Cisco CSR 1000v Series Cloud Services Routers Overview
 Note |
Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.
Get started with the Content Hub at content.cisco.com to craft a personalized documentation experience. Do provide feedback about your experience with the Content Hub. |
Virtual Router
The Cisco Cloud Services Router 1000V (CSR 1000V) is a cloud-based virtual router that is intended for deployment in cloud and virtual data centers. This router is optimized to serve as a single-tenant or a multitenant WAN gateway.
When you deploy a CSR 1000V instance on a VM, the Cisco IOS XE software functions as if it were deployed on a traditional Cisco hardware platform. You can configure different features depending on the Cisco IOS XE software image.
Secure Connectivity
CSR 1000V provides secure connectivity from an enterprise network such as a branch office or a data center, to a public or a private cloud.
Technologies Supported by a Platform
A platform’s product landing page lists technology configuration guides for Cisco IOS XE technologies that the platform supports.
In each technology configuration guide, a Feature Information table indicates when a feature was introduced to the technology. For some features, the table also indicates when additional platforms have added support for the feature.
To determine whether a particular platform supports a technology, view the list of technology configuration guides posted on the platform’s product landing page. For example, see Cisco Cloud Services Router 1000v Series.
System Requirements
Hardware Requirements
For hardware requirements and installation instructions, see the Cisco CSR 1000v Series Cloud Services Router Software Configuration Guide .
Software Images and Licenses
The following sections describe the licensing and software images for CSR 1000V.
Cisco Smart Licensing
The Cisco CSR 1000V router supports Cisco Smart Licensing. To use Cisco Smart Licensing, you must first configure the Call Home feature and obtain the Cisco Smart Call Home Services. For more information, see Installing CSR 1000V Licenses and Smart Licensing Guide for Access and Edge Routers.
For a more detailed overview on Cisco Licensing, go to https://cisco.com/go/licensingguide.
Cisco CSR 1000v Evaluation Licenses
Evaluation license availability depends on the software version:
-
Evaluation licenses valid for 60 days are available at the Cisco Software Licensing (CSL) portal: http:/www.cisco.com/go/license
The following evaluation licenses are available:
-
IPBASE technology package license with 10 Gbps maximum throughput
-
SEC technology package license with 5 Gbps maximum throughput
-
APPX technology package license with 5 Gbps maximum throughput
-
AX technology package license with 2.5 Gbps maximum throughput
If you need an evaluation license for the Security technology package, or for an AX technology package with higher throughput, contact your Cisco service representative.
For instructions on obtaining and installing evaluation licenses, see the “Installing CSL Evaluation Licenses for Cisco IOS XE 3.13S and Later” section of the Cisco CSR 1000v Software Configuration Guide .
Cisco CSR 1000v Software Licenses
Cisco CSR 1000v software licenses are divided into feature set licenses. The supported feature licenses depend on the release.
Current License Types
The following are the license types that are supported (Cisco IOS XE Everest 16.4.1 or later):
-
IPBase: Basic Networking Routing (Routing, HSRP, NAT, ACL, VRF, GRE, QoS)
-
Security: IPBase package + Security features (IP Security VPN, Firewall, MPLS, Multicast)
-
AX: IPBase package + Security features + Advanced Networking features (AppNav, AVC, OTV and LISP)
-
APPX Package: IPBase package + Advanced Networking features - Security features (IP security features not supported)
Legacy License Types
The three legacy technology packages - Standard, Advanced, and Premium - were replaced in the Cisco IOS XE Release 3.13 with the IPBase, Security, and AX technology packages.
Features Supported by License Packages
For more information about the Cisco IOS XE technologies supported in the feature set packages, see the overview chapter of the Cisco CSR 1000v Series Cloud Services Router Software Configuration Guide.
Throughput
The Cisco CSR 1000v router provides both perpetual licenses and term subscription licenses that support the feature set packages for the following maximum throughput levels:
-
10 Mbps
-
50 Mbps
-
100 Mbps
-
250 Mbps
-
500 Mbps
-
1 Gbps
-
2.5 Gbps
-
5 Gbps
-
10 Gbps
The throughput levels are supported for different feature set packages in each version. For more information about how the maximum throughput levels are regulated on the router, see the Cisco CSR 1000v Cloud Services Router Software Configuration Guide.
