Q. What is the Cisco
® Cloud Services Router 1000V?
A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual form factor. It contains features of Cisco IOS
® XE and IOS XE SD-WAN Software and can run on Cisco Unified Computing System
™ (Cisco UCS
®) servers or servers from leading vendors that support VMware ESXi, Citrix XenServer, Suse KVM, Red Hat KVM, or Microsoft Hyper-V. It is also available on Amazon Web Services and Microsoft Azure cloud marketplace. The CSR 1000V IOS XE Software is also available for Google Cloud Platform.
Q. Where is the CSR 1000V deployed?
A. The CSR 1000V is intended for deployment across different points in the network where edge routing services are required. In data centers, cloud or remote branch office, the CSR1000V offers required features and throughput capabilities needed.
Q. Does the CSR 1000V support Cisco SD-WAN?
A. The IOS XE SD-WAN Software enables the CSR 1000V to dynamically route traffic across the “best” link based on up-to-the-minute application and network conditions for great application experiences. You get tight control over application performance, bandwidth usage, data privacy, and availability of your WAN links - control that you need as your branches conduct greater volumes of mission-critical business.
Q. What type of customer is the CSR 1000V intended for?
A. An enterprise can deploy the CSR 1000V in the data center to virtualize routing functions, or deploy it in a Virtual Private Cloud (VPC) or Virtual Network (VNET) to securely extend enterprise networks into the public cloud.
A cloud service provider also can purchase the CSR 1000V and offer it as a per-tenant or multitenant networking service. With the CSR 1000V, the service provider can offer end-to-end managed connectivity to its customers or tenants.
Q. What networking problems does the CSR 1000V address?
A. The multitenant, shared-infrastructure, shared-resource public-cloud environment poses networking and security problems to enterprises:
● The enterprise does not own its cloud connectivity, so cannot extend its network configuration into the cloud, potentially multi-cloud. As a result, it has to support different IP addresses and management tools in its premises and in the cloud.
● The enterprise does not enjoy the same levels of privacy and security for its cloud deployment as it does in its premises, so it has to handle inconsistent VPN and security policies and limited connection reliability.
● The enterprise cannot directly connect its distributed sites to its cloud applications, instead having to redirect all network traffic through its data center, and it cannot prioritize and optimize its traffic. This situation causes a poor user experience for its cloud-deployed IT applications.
The cloud also presents networking challenges to cloud providers:
● The current cloud network switching (VLAN) architecture is limited in scale.
● The cloud provider lacks all the components of an end-to-end managed connectivity service offering to its customers, including Quality of Service (QoS), application visibility, and Service-Level Agreements (SLAs).
Q. What are the typical uses of the Cisco CSR 1000V?
A. The typical cloud uses of the CSR 1000V include:
● Secure VPN gateway: The CSR 1000V offers route-based IP Security (IPsec) VPNs (Dynamic Multipoint VPN [DMVPN], Easy VPN, and FlexVPN), along with the Cisco IOS Zone-Based Firewall (ZBFW) and access control, enabling an enterprise to securely connect distributed sites directly to its cloud deployment.
● Multiprotocol Label Switching (MPLS) endpoint: The CSR 1000V can serve as an MPLS customer-edge or provider-edge router that allows a service provider to offer a customer end-to-end managed connectivity with performance guarantees. Also, by extending the MPLS WAN deeper into the cloud network, the service provider can increase network scale, serving more tenants and more networks per tenant.
● Network extension: The CSR 1000V offers features such as Network Address Translation (NAT) and Locator/ID Separation Protocol (LISP) that help an enterprise maintain addressing consistency across premises and cloud as it moves applications back and forth or bursts compute capacity into the cloud. The Overlay Transport Virtualization (OTV) and Virtual Private LAN Service (VPLS) features of the CSR 1000V enable an enterprise to extend VLAN segments from its data center into the cloud for server backup, disaster recovery, and compute scale.
● Network control point: The CSR 1000V can redirect traffic to Cisco Virtual Wide Area Application Services (vWAAS) appliances deployed in the cloud. It also offers integrated networking services such as the Cisco IOS ZBFW, Hot Standby Router Protocol (HSRP), QoS, Application Visibility and Control (AVC), and Application Performance Monitoring. These features help a cloud tenant receive a comprehensive networking experience.
