets specified by an address prefix and mask, or using other criteria such as a remote device data source (for example, remote WAE device and segment information). If you want to limit the view of your network analysis data to a specific city, a specific building, or even a specific floor of a building, you can use the sites function.
You can also include multiple types of data sources in the site definition, and you can then get an aggregated view of all network traffic.
The pre-defined "Unassigned Site" makes it easy to bring up a NAM without having to configure user-defined sites. Hosts that do not belong to any user-defined site will automatically belong to the Unassigned Site.
Figure 2 shows an example of how a network may be configured using sites.
Figure 2 Site Level Aggregation
New Application Classification Architecture
In previous releases of NAM, the RMON-2 protocol directory infrastructure was used to identify applications and network protocols. In NAM Traffic Analyzer Release 5.0, the application classification scheme is changed to align with the methodology used by Cisco with technologies such as NBAR (Network-Based Application Recognition) and SCL. It also accepts standardized application identifiers exported by Cisco platforms with NDE (NetFlow Data Export).
This allows you to gain application visibility with consistent and unique application identifiers across the network. For example, you can view applications using a global unique identifier, as compared with multiple classification engines using different applications identifiers.
NBI (Northbound Interface), also referred to as API (Application Programming Interface) enables partners and customers to provision the NAM and extract performance data. Previous releases of NAM were limited to SNMP s, and direct-URL knowledge for access to some data, including the method by which CSV-formatted data is retrieved.
With NAM 5.0, the NBI is expanded to include a Representational State Transfer (REST) web service for configuration, and retrieval of data pertaining to sites. Also introduced is the capability to export high-volume performance data in the form of Netflow v9 (see the next section, "NetFlow v9 Data Export").
Note REST does not support retrieval of performance data for sites.
REST is a set of guidelines for doing web services over HTTP. It takes advantage of the HTTP method (GET, POST, UPDATE, DELETE) as part of the request.
The REST request/response messages using the REST web service will contain XML data in the body content of the HTTP request. An XML schema will describe the message content format. All REST request/response messages are handled in XML format. Then the REST web service consumer can use any HTTP client to communitate with the REST server. To use the REST web service via HTTPS, the NAM crypto patch needs to be installed on the NAM.
The NBI web service will provide an external API interface for provisioning and retrieving performance data. For application developers who want to use the NAM APIs to provision network services and leverage data, see the Cisco Network Analysis Module 5.0 API Programmer's Guide. The developers who use the APIs should have an understanding of a high-level programming language such as Java or an equivalent.
NetFlow v9 Data Export
The NAM uses NetFlow as a format for the ongoing streaming of aggregated data, based on the configured set of descriptors or queries of the data attributes in NAM. The NAM as a producer of NDE (NetFlow Data Export) packets is a new feature for NAM Traffic Analyzer 5.0. The NAM's new functionality of NDE is part of its new NBI.
NetFlow collects traffic statistics by monitoring packets that flow through the device and storing the statistics in the NetFlow table. NDE converts the NetFlow table statistics into records, and exports the records to an external device, which is called a NetFlow collector.
The NDE Descriptor is a permanent definition of the NAM aggregated data query of aggregated NAM data, which must be exported to designated destinations across the network using the industry-wide standard of NetFlow v9 running on top of the standard UDP transport.
The NDE Descriptor defines the data query that remains in effect as long as the NDE descriptor exists in NAM's permanent storage. Having it instantiated means that the NAM will be exporting the matching aggregated data records continuously (in a specified frequency) until the NDE descriptor is deleted or updated.
Unlike previous versions of the NAM, in which you have to configure targeted historical reports in advance, the NAM Traffic Analyzer 5.0 stores short-term and long-term data that you can view using the new dashboards.
The NAM proactively collects and stores up to 72 hours of data at a granularity of 1, 5, or 10-minute intervals, and longer-term data with a granularity of 1 to 2 hours. This allows you to specify different time periods to view trends over time, and identify potential problems.
SNMP v3 Support -- NAM to Router/Switch Support
Simple Network Management Protocol Version 3 (SNMPv3) is an interoperable standards-based protocol for network management. The security features provided in SNMPv3 are:
•Message integrity—Ensuring that a packet has not been tampered with in-transit.
