NAM Module (WS-SVC-NAM-2)

Unanswered Question
Apr 17th, 2008

Hi,

Has anyone had experiences using the NAM module installed on CAT 6500 ? We had installed this blade running on CAT OS version 8.3(3)


Can the module cause a spike in both memory and cpu usage or any known vulnerabilities to the switch ?



Thanks.


Joseph



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Thu, 04/17/2008 - 19:52

The NAM module runs its own operation system, so it should be mostly independent from the Supervisor. I know of no vulnerabilities introduced in CatOS by having a NAM installed.


That said, the NAM does communicate with the switch via SNMP to configure RMON collections and SPANs. RMON collections do take up memory within the switch.

Joe Clarke Thu, 04/17/2008 - 20:12

This bug was typically reported by IDSM customers. However, it would also affect switches with 6380 NAMs. The docs indicate that only the 6380 NAMs triggered the leak. However, I went through the attached service requests, and I found one case where this bug was attributed to a SVC-NAM. That said, the bug should be fixed in 8.3(3).

josephn Thu, 04/17/2008 - 22:09

Hi,

Can you provide me the bug associated with SVC-NAM ?



Thanks.


Joseph

Joe Clarke Thu, 04/17/2008 - 22:16

It was determined that the cause was the same bug you already mentioned, though the documentation in the bug did not get modified to indicate it also affects SVC-NAMs.

josephn Thu, 04/17/2008 - 23:26

Hi,

Since my CatOS switch is already on version 8.3(3) and this bug was already fixed in this version, therefore is it safe to use NAM on the switch ?



Thanks.

Joseph

Joe Clarke Thu, 04/17/2008 - 23:29

I know of no catastrophic issues with the NAM and that version of CatOS code. Of course, that's not to say none exist. If you are worried about impacting your production network, schedule downtime to install and perform initial configuration of the NAM.

josephn Thu, 04/17/2008 - 23:37

Hi,

Thanks for the clarification. For your information, I have two NAMs installed on Cat6500 swithes and both are using the same version of OS of 8.3(3). These NAMs were running for the past 3 years without any issues.


Lately, we had detected high CPU usage on one of the switch and had reported this problem to Cisco TAC recently. Cisco TAC came back with the recommendation to remove the NAM as it was found to cause memory leak based on the bug detected and moreover the bug reported was on the older model of NAM and older version of CATOS.


So, I'm kind of puzzle over the recommendation provided since we had been using NAM for quite some time without any problem.



regards,

Joseph

Joe Clarke Fri, 04/18/2008 - 07:54

I can't see why they told you this bug would affect 8.3(3). From that bug's standpoint, you should be okay.

Actions

This Discussion