Network Convergence System 540 Series Routers
 Note |
This software release has reached end-of-life status. For more information, see the End-of-Life and End-of-Sale Notices. |
Note |
Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.
Get started with the Content Hub at content.cisco.com to craft a personalized documentation experience. Do provide feedback about your experience with the Content Hub. |
Note |
Cisco IOS XR Release 7.2.2 is an Extended Maintenance Release of Cisco IOS XR Release 7.2.1 for Cisco NCS 540 Series routers. For more details on the Cisco IOS XR release model and associated support, see Guidelines for Cisco IOS XR Software. |
What's New in Cisco IOS XR Release 7.2.1
Cisco is continuously enhancing the product with every release and this section covers a brief description of key features and enhancements. It also includes links to detailed documentation, where available.
Software
802.1X Control for VLAN Tag Subinterfaces with Multi-host and Multi-auth Capability
Previously, by default, 802.1X allowed only one MAC address on each port at a time. This lead to major constraint in current network deployments where multiple hosts or MAC addresses were connected on a single port. Now, multi-auth and multi-host modes are supported by 802.1X to allow multiple hosts or MAC addresses on a single port. By default, dot1x configured port is in multi-auth mode. However, this behaviour can be altered by changing the host mode under dot1x profile. 802.1X port-control is also supported on pre-configured VLAN sub-interfaces along with multi-auth and multi-host modes. For VLAN sub-interfaces with VLAN IDs to be pre-configured, VLAN tagged traffic is allowed only after successful 802.1X authentication of the port.
For more information, see Protect Network using IEEE 802.1X Port-Based Authentication.
The command, dot1x host-mode is introduced.
BFD over Bundle with IPv4 Unnumbered Interface
BFD over Bundle with IPv4 Unnumbered Interface feature enables BFD to run on IP unnumbered interfaces, which take the IP address from the loopback address. This feature saves IP addresses space or range. The same loopback address is used on multiple interfaces.
For more information, see BFD over Bundle with IPv4 Unnumbered Interface
BFD Support on HSRP/VRRP
With the introduction of the BFD support on HSRP/VRRP, HSRP/VRRP will use BFD to detect a link failure and facilitate fast failover times without excessive control packet overhead.
With this feature, you can:
-
Identify failure detection in less than one second.
-
Support all types of encapsulation.
-
Have support for almost all routing protocols.
For more information, see:
BGP PIC Multipath (IPv4/IPv6) with Interface Peering and Loopback Peering
With the introduction of the BGP PIC multipath IPv4/IPv6 with interface peering support, BGP control plan installs multiple primary paths and one backup path for all primary paths in the BGP routing table. If one of the primary paths doesn’t work, the system adds a backup into the primary path.
For more information, see Additional-Path.
Boot Integrity and Trust Visibility
The Cisco Secure Boot subsystem verifies that the device boot image is genuine and untampered. The hardware-anchored secure boot process is designed to ensure that only genuine, unmodified code is allowed to boot on the following variants of the Cisco 540 Series Routers:
-
N540-28Z4C-SYS-A
-
N540-28Z4C-SYS-D
-
N540-12Z20G-SYS-A
-
N540-12Z20G-SYS-D
-
N540X-12Z16G-SYS-A
-
N540X-12Z16G-SYS-D
-
N540X-16Z4G8Q2C-A
-
N540X-16Z4G8Q2C-D
For more information, see Boot Integrity and Trust Visibility.
BVI with Double-Tagged AC Support
The Bridge-group Virtual Interface (BVI) with Double-Tagged AC Support feature allows you to configure the attachment circuit (AC) with double-VLAN tag encapsulation on the BVI. You must specify the rewrite ingress pop 2 symmetric option when you configure the AC on the BVI with double-VLAN tag encapsulation.
For more information, see Configure VLAN Sub-Interfaces.
Chip Guard
Applicable only to Cisco N540-28Z4C-SYS-A/D, N540-12Z20G-SYS-A/D, N540X-12Z16G-SYS-A/D, and N540X-16Z4G8Q2C-A/D router variants.