•Authentication—Determining the message is from a valid source.
•Encryption—Scrambling the contents of a packet prevent it from being seen by an unauthorized source.
With NAM 5.0, you have the ability to manage devices with SNMPv3.
Note For the WS-SVC-NAM-1 and WS-SVC-NAM-2 platforms, SNMPv3 is not required. SNMP requests and responses are communicated over an internal interface within the chassis, and SNMPv3 is not used.
This section describes the platform hardware, platform software, NAM hardware, and NAM software requirements for NAM 5.0 software:
Platform Hardware Requirements
Table 2 identifies the hardware modules and platforms required to use NAM 5.0.
At least 1 GB of memory is required to run the NAM Traffic Analyzer 5.0 software on any of the supported platforms.
Using NME-NAMs with Cisco Integrated Services Routers
This section describes the requirements to use NME-NAMs with Cisco Integrated Services Router (ISR) and ISR Generation Two (G2) Platforms.
You can deploy the NME-NAM-120S and NME-NAM-80S in any network module slot in the Cisco router platforms indicated in Table 3. A Network Module (NM) Adapter Card, SM-NM-ADPTR, is required to successfully integrate the NME-NAM into supported ISR G2 platforms. The NME-NAM supports the router platforms using NAM 3.6 or later. See Table 5, Minimum Cisco ISR and ISR G2 IOS Versions Required for NAM 5.0, for the minimum IOS software requirements to support NME-NAM. Only one Cisco NAM can be installed in a Cisco branch router.
To install an NME-NAM-120S network module in supported ISR G2 platforms using the NM Adapter Card, see Installing Cisco Network Modules and Service Modules, section "Using Network Modules in Service Module Slots on Cisco 2900 Series and Cisco 3900 Series Routers":
Platform Software Requirements
Table 5 lists the Minimum Cisco ISR and ISR G2 IOS Versions Required for NAM 5.0 on both the NME-NAM-120S and the NME-NAM-80S.
NAM and IOS Software Requirements for Virtual Switch System
Table 6 lists the NAM and IOS software requirements for NAM blades used in a Cisco Virtual Switch System (VSS) environment.
Table 6 NAM and IOS Software Requirements for VSS
NAM NAM Software IOS Software
NAM 3.6.1a or later
IOS 12.2(33) SXH(1) or later
NAM 3.6.1b or later
WAAS Appliance Requirements
NAM 5.0 supports the WAVE-574 and WAE-674 WAAS appliances. Table 7 provides a description of the Cisco WAAS appliances, their components, and deployment scenarios. WAAS appliances require the following software:
•Central Manager: WAAS 4.2.3 (build 55 or later).
•Managed WAAS: WAAS 4.2.3 (or later).
Catalyst 6500 NAM-1 and NAM-2 Memory Recommendation
To optimize the performance of NAM software, particularly of NAM 5.0 releases given new features that can have large table sizes, Cisco offers a field-installable memory upgrade kit that can be purchased for WS-SVC-NAM-1 and WS-SVC-NAM-2 devices. The memory upgrade kit comes with 2GB of DRAM. Its part number is MEM-C6KNAM-2GB=.
Cisco has characterized that the memory upgrade can increase the number of hosts and conversations that can be monitored by up to a factor of two (the improvement can vary depending on packet sizes monitored, burstiness of traffic, NAM features enabled, switch/router features enabled, and so on). The memory upgrade not only can improve the number of hosts and conversations monitored, but also, as a result of the foregoing, can increase the number of concurrent flows that can be monitored. This can result in improved NAM performance when the NAM is deployed in places in the network where it can see a large number of concurrent flows.
You can find information about how to upgrade your memory in the document NAM Memory Upgrade Install Note at the following URL:
No memory upgrade kit is offered for the WS-SVC-NAM-1-250S and WS-SVC-NAM-2-250S, which already ship from factory with 2 GB DRAM.
Table 8 describes the browser requirements for all platforms.
Table 8 Minimum Browser Requirements
Browser Versions Client Platform JVM Support1
(7.0 not supported)
•Windows XP Professional
Java Plug-In 1.5.0_11
•Windows XP Professional
1 A Java plug-in might be required to use the Java Virtual Machine (JVM).
Note Although Traffic Analyzer does not require a Java plug-in, you might be required to use the Java Virtual Machine (JVM). The Java plug-in versions listed have been tested for browsers that require a plug-in for the JVM. Cisco recommends JRE Version 5.0 Update 6.
