The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
◦
Introduction
Visibility into application traffic is important for infrastructure operations to maintain security and compliance, and to perform resource planning and troubleshooting. With the technological advances and growth in cloud-based applications, it has become imperative to gain increased visibility into the network traffic. Traditional approaches to gain visibility into network traffic are expensive and rigid, making it difficult for managers of large-scale deployments.
Cisco Nexus Dashboard Data Broker with Cisco Nexus Switches provides a software-defined, programmable solution to aggregate copies of network traffic using SPAN or network taps for monitoring and visibility. As opposed to traditional network taps and monitoring solutions, this packet-brokering approach offers a simple, scalable and cost-effective solution well-suited for customers who need to monitor higher-volume and business-critical traffic for efficient use of security, compliance, and application performance monitoring tools.
Cisco Nexus Dashboard Data Broker also provides a software-defined, programmable solution to perform inline inspection of the network traffic for monitoring and visibility purpose. Inline traffic inspection is performed on specific traffic by redirecting it through multiple security tools before it enters or exits a network.
Note: The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.
Date |
Description |
November 12, 2024 |
Updated the Supported APIC Versions table with APIC version 5.3(2c). |
November 4, 2024 |
Updated the Interoperability Matrix table to indicate support for NX-OS releases, 10.3(6), 10.4(1), and 10.4(4). |
April 10, 2024 |
Added CSCwj65375 to the Open Issues list. |
January 30, 2024 |
Updated the Supported APIC Versions table to indicate support for APIC version 5.2(6e). |
December 19, 2023 |
Added CSCwi50734 to the Open Issues list. |
November 23, 2023 |
Updated the Interoperability Matrix table to indicate support for NX-OS releases, 9.3(12) and 10.2(6). |
October 31, 2023 |
Updated the Compatibility Matrix table to indicate support for Nexus C9332D-GX2B and C93180YC-FX3 switches. |
September 26, 2023 |
Release 3.10.4 became available. |
The list of new features for Cisco Nexus Dashboard Data Broker, Release 3.10.4 is here.
Product Impact |
Feature |
Description |
Base Functionailty |
Preferred Primary Node in a Cluster |
While configuring a cluster, the first node in the list of supernodes in the config.ini file is considered as the primary node of the cluster. For more information, see the Logging in and Managing chapter of the Nexus Dashboard Data Broker configuration guide. |
Standby Node in a Cluster |
While configuring a cluster, you can add a fourth node as a standby node in the config.ini file. This node comes into play only when two nodes of the cluster are down. For more information, see the Logging in and Managing chapter of the Nexus Dashboard Data Broker configuration guide. |
|
Refresh Fabric button addition |
To fetch the latest ACI fabric details, the Refresh Fabric button has been introduced. This is available while you are configuring the span sessions and the input ports. For details, see the Components chapter of the the Nexus Dashboard Data Broker configuration guide. |
|
Ease of Use |
Modified button for Edit Screens |
All the Edit screens have been modified to display the Save button after you have edited a parameter. As this change is applicable for all Edit screens, updates are across all the chapters of the Nexus Dashboard Data Broker configuration guide. |
Issues
Cisco Bug Search Help Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.Use the Bug Search Tool to search for a specific bug or to search for all bugs in a release.
This section includes the following topics:
● Open Issues
● Resolved Issues
● Known Issues
Open Issues
Open Issues for Cisco Nexus Dashboard Data Broker.
Bug ID |
Description |
Exists In |
Port Channel Configuration is not getting exported. |
3.9.0 and above |
|
Port-channel operations on ISL links results in failure of Link discovery. |
3.9.0 and above |
|
Auto-priority connection with intersecting port range filters not working. |
3.10.0 and above |
|
A NDB shouldn't use "session manager" way for MPLS ACLs configuration. |
3.10.0 and above |
|
Direction change should be supported while editing span session. |
3.8.0 and above |
|
NDB reprograms ISL ACL/ACEs without any flag enabled. |
3.10.0 and above |
|
ISL portchannel is attached with port and global acl after upgrade from 3.7 to 3.10.1. |
3.10.1 and above |
|
RMA of device is not getting successful on upgraded setup. |
3.10.1 and above |
|
Not able to add a device to NDB with "ip server-name" CLI configured under vrf on the switch. |
3.10.4 |
|
Adding DNAC to NDB controller fails in release 3.10.4. |
3.10.4 |
Resolved Issues
Resolved Issues for Cisco Nexus Dashboard Data Broker.