Malicious attacks can come from various sources – starting from the CPUs or ASICs containing Trojan or malware. Sometimes, the chips may have a Trojan in the form of an added die in the package assembly. Cisco’s Chip Guard feature mitigates this threat with the use of unique identifiers that are buried inside the Trusted Anchor module (TAm) devices as a way to identify and track components throughout the lifecycle of products.
For more information, see Chip Guard.
Conform Aware Hierarchical Policy
Traditional Hierarchical QoS (H-QoS), while allowing for granular and multi-level management of traffic, does not allow for conforming traffic from a child-level policy to a parent-level policy to get priority. This inability means that in case of excess traffic, the parent policer drops conforming traffic packets as well.
With the conform-aware hierarchical policy feature, the parent policer is prevented from dropping any conforming traffic from child policers, thus increasing traffic throughput and efficiency.
For more information, see Conform Aware Hierarchical Policy Overview.
The command, hw-module profile qos conform-aware-policer is introduced.
Egress Interface Published as Part of Ingress NetFlow
With the introduction of egress interface published as part of ingress NetFlow, you can capture traffic flow for IP packets on the egress interface or on the outgoing interface of a router.
For more information, see IPFIX 315 Implementation Considerations.
EVPN Convergence Improvements
With the introduction of the EVPN convergence improvements for BGP PIC, the following networks are supported, which rides over BGP PIC as transport:
-
LxVPN
-
EVPN
-
6PE
-
6VPE
For more information, see BGP PIC Implementation Considerations.
EVPN E-Tree Using RT Constraints
The EVPN E-Tree using Route Target (RT) constraints feature enables you to configure BGP RT import and export policies for an attachment circuit (AC). This feature allows you to define communication between the leaf and root nodes. The provider edge (PE) nodes can receive L2 traffic either from the attachment circuit (AC) of a bridge domain (BD) or from the remote PE node. For a given BD, L2 communication can only happen from a root to leaf and leaf to root nodes. This feature does not allow any L2 communication between the ACs of two or more leafs.
This feature provides the following benefits:
-
Achieve efficiency of the BGP MAC routes scale
-
Reduce the consumption of hardware resources
-
Utilize the link bandwidth efficiently
The command, etree rt-leaf is introduced.
GTP Load Balancing
The GPRS Tunneling Protocol (GTP) Load Balancing feature enables efficient distribution of traffic in mobile networks, and provides increased reliability and availability for the network.
GTP load balancing is performed on IPv4 or IPv6 incoming packets with GTP payloads and on MPLS incoming labeled packets. This feature supports GTP hashing only when the GTP UDP port is 2152.
The number of MPLS label stack in the transport layer is limited to three for GTP hashing. GTP hashing is not considered when the MPLS label stack exceeds three.
For more information, see GTP Load Balancing.
Manual BGP Peering SIDs for Segment Routing Egress Peer Engineering
This release introduces support for manually configured BGP Egress Peer Engineering (EPE) Peer SIDs. The ability to manually configure BGP-EPE peer SIDs allows for persistent EPE label values. Manual BGP-EPE SIDs are advertised through BGP-LS and are allocated from the Segment Routing Local Block (SRLB).
For more information, see Configuring Manual BGP-EPE Peering SIDs.
Network Convergence Using Core Isolation Protection
The Network Convergence using Core Isolation Protection feature allows the router to converge fast when remote links and local interfaces fail. This feature reduces the duration of traffic drop by rapidly rerouting traffic to alternate paths. This feature uses Object Tracking (OT) to detect remote link failure and failure of connected interfaces.
Tracking interfaces can only detect failure of connected interfaces and not failure of a remote router interfaces that provides connectivity to the core. Tracking one or more BGP neighbor sessions along with one or more of the neighbor’s address-families enables you to detect remote link failure.
For more information, see Network Convergence using Core Isolation Protection.
The command, if track is is introduced.
Per-Flow Automated Steering
Currently, the steering of traffic through a Segment Routing (SR) policy is based on the candidate paths of that policy. For a given policy, a candidate path specifies the path to be used to steer traffic to the policy’s destination. The policy determines which candidate path to use based on the candidate path’s preference and state. The candidate path that is valid and has the highest preference is used to steer all traffic using the given policy. This type of policy is called a Per-Destination Policy (PDP).
