Cisco Cisco MGX-FRSM-HS2 B Serial Frame Service Module Libro blanco
Deployment Guide
© 2010 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 10 of 35
Data Source
Description
Deployment Considerations
Hardware Platforms
the destination of choice.
ERSPAN transports packets from a
remote IP subnet through an IP tunnel to
the destination of choice.
remote IP subnet through an IP tunnel to
the destination of choice.
From NAM’s perspective, there is no
difference between these variations of
SPAN. The NAM only sees packets
forwarded to its internal port.
difference between these variations of
SPAN. The NAM only sees packets
forwarded to its internal port.
NetFlow as data sources.
Cisco Express
Forwarding copy
Forwarding copy
Cisco Express Forwarding copying is a
technique used on the ISR router platform
to achieve the same result that SPAN
does (SPAN is not supported on the ISR
platform). When enabled, Cisco Express
Forwarding mechanisms on Cisco IOS
technique used on the ISR router platform
to achieve the same result that SPAN
does (SPAN is not supported on the ISR
platform). When enabled, Cisco Express
Forwarding mechanisms on Cisco IOS
®
Software are used to make an extra copy
of the packet, which is then forwarded to
the NAM analysis port.
of the packet, which is then forwarded to
the NAM analysis port.
Cisco Express Forwarding copy, like
SPAN, allows the use of all of NAM’s
features including captures, IAP, and
voice monitoring.
SPAN, allows the use of all of NAM’s
features including captures, IAP, and
voice monitoring.
Cisco Express Forwarding copy
applies only to the ISR routers, Cisco
2800, 2900, 3700, 3800, and 3900.
applies only to the ISR routers, Cisco
2800, 2900, 3700, 3800, and 3900.
NetFlow
NetFlow technology is supported on
Cisco IOS and NX-OS Software. It
provides measurements for a key set of
applications including network traffic
accounting, usage-based network billing,
network planning, and monitoring.
Cisco IOS and NX-OS Software. It
provides measurements for a key set of
applications including network traffic
accounting, usage-based network billing,
network planning, and monitoring.
NetFlow technology analyzes “flows”
going across the router and provides
summary analyses of these flows to
interested “collectors.”
going across the router and provides
summary analyses of these flows to
interested “collectors.”
Collectors will periodically get updates
from all NetFlow-enabled routers as to the
details of traffic flows over the past
period. NAM serves as a NetFlow
collector. Further, NAM processes
NetFlow data and provides its results
through its GUI.
from all NetFlow-enabled routers as to the
details of traffic flows over the past
period. NAM serves as a NetFlow
collector. Further, NAM processes
NetFlow data and provides its results
through its GUI.
Typical usage of NetFlow is as a
complement to live traffic analysis. For
example, a NAM located in the data
center analyzes SPAN traffic directly, but
to get visibility into traffic in remote
branches with no NAMs in them, it
monitors NetFlow traffic from those
remote branch routers. Using this
combination of data sources, NAM offers
visibility into the data center and remote
branches simultaneously.
complement to live traffic analysis. For
example, a NAM located in the data
center analyzes SPAN traffic directly, but
to get visibility into traffic in remote
branches with no NAMs in them, it
monitors NetFlow traffic from those
remote branch routers. Using this
combination of data sources, NAM offers
visibility into the data center and remote
branches simultaneously.
It is important to note that voice quality
measurements, IAP, and packet captures
are not available from NetFlow data
exports. NetFlow data exports are merely
summaries of traffic activity, whereas the
aforementioned features require access
to a copy of the original stream of
packets.
measurements, IAP, and packet captures
are not available from NetFlow data
exports. NetFlow data exports are merely
summaries of traffic activity, whereas the
aforementioned features require access
to a copy of the original stream of
packets.
NetFlow collection and processing is
available on all NAM platforms.
available on all NAM platforms.
NetFlow performance (measured in
“number of flows processed per
second”) varies depending on the
hardware platform. The 2220
appliance offers the highest
performance and is followed by the
2204 appliance and NAM-2 blades.
These platforms are ideally suited to
serve as centralized NetFlow
collectors for exports from branch
offices.
“number of flows processed per
second”) varies depending on the
hardware platform. The 2220
appliance offers the highest
performance and is followed by the
2204 appliance and NAM-2 blades.
These platforms are ideally suited to
serve as centralized NetFlow
collectors for exports from branch
offices.
WAE Flow Agent
With Cisco NAM 4.0, the Cisco WAAS
devices (WAEs) can serve as data
sources to NAM. WAEs export
information about optimized flows,
response times, packets in/out, and so
on.
devices (WAEs) can serve as data
sources to NAM. WAEs export
information about optimized flows,
response times, packets in/out, and so
on.
A NAM blade or appliance located at the
data center is the most typical example of
a WAAS monitoring deployment of NAM.
These devices have the performance
required to handle flows from multiple
WAE devices.
data center is the most typical example of
a WAAS monitoring deployment of NAM.
These devices have the performance
required to handle flows from multiple
WAE devices.
Optionally, an NME-NAM located at a
branch router would be a good location if
possible. This deployment location
provides the advantage of monitoring
user experience before and after WAAS
is enabled.
branch router would be a good location if
possible. This deployment location
provides the advantage of monitoring
user experience before and after WAAS
is enabled.
All NAM platforms are able to process
data sourced from WAE devices.
data sourced from WAE devices.
VACL Capture
A VLAN access control list (VACL) can
forward traffic from either a WAN
interface or VLANs to a data port on the
NAM. A VACL provides an alternative to
using SPAN and essentially provides a
way to filter traffic based on specific fields
in the packet header.
forward traffic from either a WAN
interface or VLANs to a data port on the
NAM. A VACL provides an alternative to
using SPAN and essentially provides a
way to filter traffic based on specific fields
in the packet header.
VACLs are useful for focused
troubleshooting. Because VACLs allow
refined filtering capabilities, they are
useful to identify very specific packet
streams, for example, packets originating
from MAC address X and destined for
MAC address Y.
troubleshooting. Because VACLs allow
refined filtering capabilities, they are
useful to identify very specific packet
streams, for example, packets originating
from MAC address X and destined for
MAC address Y.
Useful when SPAN is not supported on a
WAN interface (for example, serial links).
WAN interface (for example, serial links).
Also useful if SPAN sessions are
unavailable for use by NAM.
unavailable for use by NAM.
Useful when the amount of VLAN traffic
exceeds Cisco NAM capacity and some
prefiltering is desired, such as a 10
Gigabit Ethernet port.
exceeds Cisco NAM capacity and some
prefiltering is desired, such as a 10
Gigabit Ethernet port.
Supported on the Catalyst 6500 and
Cisco 7600 platforms.
Cisco 7600 platforms.
Requires Cisco IOS Software
configuration through the command-
line interface (CLI); not supported on
NAM GUI.
configuration through the command-
line interface (CLI); not supported on
NAM GUI.
Real-World Usage Scenarios
So far, this document has described various considerations for NAM deployment, such as data sources, location in
the network, and hardware platforms. This section will bring those considerations together in typical usage
scenarios. Each scenario focuses on a need to be addressed (or problem to be solved). The scenario takes into
account the aforementioned deployment considerations and then uses one or more of NAM’s features to meet the
user’s need (or solve the user’s problem). The goal of these use cases is to provide real-world examples that put the