Bug ID |
Description |
Resolved In |
LLDP Neighbors not coming up. |
3.10.4 |
|
N9k with NDB 3.10.3 - [CVE-2023-26049, CVE-2023-26048]vulnerability found on port 8443. |
3.10.4 |
|
Upgrade and reconfiguration to solve the data merge problem. |
3.10.4 |
|
Port descriptions should not be removed while configuring ports via NDB GUI. |
3.10.4 |
|
Reset/Recover Admin password without NDB restart via CLI. |
3.10.4 |
|
Don't let the member start or become primary if primary is started with keys and certificates. |
3.10.4 |
|
Connection moving to 'not installed' state if devices are not connected/reachable from NDB. |
3.10.4 |
|
Two node cluster should not be supported. |
3.10.4 |
Known Issues (NX-OS)
Bug ID |
Description |
Exists In |
NDB Limitation: Can't match MAC address in IP packet, it will hit deny any any in IP ACLs. |
9.2.1 and above |
|
IP ACL with UDF match removes internal VLAN tag in Cisco NX-OS Release 9.3(2). - Fixed in 9.3(3). |
9.3.2 |
|
Re-direct STP, CDP packets similar to LLDP port for OpenFlow. |
7.0.3 and above |
|
Not seeing timestamptag on interface after configuring the cmds on C9504 platform in nxos 9.3.7. |
9.3.7 |
Guidelines and Limitations
This section lists the guidelines and limitations for Cisco Nexus Dashboard Data Broker:
Specific for Release 3.10.4
● Support for 3-node clusters only.
● Upgrade from Nexus Data Broker, Release 3.9.2, to Nexus Dashboard Data Broker, Release 3.10.4, is not supported.
● Communication between the Nexus Dashboard Data Broker controller and devices using OpenFlow is not supported.
General
● A Cisco Nexus Dashboard Data Broker instance can support only the NX-API configuration mode.
● By default, the Nexus Dashboard Data Broker cluster URL is https://<IP_address>:8443
● The switchport mode trunk and spanning-tree bpdufilter enable command should be enabled for all switch ports on all Cisco Nexus Dashboard Data Broker managed switches.
● Cisco Nexus switches managed by Cisco Nexus Dashboard Data Broker in NX-API mode must have LLDP feature enabled. Disabling LLDP may cause inconsistencies and require switch rediscovery for NX-API switches.
● For secured communication between Cisco Nexus Dashboard Data Broker and switch through HTTPS, start the Cisco Nexus Dashboard Data Broker in TLS mode for the first time only. Subsequent restarts does not require TLS mode.
For more details, see Cisco Nexus Dashboard Data Broker Configuration Guide.
● The TLS KeyStore and TrustStore passwords are sent to the Cisco Nexus Dashboard Data Broker so it can read the password-protected TLS KeyStore and TrustStore files only through HTTPS
./ndb config-keystore-passwords [--user {user} --password {password} --url {url} –verbose --prompt --keystore-password {key-store_password} --truststore-password {truststore_password}
● Cisco Nexus 92xx series switches do not support Q-in-Q; you cannot use this switch in a multi-switch environment.
● Dry Run feature is disabled by default. To enable this feature, see the Configuration Guide.
● TACACS can be configured on data broker devices for authentication , authorization and accounting. Accounting can be enabled only for configuration commands, not for show commands.
Compatibility Matrix
The following table lists the compatibility information for Cisco Nexus Dashboard Data Broker, Release 3.10.4.