Per-Flow Automated Traffic Steering introduces a way to steer traffic on an SR policy based on the attributes of the incoming packets, called a Per-Flow Policy (PFP). A PFP provides up to 8 "ways" or options to the endpoint. With a PFP, packets are classified by a classification policy and marked using internal tags called forward classes (FCs). The FC setting of the packet selects the “way”. For example, this “way” can be a traffic-engineered SR path, using a low-delay path to the endpoint. The FC is represented as a numeral with a value of 0 to 7.
For more information, see Per-Flow Automated Steering.
Queueing Support for BUM Traffic on Attachment Circuits
This feature allows you to add BUM traffic queueing support for attachment circuits in a bridge domain. BUM traffic is replicated through Ingress Replication, and the replicated packets use the Ingress VOQ.
For more information, see Queueing Support for BUM Traffic on Attachment Circuits.
The command, flood mode ac-ingress-replication is introduced.
Slow Tracking
After you configure the PTP profile on a T-BC or a T-TSC, any change in PTP offset from the T-GM clock triggers an immediate reaction in the servo. With the Slow Tracking feature enabled, the servo corrects any change in the phase offset in steps. The correction is based on the configured value which can be slower than the normal correction rate.
For more information, see PTP Slow Tracking.
Segment Routing BGP Peer-Set SID
Segment routing egress peer engineering (EPE) uses a controller to instruct an ingress provider edge, or a content source (node) within the segment routing domain, to use a specific egress provider edge (node) and a specific external interface to reach a destination. BGP peer SIDs are used to express source-routed interdomain paths. BGP peer SID types include Peer Node SIDs and Peer Adjacency SIDs.
This release adds support for a new type of BGP peering SID, called BGP Peer Set SID. A BGP Peer Set SID is a group or set of BGP peer SIDs, and can be associated with any combination of Peer Node SIDs or Peer Adjacency SIDs. Peer Set SIDs provide load balancing over BGP neighbors (nodes) or links (adjacencies).
For more information, see Segment Routing Egress Peer Engineering.
Segment Routing On-Demand Next Hop for EVPN
Segment Routing On-Demand Next Hop (SR-ODN) allows a service head-end router to automatically instantiate an SR policy to a BGP next-hop when required (on-demand). SR-ODN provides per-destination steering behaviors where a prefix, a set of prefixes, or all prefixes from a service can be associated with a desired underlay SLA. The functionality applies equally to single-domain and multidomain networks.
An on-demand SR policy is created dynamically for BGP global or VPN (service) routes. This release introduces SR-ODN support for EVPN services with either single-homing or multi-homing configurations.
For more information, see On-Demand SR Policy – SR On-Demand Next-Hop.
Segment Routing On-Demand Next Hop for EVPN-VPWS with Multi-Homing
Segment Routing On-Demand Next Hop (SR-ODN) allows a service head-end router to automatically instantiate an SR policy to a BGP next-hop when required (on-demand). SR-ODN provides per-destination steering behaviors where a prefix, a set of prefixes, or all prefixes from a service can be associated with a desired underlay SLA. The functionality applies equally to single-domain and multi-domain networks.
An on-demand SR policy is created dynamically for BGP global or VPN (service) routes. This release introduces SR-ODN support for EVPN-VPWS services with multi-homing configurations.
For more information, see On-Demand SR Policy – SR On-Demand Next-Hop.
Segment Routing Path Computation Element Flexible Algorithm Multi-Domain Path Computation
Currently, a Flexible Algorithm definition is unknown to the Segment Routing Path Computation Element (SR-PCE). In order to select a Flexible Algorithm across domains, Flexible Algorithm definition can now be distributed to a PCE topology database from the gateway ABR/ASBR. The SR-PCE Flexible Algorithm Multi-Domain Path Computation feature incorporates the following changes:
-
BGP-LS has been augmented to carry a Flexible Algorithm definition (FAD)
-
PCEP vendor-specific objects have been added to indicate SR policy Flexible Algorithm constraints to the PCE and to request a path computation based on the Flexible Algorithm number
-
PCE algorithms have been augmented to compute paths based on a Flexible Algorithm constraint
For more information, see SR-PCE Flexible Algorithm Multi-Domain Path Computation.
