Cisco IOS XRv 9000 Router Deployment on Amazon Web Services (AWS)

This chapter provides an overview of the Cisco IOS XRv 9000 Router deployment on Amazon Web Services.


Note


You can deploy Cisco IOS XRv 9000 Router on AWS from Cisco IOS XR Release 6.3.1.


Introduction

The Cisco IOS XRv 9000 Router can be deployed on Amazon Web Services (AWS) for public and private cloud solutions. The implementation and installation on AWS is different than for the other supported hypervisors. The Cisco IOS XRv 9000 Router is supported on the following AWS platforms:

  • AWS Virtual Private Cloud (VPC)

  • AWS Elastic Compute Cloud (EC2)

For more information, see the AWS VPC documentation at:

http://aws.amazon.com/documentation/vpc/

Cisco IOS XRv 9000 Router AMI Options for Amazon Web Services

The Cisco IOS XRv 9000 Router for AWS is purchased and launched as an Amazon Machine Image (AMI) on AWS Marketplace .


Note


You can upgrade the Cisco IOS XRv 9000 software through normal IOS XR upgrade procedures. But you can not downgrade to a release prior to IOS XR Release 6.3.1.


Cisco IOS XRv 9000 Router Hourly-Billed AMIs

The Cisco IOS XRv 9000 Router for AWS is purchased and launched as an Amazon Machine Image (AMI) on AWS Marketplace. This section describes the Hourly-Billed AMI.

A Cisco IOS XRv 9000 Router hourly-billed AMI, launched directly from AWS Marketplace, is subject to the following conditions:

  • You are billed hourly by Amazon Web Services (AWS) for using the Cisco IOS XRv 9000 Router AMI. This hourly usage fee is in addition to the VPC usage fees charged by AWS.

  • You do not need to purchase, install, or configure any type of licensing to use an Hourly Billed Cisco IOS XRv 9000 Router.

For information on the not supported IOS XR features, refer the topic Supported Cisco IOS XR Technologies .

For information on the supported IOS XR features, refer the latest release notes at this location Release Notes for Cisco IOS XRv 9000 Router.

Supported Cisco IOS XR Technologies

When deployed on an AWS instance, the Cisco IOS XRv 9000 Router supports fewer Cisco IOS XR technologies than are supported by other hypervisors. Some technologies may not be available because they are not supported in an Amazon cloud.

The following restrictions apply to deploying the Cisco IOS XRv 9000 Router on an AWS instance:

  • Although CLI commands for unsupported features may be visible on the Cisco IOS XRv 9000 Router, testing by Cisco has determined that these unsupported features do not work in AWS deployments.

  • Routing protocols are supported over a tunnel only.

Here is the list of Cisco IOS XR technologies that are supported when deploying the Cisco IOS XRv 9000 Router on an AWS instance.

  • Single virtual router VM - vPE

  • Routing - limited to static and BGP within AWS but can support dynamic routing using GREv4 tunnels

  • IPv4, IPv6 L3 Forwarding

  • GREv4 with IPv4/IPv6 payload

  • e1000

  • QOS - IPv4/IPv6 QOS (Policing/Marking/H-QOS/Egress-TM), Hierarchical Policers (conform aware)

  • IPv4/6 ACLs (chained)

  • Strict IPv4/IPv6 uRPF

  • LPTS based CoPP

  • EFD DOS protection

  • IPSLA

Here is the list of Cisco IOS XR technologies that are not supported when deploying the Cisco IOS XRv 9000 Router on an AWS instance.

  • Virtual Route Reflector (vRR)

  • App Hosting

  • Bundles

  • BFD IPv4 and BFD IPv6 Single Hop (Static and BGP)

  • VM serial port and console access

  • VLAN

For more information about the features contained in the Cisco IOS XRv 9000 Router technology packages, see the Cisco IOS XRv 9000 Router Installation and Configuration Guide.

The following caveat applies to the Cisco IOS XR technology support on AWS deployments:

  • You cannot configure HSRP between the Cisco IOS XRv 9000 Router nodes in an Amazon cloud. Amazon does not allow running HSRP on the hosts in the VPC. Amazon AWS blocks all broadcast and multicast traffic in a VPC.

Deploying the Cisco Cisco IOS XRv 9000 Router on Amazon Web Services

Before attempting to launch the Cisco IOS XRv 9000 Router on AWS, the following prerequisites apply:

  • You must have an Amazon Web Services account.

  • FireFox is more stable with AWS than other browsers and is recommended.

  • An SSH client (for example, Putty on Windows or Terminal on Macintosh) is required to access the Cisco IOS XRv 9000 Router AWS console.

  • Determine the instance type that you want to deploy for the Cisco IOS XRv 9000 Router. See the next section for more information.