Device |
Minimum Cisco Nexus Dashboard Data Broker Version |
Supported Use Case |
Cisco Nexus 3000 Series Switch Cisco Nexus 3100 Series Switch Cisco Nexus 3200 Series Switch Cisco Nexus 3164Q Series Switch |
3.0 or later |
Tap/SPAN aggregation |
Cisco Nexus 31100 Series Switch |
3.7 or later |
Tap/SPAN aggregation |
Cisco Nexus 9200 Series Switch |
3.1 or later |
Tap/SPAN aggregation |
Cisco Nexus 9300 Series Switch |
3.0 or later |
Tap/SPAN aggregation |
Cisco Nexus 9300-EX Series Switch |
3.1 or later |
Tap/SPAN aggregation |
Cisco Nexus 9300-FX Series Switch |
3.5 or later |
Tap/SPAN aggregation |
Cisco Nexus 9300-FX2 Series Switch |
3.7 or later |
Tap/SPAN aggregation |
Cisco Nexus 9300-FX3 Series Switch
● C93180YC-FX3
|
3.10.2 or later |
Tap/SPAN aggregation |
Cisco Nexus 9300-GX Series Switch |
3.10 or later |
Tap/SPAN aggregation |
Cisco Nexus C9332D-GX2B Switch |
3.10.2 or later |
Tap/SPAN aggregation |
Cisco Nexus 9332C Switch Cisco Nexus 9364C Switch |
3.8 or later |
Tap/SPAN aggregation |
Cisco Nexus 9500 Series Switch – 9504, 9508, 9516 Supported Modules:
● N9K-X97160YC-EX
● N9K-X9732C-EX
● N9K-X9732C-FX
● N9K-X9736C-EX
● N9K-X9736C-FX
● N9K-X9788TC-FX
|
3.5 or later |
Tap/SPAN aggregation |
Interoperability Matrix
The following table lists the hardware and software interoperability matrix for Cisco Nexus Dashboard Data Broker, Release 3.10.4.
Implementation Type: NX-API
Supported NX-OS Versions |
|
Cisco Nexus 3000 Series Switch1 – 3048, 3064 |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9). |
Cisco Nexus 3100 Series Switch1 – 3132C-Z, 3172, 3164, 3164Q |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9). |
Cisco Nexus 3200 Series Switch1 – 3232 |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 9.3(12). Note: NX-OS release 9.3(12) is supported only on 3232C. |
Cisco Nexus 31100 Series Switch1 |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9). Note: NX-OS release 9.3(10), 9.3(12), is supported on 31108PCV. |
Cisco Nexus 9200 Series Switch - C92304QC1, C92160YC Note: Cisco Nexus 9200 Series switches support only one switch deployment. |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5), 9.3(7), 9.3(7a), 9.3(8), 9.3(9),10.1(2), 10.2(2). |
Cisco Nexus 9300 Series Switch - C93128TX1, C9396TX1 |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5) ,9.3(7), 9.3(7a), 9.3(8), 9.3(9),10.1(2), 10.2(2). |
Cisco Nexus 9300-EX Series Switch - C93180LC-EX1, C93180YC-EX, C93108TC-EX |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5) ,9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 9.3(12), 10.1(2), 10.2(2), 10.2(3), 10.2(4), 10.2(5), 10.2(6), 10.3(2), 10.3(3). Note: NX-OS Releases, 9.3(10), 9.3(12), 10.2(4), 10.2(5), 10.2(6), 10.3(2), 10.3(3) are supported only on C93108TC-EX. |
Cisco Nexus 9300-FX Series Switch - C93108TC-FX, C93180YC-FX |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5) 9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 10.1(2), 10.2(2), 10.2(3), 10.2(4), 10.2(5), 10.3(1), 10.3(2), 10.3(3), 10.3(6), 10.4(1), 10.4(4). Note: NX-OS Releases, 9.3(10), 10.2(4), 10.2(5), 10.3(1), 10.3(2), 10.3(3) are supported only on C93108TC-FX. |