Segment Routing TI-LFA Support for GRE Tunnels
The Segment Routing TI-LFA (Topology independent Loop-free alternate) Support for GRE Tunnels feature extends the TI-LFA logic to span different instances or different IGP domains by using a Generic Routing Encapsulation (GRE) tunnel that runs between two ABRs as a backup path for TI-LFA protection in an SR Core. GRE is a tunneling protocol that provides a simple generic approach to transport packets of one protocol over another protocol by means of encapsulation.
For more information, see SR-MPLS over GRE as TI-LFA Backup Path.
Set Peak Burst Size for Egress Shaping
From Release 7.2.1 onwards, you can configure peak burst size for egress shaping. This configuration gives your router interface the ability to manage the traffic burst for a particular traffic class such that the peer node can accommodate the burst and does not drop packets either due to lower burst policing or due to shorter queue depth.
For more information, see Configure Traffic Shaping.
The command, shape average is modified.
Shared Policer Feature
With the shared policer feature, you can now share a policer bucket among two or more classes. You can also view the statistics in aggregated mode or per-class mode.
For more information, see Shared Policer.
The command, hw-module profile qos shared-policer-per-class-stats is introduced.
SR-PCE Inter-Domain Path Computation Using SID Redistribution
A Path Computation Element (PCE) computes SR-TE that is paths based on the SR-topology database that stores the connectivity, state, and TE attributes of SR network nodes and links. BGP Labeled Unicast (BGP-LU) provides MPLS transport across IGP boundaries by advertising the loopbacks and label binding of edge and border routers across IGP boundaries.
The SR-PCE Inter-Domain Path Computation Using SID Redistribution feature adds new functionality to the SR-PCE that enables it to compute a path for remote non-SR end-point devices that are distributed by BGP-LU.
For more information, see Inter-Domain Path Computation Using Redistributed SID.
SRv6 Anycast Locator
This feature introduces support for SRv6 Anycast Locator. An SRv6 Anycast locator is a type of locator that identifies a set of nodes (END SIDs). SRv6 Anycast Locators and their associated END SIDs may be provisioned at multiple places in a topology. Anycast routing enables the steering of traffic toward multiple advertising nodes. Packets addressed to an Anycast address are forwarded to the topologically nearest nodes.
One use case is to advertise Anycast END SIDs at exit points from an SRv6 network. Any of the nodes that advertise the common END SID could be used to forward traffic out of the SRv6 portion of the network to the topologically nearest node.
For more information, see Segment Routing over IPv6 Overview.
Support for Chained ACLs
In Cisco NCS 540 Series Routers, you can configure only one ACL per direction on an interface. With the feature, Chained ACLs, you can apply more than one IPv4 or IPv6 ACL (common-acl and interface acl) on an interface for packet filtering at the ingress direction of a router. This feature enables you to separate various types of ACLs for management and other reasons, yet apply both of them on the same interface, in a defined order.
For more information, see Configuring Chained ACLs.
Commands modified for this feature:
Support for DHCPv4 and DHCPv6 Client on BVI
The Support for DHCPv4 and DHCPv6 Client over the BVI feature allows you to configure DHCPv4 and DHCPv6 client on the Bridged Virtual Interface (BVI). You can configure a BVI, and request DHCP IPv4 or IPv6 address on the BVI. This configiration allows your customer’s device to have initial connectivity to your network without any user intervention in the field. After the device is connected to your network, the customer devices can push a node-specific configuration with static IP addresses on a different BVI for a customer deployment.
For more information, see Support for DHCPv4 and DHCPv6 Client over BVI.
Support for DHCPv6 Client Options
This feature enables the support of DHCPv6 client on BVI interfaces. You can configure different types of DHCP IPv6 client options to enable different types of functionalities for clients as required.
For more information, see Enabling DHCP Client on an Interface.
The command, ipv6 address dhcp-client-options is introduced.
