Cisco CSR 1000v Series Cloud Services Routers Overview


Note

Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.

  • Use faceted search to locate content that is most relevant to you.

  • Create customized PDFs for ready reference.

  • Benefit from context-based recommendations.

Get started with the Content Hub at content.cisco.com to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.


Virtual Router

The Cisco Cloud Services Router 1000V (CSR 1000V) is a cloud-based virtual router that is intended for deployment in cloud and virtual data centers. This router is optimized to serve as a single-tenant or a multitenant WAN gateway.

When you deploy a CSR 1000V instance on a VM, the Cisco IOS XE software functions as if it were deployed on a traditional Cisco hardware platform. You can configure different features depending on the Cisco IOS XE software image.

Secure Connectivity

CSR 1000V provides secure connectivity from an enterprise network such as a branch office or a data center, to a public or a private cloud.

System Requirements

Software Images and Licenses

The following sections describe the licensing and software images for CSR 1000V.

Cisco CSR 1000V Evaluation Licenses

Prior to Release 3.13, Cisco provided a built-in evaluation with the CSR 1000V instance, where you could use the Premium Technology Package at a maximum throughput of 50 Mbps for 60 days. With Release 3.13 and later, Cisco has moved to a self-service model to provide the flexibility of trialing additional technology packages and higher throughputs.

Evaluation licenses are valid for 60 days and are available with a valid Smart Account. To request an evaluation license, contact Cisco or a qualified Cisco partner.

The following evaluation licenses are available:

  • IPBASE technology package license with 10 Gbps maximum throughput

  • SEC technology package license with 5 Gbps maximum throughput

  • APPX technology package license with 5 Gbps maximum throughput

  • AX technology package license with 5 Gbps maximum throughput

If you need an evaluation license for the Security technology package, or for an AX technology package with higher throughput, contact your Cisco service representative.

For instructions on obtaining and installing evaluation licenses, see the Installing CSL Evaluation Licenses for Cisco IOS XE 3.13S and Later section in the Cisco CSR 1000v Software Configuration Guide .

Cisco CSR 1000V Software Licenses

Cisco CSR 1000V software licenses are divided into feature set licenses. The supported feature licenses depend on the release.

Current License Types

The following are the license types that are supported in Cisco IOS XE Everest 16.4.1 and later:

  • IPBASE: Basic Networking Routing (Routing, HSRP, NAT, ACL, VRF, GRE, QoS)

  • SEC (Security): IPBase package + Security features (IP Security VPN, Firewall, MPLS, Multicast)

  • AX: IPBase package + Security features + Advanced Networking features (AppNav, AVC, OTV and LISP)

  • APPX Package: IPBase package + Advanced Networking features - Security features (IP security features are not supported in this package)

Legacy License Types

The three legacy technology packages - Standard, Advanced, and Premium - were replaced in Cisco IOS XE Release 3.13 with the IPBAsE, SEC, and AX technology packages.

Features Supported by License Packages

For more information about the Cisco IOS XE technologies supported in the feature set packages, see the overview chapter of the Cisco CSR 1000v Series Cloud Services Router Software Configuration Guide.

Throughput

The Cisco CSR 1000V router provides term subscription licenses that support the feature set packages for the following maximum throughput levels:

  • 10 Mbps

  • 50 Mbps

  • 100 Mbps

  • 250 Mbps

  • 500 Mbps

  • 1 G bps

  • 2.5 Gaps

  • 5 Gbps

  • 10 Gbps (IPBASE only)

The throughput levels are supported for different feature set packages in each version. For more information about how the maximum throughput levels are regulated on the router, see the Cisco CSR 1000v Cloud Services Router Software Configuration Guide.

Memory Upgrade

A memory upgrade license is available to add memory to the Cisco CSR 1000V router (Cisco IOS XE 3.11S or later). This license is available only for selected technology packages.

Additional Information about Licenses and Activation

For more information about each software license, including part numbers, see the Cisco CSR 1000v Router Datasheet. For more information about the standard Cisco IOS XE software activation procedure, see the Software Activation Configuration Guide, Cisco IOS XE Release 3S.

Software Image Nomenclature for Installation Files

The Cisco CSR 1000V installation file nomenclature indicates properties supported by the router in a given release.

For example, these are filename examples for the Cisco IOS XE Amsterdam 17.2.1 release:

  • csr1000v-universalk9.17.02.01.ova

  • csr1000v-universalk9.17.02.01.iso

  • csr1000v-universalk9.17.02.01.qcow2

The following table lists the filename attributes along with its properties:

Table 1. OVA Installation Filename Attributes

Filename Attribute

Properties

universalk9

Specifies the package that you are installing.

17.02.01

Indicates that the software image is mapped to the Cisco IOS XE Amsterdam 17.2.1 release.

New and Enhanced Software Features for Cisco IOS XE Amsterdam 17.2.x

New and Enhanced Features for Cisco IOS XE Amsterdam 17.2.x

The following are the new CSR 1000V software features for Cisco IOS XE Amsterdam 17.2.1 release:


Note

Cisco IOS XE Amsterdam 17.2.1r is the first release for Cisco CSR 1000V Series routers in the Cisco IOS XE Amsterdam 17.2.1 release series.


  • Install and Deploy Cisco IOS XE and IOS XE SD-WAN Functionality on Edge Router: This feature supports the use of a single universalk9 image to deploy Cisco IOS XE SD-WAN and Cisco IOS XE functionalities on all the supported devices. This universalk9 image supports two modes - Autonomous mode (for IOS XE features) and Controller mode (for SD-WAN features).