● Virtual Extensible LAN (VXLAN) gateway: VXLAN supports millions of network identifiers, and allows service providers to deploy a greatly increased number of tenants on their existing infrastructure. The CSR 1000V can be deployed as a single-tenant VXLAN gateway, allowing tenants to enjoy their own dedicated VXLAN gateway node. It can also be deployed in a more cost-effective manner as a multitenant VXLAN gateway node, terminating Cisco Virtual Networking Indexes (VNIs) for a large number of tenants with a single CSR 1000V instance.
● Extend the SD-WAN overlay to the public cloud: Hybrid cloud is now the new norm for enterprises. With hybrid cloud, certain enterprise workloads remain within the boundaries of the private data centers, while others are hosted in the public cloud environments, such as Amazon Web Services (AWS) and Microsoft Azure. This approach provides enterprises with the utmost flexibility in consuming compute infrastructure as required.
With the Cisco Software-Defined WAN (SD-WAN) solution, you can extend ubiquitous connectivity, zero-trust security, end-to-end segmentation, and application-aware Quality-of-Service (QoS) policies of the organizational WAN into the Infrastructure-as-a- Service (IaaS) public cloud environments.
The transport-independent nature of the Cisco SD-WAN solution allows use of a variety of connectivity methods in the active-active fashion by securely extending SD-WAN fabric into the public cloud environment across all underlying transport networks. These include Multiprotocol Label Switching (MPLS), broadband, 3G/4G LTE, satellite, and point-to-point links.
With the traffic segmentation policies, you can create multiple VPNs on top of a single fabric to functionally segregate different types of traffic between the private and public cloud environments. This behavior results in the end-to-end segregation. Application-aware topologies and intelligent selection of the best performing path toward the public cloud, in accordance with desired Service Level Agreements (SLAs), help ensure optimal overall Quality of Service (QoS).
Q. What makes the Cisco CSR 1000V unique?
A. Built on the same proven Cisco IOS Software platform that is inside the Cisco Integrated Services Router (ISR) and Aggregation Services Router (ASR) product families, the CSR 1000V offers a rich set of features: routing, VPN, firewall, NAT, QoS, application visibility, failover, and WAN optimization.
These functions empower enterprises and cloud providers to build highly secure, optimized, scalable, and consistent hybrid networks. The CSR 1000V also offers the same Cisco IOS Command- Line Interface (CLI) and supports the same Cisco IOS Software management tools as the ISRs and ASRs, allowing for unified network management. The CSR 1000V is the only virtualized router that combines the networking quality demanded by enterprises with the flexibility benefits offered by virtualization.
The IOS XE SD-WAN Software for CSR 1000V enables SD-WAN capabilities in a virtualized form factor.
Q. Which virtualization platforms can the Cisco CSR 1000V run on?
A. The CSR 1000V supports the following virtualization platforms:
● VMware ESXi 6.5 update 1
● Citrix XenServer 6.5
● Red Hat KVM (Red Hat Enterprise Linux 7.4)
● KVM on Ubuntu 14.04 LTS
● KVM on Suse 12-SP3
● Microsoft Hyper-V for Windows Server 2016
● Amazon Machine Image on Amazon Web Services
● Microsoft Azure D-Series VM types
● Google Cloud Platform on N1 machine types
Q. Which servers can the Cisco CSR 1000V run on?
A. The CSR 1000V can run on Cisco UCS servers as well as servers from vendors that support VMware ESXi, Citrix XenServer, Red Hat KVM, Ubuntu KVM, or Microsoft Hyper-V, on the Amazon EC2 cloud, Microsoft Azure D-Series VM types and Google Cloud Platform N1 machine types.
The server must support at least the following:
● Intel Nehalem or AMD Barcelona CPU with clock frequency 2.0 GHz
● Gigabit Ethernet interfaces
Q. What minimum resources does the CSR 1000V need from the underlying server?
A. The CSR 1000V requires the following from the virtualized server hardware:
● CPU: 1 to 8 virtual CPUs (depending on the throughput and feature set)
● Memory: 4 to 16 GB (depending on the throughput and feature set)
● Disk space: 8 GB
● Ethernet network interfaces: Two or more virtual Network Interface Cards (vNICs), up to the maximum allowed by the hypervisor
