Network Convergence System 5500 Series Routers
Note |
This software release has reached end-of-life status. For more information, see the End-of-Life and End-of-Sale Notices. |
Note |
Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.
Get started with the Content Hub at content.cisco.com to craft a personalized documentation experience. Do provide feedback about your experience with the Content Hub. |
Note |
Cisco IOS XR Release 7.1.2 is an Extended Maintenance Release of Cisco IOS XR Release 7.1.1 for Cisco NCS 5500 Series routers. For more details on the Cisco IOS XR release model and associated support, see Guidelines for Cisco IOS XR Software. |
What's New in Cisco IOS XR Release 7.1.2
Cisco is continuously enhancing the product with every release and this section covers a brief description of key features and enhancements. It also includes links to detailed documentation, where available.
Software
SPAN to File
The SPAN to File feature is an extension of the pre-existing SPAN feature in traffic mirroring. SPAN over File allows packets of network data to be mirrored to a file instead of an interface, so that they can be analysed at a later stage. The file format is PCAP, so that it can be easily used with tools such as tcpdump or wireshark.
See SPAN to File.
Segment Routing Performance Measurement for Link Delay and SR Policy Delay Using RFC5357 (TWAMP Light) Encoding
This feature introduces support for Two-Way Active Measurement Protocol (TWAMP) Light (RFC5357) for link delay and SR policy delay measurement. TWAMP Light adds two-way or round-trip measurement capabilities.
Network performance data such as packet loss, delay and delay variation, and bandwidth utilization is a critical measure for Traffic Engineering (TE). This data provides service providers the characteristics of their networks for performance evaluation that is required to ensure the Service Level Agreements (SLAs). The performance measurement and delay variation feature allows you to measure those metrics and advertise them through IGP extensions as extended TE metrics.
IPv4 SR Policy over BGPv6 Session
IPv4 and IPv6 SR policies can be advertised over BGPv4 or BGPv6 sessions between the SR-TE controller and the SR-TE headend. In earlier releases, Cisco IOS-XR implementation supported the following combinations:
-
IPv4 SR policy advertised over BGPv4 session
-
IPv6 SR policy advertised over BGPv4 session
-
IPv6 SR policy advertised over BGPv6 session
This release introduces support for IPv4 SR policy advertised over BGPv6 session.
See BGP SR-TE.
EVPN Port-Active Multihoming
The EVPN Port-Active Multhoming feature supports single-active redundancy load balancing at the port-level or at the interface-level. You can use this feature when you want to forward the traffic to a specific interface, rather that have a per-flow load balancing across multiple PE routers. This feature provides a faster convergence during a link failure. This feature enables protocol simplification as only one of the physical ports is active at a given time. You can enable this feature only on bundle interfaces.
See the EVPN Port-Active Multihoming.
Configuring Generic UDP Encapsulation
Generic UDP Encapsulation (GUE) is a UDP-based network encapsulation protocol that encapsulates IPv4 and IPv6 packets. GUE provides native UDP encapsulation and defines an additional header to determine the payload carried by the IP packet. Encapsulating packets using UDP facilitates efficient transport across networks and significant performance benefits for load-balancing.
Segment Routing Path Computation Element Support for MPLS-TE LSPs
The PCE Support for MPLS-TE LSPs feature allows Cisco's SR-PCE to act as a Path Computation Element (PCE) for MPLS Traffic Engineering Label Switched Paths (MPLS-TE LSPs).
Hardware Based Timestamp using TWAMP
The Cisco IOS XR 7.1.2 Release introduces Hardware based timestamp using TWAMP. This feature provides greater accuracy than other time synchronization protocols which enables the service providers to achieve microsecond precision and better performance at scale.
Access Pseudowire Redundancy
The Access Pseudowire Redundancy feature allows you to configure a backup pseudowire under the bridge domain. When the primary pseudowire fails, the provider edge (PE) router switches to the backup pseudowire. The primary pseudowire resumes operation after it becomes functional. The primary pseudowire fails when the PE router fails or when there is a network outage.
