Guest

Cisco ONS 15454 Series Multiservice Transport Platforms

Release Notes for Cisco ONS 15454, ONS 15454 M2, and ONS 15454 M6 DWDM, Release 9.8.x

  • Viewing Options

  • PDF (1.2 MB)
  • Feedback
Release Notes

Release Notes

This Release Notes document contains information about new features and enhancements, in the platforms.

For detailed information regarding features, capabilities, hardware, and software introduced in this release, see the guides listed in the "Additional References" section.

Cisco also provides Bug Search Tool, a web resource for tracking defects. To access Bug Search Tool, visit this URL: https:/​/​tools.cisco.com/​bugsearch.

This chapter includes these topics:

Revision History

Date Notes
September 2014 Added procedure to search for bugs in Bug Search Tool.
July 2014 Revised the part number and added the Critical Bug Fixes in Release 9.8.1.2 section.
March 2014 Revised the part number and added the New Features and Functionality for Release 9.8.1 section.
July 2013 This is the first release of this publication.

Software and Hardware Requirements

Before you begin to install the software, you must check whether your system meets the minimum software and hardware requirements.

  • Hardware—Intel Core i5, i7, or faster processor. A minimum of 4 GB RAM, 100 GB hard disk with 250 MB of available hard drive space.
  • One of these operating systems:
    • Windows 7, Windows Server 2008, or later
    • Apple Mac OS X
    • UNIX workstation with Solaris Version 9 or 10 on an UltraSPARC-III or faster processor, with a minimum of 1 GB RAM and a minimum of 250 MB of available hard drive space.
    • Ubuntu 12.10
  • Java Runtime Environment—JRE1.7
  • Browser:
    • Internet Explorer
    • Mozilla Firefox
    • Safari
    • Google Chrome

Critical Bug Fixes in Release 9.8.1.2

The following critical issue has been resolved in Release 9.8.1.2:

  • Cisco ONS 15454 9.8.0, 9.8.1, 10.0, and 10.0.1 releases are vulnerable to OpenSSL vulnerabilities documented at CVE-2014-0076 and CVE-2014-3470. The 9.8.1.2 release contains the fix for the vulnerabilities.

New Features and Functionality for Release 9.8.1

This section highlights new features and functionality for Release 9.8.1. For detailed documentation of each of these features, consult the user documentation.

Common Criteria Certification

  • The ONS 15454 M2 and ONS 15454 M6 nodes are Common Criteria (CC) compliant. The CC certification from National Institute of Standards and Technology (NIST) using the Network Device Protection Profile (NDPP) ensures the node is accessed, managed, monitored and provisioned in a highly secure manner. The CC applies only to ONS 15454 M2 and ONS 15454 M6 stand-alone nodes with TNC/TSC/TNC-E/TSC-E cards as the node controller.

WSE Card Enhancements

  • The WSE card supports these additional payloads:
    • OC-192/10GE WAN payload for encryption
    • 10GE LAN to OTU2 mapping for encryption
    • 8G/10G FC for encryption
    • OTU1e client for encryption

    Note


    When the WSE card is configured with OC-192/STM-64 payload, it does not interoperate with other line cards due to difference in payload mapping type; the payload mapping is Asynchronous Mapping (AMP) in WSE card and Bit Synchronous Mapping (BMP) in other line cards.
  • The WSE card supports Y-cable protection for 10GE and OC-192/STM-64 payloads.
  • The WSE card supports additional performance monitoring counters.

For more information about the WSE card, see the Provision Transponder and Muxponder Cards chapter in the Cisco ONS 15454 DWDM Configuration Guide, Release 9.8.

New Features and Functionality for Release 9.8

This section highlights new features and functionality for Release 9.8. For detailed documentation of each of these features, consult the user documentation.

Common Hardware

These hardware units have been introduced in Release 9.8:

Wire Speed Encryption Card

The Wire Speed Encryption (WSE) card is an optical line card that provides encryption capability, at the optical layer, to the Cisco ONS 15454 M2 and Cisco ONS 15454 M6 platforms. The card provides confidentiality and integrity of data sent over a fiber optic communication channel through next generation cryptography. The card also provides integrated transponder functionality.