  • If you are planning to launch the AMI using the 1-Click Launch, you must first create a Virtual Private Cloud (VPC). For more information, see Amazon Virtual Private Cloud (VPC) .

Information About Launching Cisco IOS XRv 9000 Router on AWS

Launching the Cisco IOS XRv 9000 Router AMI takes place directly from the AWS Marketplace.

Determine whether the Cisco IOS XRv 9000 Router will be deployed on an Amazon EC2 instance or on an Amazon VPC instance.

If you are using an Amazon VPC instance, see the Launching the Cisco IOS XRv 9000 Router AMI Using the Manual Launch. This section also mentions that in order to launch an instance, you need to generate a key pair or use an existing key pair.

Jumbo frames in a VPC have limitations; see this document: Network Maximum Transmission Unit (MTU) for Your EC2 Instance.

Supported Instance Types

The Amazon Machine Image supports different instance types, which determine the size of the instance and the required amount of memory.

Table 1. Feature History Table

Feature Name

Release

Description

Enhanced Networking Features with Elastic Network Adapter (ENA) on Amazon EC2 M5 Instances

Release 7.3.3

You can launch your router with the Elastic Network Adapter (ENA) on Amazon Elastic Compute Cloud (Amazon EC2) M5 instances to deliver high network throughput. Amazon EC2 M5 instances provide more CPU cores, faster disk speeds, and higher network bandwidth that boosts the network performance.

The following AMI instance types are supported for the Cisco IOS XRv 9000 Router:

Table 2. Supported AMI Instance Types

Instance Type

vCPU

Memory (GB)

Maximum NICs

Maximum IPv4 and IPv6 Addresses

m4.xlarge

4

16

4

15

m4.2xlarge

8

32

4

15

m4.4xlarge

16

64

8

30

m4.10xlarge

40

160

8

30

c4.xlarge

4

7.5

4

15

c4.2xlarge

8

15

2

15

c4.4xlarge

16

30

8

30

c4.8xlarge

36

60

8

30

The following additional AWS EC2 M5 instance types are supported for the Cisco IOS XRv 9000 Router:
  • m5

  • m5n

  • c5

  • c5n

To know more about the maximum number of network interfaces supported per instance type, and the maximum number of private IPv4 addresses and IPv6 addresses per network interface, see the AWS user guide.

To know more about these AWS instanace types, see the Amazon Instance Types page from the Amazon Web Services documentation.

Launching the Cisco IOS XRv 9000 Router AMI

To launch the Cisco IOS XRv 9000 Router AMI, perform the steps in the following sections:

First, see: Selecting the Cisco IOS XRv 9000 Router AMI.

If you are using an Amazon EC2 or VPC instance, see: Launching the Cisco IOS XRv 9000 Router AMI Using the Manual Launch.

Then, see:Associating the elastic IP Address with Cisco IOS XRv 9000 Router Instance and Connecting to the IOS XRv 9000 Instance using SSH.

Selecting the Cisco IOS XRv 9000 Router AMI

To select the Cisco IOS XRv 9000 Router AMI, perform the following steps:

Procedure


Step 1

Log in to Amazon Web Services Marketplace.

Step 2

Search AWS Marketplace for: “Cisco IOS XRv 9000”. A list of AMIs such as the following, appears:

  • Cisco IOS XRv 9000 Demo Version (hourly billing)

Step 3

Select the Cisco IOS XRv 9000 Router AMI that you are planning to deploy.

The AMI information page displays, showing the supported instance types and the hourly fees charged by AWS. Select the pricing details for your region.

Click Continue.

Step 4

Enter your AWS email address and password, or create a new account.

The “Launch on EC2 page” displays.


Launching the Cisco IOS XRv 9000 Router AMI Using the Manual Launch

Procedure


Step 1

On the Launch with EC2 page, select the Region from the drop-down list.

Step 2

Choose the Cisco IOS XRv 9000 Router release version from the Select a Version pane.

The hourly usage charges for your region are shown under Pricing Details.

Step 3

Click the Launch with EC2 Console button for your region.

The window to select the instance type displays.

Select the General purpose tab for the supported instance types. Select the instance type.

Click the Next: Configure Instance Details button.

Step 4

Configure the instance details.

  • Select the network from the network drop-down list. Select a VPC subnet, into which you want to deploy the IOS XRv 9000, from the Subnet drop-down. Keep in mind that this determines the availability zone of your instance.

    Keep default settings for Auto-assign Public IP.

    You can initially create two interfaces on the Instance Details screen. Afterwards, to add more interfaces, click Add Device in Network Interfaces . The maximum number of interfaces that are supported depends on the instance type.

  • Select additional options available from AWS.