Memory Upgrade
A memory upgrade license is available to add memory to the Cisco CSR 1000v router (Cisco IOS XE 3.11S or later). This license is available only for selected technology packages.
Additional Information about Licenses and Activation
For more information about each software license, including part numbers, see the Cisco CSR 1000v Router Datasheet. For more information about the standard Cisco IOS XE software activation procedure, see the Software Activation Configuration Guide, Cisco IOS XE Release 3S.
Software Image Nomenclature for OVA, ISO, and QCOW2 Installation Files
The Cisco CSR 1000v installation file nomenclature indicates properties supported by the router in a given release.
For example, these are filename examples for the Cisco IOS XE Everest 16.4.1 release:
-
csr1000v-universalk9.16.04.01.ova
-
csr1000v-universalk9.16.04.01.iso
-
csr1000v-universalk9.16.04.01.qcow2
The filename attributes are listed below, along with the release properties.
|
Filename Attribute |
Properties |
|---|---|
|
Example:universalk9 |
Installed image package. |
|
03.09.00a.S.153-2.S0a |
Indicates that the software image is for the Cisco IOS XE 3.9.0aS release image (mapped to the Cisco IOS 15.3(2) release). |
|
std or ext |
Standard release or extended maintenance support release. |
Features and Notes: Cisco IOS XE Fuji 16.7
Features
Features—Cisco IOS XE Fuji 16.7.1
The following new software features are supported on the Cisco CSR 1000v for Cisco IOS XE Fuji 16.7.1.
-
PPPoE over L2TPv3 Tunnels —allows you to establish PPP sessions for incoming traffic using Layer 2 Tunneling Protocol Version 3 (L2TPv3) IPv6 tunnels. An L2TPv3 over IPv6 tunnel is a static/stateless P2P overlay tunnel between a physical edge/aggregation router and its peer entity. The peer entity is typically a virtual Broadband Network Gateway (vBNG), Virtual Network Function (VNF) in a Cisco CSR 1000v.
For detailed information, see the following Cisco document:
-
i40evf Driver Support—for SR-IOV I/O Mode.
-
Templates for vCPU allocation and distribution—including the Control Plane heavy template.
-
Programmability
-
IOx tracing and logging — Allows a guest application to run separately on the host device that helps with reporting the logging and tracing of the data to the host.
-
Python Scripting — Supports Python v2.7 in both interactive and non-interactive (script) modes and is available in the Guest Shell. The Python scripting capability gives programmatic access to YANG data models and the device's command-line interface (CLI) to perform various tasks such as Zero Touch Provisioning (ZTP) and Embedded Event Manager (EEM) actions.
-
YANG Data Models—For the list of Cisco IOS XE YANG models available with this release, navigate to: https://github.com/YangModels/yang/tree/master/vendor/cisco/xe/1671. Revision statements embedded in the YANG files indicate if there has been a model revision. The README.md file in the same github location highlights changes that have been made in the release.
-
-
ISIS - Advertise Max SID Depth in LSPs and to LSLIB—For detailed information, see the following Cisco document: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/seg_routing/configuration/xe-16-7/segrt-xe-16-7-book/sr-ad-max-SID-depth-is-is-ospf-bgp-ls.html.
-
NBAR2 Support AVC on TSN Routers—For detailed information, see the following Cisco document: NBAR2 support – Support added in this release for Cisco Network-Based Application Recognition (NBAR2). NBAR2 analyzes network traffic and identifies the application source of the traffic. This enables application-based network policies, and is one part of Cisco Application Visibility and Control (AVC).
-
OSPF – Redistribution to and from RIB—For detailed information, see the following Cisco document:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16-7/iro-xe-16-7-book.html.
-
OSPF – Advertise Max SID Depth in LSAs and to LSLIB—For detailed information, see the following Cisco document: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/seg_routing/configuration/xe-16-7/segrt-xe-16-7-book/sr-ad-max-SID-depth-is-is-ospf-bgp-ls.html.