Catalyst 6500 and Cisco 7600 NAM-1 and NAM-2 Maintenance Image and BIOS Requirements
Table 9 lists the minimum versions of the NAM maintenance image, the maintenance image filename, and the BIOS image required for NAM-1 and NAM-2 when using NAM application image 5.0.
Table 9 NAM Maintenance Images
Maintenance Image BIOS
4.0-Rel 6.0.9 or later
The BIOS image is bundled with the NAM's maintenance image.
The Upgrading to NAM 5.0 section of these Release Notes provides information on:
•How to identify the version of the Catalyst 6500 and Cisco 7600 NAM's BIOS image
•How to upgrade the Catalyst 6500 and Cisco 7600 NAM's Maintenance image
•How to upgrade the Catalyst 6500 and Cisco 7600 NAM's BIOS image
•How to upgrade the NAM's Application Image
NAM Virtual Blade Licensing Requirements
NAM virtual blade software (for the WAAS) requires you to install a product license in the form of a text file. An evaluation license allows you to use the software for up to 60 days, but you will be unable to log in to the NAM GUI after the evaluation license expires. When using an evaluation license, the NAM login window indicates how many days remain before the evaluation license expires.
You can provide licensing information, also known as node-locking information, during software installation or after software installation using the NAM CLI. During the NAM software installation, you will be prompted to enter a product identifier (PID) and serial number (SN).
To obtain a NAM Virtual Blade license, go to the following URL:
Follow the instructions on this page to obtain a NAM VB license file. You will need the appliance PID and SN to obtain the license file. After you enter the PID and SN or the Product Authorization Key, a license file will be sent to you by Email. Store this license file on an available FTP server. Use the license install command to install the license after the NAM software installation completes.
Upgrading to NAM 5.0
This section provides the following topics:
NAM 5.0 does not support any upgrades from the NAM 3.x or NAM 4.x software releases on NAM devices. You will need to do a fresh install of NAM 5.0. NAM 5.0 has a new architecture that will cause you to lose the configuration you have currently set in your NAM. Cisco highly recommends that you back up your current configuration in case you want to go back to a previous version of NAM, where you can restore the saved configuration.
To back up your current configuration, from the NAM command line enter a config upload command like the following:config upload ftp://server/path
The config upload command sends a copy of the NAM running configuration to the destination you specify. The information is stored in a back-up configuration file with an ending suffix of .confg as in NAM_host-c6svc-nam-3.6.1b.confg. The destination address should be a valid server name and directory path.
Installing NAM Software
You can only do a fresh install of NAM 5.0. See the Installation and Configuration Guide specific to your platform.
For Cisco 2200 Series Appliances, see the following URL:
For the WAAS NAM Virtual Blade, see the following URL:
For all other platforms, see the following URL:
Note If you were an EFT user, and will be installing the general availability NAM 5.0 release, you will need to clear your browser cache after installing the new NAM image.
Upgrading Catalyst 6500 and Cisco 7600 NAM-1 and NAM-2 Maintenance Image Software
To upgrade the NAM maintenance image software, follow these steps.
Note This section applies only to the WS-SVC-NAM-1 and WS-SVC-NAM-2 blades running a maintenance image before version 2.1(3).
Step 1 Copy the NAM maintenance software image to a directory accessible to FTP.
You can download the latest version of the NAM maintenance image from the following URL:
The most recent NAM maintenance image software available to download is 2.1(5), and its filename is c6svc-nam-maint.2-1-5.bin.gz.
Step 2 Log in to the switch through the console port or through a Telnet session.
