Reference a wrapper Chapter topic here
Read Me First
Related References
User Documentation
Communications, Services, and Additional Information
-
Sign up for Cisco email newsletters and other communications at: Cisco Profile Manager.
-
For information on the latest technical, advanced, and remote services to increase the operational reliability of your network visit Cisco Services.
-
To browse and discover secure, validated enterprise-class apps, products, solutions, and services, visit Cisco Devnet.
-
To obtain general networking, training, and certification titles from Cisco Press Publishers, visit Cisco Press.
-
To find warranty information for a specific product or product family, visit Cisco Warranty Finder.
-
To view open and resolved bugs for a release, access the Cisco Bug Search Tool.
-
To submit a service request, visit Cisco Support.
Documentation Feedback
To provide feedback about Cisco technical documentation use the feedback form available in the right pane of every online document.
Release Notes for Cisco vEdge Device, Cisco SD-WAN Release 20.7.x
Note |
The documentation set for this product strives to use bias-free language. For purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on standards documentation, or language that is used by a referenced third-party product. |
These release notes accompany the Cisco SD-WAN Release 20.7.x, which provides Cisco SD-WAN capabilities. They include release-specific information for Cisco vSmart Controllers, Cisco vBond Orchestrators, Cisco vManage as applicable to Cisco vEdge devices.
Related Releases
For release information about Cisco IOS XE SD-WAN devices, refer to Release Notes for Cisco IOS XE SD-WAN Devices, Cisco IOS XE Release 17.7.x.
For release information about Cisco SD-WAN Controllers, refer to Release Notes for Cisco SD-WAN Controllers, Cisco SD-WAN Release 20.7.x
What's New for Cisco SD-WAN Release 20.7.x
This section applies to Cisco vEdge devices.
Cisco is constantly enhancing the SD-WAN solution with every release and we try and keep the content in line with the latest enhancements. The following table lists new and modified features we documented in the Configuration, Command Reference, and Hardware Installation guides. For information on additional features and fixes that were committed to the SD-WAN solution, see the Resolved and Open Bugs section in the Release Notes.
Feature | Description |
---|---|
Cisco SD-WAN Getting Started |
|
This feature enables a device to automatically learn about the available IP addresses and default gateway information when a DHCP server is not available. The device assigns an IP address to its WAN interface, and then contacts the PnP server and begins the PnP onboarding process. |
|
This feature revokes enterprise certificates from devices based on a certificate revocation list that Cisco vManage obtains from a root certificate authority. | |
This feature replaces the Symantec Certificate Authority (CA) server with Digicert Certificate Authority server for signing the controller device certificates on Cisco SD-WAN controllers including Cisco vSmart Controller, Cisco vBond Orchestrator, and Cisco vManage. You can protect, verify, and authenticate the identities of organizations and domains using these certificates. |
|
Systems and Interfaces |
|
TCP/UDP Endpoint tracker and Dual Endpoint Static route tracker for Cisco vEdge devices |
This feature enables you to configure the TCP/UDP individual Endpoint static route tracker and to configure tracker group with IPv4, TCP/UDP Dual Endpoint static route trackers for service VPNs to enhance the reliability of the probes. |
This feature enables VRRP to set the edge as active or standby based on the WAN Interface or SIG tracker events and increase the TLOC preference value on a new VRRP active to ensure traffic symmetry, for Cisco vEdge devices. Starting this release, you can configure it through Cisco vManage feature template. |
|
Co-Management: Granular Role-Based Access Control for Feature Templates |
This feature introduces greater granularity in assigning role-based access control (RBAC) permissions for template use. This enables you to give a tenant self-management of network configuration tasks. Network administrators and managed service providers can use this feature to assign permissions to their end customers. |
Policies |
|
This feature is an enhancement to the centralized and localized policies feature. This feature allows you to configure default application-aware routing (AAR) and quality of service (QoS) policies on Cisco IOS XE devices. |
