The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter provides details about the post installation tasks that you might need to perform.
Encapsulated Remote Switched Port Analyzer (ERSPAN) records provide an aggregate view of the network traffic. When enabled on the branch router or switch, the ERSPAN data source becomes available on the Cisco Prime NAM VSB. ERSPAN provides statistics for applications, hosts, and conversions. You can set up custom data sources for some specific interfaces. ERSPAN can be used to identify business critical applications hosted in the Data Center that are used in the branch.
This chapter contains the following sections:
ERSPAN sessions allow you to monitor traffic on one or more ports, or one or more VLANs, and send the monitored traffic to one or more destination ports. ERSPAN sends traffic to a network analyzer such as a SwitchProbe device or other Remote Monitoring (RMON) probe. ERSPAN supports source ports, source VLANs, and destination ports on different routers, which provides remote monitoring of multiple routers across your network (see ).
ERSPAN consists of an ERSPAN source session, routable ERSPAN GRE-encapsulated traffic, and an ERSPAN destination session. You separately configure ERSPAN source sessions and destination sessions on different routers.
An ERSPAN source session is defined by the following:
For a source port or a source VLAN, the ERSPAN can monitor ingress, egress, or both ingress and egress traffic.
ERSPAN source sessions do not copy ERSPAN GRE-encapsulated traffic from source ports. Each ERSPAN source session can have either ports or VLANs as sources, but not both.
The ERSPAN source sessions copies traffic from the source ports or source VLANs and forwards the traffic using routable GRE-encapsulated packets to the ERSPAN destination session. The ERSPAN destination session switches the traffic to the destination ports.
Configure ERSPAN traffic on the Branch edge router. You must enable ERSPAN on both the WAN and LAN interface to provide visibility into traffic flows entering and leaving the branch.
Refer to “Configuring Local SPAN and ERSPAN” in the Cisco Nexus 1000V System Management Configuration Guide, Release 4.2(1) SV1(4)
You must configure ERSPAN on the Cisco Prime NAM VSB so that the Prime NAM receives data.
See the Sending ERSPAN Data Directly to the Cisco Prime NAM Management Interface about using ERSPAN as a data source:
Note | Depending on the NX-OS version on your managed device, the CLI format for configuring an ERSPAN session may be different than what appears in this document. For details on using ERSPAN as a data source, see your specific OS product documentation. |
To send the data directly to the Cisco NAM management IP address (management-port), configure the ERSPAN source session. No ERSPAN destination session configuration is required. After performing this configuration on the Catalyst 6500 switch, when ERSPAN packets are sent to the NAM, it will automatically create a data source for that packet stream.
If the autocreate feature is not enabled, you will have to manually create the data source for this ERSPAN stream of traffic. See the Forwarding ERSPAN Traffic section Customizing Cisco Prime NAM chapter in the Cisco Prime NAM 6.1 User Guide for detailed procedures.
Note | This method causes the ERSPAN traffic to arrive on the Cisco Prime NAM management port. If the traffic level is high, this could have negative impact on the Cisco Prime NAM’s performance and IP connectivity. This might also have an impact on the general network performance. |
monitor session 1 type erspan-source no shut source interface Fa3/47 destination erspan-id Y ip address aa.bb.cc.ddorigin ip address ee.ff.gg.hh
Where:
NetFlow records provide an aggregate view of the network traffic. When enabled on the branch router or switch, the NetFlow data source becomes available on the Cisco Prime NAM. NetFlow provides statistics for applications, hosts, and conversations. You can set up custom data sources for some specific interfaces. NetFlow can be used to identify business critical applications hosted in the Data Center that are used in the branch.
As a consumer, the Cisco Prime NAM can receive NetFlow packets on its management port from devices such as Cisco routers and switches. Those records are stored in its collection database as if that traffic had appeared on one of the Cisco Prime NAM data ports. The Cisco Prime NAM understands NetFlow v1, v5, v6, v7, v8, and v9.
See the following sections:
Configure NetFlow traffic on the Branch edge router. You must enable NetFlow on both the WAN and
LAN interface to provide visibility into traffic flows entering and leaving the branch.
config t interface <interface> ip route-cache flow exit ip flow-export version 5 ip flow-export destination <NAM-Ip-Address> 3000
Note | The UDP port number must be set to 3000. You can change this using the NAM CLI. See the Cisco Prime Network Analysis Module Command Reference Guide |
Also make sure the SNMP community string is configured on the device. Read Only or Read Write community string works.
snmp-server community <RO-string> RO
See the Customizing Cisco Prime NAM chapter in the Cisco Prime NAM User Guide available at http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-network-analysis-module-software/products-user-guide-list.html, for detailed procedures.
You can test the SNMP community strings for the devices in the Devices table. To test a device, select it from the Devices table under Setup > Traffic > NAM data Sources, then click Edit. Enter the parameters and click Test Connectivity.
A managed device is a switch from which you would like to gather information such as interface statistics. For Nexus virtual networks, virtual interfaces statistics will provide insight into your virtual network. Cisco Prime NAM supports only one managed device and Nexus 1110 only supports one Cisco Prime NAM Virtual Blade as primary.
When you set up a managed device, the Cisco Prime NAM retrieves interface information via SNMP from that managed device and displays statistics. For Cisco Prime NAM on Nexus VSB, you should set these parameters to point to a Nexus 1000v switch.
To view the switch information, choose Setup > Managed Device > Device Information.
Field |
Description |
||
---|---|---|---|
SNMP Test information |
Displays the IP address of the Cisco Prime NAM and the switch that the SNMP test occurred on. |
||
Name |
Name of the switch. |
||
Hardware |
Hardware description of the switch. |
||
Supervisor Software Version |
Current software version of the Supervisor. |
||
System Uptime |
Total time the switch has been running. |
||
Location |
Physical location of the switch. |
||
Contact |
Contact name of the network administrator for the switch. |
||
SNMP read from switch |
SNMP read test result. |
||
SNMP write to switch |
SNMP write test result. |
||
Mini-RMON on switch |
For Cisco IOS devices, displays the status if there are any ports with Mini-RMON configured (Available) or not (Unavailable). |
||
NBAR on switch |
Displays if NBAR is available on the switch. |
||
VLAN Traffic Statistics on Switch |
Displays if VLAN data is Available or Unavailable.
|
||
NetFlow Status |
For Catalyst 6500 Series devices running Cisco IOS, if NetFlow is configured on the switch, Remote export to Cisco Prime NAM <address> on port <number> displays, otherwise the status will display Configuration unknown. |
This section describes how to set router/managed device parameters.
1. Choose Setup > Managed Device > Device Information.
2. Click the Test Connectivity button to perform an SNMP test. Click Close when finished.
3. Click Submit to submit the information and close the window.
Monitoring the managed device interfaces provides per-interface statistics directly from the Nexus switch. Go to the Analyze > Managed Device > Interfaces .
To change the interval, go to the Interactive Report on the left side of the screen and click the Filter button.