File Mirroring
File mirroring feature enables the router to copy files or directories automatically from /harddisk:/mirror
location in active RP to /harddisk:/mirror
location in standby RP or RSP without user intervention or EEM scripts.
GRE Tunnel Configuration in oc-interfaces Data Model
Generic Routing Encapsulation (GRE) Tunnel configuration support is added to oc-interfaces
data model. This data model is used to manage network interfaces and subinterfaces.
-
src
-
dst
-
ttl (time-to-live or hop limit)
-
gre-key
Obtain this data model from Github repository.
Table Connection Support in OC NI Data Model
The openconfig-network-instance (oc-ni
) data model is defined by OpenConfig community. This model defines the network instance concept to model Layer 3 and Layer
2 network instances applicable for services such as L3VPN, L2VPN, and EVPN.
The table-conection container in the oc-ni data model contains policies that dictate how routing information base (RIB) or forwarding information base (FIB) entries are propagated between routing tables.
The leaf list consists of a list of connections between pairs of routing or forwarding tables, the leaking of entries between which is specified by the import policy. A connection connecting a source table to a destination table implies that routes that match the policy specified for the connection are available for the destination protocol to advertise, or match within its policies. It shows the configuration and state parameters that relate to the connection between tables.
The oc-ni data model is available in the Github repository.
Set QoS-group and DSCP at Ingress
With the introduction of this feature, you can set both qos-group and DSCP values within the same QoS policy that is applied in the ingress direction. You can use any permitted value to set the qos-group value.
To set the possible DSCP values for set dscp, configure these values using the following command:
RP/0/RP0/CPU0:ios(config)# hw-module profile qos qosg-dscp-mark-enable 13 15
In the preceding example, only the set dscp 13 and set dscp 15 values are allowed in any QoS policy that contains both set qos-group and set dscp configurations.
Note |
Ensure that you reload the router for the hw-module command to be functional. |
See Setting QoS-group and DSCP at Ingress.
The command, hw-module profile qos qosg-dscp-mark-enable is introduced.
Poll Specific Processes to Stream Telemetry Data
Support is introduced in Cisco-IOS-XR-wdsysmon-fd-proc-oper.yang
data model with process keys to poll specific processes and stream telemetry data.
OCNI BGP Advertised Prefix
OCNI BGP data model has global, neighbor and peer-group containers. Under the neighbor container are the Address Family Identifier (AFI) state-related leaves. Three leaves (sent, installed and advertised prefix count) are related to the prefixes received from and advertised to the neighbor specific to that AFI. The sent count is defined as how many prefixes are sent to the neighbor for a specific AFI.
In the existing implementation, the cumulative count may not display accurate value owing to various conditions such as route-refresh out, policy changes, route-target changes, configuration changes like nexthop-self to name a few.
In this release, BGP walks through the prefix table calculating exactly how many prefixes are advertised for each neighbor. The results are collected in an array, converted and sent to MDT.
Obtain this data model from Github repository.
Telemetry Support for Sysadmin Data Model
You can subscribe to Sysadmin data models for streaming telemetry data.
The sensor-path Cisco-IOS-XR-sysadmin-show-media:ShowMedia/all-locations
support is enabled for telemetry on all platforms that have sysadmin container.
-
Cisco-IOS-XR-sysadmin-controllers-ncs5500
-
Cisco-IOS-XR-sysadmin-entity-mib
-
Cisco-IOS-XR-sysadmin-entity-sensor-mib
-
Cisco-IOS-XR-sysadmin-envmon-ui
-
Cisco-IOS-XR-sysadmin-asic-errors-ael
-
Cisco-IOS-XR-sysadmin-show-media
MPLS Over Single-Pass GRE Tunnels
This feature allows MPLS static forwarding over a single-pass GRE tunnel at line rate. One use case is for sending incoming customer traffic over the GRE tunnel, addressed to an anycast virtual IP address (VIP) destination shared by a set of load balancing servers.
