Submit a ticketCall us

Quickly Address Software Vulnerabilities
Patch Manager is an intuitive patch management software which extends the capabilities of WSUS and SCCM to not only patch Windows® servers and workstations, and Microsoft® applications, but also other 3rd-party applications which are commonly exploited by hackers. Learn more about our patch management solution.

 

Home > Success Center > Netflow Traffic Analyzer (NTA) > Cisco 4500 series switches show incorrect Netflow data

Cisco 4500 series switches show incorrect Netflow data

Updated October 14, 2016

Overview

This article provides brief information on a bug found with Cisco 4500 series switches using Flexible Netflow running versions of IOS 15.2(2.1) or IOS XE 3.6(0).  The bug causes Netflow cached data counter to not clear out after the flow data has been sent out.  This can happen with random conversations and will not always be the same.

 

Confirm the bug using the Cisco Bug Search tool.

  • Cisco bug tracking numbers
    • CSCus49948
    • CSCuu89948

 

Environment

  • All NTA versions
  • Cisco Catalyst 4500 switches running on IOS 15.2(2.1) or IOS XE 3.6(0) version of software

 

Cause 

Devices running on these versions of software show a very high conversation data on all resources that include the Top Conversations resources with these devices.  

This can be confirmed by running a Wireshark capture  from the SolarWinds server that is collecting the flow data.

For example:

 

Resolution

The issue is fixed in the following releases:

Known Fixed Releases: 

  • 15.1(2)SG7
  • 15.2(2)E3
  • 15.2(2)E4
  • 15.2(3)E3
  • 15.2(4)E
  • 15.2(4)E1
  • 15.2(4)EA1
  • 15.2(4)EA2
  • 15.2(4)EA3
  • 15.2(4.0.68)E
  • 15.2(4.0.75a)E
  • 15.2(5.0.10)E
  • 3.6(3)E
  • 3.7(3)E
  • 3.8(0)E

Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.

 

 

 

Last modified
18:50, 13 Oct 2016

Tags

Classifications

Public