Cisco Embedded Service 6300 Series Software Configuration Guide
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Installing software on the router involves installing a consolidated package (bootable image). This consists of a bundle of
subpackages (modular software units), with each subpackage controlling a different set of functions.
These are the two main methods to install the software:
Managing and Configuring a Router to Run Using Consolidated Packages —This method allows for individual upgrade of subpackages
and generally has reduced boot times compared to the method below. Use this method if you want to individually upgrade a module's
software.
Managing and Configuring a Router to Run Using Individual Packages —This simple method is similar to a typical Cisco router
image installation and management that is supported across Cisco routers.
It is better to upgrade software in a planned period of maintenance when an interruption in service is acceptable. The router
needs to be rebooted for a software upgrade to take effect.
There are different types of licenses for the device that are discussed in the next sections.
Licensing
This section contains the following:
Cisco Software Licensing
Cisco software licensing consists of processes and components to activate Cisco IOS software feature sets by obtaining and
validating Cisco software licenses.
You can enable licensed features and store license files in the bootflash of your router. Licenses pertain to consolidated
packages, technology packages, or individual features.
The ESR6300 does not support the Right to Use licenses, and supports only the Specific License Reservation (SLR)
All of the IOS-XE feature set may not apply to the ESR6300. Some features may not have been implemented yet, or are not appropriate
for this platform.
An image-based license is used to help bring up all the subsystems that correspond to a license. This license is enforced
only at boot time.
One of the following image-based licenses can be pre-installed on the ESR6300 router:
Network-Essentials
Network-Advantage
HSecK9
To configure the license level, for example the network-advantage, use the following CLI:
Router#config terminal
Router(config)#license boot level network-advantage
Do you want to accept terms? Y
Note
Network-Essentials and Network-Advantage licenses are mutually exclusive. To configure one, remove the other using no license boot level <> option in the privileged exec mode. The router will need to be reloaded for the configuration to take effect.
License Installation on the ESR6300
The ESR6300 license consists of two required parts:
Feature License
Throughput License
The feature license is either Network-Essentials or Network-Advantage. The throughput license can be either 50Mbps, 250Mbps
or 2Gbps.
Note
For the 2Gbps throughput level, an additional feature license, HSECk9 is required to comply with export restriction requirements.
Network-Essentials
The Network-Essentials technology package includes the baseline features. It also supports security features.
Features that are available in this license are:
Traffic segmentation (VPN, VRF, VLAN)
Crypto Tunnels
IPSec
IKEv2
SSL-VPN
DHCP
QoS
ACL
EIGRP
IGMP
HTTP
IP Multicast
Radius
TACACS
OSPF
RIP
HSRP
The PIDs for the different levels of throughput for the Network-Essentials license are as follows.
SL-6300-NE/DEF-K9 - Has a throughput level of 50Mbps.
SL-6300-NE/PERF-K9 - Has a throughput level of 250Mbps
SL-6300-NE/BOOS-K9 - Has a boosted throughput level of 2Gbps
The Network-Essentials_npe technology package (npe = No Payload Encryption) includes all the features in the Network-Essentials technology package without
the payload encryption functionality. This is to fulfill export restriction requirements. The Network-Essentials_npe is available
only in the Network-Essentials_npe image. The difference in features between the Network-Essentials package and the Network-Essentials_npe
package is therefore the set of payload encryption features such as IPsec and Secure VPN.
Network-Advantage
The Network-Advantage technology package includes all crypto features.
The Network-Advantage license contains all of the features of the Network-Essentials license, plus the following.
MPLS
BFD
RSVP
RSRB
SDLC
IP SLA
STUN
TCP optimization
App-aware QoS policies and troubleshooting
The PIDs for the different levels of throughput for the Network-Advantage license are as follows.
SL-6300-NA/DEF-K9 - Has a throughput level of 50Mbps.
SL-6300-NA/PERF-K9 - Has a throughput level of 250Mbps
SL-6300-NA/BOOS-K9 - Has a boosted throughput level of 2Gbps
The Network-Advantage_npe package (npe = No Payload Encryption) includes all the features in the Network-Advantage technology package without the payload-encryption functionality. This is to fulfill export restriction requirements. The
Network-Advantage_npe package is available only in the Network-Advantage_npe image. The difference in features between the Network-Advantage package and the Network-Advantage_npe package is therefore the set of payload-encryption-enabling features such as IPsec and Secure VPN.