|
High Availability |
|
This feature lets you change the disaster recovery user password for disaster recovery components from the Cisco vManage Disaster Recovery window. |
|
Cloud OnRamp |
|
Cisco CXP Gateway Support for Internet Exit through Service VPN Interfaces |
This feature adds support for enabling SaaS in service VPN interfaces in Gateway sites. |
This feature allows you to upload a virtual machine image to Cisco vManage in qcow2 format. Earlier, you could upload only a prepackaged image file in tar.gz format. |
|
This feature lets you capture packets at either the physical interface level (PNIC) or the virtual interface level (VNIC) on a CSP device of a colocation cluster. You can capture packets on one or more PNICs or VNICs on the same device or different devices with different browsers at the same time. This feature lets you gather information about the packet format and therefore helps in application analysis, security, and troubleshooting. |
|
Cisco SD-WAN Monitor and Maintain |
|
This feature enhances the output of the admin-tech file with additional diagnostics information collected from the application server, the configuration database, the statistics database, and other internal services. |
|
This feature enables you to upload an admin-tech file directly from Cisco vManage when opening a TAC case. When you create a TAC case, you can upload the generated admin-tech files to TAC service requests (SRs) from Cisco vManage. This streamlines the steps required for working with TAC to troubleshoot a problem. |
|
Resource Monitoring on Cisco SD-WAN Controllers and Cisco vEdge Devices |
With this feature, you can configure usage watermarks for resources such as CPU, memory, and disk on Cisco SD-WAN controllers and Cisco vEdge devices. In addition, on Cisco vManage servers, you can configure watermarks to monitor disk read and write speeds. Devices poll the resource usage and notify events to Cisco vManage. Cisco vManage raises alarms to alert you to changes in resource usage, or disk read or write speed so that you can take any necessary corrective action. |
This feature enables you to upgrade device or controller software using software images stored on a remote server. The feature enables you to register a remote server with Cisco vManage, and add locations of software images on the remote server to the Cisco vManage software repository. When you upgrade device or controller software, the device or controller can download the new software image from the remote server. This feature also improves the listing of images available in the repository. When two or more images have the same version but different filenames, each image is listed as a separate entry. |
|
Enhanced Cisco vManage User Interface for a Consolidated Monitoring View |
This feature introduces the enhanced user interface of Cisco vManage. The Monitor window provides a single-page, real-time user interface that facilitates a consolidated view of all monitoring components and services of a Cisco SD-WAN overlay network. It provides an entry point for all Cisco vManage dashboards, including Main Dashboard, VPN Dashboard, Security, and Multicloud. These dashboards were earlier accessible from the Dashboard menu. In addition, all monitoring components have been organized into pill buttons in the user interface so that you can quickly navigate from one page to another. The Tools menu of Cisco vManage has also been enhanced in this release. The Network Wide Path Insight and On Demand Troubleshooting options that were earlier accessible from the Monitor menu have now been moved to the Tools menu so that you can easily locate these features. |
Cisco SD-WAN Command Reference |
|
OMP CLI Enhancements |
This feature displays detailed information about OMP and TLOC routes on Cisco vSmart Controllers and Cisco vEdge devices. The following commands are enhanced to display received and advertised peering sessions for OMP. |
Software and Hardware Behavior Changes in Cisco SD-WAN Release 20.7.1
Behavior Change |
Link to Updated Documentation |
---|---|
Angle brackets (< or >) are converted to their HTML equivalents in Cisco vManage feature templates. |
A note on special characters is updated in the Feature Templates section. |
New error message added for buffer pool. |
|
Admin-Tech file enhancement |
|
Update to cloud-init configuration file |