Step 3 If the NAM is running in the application image, go to Step 5. If the NAM is not running in the application image, enter this command in the privileged mode:Router# hw-module module 9 reset hdd:1Device BOOT variable for reset = hdd:1Warning:Device list is not verified.Proceed with reload of module? [confirm]% reset issued for module 9Router#00:31:11:%SNMP-5-MODULETRAP:Module 9 [Down] Trap00:31:11:SP:The PC in slot 9 is shutting down. Please wait ...00:31:25:SP:PC shutdown completed for module 900:31:25:%C6KPWR-SP-4-DISABLED:power to module in slot 9 set off (adminrequest)00:31:28:SP:Resetting module 9 ...00:31:28:%C6KPWR-SP-4-ENABLED:power to module in slot 9 set on00:33:26:%SNMP-5-MODULETRAP:Module 9 [Up] Trap00:33:26:%DIAG-SP-6-BYPASS:Module 9:Online Diagnostics is Bypassed00:33:26:%OIR-SP-6-INSCARD:Card inserted in slot 9, interfaces are nowonline
Step 4 After the NAM is back online, establish a console session with the NAM and log in to the root account.
Step 5 Upgrade the NAM maintenance image software as follows:root@localhost# upgrade ftp-url
where ftp-url is the FTP location and name of the NAM software image file.
Note If the FTP server does not allow anonymous users, use the following syntax for the ftp-url value: ftp://user@host//absolute-path/filename. Enter your password when prompted.
Step 6 Follow the screen prompts during the upgrade.
Step 7 After completing the upgrade, log out of the NAM.
Step 8 Boot into the maintenance image to reset the NAM maintenance image software with a command like the following:Router# hw-module module 9 reset cf:1Device BOOT variable for reset = cf:1Warning:Device list is not verified.Proceed with reload of module? [confirm]% reset issued for module 9Router#00:16:06:%SNMP-5-MODULETRAP:Module 9 [Down] Trap00:16:06:SP:The PC in slot 9 is shutting down. Please wait ...00:16:21:SP:PC shutdown completed for module 900:16:21:%C6KPWR-SP-4-DISABLED:power to module in slot 9 set off (admin request)00:16:24:SP:Resetting module 9 ...00:16:24:%C6KPWR-SP-4-ENABLED:power to module in slot 9 set on00:18:21:%SNMP-5-MODULETRAP:Module 9 [Up] Trap00:18:21:%DIAG-SP-6-BYPASS:Module 9:Online Diagnostics is Bypassed00:18:21:%OIR-SP-6-INSCARD:Card inserted in slot 9, interfaces are now onlineRouter#
Step 9 (Optional) Verify the initial configuration after the NAM comes back online by logging into the NAM root account as follows:root@localhost# show ip
Step 10 (Optional) Reboot into the application image as follows:Router# hw-module module 9 reset
This example shows how to upgrade the NAM maintenance image software:Router#Router# hw-module module 9 reset hdd:1Device BOOT variable for reset = hdd:1Warning:Device list is not verified.Proceed with reload of module? [confirm]% reset issued for module 9Router#00:31:11:%SNMP-5-MODULETRAP:Module 9 [Down] Trap00:31:11:SP:The PC in slot 9 is shutting down. Please wait ...00:31:25:SP:PC shutdown completed for module 900:31:25:%C6KPWR-SP-4-DISABLED:power to module in slot 9 set off (adminrequest)00:31:28:SP:Resetting module 9 ...00:31:28:%C6KPWR-SP-4-ENABLED:power to module in slot 9 set on00:33:26:%SNMP-5-MODULETRAP:Module 9 [Up] Trap00:33:26:%DIAG-SP-6-BYPASS:Module 9:Online Diagnostics is Bypassed00:33:26:%OIR-SP-6-INSCARD:Card inserted in slot 9, interfaces are nowonlineRouter#Router# session slot 9 proc 1The default escape character is Ctrl-^, then x.You can also type 'exit' at the remote prompt to end the sessionTrying 127.0.0.91 ... OpenCisco Network Analysis Module (WS-SVC-NAM-2)login:rootPassword:Cisco Network Analysis Module (WS-SVC-NAM-2) Console, 5.0Copyright (c) 2010 by cisco Systems, Inc.WARNING! Default password has not been firstname.lastname@example.orgemail@example.com# upgrade ftp://host/pub/c6svc-nam-maint.2-1-5.bin.gzDownloading image...ftp://host/pub/c6svc-nam-maint.2-1-5.bin.gz (11065K)- [########################] 11065K | 837.65K/s11331153 bytes transferred in 13.21 sec (837.64k/sec)Uncompressing the image...Verifying the image...Applying the Maintenance image.This may take several minutes...Upgrade of Maintenance image completed firstname.lastname@example.org# exitRouter# hw-module