Cisco Nexus 9300-FX2 Series Switch - N9K-9336C-FX2, 93240YC-FX2 |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5) ,9.3(7), 9.3(7a), 9.3(8), 9.3(9), 10.1(2), 10.2(2), 10.2(3), 10.3(6), 10.4(1), 10.4(4). |
Cisco Nexus 9300-FX2 Series Switch - C93360YC-FX2 |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5) ,9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 9.3(12), 10.1(2), 10.2(2), 10.2(3), 10.2(4), 10.2(5), 10.2(6), 10.3(1), 10.3(2), 10.3(3), 10.3(6), 10.4(1), 10.4(4). |
Cisco Nexus 9300-FX3 Series Switch - C93180YC-FX3 |
9.3(10), 9.3(12), 10.2(4), 10.2(5), 10.2(6), 10.3(1), 10.3(2), 10.3(3), 10.3(6), 10.4(1), 10.4(4). |
Cisco Nexus 9300-GX Series Switch - 9364C-GX,9316D-GX |
9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9), 10.1(2), 10.2(2), 10.2(3), 10.3(2). Note: NX-OS Release 10.3(2) is supported only on 9364C-GX. |
Cisco Nexus 9300-GX Series Switch - 93600CD-GX |
9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 9.3(12), 10.1(2), 10.2(2), 10.2(3), 10.2(4), 10.2(5), 10.2(6), 10.3(2), 10.3(3), 10.3(6), 10.4(1), 10.4(4). |
Cisco Nexus 9332C Switch |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 9.3(12), 10.1(2), 10.2(2), 10.2(3), 10.2(4), 10.2(5), 10.2(6), 10.3(1), 10.3(2), 10.3(3). |
Cisco Nexus 9364C Switch |
9.3(1), 9.3(2),9.3(3),9.3(4),9.3(5),9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 9.3(12), 10.1(2), 10.2(2), 10.2(3), 10.2(4), 10.2(5), 10.2(6), 10.3(2), 10.3(3). |
Cisco Nexus C9332D-GX2B Switch |
9.3(10), 10.2(4), 10.2(5), 10.2(6), 10.3(1), 10.3(2), 10.3(3), 10.3(6), 10.4(1), 10.4(4). |
Cisco Nexus 9500 Series Switch Supported Modules: • N9K-X9464TX |
9.3(1), 9.3(2), 9.3(7), 9.3(7a), 9.3(8), 9.3(9), 9.3(10), 9.3(12), 10.1(2), 10.2(2), 10.2(3). 10.2(4), 10.2(5), 10.2(6), 10.3(2), 10.3(3). Note: NX-OS Releases 9.3(10), 9.3(12), 10.2(4), 10.2(5), 10.2(6), 10.3(2), 10.3(3) are supported only on 9504. |
Cisco Nexus 9500-EX Series Switch Supported Modules: • N9K-X97160YC-EX • N9K-X9732C-EX |
9.3(1), 9.3(2), 9.3(7), 9.3(7a), 9.3(8), 9.3(9), 10.1(2), 10.2(2), 10.2(3). |
Cisco Nexus 9500-FX Series Switch Supported Modules: • N9K-X9732C-FX |
9.3(1), 9.3(2), 9.3(7), 9.3(7a), 9.3(8), 9.3(9), 10.1(2), 10.2(2), 10.2(3), 10.3(6), 10.4(1), 10.4(4). |
1- NX-OS Release 10.x(x) is not supported on these platforms.
Supported APIC Versions
The table displays the supported APIC versions.
APIC Version |
Minimum Cisco Nexus Dashboard Data Broker Version |
Supported Deployment Mode |
5.2(4d),5.2(4e), 5.2(6e), 5.3(2c) |
3.10.4 |
Centralized |
Verified Scalability Limits
The table displays the supported verified scalability limits.
Description |
Small |
Medium |
Large |
Number of switches used for TAP and SPAN aggegation |
25 |
50 |
75 - 100 |
Documentation Feedback
To provide technical feedback on this document, or to report an error or omission, send your comments to ciscodcnapps-docfeedback@cisco.com. We appreciate your feedback.
Legal Information
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2024 Cisco Systems, Inc. All rights reserved.