-
SR:ODNNH for LDPPW—For detailed information, see the following Cisco document: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/seg_routing/configuration/xe-16-6/segrt-xe-16-7-book/sr-ondemand-nexthop.html
-
L2VPN NSR – VPLS with BGP signaling and LDP transport—For detailed information, see the following Cisco document: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16-7/irg-xe-16-7-book/vpls-bgp-signaling.html
-
Encrypted Traffic Analytics—For detailed information, see the following Cisco documents:
-
Guest Shell Logging and Tracing support—For detailed information, see the following Cisco document: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/167/b_167_programmability_cg.html
-
Web User Interface—Supports an embedded GUI-based device-management tool that provides the ability to provision the router, simplifies device deployment and manageability, and enhances user experience. The following features are supported on Web User Interface from Cisco IOS XE Fuji 16.7.1:
-
Configuring AAA Authentication—AAA is an architectural framework for configuring a set of three independent security functions in a consistent manner.
-
DHCP Enchancements
-
NetFlow Configuration—NetFlow is a Cisco IOS application that provides statistics on packets flowing through the router. NetFlow capture and export are performed independently on each internetworking device on which NetFlow is enabled. NetFlow need not be operational on each router in the network.
-
Point-to-Point Protocol Over Ethernet
-
Software Upgrade Enchancements
-
Notes
The following section includes important notes about the Cisco CSR 1000v for Cisco IOS XE Fuji 16.7.
Fingerprint Commands
The following two fingerprint commands are no longer supported: show license fingerprint and debug license fingerprint .
Service Engine Memory Usage
(Cisco IOS XE Fuji 16.7.1 or higher)—if a Cisco CSR 1000v is configured with 8 GB and it has a service-engine-heavy or control-plane-extra-heavy template installed, it allows the service engine to use up to 4 GB of the memory. (6 GB for the service engine if 12GB memory is configured, and up to 8 GB for the service engine if 16 GB is configured.)
(Cisco IOS XE Everest 16.6.x or lower)—if a Cisco CSR 1000v configured with 8 GB has a service-engine-heavy template installed, it allows the service engine to use up to 3 GB of the memory. (4 GB for the service engine if 12 GB and higher memory is configured).
Deferrals
Cisco IOS software images are subject to deferral. We recommend that you view the deferral notices at the following location to determine whether your software release is affected:
https://tools.cisco.com/security/center/publicationListing.x
Field Notices
-
Field Notices—We recommend that you view the field notices to determine whether your software or hardware platforms are affected. You can find the field notices at the following location:
http://www.cisco.com/c/en/us/support/web/tsd-products-field-notice-summary.html
Limitations and Restrictions in Cisco IOS XE Fuji 16.7
There are no new limitations and restrictions in Cisco IOS XE Fuji 16.7
Caveats
Overview
Caveats, or “bugs,” describe unexpected behavior. Severity 1 caveats are the most serious. Severity 2 caveats are less serious. Severity 3 caveats are moderate caveats. This section includes severity 1, severity 2, and selected severity 3 caveats.
Terminology
The Dictionary of Internetworking Terms and Acronyms contains definitions of acronyms that are not defined in this document:
http://docwiki.cisco.com/wiki/Category:Internetworking_Terms_and_Acronyms_(ITA)
Bug Search Tool
If you have an account on Cisco.com, you can also use the Bug Search Tool (BST) to find select caveats of any severity. To reach the Bug Search Tool, log into Cisco.com and go to https://tools.cisco.com/bugsearch/search .
If a defect that you have requested cannot be displayed, it may be because the defect number does not exist or the defect does not have a description available.
You can use to the Bug Search Tool to view new and updated caveats: https://tools.cisco.com/bugsearch/search .
For Best Bug Search Tool Results
For best results when using the Bug Search Tool:
-
In the Product field, enter Cloud Services Router.
-
In the Releases field, enter one or more Cisco IOS XE releases of interest. The search results include caveats related to any of the releases entered in this field.
The tool provides autofill while you type in these fields to assist in entering valid values.
A search using release number 16.6 should find the caveats for Cisco IOS XE Everest 16.6.1.
