With Damien Lim
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how Cisco Prime Network Analysis Module (NAM) can assure services in an Enterprise or Service Provider via granular traffic analysis, rich application performance metrics, comprehensive voice analytics, and deep insightful packet captures with cisco expert Damien Lim. Cisco Prime Network Analysis Module (NAM) provides network administrators actionable visibility to optimize network resources, troubleshoot performance issues, and ensure a consistent user experience.
Remember to use the rating system to let Damien know if you have received an adequate response.
Damien might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Network Infrastructure sub-community discussion forum shortly after the event. This event lasts through October 19, 2012. Visit this forum often to view responses to your questions and the questions of other community members.
Cisco Prime NAM can monitor the Cisco Nexus 1000V using ERSPAN and NetFlow traffic sources. ERSPAN can be configured on the Cisco Nexus 1000V to allow the NAM to obtain visibility into specific ports or VLANs. The data made available by ERSPAN permits the NAM to provide core traffic usage metrics (on applications, hosts, and conversations), Application Performance analytics, and QoS and VLAN monitoring statistics. NetFlow Data Export can be configured on select virtual and physical interfaces of the Cisco Nexus 1000V. The data made available by NetFlow permits the NAM to provide core traffic analytics and QoS monitoring statistics.
Cisco Prime NAM collects packets or flows information being sent to it from the switch, router, or WAAS devices. The NAM parses the packets and flow information, gathers relevant data, computes various performance and usage metrics, and stores processed information in the new Performance Database. This database provides valuable traffic information on voice, video, and data traffic, VLANs, Differentiated Services (DiffServ) configurations, hosts, conversation pairs, application usage, and application response times. This information is presented in the Cisco Prime NAM's GUI in easy-to-read interactive reports.
There are multiple ways to gain visibility into traffic from more than one device with the Cisco NAM Appliances:
• The NAM Appliances include more than one monitoring interface, which allow them to collect traffic from more than one device.
• The NAM Appliances can be used with a passive inline tap to monitor traffic from/between multiple devices.
• The LAN or WAN traffic from other devices can be directed to the NAM Appliances for analysis using RSPAN, ERSPAN, or NetFlow.
Good to see NAM in Expert Corner discussion. Our customers have been using WS-SVC-NAM-2 for a long time now and it is really useful, but we get lot of complain on duplicate packets, out of order packets etc etc being reported in pcap files. When the same SPAN is sent to a PC instead of NAM the pcap file is observed very clean i.e. not having any duplicate packets.
I did some research on this and found following reasons.
1. Backplane connectivity interface on NAM is 1Gig and if there is ALL SPAN configured on the 6500 switch then out of order packets were observed because of bottle neck on NAM inteface connectivity to backplane.
2. VLAN SPAN configured in both directions (tx and rx by default) causes duplicate packets. But I have tried either tx or rx but still many times we see duplicate packets.
Can you please share your thoughts on it ?
You are right. The NAM-2 has performance limitations and has led to the issues you have mentioned. Rightly so, since the NAM-2 was designed in the era where 1Gb-2Gb was sufficient. To overcome the NAM-2 limitation in today's demanding networks, we have launched a new NAM service module for the Catalyst 6500, NAM-3. NAM-3 has a 20Gb backplane interconnect and features mini SAS, 10 Gigabit Ethernet external storage interface (FCoE) and 1Gb 1588 external ports. I highly recommend the NAM-3 for Catalyst 6500 platform integration.
For deployments, where other switching platforms are used besides Catalyst 6500, we have launched the next generation NAM 2320/2304 appliances that would be ideal.
More on NAM-3: http://www.cisco.com/en/US/products/ps11659/index.html
NAM 23xx Appliances: http://www.cisco.com/en/US/products/ps10113/index.html
Thank you for supporting NAM,
1) NAM supports up to 10 simultaneous packet capture.
2) Yes! Depending on the NAM form-factor deployed, the user can select different time intervals including 5 min, 15 min, 1 hour, 4 hours, 8 hours, 1 day, 1 week and 1 month.
3) Yes. NAM displays details such as the caller number+IP+Port+alias and the callee number+IP+Port+alias with the associated statistics such as MOS, jitter, packet loss and SSRC.
- As you may now Prime Infrastructure is heavily involved in network management too; with an assurance license you can also capture netflow data (e.g.). Are there any plans to integrate both products (PI and PN ) on the long run ? NAM could then also become license-featured (too) . I have PI already, I don't feel inclined to by yet another network management tool (from Cisco) , because PI does a lot for me already.