TCP Authentication Option for Segment Routing Path Computation Element
TCP Message Digest 5 (MD5) authentication is used for authenticating PCEP (TCP) sessions by using clear text or encrypted password. This feature introduces TCP Authentication Option (TCP-AO), which replaces the TCP MD5 option. TCP-AO is compatible with Master Key Tuple (MKT) configuration. TCP-AO also protects connections when using the same MKT across repeated instances of a connection. TCP-AO protects the connections by using traffic key that are derived from the MKT, and then coordinates changes between the endpoints.
For more information, see TCP Authentication Option.
UCMP Over MPLS-TE
With this feature, you can lperform oad-balance for incoming traffic over multiple paths of varying costs. UCMP applies a weight to a path, and adds more forwarding instances to a path that has a higher weight (or larger bandwidth). This feature results in an equal load distribution over paths of varying bandwidths (and costs).
For more information, see UCMP Over MPLS-TE.
Hardware
No new hardware features introduced in this release.
Behavior Change Introduced in this Release
Behavior change refers to any modification of an existing software feature, configuration, or a command. This release introduces following behavior change:
Guidelines for Enabling FIPS
You must follow these guidelines while enabling FIPS mode:
-
You must configure the session with a FIPS-approved cryptographic algorithm. A session configured with non-approved cryptographic algorithm for FIPS (such as, MD5 and HMAC-MD5) does not work. This is applicable for OSPF, BGP, RSVP, ISIS, or any application using key chain with non-approved cryptographic algorithm, and only for FIPS mode (that is, when crypto fips-mode command is configured).
-
If you are using any HMAC-SHA algorithm for a session, then you must ensure that the configured key-string has a minimum length of 14 characters. Otherwise, the session goes down. This is applicable only for FIPS mode.
-
If you try to execute the telnet configuration on a system where the FIPS mode is already enabled, then the system rejects the telnet configuration.
-
If telnet configuration already exists on the system, and if FIPS mode is enabled later, then the system rejects the telnet connection. But, it does not affect the telnet configuration as such.
-
It is recommended to configure the crypto fips-mode command first, followed by the FIPS-related commands in a separate commit. The list of commands related to FIPS with non-approved cryptographic algorithms are:
-
key chain key-chain-name key key-id cryptographic-algorithm MD5
-
key chain key-chain-name key key-id cryptographic-algorithm HMAC-MD5
-
router ospfv3 1 authentication ipsec spi 256 md5 md5-value
-
router ospfv3 1 encryption ipsec spi 256 esp des des-value
-
router ospfv3 1 encryption ipsec spi 256 esp des des-value authentication md5 md5-value
-
snmp-server user username usergroup-name v3 auth md5 priv des56
-
ssh server algorithms key-exchange diffie-hellman-group1-sha1
-
telnet vrf default ipv4 server max-servers server-limit
-
PSU Redundancy Lost Alarm:
PSU redundancy lost alarms are generated when there is no proper input feed applied on any one of Power Modules (PMs) (PM0 or PM1). The alarms are also generated when the output for PM0 or PM1 is not proper.
-
Power Module Generic Fault
-
Power Module Error
-
Power Group Redundancy Lost
-
N540-28Z4C-SYS-A/D
-
N540X-16Z4G8Q2C-A/D
-
N540-12Z20G-SYS-A/D
-
N540X-12Z16G-SYS-A/D
-
N540X-6Z18G-SYS-A/D
-
N540X-8Z16G-SYS-A/D
-
N540X-4Z14G2Q-A/D
Restrictions and Limitations on the Cisco NCS 540 Series Router
-
In the Cisco IOS XR Release 7.2.x, the Packet IO feature is not supported on bundle interfaces.
-
The show inventory and the show diagnostic commands do not display the fan serial number.
-
The interface ports 0/0/0/24 to 0/0/0/31 do not support 1G Copper SFPs on Cisco N540-24Z8Q2C-SYS, N540X-ACC-SYS, and N540-ACC-SYS variants. Also, these ports do not support Auto-Negotiation with 1GE optical SFPs and they cannot act as 1GE Synchronous Ethernet sources.