The WSE card supports these key features:

  • Security Features—These security features are supported on the card:
    • Secure Boot—This feature does a boot verification in hardware. It ensures that only authentic Cisco software boots up on the Cisco platform and provides tamper-and-cloning resistance.
    • Digital Image Signing—After the secure boot, the Digital Image Signing feature ensures the software that runs on Cisco devices is authentic. This maintains the integrity of the image that is loaded on the WSE card.
    • Key Exchange—Key exchange between authenticated peer cards happens over the GCC channel that is secured using Transport Layer Security (TLS). The Elliptic Curve Diffie Hellman Ephemeral (ECDHE) algorithm is used for key exchange.
    • Confidentiality of Data—The WSE card protects against cipher-text manipulation and cut-and-paste attacks. The card uses payload authentication to detect accidental corruption and unauthorized modifications of data.
    • Role Based Access Control—Access control is enforced to ensure that there is separation in managing the transport (provisioning) and the security features. A user can perform only certain operations depending on the role assigned.
  • Card Authentication—The Secure Unique Device Identification (SUDI) certificate that is formatted as an X.509 certificate conforms to the IEEE 802.1 AR standard. It is signed using Cisco's Root Certificate Authority. This certificate carries a unique identifier used to authenticate that the peer card is a WSE card before the data is exchanged. Information cannot be exchanged with a card that is not authenticated.
  • High Speed GCCs—The WSE card support the provisioning of GCC channel on OTN (OTU2/OTU2e) enabled client and trunk ports. A maximum of ten GCC channels on Cisco ONS 15454 M2 or Cisco ONS 15454 M6 shelf can be created. The bandwidth of GCCs is 1.2 Mbps.
  • OCH-trail Protection—Provides protection for the DWDM signals through external optical switch units (Protection Switch Module [PSM]).
  • Licensing—A licensed version of the card provides a cost-effective solution for customers who do not need to encrypt data on all the five streams. The licensed WSE card provides single stream encryption as a base functionality and the remaining streams (ports) can be used as unencrypted transponders. A pay as you grow software upgrade license needs to be purchased for each additional encrypted stream. For more information on licensing, see the Cisco ONS 15454 DWDM Licensing Configuration Guide.

For more information about the WSE card, see the Provision Transponder and Muxponder Cards chapter in the Cisco ONS 15454 DWDM Configuration Guide, Release 9.8.

Pluggable Port Modules Support

The Pluggable Port Modules (PPMs) supported on the WSE card are:

  • ONS-SC+-10G-EP30.3= through ONS-SC+-10G-EP61.8=
  • ONS-SC+-10G-30.3= through ONS-SC+-10G-61.8=
  • ONS-SC+-10G-C=
  • ONS-SC+-10G-ZR=
  • ONS-SC+-10G-ER=
  • ONS-SC+-10G-LR=
  • ONS-SC+-10G-SR=

For more information about the Pluggable Port Modules support, see the Installing the GBIC, SFP, SFP+, and XFP Optical Modules in Cisco ONS Platforms document.

AC Power Module

The ONS 15454 M6 system can be powered by redundant AC power lines. The supported AC power modules on the ONS 15454 M6 shelf are 15454-M6-AC and 15454-M6-AC2. For the 15454-M6-AC2 power module, the power consumption of the ONS-15454-M6 shelf (including ancillaries, controller cards, and line cards) is limited to1200 W. If the power consumption of the shelf exceeds 1200 W, a new line card will not boot up when it is installed in the ONS-15454-M6 shelf. This is indicated by the PWR-CON-LMT alarm that is raised in CTC.

For more information about AC power module, see the Installing the ONS 15454 M6 Shelf chapter in the Cisco ONS 15454 Hardware Installation Guide.

New Software Features and Functionality

These new software features have been introduced in Release 9.8:

100G-LC-C, 10x10G-LC, and CFP-LC Cards

The software enhancements for 100G-LC-C, 10x10G-LC, and CFP-LC cards include:

  • Support for Y-cable protection on the 10x10G-LC card configured in the TXP-10G or MXP-10G card mode for 10GE, 8G FC, 10G FC, OTU2, and OC192 (STM-64) payloads.
  • Support for monitoring the temperature of the 100G-LC-C, 10x10G-LC, and CFP-LC cards using the OnBoard Failure Logging (OBFL) functionality.
  • Support for calculation of the PRE FEC BER parameters for the OTU2 and OTU2e payloads on the 10x10G-LC card configured in the TXP-10G, RGN-10G, fanout-10x10G, or low latency mode.
  • Support for calculation of the PRE FEC BER parameters for the OTU4 payload on the 100G-LC-C card configured in these card modes and card combinations:
    • CFP-TXP or CFP-MXP card mode in a 10x10G-LC and CFP-LC card combination
    • MXP-10x10G card mode in a 100G-LC-C and 10x10G-LC card combination
    • RGN-100G card mode in a 100G-LC-C and 100G-LC-C card combination

For more information about the 100G-LC-C, 10x10G-LC, and CFP-LC cards, see the Provision Transponder and Muxponder Cards chapter in the Cisco ONS 15454 DWDM Configuration Guide, Release 9.8.