ITU-T Y.1564
Y.1564 or Ethernet Service Activation (or performance test methodology) is a testing procedure which tests service turn-up, installation and troubleshooting of Ethernet-based services.
This feature is now supported on NCS-55A2 Series routers.
Y.1564 allows simultaneous testing of multiple Ethernet services and measures. It validates the different service level agreements (SLAs) to ensure the service meets guaranteed performance settings in a controlled test time. It helps to ensure all the services carried by the network meet the SLA objectives at the maximum committed rate proving that under maximum load, the network devices and paths can support the traffic as designed, even under stress.
Hardware
This release introduces the following new hardware:
-
NC55-RP2-E—Cisco NC55-RP2-E route processor card with SyncE supports enhanced timing operations. See Route Processor Card Overview.
Behavior Change Introduced
Behavior change refers to any modification of an existing software feature, configuration, or a command. This release introduces following behavior change:
Guidelines for Enabling FIPS
You must follow these guidelines while enabling FIPS mode:
-
You must configure the session with a FIPS-approved cryptographic algorithm. A session configured with non-approved cryptographic algorithm for FIPS (such as, MD5 and HMAC-MD5) does not work. This is applicable for OSPF, BGP, RSVP, ISIS, or any application using key chain with non-approved cryptographic algorithm, and only for FIPS mode (that is, when crypto fips-mode command is configured).
-
If you are using any HMAC-SHA algorithm for a session, then you must ensure that the configured key-string has a minimum length of 14 characters. Otherwise, the session goes down. This is applicable only for FIPS mode.
-
If you try to execute the telnet configuration on a system where the FIPS mode is already enabled, then the system rejects the telnet configuration.
-
If telnet configuration already exists on the system, and if FIPS mode is enabled later, then the system rejects the telnet connection. But, it does not affect the telnet configuration as such.
-
It is recommended to configure the crypto fips-mode command first, followed by the FIPS-related commands in a separate commit. The list of commands related to FIPS with non-approved cryptographic algorithms are:
-
key chain key-chain-name key key-id cryptographic-algorithm MD5
-
key chain key-chain-name key key-id cryptographic-algorithm HMAC-MD5
-
router ospfv3 1 authentication ipsec spi 256 md5 md5-value
-
router ospfv3 1 encryption ipsec spi 256 esp des des-value
-
router ospfv3 1 encryption ipsec spi 256 esp des des-value authentication md5 md5-value
-
snmp-server user username usergroup-name v3 auth md5 priv des56
-
ssh server algorithms key-exchange diffie-hellman-group1-sha1
-
telnet vrf default ipv4 server max-servers server-limit
-
Guidelines for Configuring MACsec Keychain
You must follow this guideline while configuring MACsec:
-
The MACsec key IDs (configured through CLI using the macsec key command under the key chain configuration mode) are considered to be case insensitive. These key IDs are stored as uppercase letters. Whereas, prior to this release, the key IDs were treated as case sensitive. These key IDs are now stored as uppercase letters. Whereas, prior to this release, the key IDs were treated as case sensitive. Hence, two key IDs with the same value, but of different case (one in uppercase and other in lowercase) were treated as two separate IDs in previous releases. However, the support for this case insensitive IDs is applicable only for the configurations done through CLI, and not for configurations done through Netconf protocol. Hence it is recommended to have unique strings as key IDs for a MACsec key chain to avoid flapping of MACsec sessions.
For more information, see Guidelines for Configuring MACsec Keychain.
Logging Format BSD
Cisco IOS XR Release 7.1.2 introduces the command logging format bsd which enables the router to send system log messages to a remote server in BSD (Berkeley Software Distribution) format. This enables systems that are dependent on the BSD format to correctly interpret the log message.
The command, logging format bsd is introduced.
Caveats
Caveats describe unexpected behavior in Cisco IOS XR Software releases. Severity-1 caveats are the most critical caveats; severity-2 caveats are less critical.
