About Cisco Catalyst 8500 Series Edge Platforms
The Cisco Catalyst 8500 Series Edge Platforms are high-performance cloud edge platforms designed for accelerated services, multi-layer security, cloud-native agility, and edge intelligence to accelerate your journey to cloud.
The Cisco Catalyst 8500 Series Edge Platforms includes the following models:
-
C8500-12X4QC
-
C8500-12X
-
C8500L-8S4X
 Note |
Starting with Cisco IOS XE Amsterdam 17.3.2, with the introduction of Smart Licensing Using Policy, even if you configure a hostname for a product instance or device, only the Unique Device Identifier (UDI) is displayed. This change in the display can be observed in all licensing utilities and user interfaces where the hostname was displayed in earlier releases. It does not affect any licensing functionality. There is no workaround for this limitation. The licensing utilities and user interfaces that are affected by this limitation include only the following:
|
For more information on the features and specifications of Cisco 8500 Series Catalyst Edge Platform, refer the Cisco 8500 Series Catalyst Edge Platform datasheet
Sections in this documentation apply to all models of unless a reference to a specific model is made explicitly.
New and Changed Software Features
Note |
Starting from IOS XE 17.5, the following platforms will move to monolith packaging and therefore it will not be possible to upgrade/downgrade using separate packages:
Instead use the command install add file bootflash:<file name> activate commit command to upgrade using a single image that combines all the separate packages therefore improving the boot time. |
Note |
Starting from IOS XE 17.6, the ISSU on Cisco Catalyst 8500 Edge Platforms will migrate to an install workflow that provides step-by-step upgrade/downgrade commands. The ISSU load version commands will be deprecated and these commands include:
Additionally, dual IOSd ISSU commands and Bundle mode ISSU workflows will also be disabled. |
|
Feature |
Description |
|---|---|
| Traffic Steering by Dropping Invalid Paths | If the SR-TE Policy has no valid paths defined, the paths are dropped and traffic being steered through the policy falls back to the default (unconstrained IGP) forwarding path. Also, when a SR-TE policy carrying best-effort traffic fails, traffic is re-routed and this impacts the SLA for premium traffic.To solve this issue, if the SR-TE policy fails, the traffic in the data plane is dropped but kept in the control plane. Therefore, other SR policies, potentially carrying premium traffic, are not impacted. |
| Enabling Segment Routing Flexible Algorithm with IS-IS |
|
| View traffic counters for SR-TE policies | The existing command show segment-routing traffic-eng policy is improved to display the traffic rate on the tunnel interface. No configuration is required to enable this feature. |
|
This feature allows you to configure load balancing of outgoing traffic across all IGP ECMP paths proportionally to the interface bandwidth. |
|
|
This feature lets you configure a limit to the number of mroutes on an interface. By limiting the mroutes, you can avoid the risk of flooding the network with mroutes therefore protecting the router from resource overload and also preventing DoS attacks. |
|
|
You can now use the tunnel mpls-ip-only command to configure how the Do Not Fragment bit from the payload is copied into the tunnel packets IP header.If the Do Not Fragment bit is not set, the payload is fragmented if an IP packet exceeds the MTU set for the interface |
|
|
License Management for Smart Licensing Using Policy, Using Cisco vManage |
Cisco SD-WAN operates together with Cisco SSM to provide license management through Cisco vManage for devices operating with Cisco SD-WAN. For this you have to implement a topology where Cisco vManage is connected to CSSM. For information about this topology, see the Connected to CSSM Through a Controller, and to know how to implement it, see the Workflow for Topology: Connected to CSSM Through a Controller sections of the Smart Licensing Using Policy for Cisco Enterprise Routing Platformsguide. For more information about Cisco vManage, see the License Management for Smart Licensing Using Policy section of the Cisco SD-WAN Getting Start Guide. For a more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide. |
Feature Navigator
You can use Cisco Feature Navigator (CFN) to find information about the features, platform, and software image support on Cisco Catalyst 8500 Series Edge Platforms. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on cisco.com is not required.