module 9 reset cf:1Device BOOT variable for reset = cf:1Warning:Device list is not verified.Proceed with reload of module? [confirm]% reset issued for module 9Router#02:27:19:%SNMP-5-MODULETRAP:Module 9 [Down] Trap02:27:19:SP:The PC in slot 9 is shutting down. Please wait ...02:27:36:SP:PC shutdown completed for module 902:27:36:%C6KPWR-SP-4-DISABLED:power to module in slot 9 set off (adminrequest)02:27:39:SP:Resetting module 9 ...02:27:39:%C6KPWR-SP-4-ENABLED:power to module in slot 9 set on02:29:37:%SNMP-5-MODULETRAP:Module 9 [Up] Trap02:29:37:%DIAG-SP-6-BYPASS:Module 9:Online Diagnostics is Bypassed02:29:37:%OIR-SP-6-INSCARD:Card inserted in slot 9, interfaces are nowonlineRouter#
Upgrading Catalyst 6500 and Cisco 7600 NAM-1 and NAM-2 BIOS Image Software
Note This section applies only to the WS-SVC-NAM-1 and WS-SVC-NAM-2 blades running a BIOS image prior to version 6.0.9.
Note The BIOS image is bundled with the NAM's maintenance image.
The NAM maintenance image software also provides upgrade software for your BIOS. If the show version command indicates a BIOS version below 4.0-Rel 6.0.9, see the following procedure for performing a BIOS upgrade:
Step 1 Boot the NAM to the maintenance image. Enter the following command from the Supervisor CLI:
hw-module module <module-number> reset cf:1
Step 2 After the NAM has booted the new maintenance image, session into the NAM module with the following Supervisor CLI command:
session slot <module-number> processor 1
Step 3 Log in as user root with the default password cisco.
Step 4 Enable the guest account (disabled by default) for the maintenance image. Enter the following command at the NAM maintenance CLI:
Note You can only perform the BIOS upgrade procedure from the guest account.
Step 5 Log out of the NAM CLI.
Step 6 Log in again as the user guest.
The default password for the guest account is cisco.
Warning While the new BIOS is being programmed, the procedure should not be interrupted in any way. Do not turn power off or shut down the NAM until the programming is complete.
A message such as BIOS programming complete displays when the procedure is finished, usually in less than two minutes.
Step 7 While logged into the guest account, enter the following command to begin the BIOS upgrade procedure:
Step 8 When prompted for the filename of the BIOS file to be programmed. Enter the following filename:B01MQ009.ROM
Note In the above filename, use the digit 0, not the letter O, except for the .ROM extension which does use the letter O.
The following output shows an example of this procedure:---------------------------------------------------------email@example.com#upgrade-biosEnter filename of BIOS file to be programmed: B01MQ009.ROMWrite BIOS File B01MQ009.ROM to FlashWARNING: Removing or powering down this module during BIOS programming may resul t in the module unable to come online!Erasing old BIOS...Programming new BIOS...DONEVerifying new BIOS...DONEBIOS programming firstname.lastname@example.org#---------------------------------------------------------
Step 9 Log out of the NAM CLI (returning to the Supervisor CLI), and enter a command like the following to boot the NAM Application image:
hw-module module <module-number> reset hdd:1
Step 10 Enter the show version command to verify the BIOS was successfully installed.
The output of the show version command should look something like the following:BIOS Version: 4.0-Rel 6.0.9
This show version command output indicates that the most recent BIOS version (4.0-Rel 6.0.9) is installed.
You can now reboot the NAM Application image and resume normal NAM operation.
Limitations and Restrictions
The following limitations and restrictions currently apply to the NAM 5.0 software release:
NAM Creates Capture File on Cancel
If you are using a Cisco 2200 Series appliance, and during Capture > Packet Capture/Decode > Files you click on the Download button, a xxx.pcap file is created regardless of whether you accept the download action or cancel it. This is why one capture done from a Cisco 2200 Series appliance may have an extra file, while another from a different platform may not.
