NCM Config Summary page has several default pie charts that display config status.
One of these is the Overall Baseline vs Running Config Conflicts chart.
If you have DELL PowerConnect 6200 series switches that are configured for SFlow, these charts will be erroneous as the PCT6200 switches will almost always be listed in the Conflict segment.
This is due to the fact that the switch OS constantly changes the SFlow receiver timeout value from what is configured, resulting in different values being captured every time a running-config is downloaded.
This happens with PCT6200 series switches. The newer PCT7000 and N Series switches do not exhibit this problem. This is because you can use the "no timeout" option when configuring SFlow receivers on the newer switches. PCT 6000 series do not allow the "no timeout" option.
Solarwinds NCM compares the last running-config downloaded to the baseline config saved to create the summary reports.
Due to the switch OS changing the SFlow receiver timeout value, the latest downloaded running-config will always have a different value to the one in the saved baseline config. This will always show up as a changed line in a config comparison
The following screenshot is a comparison of baseline configuration (left) vs the latest running-config (right). Both are 2 days apart and exactly the same except for the highlighted changed lines.
If you cant make out the text in that screenshot, I have pasted the text below
BASELINE LATEST RUNNING-CONFIG
040 sflow 1 destination owner LAG_PBX_2 timeout 4246720872 sflow 1 destination owner LAG_PBX_2 timeout 4264655643
041 sflow 1 destination 192.168.5.145 sflow 1 destination 192.168.5.145
042 sflow 1 destination maxdatagram 1024 sflow 1 destination maxdatagram 1024
043 sflow 2 destination owner Access_Voice_Switches timeout 4246724939 sflow 2 destination owner Access_Voice_Switches timeout 4264659710
044 sflow 2 destination 192.168.5.145 sflow 2 destination 192.168.5.145
045 sflow 2 destination maxdatagram 1024 sflow 2 destination maxdatagram 1024
046 sflow 3 destination owner Uplink_EoR_Core_1 timeout 4246725046 sflow 3 destination owner Uplink_EoR_Core_1 timeout 4264659817
047 sflow 3 destination 192.168.5.145 sflow 3 destination 192.168.5.145
049 sflow 3 destination maxdatagram 1024 sflow 3 destination maxdatagram 1024
050 sflow 4 destination owner PBX timeout 4246725133 sflow 4 destination owner PBX timeout 4264659904
THE SOLUTION (not a perfect one at that, but it works)
Configure some ignore rules in the NCM Config Comparison options (found at NCM Settings > Configs > Comparison Criteria)
Configure the regular expression to ignore config lines that start with "sflow 1 destination"
^[ \t\r\n\v\f]*sflow[ \t\r\n\v\f]1[ \t\r\n\v\f]destination[ \t\r\n\v\f]
If you have more that 1 Sflow receiver, then add a few more ignore rules to ignore the additional receivers
Once you have created these modification to the Comparison Criteria, you should download new running configs for the nodes that were listed as conflicts and let the summary report run again.
As you can see the node named PBX_1 in my above screenshot is now listed in the No Conflicts section
No changed lines detected, even though the SFlow receiver timeout values are different
The more efficient solution would be to configure the Comparison Criteria to ignore lines that contain "timeout". That way you would only have one regular expression defined, instead of multiple lines. I haven't figured out that bit yet, for a lack of time.
These are some resources that helped me and may help you as well
I hope this article helps someone, if it does, you're welcome. If not . . . well thank you for reading till the end