Resolved and Open Bugs for Cisco IOS XE Bengaluru 17.5
Resolved Bugs for Cisco IOS XE Bengaluru 17.5
|
Caveat ID Number |
Description |
|---|---|
|
vManage rel 18.3.5 - Service Side WAN Edge VPN - can't use Optional AdvertiseOMP>Aggregate field |
|
|
SIM failover within the same modem takes long time to detect LTE network for AT&T |
|
|
dataplan crash seen at pppoe |
|
|
ASR 1000, C9800 Commit config clean up for cstate and pstate to 17.4, 17.3.2, 17.2.2: backout idle=poll |
|
|
Number of EoGRE sessions count are not matching on fugazi |
|
|
Greenday: IQDFZ profile degraded by 8% after BLD_POLARIS_DEV_LATEST_20200801_051231 |
|
|
IGMP snooping table not populated on ISR4k |
|
|
NAT session scale causes tracebacks @%HW_FLOWDB-3-HW_FLOWDB_DBLINSTALL_FEATOBJ |
|
|
License lost after "no license boot level <>" CLI followed by reset button |
|
|
Watchdog timeout due to Crypto IKMP |
|
|
AppQoe Clear Alarm is not generated from device |
|
|
cedge is sending incorrect if index values for the sub-interfaces. |
|
|
CDP on interfaces is not enabled when CDP is enabled globally on ASR Routers in controller mode |
|
|
Connected route is not imported into OMP database unless flap interface with C8KV platform |
|
|
Cisco IOS XE SD-WAN Software Privilege Escalation Vulnerability |
|
|
Observed HTX core at tcpproxy_libuinet_pkt_process during longevity test |
|
|
4451 : FTMD crash @ bfdmgr_session_get_from_record_index with traffic soak |
|
|
Recursive configuration with privilege exec level <level> show dmvpn [detail|static] |
|
|
25G license tags is retained and throughput throttled after upgrade from 17.3.1 to 17.3.2 |
|
|
C8500-12X4QC: Reload reason is not getting captured correctly after Kernal crash. |
|
|
IR1101 - WP7607 modem is changing to down state after ping to enodeB |
|
|
C1111-8P: NAT translations packet counter MIB OID counts unnecessary additional value |
|
|
App-aware policy need to be honored when queuing is not set by localized policy |
|
|
PKI http client fails to handle 1xx and 2xx responses |
|
|
BQS crash on PPPoE session churn overnight |
|
|
ASR 1000 FMANFP crashes during bootup with memory corruption |
|
|
Enable AES encryption on cEdge and encrypt umbrella and zscaler secret/password |
|
|
ASR 1000 NAT66 communication failure when change the NAT66 prefix configuration. |
|
|
The CA certificate gets deleted after reboot in Cisco Catalyst 9800-CL Cloud Wireless Controller |
|
|
IKEv1 mib statistics for Global Routing Table are incorrect if there are any IKEv2 sessions in fvrf |
|
|
Passive FTP doesn't work with NAT |
|
|
crash observed at NHRP while using summary-map |
|
|
INTRED: Crash seen on BNG+NAT setup with scaled pools and "max-entries all-host "limit being hit |
|
|
XE-SDWAN device would keep invalid IPv6 address in the tunnel to vManage and can not recover |
|
|
Crash with high netflow traffic due to %CPPHA-3-FAILURE: R0/0: cpp_ha: CPP 0 failure Stuck Thread(s) |
|
|
NAT pm entries get deleted after router reload in polaris_dev |
|
|
NBAR not able to recognize application in a capwap-tunnel |
|
|
C8300-1N1S-4T2X: QFP uCode crash @ ipv4_nat_create_out2in_session_entry with traffic soak |
|
|
APPNAV CFT Crashes |
|
|
Template attach failed with error: An element value is not correct : auto-bandwidth-detect. |
|
|
cEdge crashes due to a large packet at vesen_ipsec_v4_input_get_vctrl_data |
|
|
cEdge: NATed tuple flips for HSL deleted flow |
|
|
CPP ucode crash with fw_base_flow_create |
|
|
After reload cEdge cellular interfaces in shutdown state are brought up |
|
|
HSL Export over VASI Interface causes Netflow v9 Template Flooding |
|
|
unable to transfer 1500 byte IP packet when using BRI bundled Multilink |
|
|
crypto ikev2 proposals are not processed separately |
|
|
C8500-12X/C8500-12X4QC: Factory-reset doesn't format harddisk in 16GB/32GB/64GB variants |
|
|
crash. seen during sh plat sof sdwan fo next-hop overlay id 0xf8000090 |
|
|
DPI flow telemetry generated by IOS-XE, for some flows tunnel identifiers are missing |
|
|
Config-register IOS config CLI ignores bits corresponding to console speed w/o acknowledgment |
|
|
Dynamic Nat pool "ip aliases" are not created on the device |
|
|
Duplicate entries seen in MAC filter table. |
|
|
FlexVPN reactivate primary peer feature does not work with secondary peer tracking |
|
|
erspan classify ucode crash |
|
|
cEdge-policy: set next-hop-ipv6 is not working next-hop-ip (ipv4) is working. |
|
|