Field Notices
We recommend that you view the field notices for the current release to determine whether your software or hardware platforms are affected. You can access the field notices from the following location:
http://www.cisco.com/c/en/US/support/tsd_products_field_notice_summary.html
Caveats: Cisco IOS XE Fuji 16.7.1
Open Caveats—Cisco IOS XE Fuji 16.7.1
|
Caveat ID Number |
Description |
|---|---|
|
ISRv: Hot add of multiple vnics fails to add some |
|
|
Crash when delete an interface on CSR1000v |
Resolved Caveats—Cisco IOS XE Fuji 16.7.1
|
Caveat ID Number |
Description |
|---|---|
|
After on the vnic edit on the fly changes - LAN-SRIOV sub interface ping fails after Reboot of ISRv |
|
|
AWS/Azure - unable to ssh into CSR1000v if configured with 192.x.x.x subnet |
Caveats: Cisco IOS XE Fuji 16.7.2
Open Caveats—Cisco IOS XE Fuji 16.7.2
|
Caveat ID Number |
Description |
|---|---|
|
IPsec/IKEv2 Installation Sometimes Fails With Simultaneous Negotiations |
|
|
GETVPN // Primary KS sending rekey first to GMs and then to Secondary KS via scheduled rekey |
|
|
KS merge fails for groups with TBAR due to PST update failure on primary KS |
|
|
Crypto Traceback: Router crash at Crypto Support segmentation fault |
|
|
IOS-XE GM router might crash after the rekey method is changed from unicast to multicast |
|
|
Sporadic Crashes Due to IPSec (during ISAKMP AAA interaction) |
|
|
Virtual-service guest IP accepts broadcast address |
|
|
AZURE: Cisco CSR 1000v crashing with CPP stuck thread |
|
|
Cisco CSR 1000v High platform memory utilization reported with memory add-on License |
|
|
Memory corruption after non zero REFCOUNT during IPSEC sibling allocation |
Resolved Caveats—Cisco IOS XE Fuji 16.7.2
|
Caveat ID Number |
Description |
|---|---|
|
Map is not updated with socket change on local address change |
|
|
Crash after IWAN does a recalculation in the RIB |
|
|
Incorrect channel next-hop for branch to branch traffic |
|
|
The second and later PfRv3 VRF configs are missing after reload |
|
|
router reloaded when doing show BGP RT filter routes |
|
|
IWAN router unexpectedly reboots while updating pmi policy |
|
|
CSR1k: Crash observed @ __be_cent_br_check_valid_ndb_prefix |
|
|
NHRP redirect overriding routing table |
|
|
Cisco ISR 4321 crash @ BGP Router for bfd bgp when sending traffic |
|
|
Site-prefix learning: Unexpected Reboot in "IP RIB Update" Process after "no domain" default |
|
|
Traceback: OCSP creates a large number of lists and triggers a memory problem |
|
|
TCP socket flap due to keepalive timeout with message stuck in queue for Multi-VRF dual BR setup |
|
|
Prefix SID delete after SSO |
|
|
PKI: All SCEP requests fail with "Failed to send the request. There is another request in progress" |
|
|
ASR1K BGP scanner crash when change VRF and BGP configuration |
|
|
Mgig stack keeps crashing while configuring with Radius commands |
|
|
PKI: Device crash during crl download with multiple CDP URI |
|
|
Spoke-to-spoke site-prefix reachability checking should be removed |
|
|
[168] OSPF process crash on P router when "router ospf <>" is unconfigured on another PE or P router |
|
|
CPUHOG on QoS statistics collection for DMVPN. QoS crash with DMVPN/NHRP. |
|
|
DMVPN: Crypto session stuck into UP-IDLE status after reconfiguring tunnel |
|
|
OSPFv3 cost calculation not correct in some specific topology |
|
|
IKEv2 - Crash with segmentation fault when debugs crypto ikev2 are enabled |
|
|
ASR1k reloaded after IPv4 RR stress test |
|
|
iBGP dynamic peer using TTL 1 |
|
|
OSPF: process crashed when the interface priority is configured for 0 |
|
|
Memory leaks seen at PKI_name_list_add(0xa139cc0)+0x3e |
|
|
Link local multicast packets are received when the SVI is in down state |
|
|
Router crash when removing route-target and with hard clear |
|
|
ISR 4431 crashing immediately following auto-CA certificate renewal |
|
|
IOS: Crypto Ruleset fails to be deleted |
Related Documentation
For information about the Cisco CSR 1000v Series and associated services, see: Documentation Roadmap for Cisco CSR 1000v Series, Cisco IOS XE 16.
Feedback