  • Enhanced VRF option for TCL socket: The -myvrf keyword has been added to the fconfigure command. This command specifies the options in a channel and enables you to associate a VRF table name with it.

  • BGP Dynamic Neighbor block: With this feature, you can block a router from establishing BGP dynamic neighbor sessions with certain nodes in a BGP peer group by identifying these nodes by their IP addresses. The ability to shut down or prevent the creation of BGP dynamic neighbor sessions may be useful when a peer needs maintenance.

  • Secure Control Plane: LISP support for TCP-AO: In a LISP deployment, an Egress Tunnel Router (ETR) and a Map Server (MS) exchange LISP control messages through a TCP connection. From Cisco IOS XE Release 17.2.1, you can use TCP Authentication Option (TCP-AO), defined in RFC 5925, to guard against spoofed TCP segments in the sessions between an ETR and an MS.

  • Fail Close Revert Mode: When there is no rekey or the group member is not able to re-register to the key server, group members in GETVPN can remove the downloaded key server policy, and thereby return to the fail close mode.

  • 6VPE over DMVPN with IPv6 Transport: This feature supports multi-tenant IPv6 LAN prefixes. You can create these prefixes using an IPv6 DMVPN transport over the IPv4 overlay neighborship.

  • Support for Spoke Nodes as P Nodes in MPLS over DMVPN: With this feature, you can configure a spoke node as either a P node or PE node in an MPLS over DMVPN deployment. To configure the spoke node, MP-BGP is required to redistribute the route or label information between the spoke node and a PE node behind it.

  • Support for ciscossl-1.1.1c.7.1.3: From this release, the CiscoSSL version cisco-1.1.1c.7.1.3 is enabled by default. No additional configuration is required.

  • CUBE: Smart License Trunk Side Counting: Support for Smart Licensing based on dynamic call counting.

    For a more detailed overview on Cisco Licensing, go to https://cisco.com/go/licensingguide.


Note

When you execute the show tech-support command multiple times in an oversubscribed environment, it might cause the device to lose ssh connectivity. If this occurs, reload the device and ensure that the environment is not oversubscribed.



Note

When you upgrade from one Cisco IOS XE release to another, you may see a %Invalid IPV6 address error in the console log file. To rectify this error, enter the global configuration mode, re-enter the missing IPv6 alias commands, and save the configuration. The commands are persistent on subsequent reloads.


Resolved and Open Bugs for Cisco IOS XE Amsterdam 17.2.x

Using the Cisco Bug Search Tool

About the Cisco Bug Search Tool

Use the Cisco Bug Search Tool to access open and resolved bugs for a release.

The tool allows you to search for a specific bug ID, or for all the bugs specific to a product and a release.

You can filter the search results by the last modified date, bug status (open or resolved), severity, rating, and support cases.

Resolved Bugs for Cisco IOS XE Amsterdam 17.2.2

Caveat ID Number

Description

CSCvt16915

CSR Gig3 Interface not created even after ENI is attached to VM instance in AWS

CSCvt50394

Custom Data: bash/python scripts in Scripts section does not execute

CSCvu34653

CSR stuck in Bootloop while upgrading to 17.2.1r on Azure.

CSCvu66127

CSR will reapply bootstrap configuration on the first reload of the instance

CSCvv04959

GRUB2 Arbitrary Code Execution Vulnerability

CSCvv25529

16.12.4 ucmk9 cedge not able to join overlay with 19.2.3 and 20.3

Open Bugs for Cisco IOS XE Amsterdam 17.2.1

Caveat ID Number

Description

CSCvt02382

Missing support for MSI on CSR in Azure GovCloud for HA solution version 3

CSCvt16915

CSR Gig3 Interface not created even after ENI is attached to VM instance in AWS

CSCvt26029

vnic down after update from lan-sriov to dpdk enabled virtio br

CSCvt59367

CSR1000V running 16.6.6 pauses indefinitely after unknown Non-Maskable Interrupt

CSCvt74652

Missing "encapsulation dot1Q # native" from cedge confd CLI

CSCvx11972

GuestShell Gets removed during the IOS upgrade

CSCvv38068

C8000v not booting up in Azure if assigned IPaddr 10.0.1.0 to Gig1 Interface

Resolved Bugs for Cisco IOS XE Amsterdam 17.2.1

Caveat ID Number

Description

CSCvt31588

CSR on AWS - PAYG Broken in 17.1, 17.2, and Polaris

CSCvt37981

CSR cannot create Azure VHD images

CSCvq39428

Unable to SSH into CSR1000v for single AN NIC Azure deployment

CSCvq58798

DROP-3-DOUBLE_DROP: First drop error cause 498 update stat cause 139 with EPC enabeld

CSCvq98847

CSR1000v: Occasionally interface fails to initialize or displays unexpected data in show commands

CSCvs81791

Fix for kernel driver issue causing wake up for empty block, packet too large to process

CSCvt22832

ISRv Stuck Thread(s) detected during vnic hot add/update action

CSCvt50394

Custom Data: bash/python scripts in Scripts section does not execute

CSCvq88532

Azure: Default Route in Global VRF Route Table

CSCvr27714

CSR+SDWAN on AWS will install default route in startup config which conflicts with some topologies

CSCvs45225

Flash devices not mounted on 16.10 or later CSR1000v

CSCvt22832

ISRv Stuck Thread(s) detected during vnic hot add/update action

CSCvr01539

cEdge TCP-OPT: SN going down after running traffic on system tb

CSCvq67236

Deploying sdwan CSR on AWS will install default route in startup config which cannot be removed.