-
The interface ports 0/0/0/20 to 0/0/0/27 do not support 1G Copper SFPs on Cisco N540X-16Z4G8Q2C-A and N540X-16Z4G8Q2C-D variants. Also, these ports do not support Auto-Negotiation with 1GE optical SFPs and they cannot act as 1GE Synchronous Ethernet sources.
-
Remove the speed settings on the 1G Copper optics when 10M/100M is configured and replaced with 1G SFP optics.
-
The hw-module profile mfib statistics command is not supported.
Caveats
This section describes open and resolved severity 1 and 2 caveats and select severity 3 caveats:
-
The “Open Caveats” sections list open caveats that apply to the current release and may apply to previous releases. A caveat that is open for a prior release and is still unresolved applies to all future releases until it is resolved.
-
The “Resolved Caveats” sections list caveats resolved in a specific release, but open in previous releases.
The bug IDs are sorted alphanumerically.
Note |
The Caveats section includes the bug ID and a short description of the bug. For details on the symptoms, conditions, and workaround for a specific caveat you must use the Bug Search Tool. |
Cisco IOS XR Caveats Release 7.2.1
There are no caveats for this release.
Bug Search Tool
Use the Cisco Bug Search Tool to access open and resolved bugs for a release.
The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.
Supported Packages and System Requirements
For more information on system upgrade and package installation process, see Perform System Upgrade and Install Feature Packages.
For a complete list of supported optics, hardware and ordering information see Cisco Network Convergence System 540 Medium Density Routers Data Sheet and Cisco Network Convergence System 540 Small Density Router Data Sheet.
To install the Cisco NCS 540 Series Routers, see Cisco NCS 540 Router Hardware Installation Guide.
Release 7.2.1 Packages
The following tables list the supported packages and their corresponding file names.
-
The first table lists the supported packages for Cisco N540-24Z8Q2C-SYS, N540X-ACC-SYS, and N540-ACC-SYS variants.
-
The second table lists the supported packages for Cisco N540-28Z4C-SYS-A/D, N540-12Z20G-SYS-A/D, N540X-12Z16G-SYS-A/D, and N540X-16Z4G8Q2C-A/D variants.
|
Composite Package |
||
|
Feature Set |
Filename |
Description |
|
Cisco IOS XR IP Unicast Routing Core Bundle |
ncs540-mini-x-7.2.1.iso |
Contains the following base image content:
|
|
Individually-Installable Optional Packages |
||
|
Feature Set |
Filename |
Description |
|
Cisco IOS XR Manageability Package |
ncs540-mgbl-1.0.0.0-r721.x86_64.rpm |
Extensible Markup Language (XML) Parser, Telemetry, Netconf, gRPC and HTTP server packages. |
|
Cisco IOS XR MPLS Package |
ncs540-mpls-1.0.0.0-r721.x86_64.rpm ncs540-mpls-te-rsvp-1.0.0.0-r721.x86_64.rpm |
MPLS and MPLS Traffic Engineering (MPLS-TE) RPM. |
|
Cisco IOS XR Security Package |
ncs540-k9sec-1.0.0.0-r721.x86_64.rpm |
Support for Encryption, Decryption, Secure Shell (SSH), Secure Socket Layer (SSL), and Public-key infrastructure (PKI) |
|
Cisco IOS XR ISIS package |
ncs540-isis-1.0.0.0-r721.x86_64.rpm |
Support ISIS |
|
Cisco IOS XR OSPF package |
ncs540-ospf-1.0.0.0-r721.x86_64.rpm |
Support OSPF |
|
Lawful Intercept (LI) Package |
ncs540-li-1.0.0.0-r721.x86_64.rpm |
Includes LI software images |
|
Multicast Package |
ncs540-mcast-1.0.0.0-r721.x86_64.rpm |
Support Multicast |
|
USB Boot Package |
Package required to perform USB Boot |
|
|
Cisco IOS XR EIGRP Package |
ncs540-eigrp-1.0.0.0-r721.x86_64.rpm |
Includes EIGRP protocol support software. |
|
Composite Package |
||
|
Feature Set |
Filename |
Description |
|
Cisco IOS XR Bundle |
Contains the following base image content:
The ISO image also includes the following optional packages:
|
|
|
Individually Installable Optional Packages |
||
|
Feature Set |
Filename |
Description |
|
USB Boot Package |
Package required to perform USB Boot |
|
|
Optional Packages |
||
|
Optional packages may be installed for CDP and Telnet. |
||
Determine Software Version
Log in to the router and enter the show version command on the Cisco N540-24Z8Q2C-SYS, N540X-ACC-SYS, and N540-ACC-SYS variants:
RP/0/RP0/CPU0:ROUTER#show version
Thu Aug 13 16:36:37.005 IST
Cisco IOS XR Software, Version 7.2.1
Copyright (c) 2013-2020 by Cisco Systems, Inc.