NAM Support With Non-Cisco H.323 Voice Devices and Call Managers
NAM voice call monitoring may not function properly with some of the non-Cisco voice devices and Call Managers such as Avaya. This is only for non-Cisco voice devices. Cisco IP Phone and Call Managers do not have any problems.
ACS Version Supported
The only ACS server versions supported are ACS versions 5.1 and 4.2.
Direct Flow Packets to NAM Data Port
If you use a NAM-2 device, either WS-SVC-NAM-2 or WS-SVC-NAM-2-250S, we recommend that you direct all packets for the same flow to the same data port.
Note This issue applies only to the WS-SVC-NAM-2 and WS-SVC-NAM-2-250S NAM models.
NAM-2 devices have two data ports (DATA_PORT1 and DATA_PORT2), but the packets received on these two ports are not well merged in respect to the order in which the packets are received. When packets for a given flow are split into two data ports, it might impact the calculation of application response time (ART) metrics and voice quality metrics.
No Default CLI Password
For security purposes, beginning with NAM 4.1, we no longer provide a default root password. After you install NAM 5.0, you must specify a password for the root account. Store this password in accordance with your site's security policies. You will need the root account password for additional software upgrades.
Response Time and Voice Quality Analytics
The calculation of Application Performance Response Time and voice quality metrics in NAM 5.0 depends on the actual packet arrival time and packet sequences. In events such as packet drops, duplicated packets, or asymmetric routing, the NAM might not be able to calculate accurate quality metrics for the associated polling interval.
You should pay attention to the NAM syslog messages and system alerts to remain aware of any packet drops or duplicated packets occurrences.
Intelligent Application Performance
Due to the way NAM 5.0 processes packets in a TCP connection, response time monitoring on WAAS data sources probably will not include the first response of the TCP connection. This occurs because the WAAS optimization engine might not be able to determine to which optimized or non-optimized segment the first few packets belong.
This issue will be noticed when you monitor a TCP connection that has only a single response. No response time will be reported for this connection. The NAM determines response time by taking the average response time over multiple TCP connections. Because most TCP connections have multiple responses, this issue is generally unnoticed over a longer period of monitoring.
Checking the NAM Maintenance Image and BIOS Versions
NAM 5.0 software requires that you use the correct NAM maintenance image and BIOS versions. The recommended BIOS version for NAM 5.0 software is BIOS 6.0.9.
The recommended MP version depends on the NAM model. See Table 9 for the recommended maintenance image for each NAM platform. If you need to upgrade your NAM maintenance image, see Upgrading Catalyst 6500 and Cisco 7600 NAM-1 and NAM-2 Maintenance Image Software.
NAM Appliance Support for Cisco Nexus 7000
With the deployment flexibility the new Cisco NAM 2200 Series appliances offer, you now have a NAM solution to gain visibility into network and application performance for the Cisco Nexus 7000 Series switches. The Cisco NAM 2200 Series appliances provide core NAM functionality to support the Cisco Nexus 7000 Series including monitoring, reporting, capturing data and alarms. The NAM appliances support features such as traffic analysis, Intelligent Application Performance (IAP) monitoring, differentiated services analysis, and voice quality monitoring. The same NAM software image supports all tested infrastructure devices.
The Cisco NAM 2200 Series appliances do not yet offer the same level of management interface support they offer other tested devices, such as the Catalyst 6500 Series switches. This affects the following NAM functions:
•Configuring a SPAN session on the Nexus 7000 Series using the NAM GUI. Instead, use the switch CLI to configure such a session.
•Monitoring and reporting traffic statistics about the managed device. Managed device statistics include port (mini-RMON), VLAN, and device health statistics. This limitation does not affect monitoring and reporting statistics on traffic that you can SPAN to NAM.
•Configuring and displaying alarms about the managed device.
Support for both NBAR-PD and MPLS functionality is not available for the Nexus 7000.
Restrictions for NME-NAMs
Note This restriction applies only to traffic that is monitored through the internal NAM interface on the NME-NAM-80S and NME-NAM-120S.
The NAM Traffic Analyzer (web GUI) provides Layer 3 and higher layer information about the original packets. The Layer 2 header is modified by the router when it forwards the packets to the NAM, so the Layer 2 information that the NAM records is not applicable to the original packets.