Feature Support Caveats
The following features are not supported on the ESR6300:
No support for MacSec or DLEP in the release.(MQC: modular quality of service command line).
Layer2 COS to DSCP mapping does not work due to no ASIC chipset support for the feature.
Copper FE SFPs are not supported on ESR6300.
Copper GE SFPs are only supported in config terminal > service internal > service unsupported-transceiver mode.
Cisco does not claim IP Mobility for Ethernet support on the ESR6300.
Auto-negotiation for 10Mbps, 100Mbps, 1000Mbps in full-duplex mode is supported. For half duplex, support is only on 10Mbps
and 100Mbps.
Booting the golden configuration from a USB is NOT supported in 17.1.1, however it is available in 17.2.1.
Refer to the Cisco approved vendor list [AVL] for Cisco USBs. Kingston USB 3.0 works as well. Ensure the USB has a single
partition and ext2, fat16 or fat32 format only.
There is no WebUI support for Day 0 or Day 1
For Security: No support for TLS, TrustSec, MacSec , CWS [Cloud Web Security], IDS/IPS.
How to Install the Software for Cisco IOS XE
To install the software, use one of the following methods to use the software from a consolidated package or an individual
package. Also see Overview section.
Managing and Configuring a Router to Run Using a Consolidated Package section
Managing and Configuring a Router to Run Using Individual Packages section
Configuring a Router to Boot the Consolidated Package via TFTP Using the boot Command: Example
section
The device can be booted from a number of different resources, which can be found by using the following command:
Router(config)#boot config ?
bootflash: URL of the config file
flash: URL of the config file
nvram: URL of the config file
usbflash0: URL of the config file
webui: URL of the config file
The following is an example of booting from a config file from flash:
Router(config)#boot config flash0:startup-config
Starting with IOS-XE Release 17.2.1, support has been added for booting from the USB.
The environment variable CONFIG_FILE in the following example confirms that the startup-config is set to boot from usbflash0.
Router#show boot
BOOT variable =
CONFIG_FILE variable = usbflash0:startup-config
BOOTLDR variable does not exist
Configuration register is 0x1820
Standby not ready to show bootvar
Booting from the USB Feature Summary
Once the CONFIG_FILE is set to a non-default value, the nvram:startup-config command is aliased to this new location.
Any change made to the config file in usbflash will be reflected in nvram:startup-config as well.
The EXEC command erase nvram:startup-config erases the contents of NVRAM, and deletes the file referenced by CONFIG_FILE variable.
If the USB is unplugged after setting the boot config usbflash0:<filename> variable, then the day 0 default configuration will take effect.
When the configuration is saved using the copy system:running-config nvram:startup-config command, the device saves a complete version of the configuration file to the location specified by the CONFIG_FILE environment
variable, and a distilled version to NVRAM. A distilled version is one that does not contain access list information.
Booting from ROMMON
The following configuration steps need to be taken in order to boot from the USB.
From the ROMMON prompt, execute set CONFIG_FILE=usbflash0:<filename>
Continue booting the IOS image as usual from the ROMMON prompt.
Upgrading the Cisco IOS XE Release
When the device boots up with Cisco IOS XE image for the first time, the device checks the installed version of the ROMMON,
and upgrades if the system is running an older version. During the upgrade, do not power cycle the device. The system automatically
power cycles the device after the new ROMMON is installed.
Once ROMMON is upgraded, the device will check if the MCU is upgraded. Once that is complete, the device will boot up with
the Cisco IOS XE image as normal.
After the installation, the system will boot up with the Cisco IOS XE image as normal.
Note
When the device boots up for first time and if the device requires an upgrade, the entire boot process may take several minutes.
This process will be longer than a normal boot due to the ROMMON and/or MCU upgrade.
The following example illustrates the boot process of a consolidated
package:
Router# configure terminal
Router(config)#boot system bootflash:ESR 6300-universalk9.17.1.1.SPA.bin
Router(config)#config-register 0x2102
Router(config)#exit
Router#
*Nov 7 00:07:06.784: %SYS-5-CONFIG_I: Configured from console by console
Router#
Router#show run | inc license
license udi pid ESR 6300-K9 sn FCW2150TH0F
license boot level network-advantage
Router#
Router#reload ?
/noverify Don't verify file signature before reload.