Build Information:
Built By : gopalk2
Built On : Wed Aug 12 06:59:54 PDT 2020
Built Host : iox-lnx-007
Workspace : /auto/srcarchive13/prod/7.2.1/ncs540/ws
Version : 7.2.1
Location : /opt/cisco/XR/packages/
Label : 7.2.1
cisco NCS-540 () processor
System uptime is 3 hours 33 minutes
Log in to the router and enter the show version command on the Cisco N540-28Z4C-SYS-A/D, N540X-16Z4G8Q2C-A/D, N540-12Z20G-SYS-A/D and N540X-12Z16G-SYS-A/D variants:
RP/0/RP0/CPU0:ROUTER#show version
Thu Aug 13 16:38:50.939 IST
Cisco IOS XR Software, Version 7.2.1 LNT
Copyright (c) 2013-2020 by Cisco Systems, Inc.
Build Information:
Built By : gopalk2
Built On : Wed Aug 12 13:29:48 UTC 2020
Build Host : iox-lnx-008
Workspace : /auto/srcarchive13/prod/7.2.1/ncs540l/ws
Version : 7.2.1
Label : 7.2.1
cisco NCS540L (C3708 @ 1.70GHz)
System uptime is 2 hours, 56 minutes
Determine Firmware Support
Use the show command in EXEC mode to view the hardware components with their current FPD version and status. The status of the hardware must be CURRENT; Running and Programed version must be the same.
Log in to the router and enter the show fpd package and show hw-module fpd commands on the Cisco N540-24Z8Q2C-SYS, N540X-ACC-SYS, and N540-ACC-SYS variants:
RP/0/RP0/CPU0:ROUTER#show hw-module fpd
Thu Aug 13 16:36:45.857 IST
FPD Versions
===============
Location Card type HWver FPD device ATR Status Run Programd
-------------------------------------------------------------------------------
0/RP0 N540-ACC-SYS 1.0 Bootloader CURRENT 1.13 1.13
0/RP0 N540-ACC-SYS 1.0 CPU-IOFPGA CURRENT 0.07 0.07
0/RP0 N540-ACC-SYS 1.0 MB-IOFPGA CURRENT 0.22 0.22
RP/0/RP0/CPU0:NCS540-SIT-PE2#admin show fpd package
Thu Aug 13 16:36:54.685 IST
=============================== ================================================
Field Programmable Device Package
================================================
Req SW Min Req Min Req
Card Type FPD Description Reload Ver SW Ver Board Ver
=================== ========================== ====== ======= ======== =========
N540-24Z8Q2C-M Bootloader YES 1.13 1.13 0.0
CPU-IOFPGA YES 0.07 0.07 0.0
MB-IOFPGA YES 0.22 0.22 0.0
SATA NO 5.00 5.00 0.0
--------------------------------------------------------------------------------
CPU-IOFPGA YES 0.07 0.07 0.0
MB-IOFPGA YES 0.22 0.22 0.0
SATA NO 5.00 5.00 0.0
--------------------------------------------------------------------------------
N540-X-24Z8Q2C-M Bootloader YES 1.13 1.13 0.0
CPU-IOFPGA YES 0.07 0.07 0.0
MB-IOFPGA YES 0.22 0.22 0.0
SATA NO 5.00 5.00 0.0
--------------------------------------------------------------------------------
N540X-ACC-SYS Bootloader YES 1.13 1.13 0.0
CPU-IOFPGA YES 0.07 0.07 0.0
SATA NO 5.00 5.00 0.0
--------------------------------------------------------------------------------
Log in to the router and enter the show fpd package and show hw-module fpd commands on the Cisco N540-28Z4C-SYS-A/D, N540-12Z20G-SYS-A/D, N540X-12Z16G-SYS-A/D and N540X-16Z4G8Q2C-A/D variants:
RP/0/RP0/CPU0:ROUTER#show hw-module fpd
Thu Aug 13 16:38:57.959 IST
Attribute codes: B golden, P protect, S secure
FPD Versions
=================
Location Card type HWver FPD device ATR Status Running Programd Reload Loc