A note on cloud-init configuration file is added in the Create vEdge Cloud VM Instance on KVM section. |
When generating a bootstrap configuration file for a Cisco vEdge device, you can now choose an option to generate a file for a Cisco vEdge device using Cisco SD-WAN Release 20.4.x or earlier. |
Software and Hardware Behavior Changes in Cisco SD-WAN Release 20.7.2
Behavior Change |
Link to Updated Documentation |
---|---|
The vedge-cloud medium device allows 7 SLAs to configure from Cisco vSmart Controller. |
A table on maximum SLA classes supported is updated in the SLA Classes section. |
Update to cloud-init configuration file |
A note on cloud-init configuration file is added in the Create vEdge Cloud VM Instance on KVM section. |
In the Cisco SD-WAN overlay, you can have a maximum of 512 multicast enabled Cisco vEdge devices per VPN. |
A note on the overlay scalability is added in the PIM Scalability Information section. |
Secure Internet Gateway (SIG) tracker monitor statistics are no longer reset at every Domain Name System (DNS) cache timeout interval. SIG tracker monitor statistics are now reset every two hours. A SIG tracker allows you to track the health of your SIG tunnels. |
A note is added in the Create Automatic Tunnels Using SIG Feature Template section. |
When generating a bootstrap configuration file for a Cisco vEdge device, you can now choose an option to generate a file for a Cisco vEdge device using Cisco SD-WAN Release 20.4.x or earlier. |
Important Notes, Known Behavior, and Workaround
-
Starting from Cisco SD-WAN Release 20.5.1, Cloud onRamp for IaaS isn't supported for Cisco vEdge Cloud Router running on Cisco SD-WAN Release 20.5.1. However, Cloud onRamp for IaaS is supported with AWS as the cloud provider for Cisco vEdge Cloud Routers using Cisco SD-WAN Release 20.4.1 and earlier. Cloud onRamp for IaaS is also supported with Microsoft Azure as the cloud provider for Cisco vEdge Routers using Cisco SD-WAN Release 20.3.1 and earlier.
-
For information about upgrade paths, see Cisco vManage Upgrade Paths.
Resolved and Open Bugs
About the Cisco Bug Search Tool
Use the Cisco Bug Search Tool to access open and resolved bugs for a release.
The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.
You can filter the search results by last modified date, bug status (open, resolved), severity, rating, and support cases.
Bugs for Cisco SD-WAN Release 20.7.2
This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.
Resolved Bugs for Cisco SD-WAN Release 20.7.2
Identifier |
Headline |
---|---|
Enhancement request to restrict access to GDB tool for non root users. i.e. restrict to 0700 |
|
Interested traffic(FTP/SIP/ICMP...) can't be forwarded properly after vEdge device rebooting. |
|
Cisco vEdge device access controlled via TACACS+ prevents user from performing certain configurations |
|
20.8: vEdge2k crashed due to kernel panic while generated admin-tech from Cisco vManage |
|
SNMPD crash seen on running Snmpwalk - 20.6.2 Cisco vEdge device5K |
|
ZBFW zone-pair (service to service) not working as expected. |
|
20.7.1: Gige 0/4 on Cisco vEdge device100 not transmitting or receiving traffic after a reboot |
|
Device not rebooting after an intentional crash |
|
Cisco vEdge device routing table did not remove deleted default route |
|
Cisco vEdge device marking the routes as invalid in OMP when the control policy is changed. |
|
Cisco vEdge device-5000 not able to configure more than 4 SLA's |
|
Loopback interface not reachable when the gateway set to the virtual vrrp ip |
|
Hardware Random Number generation shouldn't include TPM RNG until mutexing occurrs |
|
Endpoint Tracker stays down when ip address changed from dhcp to static |
|
Cisco vEdge device5k TPM failure resulting TLOC disable |
|
Cisco vEdge device interface tracker reporting down status in vdebug constantly while on the CLI its up. |
Open Bugs for Cisco SD-WAN Release 20.7.2
Identifier |
Headline |
---|---|
Cisco vEdge device Sig Autotunnels:Error parsing JSON response for locations and 409 Response received. |
|
After failover Existing primary vedge stops receiving traffic and forwarding - 20.6.2 |
|
Azure Viptela vEdge/vSmart VHD image doesn't prompt initial admin password wizard |
|
After the vpn list change, the DP, AAR and CLFOWD polices stopped working on the routers. |
Bugs for Cisco SD-WAN Release 20.7.1
This section details all fixed and open bugs for this release. These are available in the Cisco Bug Search Tool through the Resolved Bug Search.