/verify Verify file signature before reload.
at Reload at a specific time/date
cancel Cancel pending reload
in Reload after a time interval
pause Pause during reload
reason Reload reason
<cr> <cr>
Router#reload /verify
System configuration has been modified. Save? [yes/no]: yes
Building configuration...
[OK]
*Nov 7 00:08:48.101: %SYS-2-PRIVCFG_ENCRYPT: Successfully encrypted private config file
Verifying file integrity of bootflash:/ESR 6300-universalk9.16.10.01.SPA.bin...........
....................................
Embedded Hash SHA1 : B0315BDC4F545D624BB128CE0FFAA468E6EF7587
Computed Hash SHA1 : B0315BDC4F545D624BB128CE0FFAA468E6EF7587
Starting image verification
Hash Computation: 100%Done!
Computed Hash SHA2: 03febcc07fbeadeed664f2f5ef87f6c3
5b343e6f7aecdd70e50e5203909aec8f
3d276529d2a6af6859d4c77237f812d5
0da93678edc942c8874edca2d5224101
Embedded Hash SHA2: 03febcc07fbeadeed664f2f5ef87f6c3
5b343e6f7aecdd70e50e5203909aec8f
3d276529d2a6af6859d4c77237f812d5
0da93678edc942c8874edca2d5224101
Digital signature successfully verified in file bootflash:/ESR 6300-universalk9.16.10.01.SPA.bin
Signature Verified
Proceed with reload? [confirm]
*Jul 9 06:43:37.910: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. Jul 9 14:43:59.134: %PMAN-5-EXITACTION: R0/0: pvp: Process manager is exiting: process exit with reload chassis code
watchdog watchdog0: watchdog did not stop!
reboot: Restarting system
Press RETURN to get started!
ROMMON Images
A ROMMON image is a software package used by ROM Monitor (ROMMON) software on a router. The software package is separate from
the consolidated package normally used to boot the router.
An independent ROMMON image (software package) may occasionally be released and the router can be upgraded with the new ROMMON
software. For detailed instructions, see the documentation that accompanies the ROMMON image.
Note
A new version of the ROMMON image is not necessarily released at the same time as a consolidated package for a router.
File Systems
The following table provides a list of file systems that can be seen on the Cisco ESR6300 router.
Table 1. Router File
Systems
File System
Description
bootflash:
Boot flash
memory file system.
flash:
Alias to the
boot flash memory file system above.
cns:
Cisco
Networking Services file directory.
nvram:
Router NVRAM.
You can copy the startup configuration to NVRAM or from NVRAM.
obfl:
File system
for Onboard Failure Logging (OBFL) files.
system:
System memory
file system, which includes the running configuration.
tar:
Archive file
system.
tmpsys:
Temporary
system files file system.
usbflash0:
The Universal
Serial Bus (USB) flash drive file systems.
Note
The USB flash drive file system is visible only if a USB drive is installed in the usb port.
Use the ? help option if you find a file system that is not listed in the table above.
Auto-generated File Directories and Files
This section discusses the auto-generated files and directories that can be created, and how the files in these directories
can be managed.
Table 2. auto-generated Files
File or
Directory
Description
crashinfo
files
Crashinfo
files may appear in the bootflash: file system.
These files
provide descriptive information of a crash and may be useful for tuning or
troubleshooting purposes. However, the files are not part of router operations,
and can be erased without impacting the functioning of the router.
core
directory
The storage
area for .core files.
If this
directory is erased, it will automatically regenerate itself at bootup. The
.core files in this directory can be erased without impacting any router
functionality, but the directory itself should not be erased.
tracelogs
directory
The storage
area for trace files.
Trace files
are useful for troubleshooting. If the Cisco IOS process fails, for instance,
users or troubleshooting personnel can access trace files using diagnostic mode
to gather information related to the Cisco IOS failure.
Trace files,
however, are not a part of router operations, and can be erased without
impacting the router's performance.
Important Notes About auto-generated Directories
Important information about auto-generated directories include:
auto-generated files on the bootflash: directory should not be deleted, renamed, moved, or altered in any way unless directed
by Cisco customer support.
Note
Altering auto-generating files on the bootflash: may have unpredictable consequences for system performance.
Crashinfo files and files in the core and tracelogs directory can be deleted.
Flash
Storage
Subpackages are installed to local media storage, such as flash. For flash storage, use the dir bootflash: command to list the file names.
Note
Flash storage is required for successful operation of a router.