Q. Which Cisco IOS Software version runs in the CSR 1000V?
A. The CSR 1000V runs Cisco IOS XE Software and Cisco XE SD-WAN Software
Q. Which Cisco IOS XE Software features does the CSR 1000V support?
A. The CSR 1000V supports the following Cisco IOS XE Software features:
● Routing: Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), Policy-Based Routing, IPv6, Virtual Route Forwarding Lite (VRF-Lite), Multicast, LISP, and Generic Routing Encapsulation (GRE)
● Addressing: Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), NAT, 802.1Q VLAN, Ethernet Virtual Connection (EVC), and VXLAN
● VPN: IPsec VPN, DMVPN, Easy VPN, and FlexVPN
● MPLS: MPLS VPN, VRF, and Bidirectional Forwarding Detection (BFD)
● Security: Cisco IOS ZBFW; Access Control List (ACL); Authentication, Authorization, and Accounting (AAA); RADIUS; and TACACS+
● High availability: Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), Gateway Load Balancing Protocol (GLBP), and box-to-box high availability for ZBFW and NAT
● Traffic redirection: AppNav (to Cisco Virtual Wide Area Application Services [vWAAS]) and Web Cache Communication Protocol (WCCP)
● Application visibility, performance monitoring, and control: QoS, AVC, and IP Service-Level Agreement (SLA)
● Hybrid cloud connectivity: LISP, OTV, VPLS, and Ethernet over MPLS (EoMPLS)
● Management: CLI, Secure Shell (SSH) Protocol, NetFlow, Simple Network Management Protocol (SNMP), and Embedded Event Manager (EEM), as well as NETCONF, RESTCONF, and RESTful APIs
● Network Functions Virtualization (NFV): Virtual Broadband Network Gateway (vBNG), virtual Intelligent Services Gateway (vISG), and virtual Route Reflector (vRR)
Q. Which Cisco IOS XE SD-WAN Software features does the CSR 1000V support?
Q. How can I deploy the CSR 1000V?
After you deploy a Cisco CSR 1000V, you can convert the CSR 1000V virtual machine into a template, from which you can create and customize other virtual machines, or clone multiple instances of the virtual machine.
You can also deploy CSR 1000V directly on Amazon Web Services (AWS) or Microsoft Azure via the cloud provider marketplace.
AWS:
Azure:
GCP:
Please contact ask-csr-gcp-pm@cisco.com to get access to CSR image.
Q. Does the Cisco CSR 1000V support virtual machine-level high availability?
A. It supports VMware high-availability features, including vMotion and the Disaster Recovery System (DRS).
Q. How can I purchase the CSR 1000V?
A. You can purchase the CSR 1000V directly from Cisco or from a partner. The CSR 1000V is licensed based on a combination of throughput and feature set, and you can purchase it for a term of 1 or 3 years, or perpetual.
The Cisco IOS XE Software of the CSR 1000V offers numerous throughput options: 10, 50, 100, 250, and 500 Mbps, and 1, 4, 5, and 10 Gbps. Upon activation of a particular option, the CSR 1000V limits its aggregate bidirectional throughput to that option.
The Cisco CSR 1000V comes in four technology packages or feature sets:
● IP Base: Includes routing, addressing, basic security (ACL and AAA), high availability, and management features
● Security: Includes IP Base features plus advanced security (ZBFW, IPsec, and route-based VPNs) features
● AppX: Includes security features plus advanced networking, application experience, and hybrid-cloud connectivity features
● AX: Includes all available features
After you purchase a PAK-based license, you will receive a Product Activation Key (PAK). You must provide the PAK to a Cisco License Server along with a unique device identifier (which is generated when the CSR 1000V virtual machine boots up) in order for the server to generate a license file for the CSR 1000V. You then must install and activate the license file in the CSR 1000V.
In the case of a purchased Smart License, the license is deposited into your smart account and you must configure the CSR to consume the available license. Internet connectivity is required form the CSR, or a Smart Satellite server can be used in cases of air-gapped networks.
Q. Can I move CSR 1000V license from one cloud to another cloud?
A. Yes, if you use BYOL (Bring Your Own License). CSR 1000V license is portable across environments including private cloud and public cloud. For example, you can transfer the license of CSR 1000V running on ESXi to the CSR 1000V running in AWS.
Q. What is the performance of the CSR 1000V?
A. The CSR 1000V is intended for use in a multitenant cloud, where the bandwidth expectations range from 10 Mbps to 10 Gbps.