Most Recent NAM 5.0 Information
To see the most recent version of the NAM 5.0 User Guide, see the technical documentation for the Network Analysis Module on www.cisco.com:
IOS Issues That Might Affect NAM 5.0
The following IOS issues might affect your use of NAM 5.0 depending on other software versions.
IOS Image Incompatibility Prevents Creating SPAN Data Sources Using NAM GUI
An issue with the supervisor card and IOS images 12.2(18)SXF9 and 12.2(33)SRB1 prevents you from creating SPAN data sources (SPAN sessions) using the NAM GUI. (This issue is described in CSCse98807.)
Note This issue has been resolved with IOS image 12.2(18)SXF10.
You can also use switch command-line interface (CLI) commands to create SPAN sessions, or you can use other IOS releases on the supervisor card, such as 12.2(18)SXF10 or 12.2(33)SRB2, that fix this IOS issue.
On affected systems, when you attempt to use the NAM GUI to create a SPAN session by choosing
Setup > Data Source and clicking Create, the NAM GUI displays no information for the Destination Port. This prevents you from creating the SPAN session.
Cisco 7600 With Redundant Supervisor Cards Running IOS Image 12.2(33)SRC2
You might experience an error condition with a Cisco 7600 chassis that has redundant supervisor cards running the 12.2(33)SRC2 IOS image and a NAM service blade. The error occurs when you perform a sequential boot of the two supervisor cards because the secondary (standby) supervisor does not go into proper standby mode.
You can find more information about this issue in Field Notice #63179.
Note This issue has been resolved in 12.2(33)SRC3.
This problem does not occur:
•When you boot the two supervisor cards in parallel
•When you boot the standby supervisor card after the primary supervisor is up
•When the Cisco 7600 router runs the 12.2SRC1 image
•When only one supervisor card is installed in the Cisco 7600 chassis
When the primary supervisor functions as a standalone with the secondary supervisor card in RPR mode, the Cisco 7600 chassis functions normally (as if it has a standalone supervisor card). A switchover causes the system to be unavailable for up to three minutes because the secondary supervisor card is not in proper standby mode.
Note When both supervisors are booted simultaneously, the system will go to Hot Standby status. The primary supervisor will reboot when you issue the redun force-switchover command which causes the redundant supervisor to boot up to be the primary and the primary to be the redundant.
This problem requires you to downgrade the IOS image from 12.2SRC2 to 12.2SRC1. Account teams will help you do this if needed.
Running IOS Image Newer Than 12.2(18)SXF5
If you upgrade your IOS to an image newer than 12.2(18)SXF5, you remain vulnerable to a security issue where IOS switches the SNMP communication between the NAM and the SUP from inband to EOBC.
Due to this issue, you should not apply the NAM CLI command supervisor address <sup-address>. To remove this configuration from the NAM, use the negating form of the command,
no supervisor address.
Note This issue has not yet been resolved.
RSPAN and ERSPAN Unsupported in IOS Image 12.2(33)SRD
The ERSPAN command is not working properly in NAM 5.0 when using IOS image 12.2(33)SRD. The problem is noticed when you attempt to configure a destination on the NAM in ERSPAN or RSPAN sub-mode.
After issuing the command:
destination analysis-module 3 data-port 1
Where module 3 is the NAM you have set up to monitor (using the command monitor session 1 type erspan-destination), the configured destination cannot be found.
This problem also affects the local SPAN (with sub-mode configuration).
Note This issue has been resolved with IOS image 12.2(33)SRD1 or later.
This section provides information about active anomalies in the NAM 5.0 software. To obtain more information about known problems, access the Cisco Software Bug Toolkit at the following URL:
Known Anomalies in NAM 5.0
Table 10 provides a list of known anomalies found in NAM 5.0 software. Each anomaly includes a description of the symptom, conditions in which the anomaly occurs, and any workaround.
Cisco NAM 5.0 Software Documentation
This section provides a list of the NAM 5.0 software documentation. You can find links to all NAM software documentation at the following URL:
The following is a list of the documentation for Cisco Network Analysis Module (NAM) Traffic Analyzer 5.0 (in the order in which you should address it).
You can access the URLs listed for each document on the World Wide Web.
Release Notes for the Cisco Network Analysis Module, Release 5.0
The Release Notes for the Cisco Network Analysis Module, 5.0 provide a collection of information including software and hardware compatibility and information about new features, requirements, and anomalies that might exist.