%PARSER-5-HIDDEN: Warning!!! ' resume server /connect telnet server' is a hidden command. |
|
|
ASR 1000 router is not programming correct next-hop for the destination prefix. |
|
|
C8500L-8S4X crashes when NAT sessions are removed |
|
|
IP address not correctly in SIP traffic |
|
|
Zone Based Firewall on cEdge router dropping web traffic with the reason Zone-pair without policy |
|
|
CWMP: WANIPConnection.ExternalIPAddress sent in inform instead of WANPPPConnection.ExternalIPAddress |
|
|
QFP crash due to IPv6 DNS ALG processing |
|
|
"show sdwan policy" command cause device crash |
Open Bugs for Cisco IOS XE Bengaluru 17.5
|
Caveat ID Number |
Description |
|---|---|
|
'sh plat CPU share' o/p prints incorrect percentage share values |
|
|
L3 connected lite session not coming up , stuck in data-plane(qfp) |
|
|
config-sync issue after enabling dmlog without rotation |
|
|
ASR1002-X: Punt keepalive crashed due to bqs related interrupt |
|
|
OC: unable to configure interface negotiation and speed via netconf rcp. |
|
|
ASR 1000 cpp_cp_svr crash with frequent underlay route removal and tunnel source changed every 1 second |
|
|
Crash at the moment of calculating tcp header |
|
|
Crash when issuing "show crypto isakmp peers config" |
|
|
Bias-free changes for CLI show mgcp srtp |
|
|
CP process crashed while I95 driver was adding an IPC response to the receive ring |
|
|
17.5-ASR1k-9X,6X,13RU: fsck for harddisk always fails with error Device Busy. |
|
|
ASR1001-X: Bug to further address CSCvt08179 : QFP crash due to hardware interrupt |
|
|
Port channel configuration triggers traceback |
|
|
Memory leak in ess-cgm-class |
|
|
False positive alarm: IOSXE_RP_ALARM-6-INFO: ASSERT CRITICAL Fan Tray Bay 1 Fan Tray Module Missing |
|
|
fman_rp: qos_hqf [L:1.0, N:0x3485061e18 ] (0p, 0c) download to FP failed resulting in a crash. |
|
|
Not able to remove FlowMonitor attached to intf when monitor is converted from unicast to multicast |
|
|
Tunnel: CPP crashes at IPv4 tunnel decapsulation |
|
|
IPsec crash. System couldn't resolve ipsec mapping. |
|
|
can't ping vlan with "load-balance vlan" under 17.3.2 |
|
|
ASR1001-X upgrading throughput from 5G to 20G is consuming upgrade from 2.5G to 20G license |
|
|
ASR 1000 ucode crash when sending SIP traffic to device while having a packet-trace configured |
|
|
Bias-free changes for connection trunk CLI and show command |
|
|
Memory leak in fman at the moment of getting routes |
|
|
Can't allocate MAC address for port-channel interface on C1100TG series terminal server |
|
|
REST virtual service crashes when traffic peaks and requires reload to restore |
|
|
[DMM/SLM test issue] CFM crash when using physical port, DMM/SLM doesn't work on EVC |
|
|
UDP port in IKE packets is not preserved with IKE preserve-port configured |
|
|
IKEv1 IPSec CAC (Call Admission Control) counter leak leading to %CRYPTO-4-IKE_DENY_SA_REQ |
|
|
fman_rp memory leak in acl_config_bind_v4_acl_message function. |
|
|
CWMP port mapping description is lost after CPE reload |
|
|
A router may crash when processing an NHRP packet |
|
|
ISG: IPoE subscribers QOS not installed in the hardware after churn |
|
|
%SCHED-3-THRASHING log observed after show cellular [int] drop-stats command. |
|
|
ASR 1002-X: Seeing IPSEC-3-HMAC_ERROR: IPSec SA receives HMAC error |
|
|
Crash at #12 0x00007f010f4cb9db in cpp_bqs_rm_yoda_get_flush_obj while subscriber bringup |
|
|
BQS crash seen at cpp_qm_event_proc_defer_cb |
|
|
BQS crash seen in 17.3 while bringing up 30k PPPOE sessions |
|
|
C8500-12X4QC: Traffic drops on 10G interface with large packet size 9000bytes with High priority. |
|
|
1006-X: Box rebooted due to ucode crash, with 2M CFLOW and 8K BFD sessions |
|
|
DHCP relay- cEdge does not forward DHCP Offers correctly with IPv6 UnderLay |
|
|
ASR 1000: BQS crash seen at cpp_qm_event_proc_defer_cb |
|
|
AppQoE DRE monitoring graph, shows Optimized traffic is greater than Original traffic |
|
|
tcp key chain not getting deleted from running config when it is used for SXP session bring up |
|
|
SCEP: CA server fails to rollover CA certificate with error: "Storage not accessible" |
|
|
Router may crash under ZBF configuration (cpp_cp_svr) |
ROMmon Release Requirements
Use the following table to determine the ROMmon version required for your Catalyst 8500 model:
|
DRAM |
ROMmon version |
|---|---|
|
16 GB(default) |
17.2(1r) |
|
32 GB |
17.2(1r) |
|
64 GB |
17.3(2r) |
Feedback