The Cisco IOS XE Software of the CSR 1000V supports up to 10 Gbps of throughput. The performance of the CSR 1000V is rate-limited based on the CSR 1000V license you purchase. Upon activation of the license, the CSR 1000V limits its aggregate bidirectional throughput to the throughput specified by the license. Future releases of the CSR 1000V will offer higher throughput licenses.
On public clouds, CSR 1000V’s performance varies on different instance types.
Q. What are the resource requirements per CSR 1000V license?
A. Table 1 specifies the server resource requirements per license.
Table 1. Server Resource Requirements per License
| Throughput |
Technology package |
| |
IP Base |
Security |
AppX |
AX |
| 10 Mbps |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
| 50 Mbps |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
| 100 Mbps |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
| 250 Mbps |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
| 500 Mbps |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
| 1 Gbps |
1 vCPU/4 GB |
1 vCPU/4 GB |
1 vCPU/4 GB |
2 vCPU/4 GB |
| 2.5 Gbps |
1 vCPU/4 GB |
4 vCPU/4 GB |
4 vCPU/4 GB |
4 vCPU/4 GB |
| 5 Gbps |
1 vCPU/4 GB |
8 vCPU/4 GB |
8 vCPU/4 GB |
8 vCPU/4 GB |
| 10 Gbps |
2 vCPU/4 GB |
Not supported |
Not supported |
Not supported |
Q. How can I manage the CSR 1000V?
A. When the CSR 1000V is operational, you can provision its networking and security features using SSH or Telnet to access the Cisco IOS CLI. The CSR 1000V is also manageable by the Cisco Prime
® Infrastructure, the Cisco network-management tool that manages Cisco IOS Software devices, including ISRs and ASRs. Starting with Cisco IOS XE Software Release 3.10 and later, the CSR 1000V offers RESTful APIs for selected Cisco IOS XE Software features, making it possible for service providers to automate CSR deployment and management through common orchestration tools or self-service portals. For monitoring and troubleshooting, the CSR 1000V supports SNMP, syslog, and IP SLAs. Starting in 16.4.1 and later, the CSR 1000V offers NETCONF API to configure services using the YANG data model scripts supported by Cisco Network Services Orchestrator (NSO), and also supports RESTCONF API.
The Cisco IOS XE SD-WAN Software provides simplicity of management from the cloud with Cisco vManage.
Q. Can I deploy the CSR 1000V in the Amazon (AWS) or Microsoft (Azure) clouds?
A. Starting with Cisco IOS XE Software Release 3.11 and later, the AMI version of the CSR 1000V is available on the AWS Marketplace catalog. Microsoft Azure is supported starting with Cisco IOS XE 3.16.4.
Q. Can I deploy the CSR 1000V in the Google Cloud Platform?
A. Starting with Cisco IOS XE Software Release 16.9.1, CSR 1000V is available for GCP deployments. Please contact
ask-csr-gcp-pm@cisco.com
Q. Is the CSR 1000V related to the Cisco Nexus
® 1000V Series Switches?
A. No. The Cisco CSR 1000V can run on a VMware ESXi hypervisor that contains the Cisco Nexus 1000V or a standard virtual switch, such as a VMware vSwitch.
Q. Is the Cisco CSR 1000V similar to the Cisco ASR 1000 Series or Cisco ISR products?
A. The CSR 1000V is a Cisco IOS Software networking product like the ASR 1000 Series and ISR. Each product serves a specific purpose:
● The Cisco ASR 1000 Series is deployed primarily in data centers and campuses, the Cisco ISR is intended primarily for branch offices, and the Cisco CSR 1000V goes into VPCs. The three products complement each other.
● The feature set of the CSR 1000V supports VPC networking needs. The CSR 1000V offers only selected Cisco IOS XE Software and Cisco IOS XE SD-WAN Software features based on the cloud uses of the product.
● The virtual form factor of the CSR 1000V makes it ideal for VPC deployments where flexibility and agility are highly desired. The Cisco ASRs and ISRs are ideally suited for data centers and branch offices where hardware-based performance and reliability are required to support demanding data, voice, and video networking services. Whereas the ISRs and ASRs are purpose-built networking devices with highly optimized performance, the Cisco CSR 1000V runs on general-purpose server hardware and shares resources with other applications running on the same hardware.
Q. What VXLAN control-plane types are supported?
A. The Cisco CSR 1000V IOS XE Software supports BGP EVPN VXLAN L3 as control plane, as well as both multicast and unicast modes for management of VXLAN Tunnel Endpoint (VTEP) nodes.
Feedback