User Guide for the Cisco Network Analysis Module Traffic Analyzer,
The User Guide for the Cisco Network Analysis Module Traffic Analyzer, 5.0 describes how to use the Network Analysis Module Traffic Analyzer and NAM 5.0 user software.
Cisco NAM Command Reference, Release 5.0
The Cisco NAM Command Reference, Release 5.0 provides information about how to use the NAM command-line interface to manage the NAM devices supported by NAM 5.0 software, including:
The Cisco NAM Command Reference, Release 5.0 also supports the following WAAS appliances:
Cisco NAM 5.0 API Programmer Guide
The Cisco Network Analysis Module (NAM) API Programmer Guide describes APIs that are available to connect to the NAM system. The NAM API provides a mechanism for provisioning and retrieving data from the NAM servers using an eXtensible Markup Language (XML) interface. The API utilizes REpresentational State Transfer (REST) methodology to execute requests (web services) over HTTP or HTTPS by sending the XML data to the API server.
Third Party and Open Source Copyright Notices for the Cisco Network Analysis Module, Release 5.0
The Copyright Notices for the Cisco Network Analysis Module, 5.0 provides a listing of all copyright notices for the open source third-party software used in NAM 5.0.
Cisco 2200 Series NAM Appliance Documentation
This section describes the Cisco 2200 Series NAM Appliance documentation.
Quick Start and Documentation Guide for the Cisco 2200 Series NAM Appliance
The Quick Start and Documentation Guide for the Cisco 2200 Series NAM Appliance is available online at the following URL:
This document contains a description of the documentation for the NAM appliance and NAM software and information about how to get started with the NAM appliance.
Installation and Configuration Guide for the Cisco NAM 2204 Appliance
The Installation and Configuration Guide for the Cisco NAM 2204 Appliance provides information to help you install and configure the NAM 2204 appliance. This guide includes overview information and details about how to install the appliance, connect the appliance to power and the device it monitors, configure the appliance, log in, and get started setting up the appliance to monitor the device.
The Installation and Configuration Guide for the Cisco NAM 2204 Appliance is an online only document you can find at the following URL:
Installation and Configuration Guide for the Cisco NAM 2220 Appliance
The Installation and Configuration Guide for the Cisco NAM 2220 Appliance provides information to help you install and configure the NAM 2220 appliance. This guide includes overview information and details about how to install the appliance, connect the appliance to power and the device it monitors, configure the appliance, log in, and get started setting up the appliance to monitor the device.
The Installation and Configuration Guide for the Cisco NAM 2220 Appliance is an online only document you can find at the following URL:
Regulatory Compliance and Safety Information for the Cisco NAM 2200 Series Appliances
The Regulatory Compliance and Safety Information for the Cisco NAM 2200 Series Appliances is a printed document that ships with the NAM appliance and is also available online at the following URL:
The Regulatory Compliance and Safety Information for the Cisco 2200 Series NAM Appliances contains regulatory compliance and safety information for the Cisco 2200 Series NAM appliances.
Cisco NAM Virtual Services Blade Documentation
The following URL provides links to product support, additional product literature, software, and other helpful information for the Cisco WAAS NAM Virtual Blade:
Installation and Configuration Guide for the Cisco WAAS NAM
Virtual Services Blade, 5.0
The Installation and Configuration Guide for the Cisco WAAS NAM Virtual Services Blade, 5.0 provides detailed steps to install the NAM VSB on a WAAS appliance and configure the NAM VSB.
This section provides information about other documentation related to the Network Analysis Module and NAM 5.0 software.
NAM-1 and NAM-2
Catalyst 6500 Series Switch and Cisco 7600 Series Router Network Analysis Module
Installation Note, 5.0
Cisco Branch Routers Series Network Analysis Module (NME-NAM-120S) Installation and Configuration Note, 5.0
Cisco NAM Enhanced Network Modules
Installing Cisco Network Modules and Service Modules
Cisco 3800 Series Hardware Installation
Cisco 3700 Series Routers Hardware Installation Guide
Installing Network Modules in Cisco 2800 Series Routers
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at the following URL:
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS Version 2.0.
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)