Resolved Bugs for Cisco SD-WAN Release 20.7.1
Bug ID |
Description |
---|---|
vedge 20.5 on KVM/ESXI SRIOV: Throughput degradation observed with Qos configs and 1400B traffic |
|
OMPD crash seen on vEdge2k doing an assert while doing best path calculation operation. |
|
sit_regression; speedtest.py- test_speedtest_2edges: Failed to start iperf client |
|
vEdge crash due to Zebra process failure |
|
vEdge: we should see an error message on vdebug when system buffer pool is depleting |
|
edge router maintains persistent connections to vbond |
|
c/vEdge "show omp routes|tlocs received|advertise detail" must show received or advertised not both |
|
Packet drops due to QoS Policy after upgrading from 20.3.3 to 20.6.0.101 |
|
Cisco vEdge 5000 unable to form control connections with controller - Stuck in Challenge -> Timeout |
Open Bugs for Cisco SD-WAN Release 20.7.1
Bug ID |
Description |
---|---|
Vedge 1000 after upgrading to 20.6.1 Error: application communication failure is seen |
|
vEdge access controlled via TACACS+ prevents user from performing certain configurations |
|
vEdge: OSPF route isn't removed from routing table. |
|
Cisco ISR 1000 6G/Vedge 5K: BFD sessions take long time to come up after clearing omp sessions |
|
core.fpX.usec found on Vedge1000 after running stress test |
|
Azure Cisco SD-WAN vEdge/vSmart VHD image doesn't prompt initial admin password wizard |
|
vedge-5000 not able to configure more than 4 SLA's |
|
After the vpn list change, the DP, AAR and CLFOWD polices stopped working on the routers. |
Controller Compatibility Matrix and Server Recommendations
For compatibility information and server recommendations, see Cisco SD-WAN Controller Compatibility Matrix and Server Recommendations.
Supported Devices
For device compatibility information, see Cisco SD-WAN Device Compatibility.
Redesign of Cisco vManage GUI
From Cisco vManage Release 20.7.1, Cisco vManage GUI is redesigned and offers a new visual display. This section presents a comparative summary of the significant changes between older Cisco vManage releases and Cisco vManage Release 20.7.1 and later.
Changes in Monitor and Tools Menus
Cisco vManage Release 20.7.1 includes the following changes:
-
The Dashboard menu is removed, and all submenus that were earlier accessible from the Dashboard menu are now part of the Monitor menu.
-
The Monitor page provides a real-time user interface with a consolidated view of the monitoring information for the components and services of a Cisco SD-WAN overlay network.
-
Using the pill buttons on the Monitor page, you can navigate to monitoring information for specific components or services of a Cisco SD-WAN overlay network.
-
The Network Wide Path Insight and On Demand Troubleshooting options that were earlier accessible from the Monitor menu are now part of the Tools menu so that you can easily locate these features.
Support for Web Content Accessibility Guidelines (WCAG) 2.0 Standard
Cisco vManage Release 20.7.1 supports Web Content Accessibility Guidelines (WCAG) 2.0 standard for the AA conformance level, with the following limitations:
-
You cannot exit from SSH terminal using the keyboard.
-
Cisco vManage cannot skip repetitive navigation links.
-
Data charts on Cisco vManage use colors as the only visual means of conveying information, which is not compliant with WCAG 2.0.
-
Some text elements as well as non-text elements in Cisco vManage do not meet the color contrast ratio as defined in WCAG 2.0.