Cisco IOS XR Caveats
These caveats are applicable for Cisco IOS XR Software:
Bug ID |
Headline |
---|---|
CSCvv09667 | After RP failover SR-policy counters are getting lost |
"ssh_server drbg_instantiate failed" syslog seen in SSH scale |
Caveats Specific to the NCS 5500 Series Routers
Caveats describe unexpected behavior in Cisco IOS XR Software releases. These caveats are speicifc to NCS 5500 Series Routers:
Bug ID |
Headline |
---|---|
CSCvu57680 | Fail the configuration when use of 16 unique GRE src ip addresses |
Supported Packages and System Requirements
For a complete list of supported optics, hardware and ordering information, see the Cisco NCS 5500 Series Data Sheet
To install the Cisco NCS 5500 router, see Hardware Installation Guide for Cisco NCS 5500 Series Routers.
Release 7.1.2 Packages
This table lists the Cisco IOS XR Software feature set matrix (packages) with associated filenames.
Composite Package |
||
Feature Set |
Filename |
Description |
Cisco IOS XR IP Unicast Routing Core Bundle |
ncs5500-mini-x.iso |
Contains base image contents that includes:
|
Individually-Installable Optional Packages |
||
Feature Set |
Filename |
Description |
Cisco IOS XR Manageability Package |
ncs5500-mgbl-3.0.0.0-r712.x86_64.rpm |
Extensible Markup Language (XML) Parser, Telemetry, Netconf, gRPC and HTTP server packages. |
Cisco IOS XR MPLS Package |
ncs5500-mpls-2.1.0.0-r712.x86_64.rpm ncs5500-mpls-te-rsvp-2.2.0.0-r712.x86_64.rpm |
MPLS and MPLS Traffic Engineering (MPLS-TE) RPM. |
Cisco IOS XR Security Package |
ncs5500-k9sec-3.1.0.0-r712.x86_64.rpm |
Support for Encryption, Decryption, Secure Shell (SSH), Secure Socket Layer (SSL), and Public-key infrastructure (PKI) |
Cisco IOS XR ISIS package |
ncs5500-isis-1.2.0.0-r712.x86_64.rpm |
Support ISIS |
Cisco IOS XR OSPF package |
ncs5500-ospf-2.0.0.0-r712.x86_64.rpm |
Support OSPF |
Lawful Intercept (LI) Package |
ncs5500-li-1.0.0.0-r712.x86_64.rpm |
Includes LI software images |
Multicast Package |
ncs5500-mcast-1.0.0.0-r712.rpm |
Support Multicast |
Feature Set |
Filename |
NCS 5500 IOS XR Software 3DES |
NCS5500-iosxr-k9-7.1.2.tar |
NCS 5500 IOS XR Software |
NCS5500-iosxr-7.1.2.tar |
NCS 5500 IOS XR Software |
NCS5500-docs-7.1.2.tar |
Determine Software Version
To verify the software version running on the router, use show version command in the EXEC mode.
RP/0/RP0/CPU0:router# show version
Cisco IOS XR Software, Version 7.1.2
Copyright (c) 2013-2020 by Cisco Systems, Inc.
Build Information:
Built By : ahoang
Built On : Sat Aug 29 13:28:37 PDT 2020
Built Host : iox-ucs-025
Workspace : /auto/srcarchive13/prod/7.1.2/ncs5500/ws
Version : 7.1.2
Location : /opt/cisco/XR/packages/
Label : 7.1.2
cisco NCS-5500 () processor
System uptime is 10 hours 44 minutes
Determine Firmware Support
Use the show hw-module fpd command in EXEC and Admin mode to view the hardware components with their current FPD version and status. The status of the hardware must be CURRENT; Running and Programed version must be the same.