Transaction Language 1 (TL1)

This section contains a list of new commands, command syntax changes, and command response changes that have been introduced in Release 9.8. For detailed information on TL1, see the Cisco ONS TL1 Command Guide.

New TL1 Commands

No new TL1 commands are added.

Command Syntax Changes

The syntax of these commands has changed:

  • APPLY
  • COPY-RFILE
  • ED-NE-GEN
  • ENT-FTPSERVER

Command Response Changes

The command responses of these commands have changed:

  • RTRV-CMD-SECU
  • RTRV-DFLT-SECU
  • RTRV-USER-SECU

Limitations of USB Synchronization with TNC or TSC Cards

USB synchronization with TNC or TSC cards fails when the USB has the 9.8 package in either its active or protect volume and when the TNC or TSC card is inserted as a standalone card in the chassis.

Scenario 1: The USB has the 9.8 package in its active volume and any other package in its protect volume The TNC or TSC card having a package earlier than version 9.8, is loaded on the Cisco ONS 15454 M2 or Cisco ONS 15454 M6 chassis as a standalone card. The USB acts as the master and pushes the 9.8 package from its active volume on the TNC or TSC card. Despite several attempts, the package copy operation fails.

Scenario 2: The USB has any package earlier than version 9.8 in its active volume and the 9.8 package in its protect volume. The TNC or TSC card having a package earlier than version 9.8, is loaded on the ONS 15454 M2 or ONS 15454 M6 chassis as a standalone card. The USB acts as the master and pushes the package from its active volume on the TNC or TSC card. The card copies the package and resets. When the card boots up after reset, the USB pushes the 9.8 package from its protect volume on the TNC or TSC card. Despite several attempts, the package copy operation fails.

Workarounds:

  • For release 9.3 and later releases, use TNC-E or TSC-E cards.
  • For scenario 1, ensure that the TNC or TSC card has version 9.8 as the active package.
  • For scenario 2, ensure that the protect and the active volumes of USB are the same.

Cisco Bug Search Tool

Use the Bug Search Tool (BST) to view the list of outstanding and resolved bugs in a release.

BST, the online successor to Bug Toolkit, is designed to improve the effectiveness in network risk management and device troubleshooting. The tool allows partners and customers to search for software bugs based on product, release, and keyword, and aggregates key data such as bug details, product, and version. The tool has provision to filter bugs based on credentials to provide external and internal bug views for the search input.

The BST is available at Bug Search. To search for a specific bug, go to https:/​/​tools.cisco.com/​bugsearch/​bug/​bugid. For more information on BST, see Bug Search Help.

Search Bugs in BST

Follow the instructions below to search bugs specific to Cisco ONS 15454 software release 9.8 in BST.

Procedure
    Step 1   Go to https:/​/​tools.cisco.com/​bugsearch/​.

    You will be prompted to log into Cisco.com. After successful login, the Bug Toolkit page opens.

    Step 2   To search for release 9.8 bugs, enter the following parameters in the page:
    1. Search For ― Enter ONS 15454 in the text box.
    2. Releases ― Enter 9.8 .
    3. Show Bugs ― Select Affecting or Fixed in these Releases.

    Step 3   Press Enter.

    Note:

    • By default, the search results include bugs with all severity levels and statuses, and bugs that were modified during the life cycle of the bug. After you perform a search, you can filter your search results to meet your search requirements.
    • An initial set of 25 search results is shown in the bottom pane. Drag the scroll bar to display the next set of 25 results. Pagination of search results is not supported.

    Additional References

    Related Documents

    Use this document in conjunction with the other release-specific documentation listed in this table:

    Technical Assistance

    Link Description

    http:/​/​www.cisco.com/​support

    The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

    To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

    Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.