-------------------------------------------------------------------------------------------------
0/RP0/CPU0 N540-28Z4C-SYS-A 4.0 IoFpga CURRENT 2.03 2.03 0/RP0
0/RP0/CPU0 N540-28Z4C-SYS-A 4.0 IoFpgaGolden B NEED UPGD 1.31 0/RP0
0/RP0/CPU0 N540-28Z4C-SYS-A 4.0 Primary-BIOS S CURRENT 1.17 1.17 0/RP0
0/RP0/CPU0 N540-28Z4C-SYS-A 4.0 StdbyFpga S CURRENT 0.40 0.40 0/RP0
0/RP0/CPU0 N540-28Z4C-SYS-A 4.0 StdbyFpgaGolden BS NEED UPGD 0.37 0/RP0
0/RP0/CPU0 N540-28Z4C-SYS-A 4.0 TamFw S CURRENT 4.11 4.11 0/RP0
0/RP0/CPU0 N540-28Z4C-SYS-A 4.0 TamFwGolden BS CURRENT 4.11 0/RP0
RP/0/RP0/CPU0:BB-PE#show fpd package
Thu Aug 13 16:39:03.819 IST
=============================== ================================================
Field Programmable Device Package
================================================
Req SW Min Req Min Req
Card Type FPD Description Reload Ver SW Ver Board Ver
=================== ========================== ====== ======= ======== =========
--------------------------------------------------------------------------------
N540-12Z20G-SYS-A IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
--------------------------------------------------------------------------------
N540-12Z20G-SYS-D IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
--------------------------------------------------------------------------------
N540-28Z4C-SYS-A IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
--------------------------------------------------------------------------------
N540-28Z4C-SYS-D IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
--------------------------------------------------------------------------------
N540X-12Z16G-SYS-A IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
--------------------------------------------------------------------------------
N540X-12Z16G-SYS-D IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
--------------------------------------------------------------------------------
N540X-16Z4G8Q2C-A IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
--------------------------------------------------------------------------------
N540X-16Z4G8Q2C-D IoFpga YES 2.03 2.03 0.0
IoFpgaGolden YES 2.03 2.03 0.0
Primary-BIOS YES 1.17 1.17 0.0
StdbyFpga YES 0.40 0.40 0.0
StdbyFpgaGolden YES 0.40 0.40 0.0
TamFw YES 4.11 4.11 0.0
TamFwGolden YES 4.11 4.11 0.0
Other Important Information
MLDP LFA FRR feature is not supported.
Supported Transceiver Modules
For more information on the supported transceiver modules, see Transceiver Module Group (TMG) Compatibility Matrix. In the Begin your Search search box, enter the keyword NCS540 and click Enter.
Upgrading Cisco IOS XR Software
Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes.
The upgrade document for Cisco N540-24Z8Q2C-SYS, N540X-ACC-SYS, and N540-ACC-SYS variants (NCS540-docs-7.2.1.tar) is available along with the software images.
The upgrade document for Cisco N540-28Z4C-SYS-A/D, N540-12Z20G-SYS-A/D, N540X-12Z16G-SYS-A/D, and N540X-16Z4G8Q2C-A/D variants (NCS540L_Upgrade_MOP_7.2.1) is available along with the software images.
Additional References
Supported MIBs
The Cisco NCS 5500 MIB support list is also applicable to the Cisco NCS 540 Series Routers. For the list of supported MIBs, see the Cisco NCS5500 MIB Support List.
Feedback