Note |
You can also use the show fpd package command in Admin mode to check the fpd versions. |
This sample output is for show hw-module fpd command from the Admin mode:
RP/0/RP0/CPU0:router(sysadmin)# show hw-module fpd
Fri Aug 28 18:50:32.566 UTC+00:00
FPD Versions
===============
Location Card type HWver FPD device ATR Status Run Programd
-------------------------------------------------------------------------------
0/0 NC55-32T16Q4H-A 0.302 Bootloader CURRENT 0.04 0.04
0/0 NC55-32T16Q4H-A 0.302 DBFPGA CURRENT 0.14 0.14
0/0 NC55-32T16Q4H-A 0.302 IOFPGA CURRENT 0.87 0.87
0/2 NC55-6X200-DWDM-S 0.502 Bootloader CURRENT 1.14 1.14
0/2 NC55-6X200-DWDM-S 0.502 IOFPGA CURRENT 0.14 0.14
0/2 NC55-6X200-DWDM-S 0.502 SATA CURRENT 5.00 5.00
0/4 NC55-18H18F 1.2 Bootloader CURRENT 1.14 1.14
0/4 NC55-18H18F 1.2 IOFPGA CURRENT 0.22 0.22
0/4 NC55-18H18F 1.2 SATA CURRENT 5.00 5.00
0/6 NC55-24X100G-SE 1.0 Bootloader CURRENT 1.14 1.14
0/6 NC55-24X100G-SE 1.0 IOFPGA CURRENT 0.13 0.13
0/6 NC55-24X100G-SE 1.0 SATA CURRENT 5.00 5.00
0/7 NC55-24H12F-SE 1.0 Bootloader CURRENT 1.14 1.14
0/7 NC55-24H12F-SE 1.0 IOFPGA CURRENT 0.09 0.09
0/7 NC55-24H12F-SE 1.0 SATA CURRENT 5.00 5.00
0/10 NC55-36X100G-S 1.1 Bootloader CURRENT 1.14 1.14
0/10 NC55-36X100G-S 1.1 IOFPGA CURRENT 0.11 0.11
0/12 NC55-32T16Q4H-AT 0.302 Bootloader CURRENT 0.04 0.04
0/12 NC55-32T16Q4H-AT 0.302 DBFPGA CURRENT 0.14 0.14
0/12 NC55-32T16Q4H-AT 0.302 IOFPGA CURRENT 0.87 0.87
0/14 NC55-36X100G-A-SE 1.0 Bootloader CURRENT 0.14 0.14
0/14 NC55-36X100G-A-SE 1.0 DBFPGA CURRENT 0.14 0.14
0/14 NC55-36X100G-A-SE 1.0 IOFPGA CURRENT 0.26 0.26
0/RP0 NC55-RP2-E 0.201 Bootloader CURRENT 0.06 0.06
0/RP0 NC55-RP2-E 0.201 IOFPGA CURRENT 0.50 0.50
0/RP0 NC55-RP2-E 0.201 OMGFPGA CURRENT 0.31 0.31
0/RP1 NC55-RP2-E 0.202 Bootloader CURRENT 0.06 0.06
0/RP1 NC55-RP2-E 0.202 IOFPGA CURRENT 0.50 0.50
0/RP1 NC55-RP2-E 0.202 OMGFPGA CURRENT 0.31 0.31
0/FC0 NC55-5516-FC 0.403 Bootloader CURRENT 1.75 1.75
0/FC0 NC55-5516-FC 0.403 IOFPGA CURRENT 0.26 0.26
0/FC1 NC55-5516-FC 0.403 Bootloader CURRENT 1.75 1.75
0/FC1 NC55-5516-FC 0.403 IOFPGA CURRENT 0.26 0.26
0/FC3 NC55-5516-FC 0.216 Bootloader CURRENT 1.75 1.75
0/FC3 NC55-5516-FC 0.216 IOFPGA CURRENT 0.26 0.26
0/FC4 NC55-5516-FC 0.216 Bootloader CURRENT 1.75 1.75
0/FC4 NC55-5516-FC 0.216 IOFPGA CURRENT 0.26 0.26
0/FC5 NC55-5516-FC 0.306 Bootloader CURRENT 1.75 1.75
0/FC5 NC55-5516-FC 0.306 IOFPGA CURRENT 0.26 0.26
0/SC0 NC55-SC 1.4 Bootloader CURRENT 1.74 1.74
0/SC0 NC55-SC 1.4 IOFPGA CURRENT 0.10 0.10
0/SC1 NC55-SC 1.4 Bootloader CURRENT 1.74 1.74
0/SC1 NC55-SC 1.4 IOFPGA CURRENT 0.10 0.10
Note |
The FPD versions on board shipped by manufacturer may have higher versions than the FPD package integrated in the IOS XR. |
Other Important Information
-
Starting with IOS-XR Release 7.1.2, you can configure a sub-interface as an EVPN Core. Previously, EVPN Core interface was not supported on a sub-interface. For more information on EVPN, see EVPN Features.
