Overview
Cisco iCAM – intelligent CAM (Content Addressable Memory) Analytics and Machine learning is a feature available on Cisco Nexus switches. It provides functionalities focused on resource monitoring and analysis for various switch functions and features like;
- ACL TCAM entries
- ACL TCAM resource utilization
- Forward information base(FIB) TCAM resource utilization
- Layer 2 Switching
- Unicast routing
- Process memory
- Shared memory
- Multicast routing
Cisco iCAM Benefits
iCAM provides resource monitoring and analytics for different functions and features on supported switches. It keeps an eye on utilization levels, when usage approaches a predefined limit (default or user defined) it raises an alert through system logs to notify the network administrator.
- Network Visibility – Improved network visibility with insights into traffic patterns, resource usage and predicting scale.
- Identify Potential Bottlenecks – Understanding the TCAM usage per feature and view of traffic & usage analytics per feature enables you to proactively plan capacity by identifying potential bottlenecks and scaling requirements.
- Prevent Outages – Reduced risk of network outages by receiving alerts on critical resource utilization levels.
- Align with Verified Scale Numbers – Verify, detect, plan, and predict your environment against Cisco-verified scale numbers or customized scale numbers threshold.
- Optimize Resource Allocation – Efficient management of switch resources by understanding per-feature hardware usage.
- Historical Analytics – iCAM’s historical traffic analytics provide valuable insights into network behavior and resource utilization. This information helps network administrators make informed decisions about network management, capacity planning, and troubleshooting
- Predicting Traffic Analytics – iCAM’s traffic prediction capability is a powerful tool for network administrators. By leveraging historical data and machine learning, it helps anticipate future traffic demands and optimize network resource allocation.
*** Beginning with Cisco NX-OS Release 9.3(5), iCAM feature is always enabled and users cannot disable the feature
*** Scale monitoring is based on two hours polling interval by default, configurable to one hour (range 1 – 24 hrs)
Configuration
iCAM core functionalities are typically enabled by default and cannot be entirely disabled. However, there are still configuration options available to customize how iCAM operates in your network.
- Setting User Defined Custom Limits – iCAM comes with default thresholds for various functions but you can adjust these to better suit your specific needs so that you will have a custom sensitivity for critical functions by lowering limits to trigger alerts sooner. Also reduce alert frequency for less critical functions by raising limits.
Nexus-1(config)# icam monitor scale vxlan bgp underlay-mcast-group limit 512- Changing the configured scale value does not alter the actual supported value of the hardware or software. The configured scale value acts as a benchmark against which iCAM compares resource utilization. By setting thresholds based on the configured scale value, you determine when iCAM triggers alerts.
- Supported Value: This is the fixed, verified limit for a particular function or resource on your specific Cisco Nexus switch hardware and software combination. These limitations are established by Cisco through rigorous testing.
- Defining Specific Features or Resources to Monitor
The following are example commands used to configure iCAM entries, resources, system for a module on the Cisco Nexus 9000 Platform switches:
Leaf-5(config)# icam monitor entries acl module module-number inst inst-number
Leaf-5(config)# icam monitor resource fib-tcam module module-number inst inst-number
Leaf-5(config)# icam monitor system
Leaf-5(config)# icam monitor system threshold info 70 warning 80 critical 90
Config example for scale monitoring
Leaf-5(config)# icam monitor scale ?
<CR>
l2-switching Layer 2 switching
multicast-routing Multicast routing
threshold Change percent threshold limit
unicast-routing Unicast routing
vxlan VxLAN
Leaf-5(config)# icam monitor scale multicast-routing routing-forwarding route-v4 limit 32000
Link to check supported features – https://www.cisco.com/c/dam/en/us/td/docs/Website/datacenter/platform/platform.html
Show Commands
By utilizing these “show” commands effectively, you can gain valuable insights into your network resource utilization, identify potential bottlenecks, and leverage historical data for proactive network management. Show commands can be used to get detailed information about entries for a specific resource type, to get insights into the utilization of TCAM (Ternary Content Addressable Memory) resources for a specific module and instance within the switch, to displays historical traffic statistics for the entries of a specific resource type, or to displays details about scale monitoring, including configured thresholds and actual utilization levels for various resources compared to Cisco-verified scale limits.
Sample show outputs
Leaf-5# show icam ?
entries TCAM Entries with result and stats
health Health status
prediction Machine learning prediction
resource TCAM Resource utilization
scale Verified scale
system System resources utilization
Leaf-5# show icam scale ?
<CR>
> Redirect it to a file
>> Redirect it to a file in append mode
history Show scale history
l2-switching Layer 2 switching
multicast-routing Multicast routing
thresholds Show thresholds statistics
unicast-routing Unicast routing
utilization Show utilization statistics
vxlan VxLAN
| Pipe command output to filter
Leaf-5# show icam scale vxlan thresholds
==================================================
Info Threshold = 80 percent (default) |
Warning Threshold = 90 percent (default) |
Critical Threshold = 100 percent (default) |
All timestamps are in UTC |
==================================================
--------------------------------------------------------------------------------
------------------------------------------------------------------
Scale Limits for VxLAN
--------------------------------------------------------------------------------
------------------------------------------------------------------
Feature Verified Config Current Info La
st Info Warning Last Warning Critical Last Critical
Scale Scale Scale Exceeded Exceede
d Timestamp Exceeded Exceeded Timestamp Exceeded Exceeded Timestamp
--------------------------------------------------------------------------------
------------------------------------------------------------------
BGP VNI 2000 2000 5 0
- 0 - 0 -
BGP SVI with Anycast GW 2000 2000 5 0
- 0 - 0 -
BGP VRF 900 900 4 0
- 0 - 0 -
BGP Mcast group 512 512 2 0
- 0 - 0 -
BGP VTEP 512 512 4 0
- 0 - 0 -
BGP MAC 64000 64000 0 0
- 0 - 0 -
BGP IPv4 host route 60000 60000 0 0
- 0 - 0 -
BGP IPv6 host route 7000 7000 0 0
- 0 - 0 -
BGP IPv4 LPM route 12000 12000 8 0
- 0 - 0 -
BGP IPv6 LPM route 7000 7000 0 0
- 0 - 0 -
BGP VLAN port VP 10000 10000 3 0
- 0 - 0 -
BGP VLAN per FEX 75 75 0 0
- 0 - 0 -
BGP IGMP group 8192 8192 0 0
- 0 - 0 -While iCAM itself doesn’t use chord diagrams, the data it collects can be used to generate chord and other visualizations that can help you understand your network resource utilization patterns.
About