Step 5

(Optional) Click the Next: Add Storage button.

Step 6

(Optional) Keep the default hard drive setting.

Note

 

When operating the Cisco IOS XRv 9000 Router in AWS, the (46 GB EBS) size of virtual hard drives cannot be changed.

(Optional) Click the Next: Add Tags button.

Step 7

(Optional) Enter the tag information as needed.

(Optional) Click the Next: Configure Security Groups button.

Step 8

(Optional) Choose one of the following:

  • Create a new Security Group

  • Select an existing Security Group

The Cisco IOS XRv 9000 Router requires SSH for console access. The Cisco IOS XRv 9000 Router also requires that the Security Group, at a minimum, does not block TCP/22. These settings are used to manage the Cisco IOS XRv 9000 Router.

Click the Review and Launch button.

Step 9

Review the Cisco IOS XRv 9000 Router instance information.

Click Launch .

Step 10

When prompted, enter the key pair information. The key pair consists of a public key stored in AWS and your private key used to authenticate access to the instance. Do one of the following:

  1. Choose an existing key pair, or

  2. Create a new key by performing the following steps:

    • Upload your own public key

    • Create a new key pair on AWS:

      Click on Create Key Pair. Enter the key pair name and click Create. After the key pair is created, ensure that you have downloaded the private key from Amazon before continuing. A newly created private key can only be accessed once. After the key pair is downloaded, click Close .

Note

 

AWS security policies require that the private key permission level be set to 400. To set this value for the .pem file, open a UNIX shell terminal screen and enter the following command: chmod 400 pem-file-name

Step 11

Click Launch Instance .

It takes approximately ten minutes to deploy the AMI instance. You can view the status by clicking on the Instances link on the menu.

Wait for the State to show Running and the Status Checks to show passed .

At this point, the Cisco IOS XRv 9000 Router AWS instance is booted and ready for software configuration. Proceed to the sections: Associating the elastic IP Address with Cisco IOS XRv 9000 Router Instance and Connecting to the IOS XRv 9000 Instance using SSH.


Day Zero Configuration

The day zero configuration also known as bootstrap configuration is the configuration applied when the router boots for the first time. The day zero configuration should be entered into the User Data box as CLI (command line interface). Here is the sample:
username root
group root-lr
group cisco-support
secret 5 $1$920D$OrPQMgw1/3WdUe5R3RpLP/
! 
interface TenGigE 0/0/0/0
ipv4 address 192.0.2.2/255.255.255.0
no shutdown
! 
router static
address-family ipv4 unicast
0.0.0.0/0 192.0.2.2
! 
! 
ssh server v2
ssh server vrf default


Note


If you use your own User data box, you should configure a username in order to connect to the box using SSH.


Associating the elastic IP Address with Cisco IOS XRv 9000 Router Instance

Before you can access the management console using an SSH connection, you must associate an interface on the Cisco IOS XRv 9000 Router with the elastic IP address created with the VPC. Perform the following steps:

Procedure


Step 1

On the Services > EC2 > Instances page, select the Cisco IOS XRv 9000 instance.

Step 2

In the displayed Network interfaces, click eth0.

A popup window displays showing detailed information about the eth0 interface.

Note the interface’s private IP address.

Step 3

Copy the Interface ID .

Step 4

In EC2 Dashboard > Network & Security, click Elastic IPs.

Step 5

Select the Elastic IP to which you want to associate IP from the list.

Step 6

From Actions drop-down, select Associate address.

Step 7

In Assicate Address page, do the following:

  1. Select Network Interface as Resource Type.

  2. In the Network Interfaces field paste the interface ID copied in Step 3.

  3. Select Private IP address assigned by AWS from drop-down and check Allow Elastic IP to be reassociated if already attached.

  4. Click Associate.

This action associates the elastic IP address (Amazon elastic IP) with the private IP address of the network interface. You can now use this interface to access the management console. See the Connecting to the IOS XRv 9000 Instance using SSH.


Connecting to the IOS XRv 9000 Instance using SSH

The Cisco IOS XRv 9000 Router instance on AWS requires SSH for console access. To access the Cisco IOS XRv 9000 Router AMI, perform the following steps:

Procedure


Step 1

Once the Cisco IOS XRv 9000 Router status shows that is it is running, select the instance.

Step 2

Enter the following UNIX shell command to connect to the Cisco IOS XRv 9000 Router console using SSH:

ssh -i pem-file-name root @[public-ipaddress | DNS-name ]

Note

 
You must log in as root the first time you access the instance.

The private key stored in the .pem file is used to authenticate access to the Cisco IOS XRv 9000 Router instance.

Step 3

Start configuring the Cisco IOS XRv 9000 Router.