-
Before upgrading to Cisco IOS XR Release 7.1.2, if you configured and committed the set qos-group and set dscp options as part of the same policy on your router, the interface manager (ifmgr) crashes and the syslog displays the following error:
“A policy with set qos-group AND set dscp is not supported. Note that this error does not impact any upgrade operations. For details, see the Release Notes”.
Note
This crash does not affect your upgrade process. The ifmgr restarts twice and ensures that the upgrade is successful.
-
The total number of bridge-domains (2*BDs) and GRE tunnels put together should not exceed 1518.
Here the number 1518 represents the multi-dimensional scale value.
-
The offline diagnostics functionality is not supported in NCS 5500 platform. Therefore, the hw-module service offline location command will not work. However, you can use the (sysadmin)# hw-module shutdown location command to bring down the LC.
-
NCS55A1-36H-SE-S – Under Secure Domain Router (SDR) configuration, when you change the size of the RP VM memory from 12 GB (default) to 14 GB and commit your changes, the system reloads. When the system is brought back up, it can crash with a core dump by LC XR VM.
0/RP0/ADMIN0:Oct 15 12:19:30.280 : dumper[3046]: %INFRA-CALVADOS_DUMPER-6-HOST_COPY_SUCCESS : Copied host file /misc/scratch/core/default-sdr--2.20201015-191552.core.0_RP0.lxcdump.tar.lz4 to 0/RP0:/misc/disk1 0/RP0/ADMIN0:Oct 15 12:19:30.389 : dumper[3046]: %INFRA-CALVADOS_DUMPER-6-HOST_REMV_SUCCESS : Deleted HostOS file /misc/scratch/core/default-sdr--2.20201015-191552.core.0_RP0.lxcdump.tar.lz4
This is a one-time reload. Other than the additional time required for the LC XR VM to reload, there is no impact to system functionality.
After the configuration is applied, we recommend that you reload the chassis when prompted to ensure all VMs and host OS are in sync.
-
LFA FRR feature is not supported.
Supported Transceiver Modules
To determine the transceivers that Cisco hardware device supports, refer to the Transceiver Module Group (TMG) Compatibility Matrix tool.
Supported Modular Port Adapters
For the compatibility details of Modular Port Adapters (MPAs) on the line cards, see the datasheet of that specific line card.
Upgrading Cisco IOS XR Software
Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).
The upgrade document (NCS5500_Upgrade_Downgrade_MOP_7.1.2.pdf) is available along with the software images.
Production Software Maintenance Updates (SMUs)
A production SMU is a SMU that is formally requested, developed, tested, and released. Production SMUs are intended for use in a live network environment and are formally supported by the Cisco TAC and the relevant development teams. Software bugs identified through software recommendations or Bug Search Tools are not a basis for production SMU requests.
For information on production SMU types, refer the Production SMU Types section of the IOS XR Software Maintenance Updates (SMUs) guide.
Related Documentation
The most current Cisco NCS 5500 router documentation is located at the following URL: