The Cisco CSR 1000V Series Cloud Services Router provides a cloud-based router that is deployed on a virtual machine (VM) instance on x86 server hardware. The Cisco CSR 1000V provides selected Cisco IOS XE features on a virtualization platform.
When the Cisco CSR 1000V virtual IOS XE software is deployed on a VM, the Cisco IOS XE software functions just as if it were deployed on a traditional Cisco hardware platform. The Cisco CSR 1000V includes a virtual Route Processor and a virtual Forwarding Processor (FP) as part of its architecture. The Cisco CSR 1000V supports a subset of Cisco IOS XE software features and technologies. For more information, see the “Supported Cisco IOS XE Technologies” section.
The Cisco CSR 1000V provides secure connectivity from the enterprise premise (such as a branch office or data center) to the public or private cloud.
Figure 1-1 shows the basic virtual form factor for the Cisco CSR 1000V. The Cisco CSR 1000V is deployed as a virtual machine on a hypervisor. Optionally, you can use a virtual switch (vSwitch), depending on your deployment. You can use selected Cisco equipment for some components. The supported components will depend on your software release.
Figure 1-1 Cisco CSR 1000V Virtual Form Factor
Benefits of Virtualization Using the Cisco CSR 1000V Series Cloud Services Router
The Cisco CSR 1000V Series uses the benefits of virtualization in the cloud to provide the following:
Because the Cisco CSR 1000V runs on a virtual machine, it can be supported on any x86 hardware that the virtualization platform supports.
Sharing of resources
The resources used by the Cisco CSR 1000V are managed by the hypervisor, and resources can be shared among VMs. The amount of hardware resources that the VM server allocates to a specific VM can be reallocated to another VM on the server.
Flexibility in deployment
You can easily move a VM from one server to another. Thus, you can move the Cisco CSR 1000V from a server in one physical location to a server in another physical location without moving any hardware resources.
Software Configuration and Management Using the Cisco IOS XE CLI
You can perform software configuration and management of the Cisco CSR 1000V using the following methods:
Provision a serial port in the VM and connect to access the Cisco IOS XE CLI commands.
Use the VM console or the console on the virtual serial port to access the Cisco IOS XE CLI commands.
Note A serial port can be used to manage a Cisco CSR 1000V VM only if the underlying hypervisor supports associating a serial port with a VM. For example, the Citrix XenServer environment does not support serial port association. See your hypervisor documentation for details.
Use remote SSH/Telnet to access the Cisco IOS XE CLI commands.
The Cisco CSR 1000V also supports management and configuration using the following products:
The Cisco CSR 1000V router interfaces perform the same functionality as those on hardware-based Cisco routers. The Cisco CSR 1000V interfaces function as follows:
Interfaces are logically named as the Gigabit Ethernet (GE) interfaces.
The available interface numbering depends on the Cisco CSR 1000V version.
(Cisco IOS XE Release 3.11S and later) The interface numbering is as follows:
– Interface port numbering is from 1 and up to the number of interfaces supported.
– GigabitEthernet interface 0 is no longer supported beginning with this release.
– You can designate any interface as the management interface. You can change the management interface when deploying the OVA template on first-time installation.
(Cisco IOS XE Release 3.10S and earlier) The interface numbering is as follows:
– Interface port numbering is from 0 and up to the number of interfaces supported.
– Gigabit Ethernet interface 0 is reserved for the management interface used for obtaining the licenses and upgrading software.
At first boot, the Cisco CSR 1000V router interfaces are mapped to the vNIC interfaces on the VM based on the vNIC enumeration to the Cisco CSR 1000V; on subsequent boot, the Cisco CSR 1000V router interfaces are mapped to the vNIC MAC address
Caution If upgrading to Cisco IOS XE Release 3.11S from an earlier release, Cisco recommends you update your configuration to remove the GigabitEthernet 0 management interface before upgrading. Because the GigabitEthernet 0 interface is no longer supported beginning with Cisco IOS XE Release 3.11S, you will receive system errors if the upgraded configuration includes this interface.
A virtual machine (VM) is a software implementation of a computing environment in which an operating system (OS) or program can be installed and run. The VM typically emulates a physical computing environment, but requests for CPU, memory, hard disk, network and other hardware resources are managed by a virtualization layer which translates these requests to the underlying physical hardware.
You can deploy an Open Virtualization Archive (OVA) file. The OVA file package simplifies the process of deploying a VM by providing a complete definition of the parameters and resource allocation requirements for the new VM.
An OVA file consists of a descriptor (.ovf) file, a storage (.vmdk) file and a manifest (.mf) file.
ovf file—Descriptor file which is an xml file with extension .ovf which consists of all the metadata about the package. It encodes all the product details, virtual hardware requirements and licensing.
vmdk file—File format that encodes a single virtual disk from a VM.
mf file—Optional file that stores the SHA key generated during packaging.
You can also install the Cisco CSR 1000V using an .iso file and manually create the VM in the hypervisor.
A hypervisor enables multiple operating systems to share a single hardware host machine. While each operating system appears to have the dedicated use of the host's processor, memory, and other resources; the hypervisor controls and allocates only needed resources to each operating system and ensures that the operating systems (VMs) do not disrupt each other.
The Cisco CSR 1000V is supported for installation on selected hypervisors. The following table lists the supported hypervisor versions for your software release.
2.Requires QEMU-x86_64 version 1.0 (qemu-kvm-1.0), Copyright (c) 2003-2008 Fabrice Bellard.
Hypervisor features may differ depending on the hypervisor, and not all features in a given hypervisor version may be supported. The hypervisor versions listed are those officially tested and supported by the Cisco CSR 1000V. See the following sections for more information:
Depending on the Cisco CSR 1000V release version, each of the hypervisors supports different virtual network interface card (vNIC) types. The Cisco CSR 1000V also supports a different maximum number of vNICs depending on the hypervisor. Some versions and hypervisors also support the ability to add and remove vNICs without powering down the VM. This feature is known as vNIC Hot Add/Remove.
The following table lists the supported vNICs and the minimum and maximum number of vNICs supported for each VM instance.
3.Intel 10Gb PCI Express NIC Virtual Function Driver
4.vNIC Hot Remove requires reloading the Cisco CSR 1000V.
5.Requires the host hardware to support the Intel VT-d or AMD IOMMU specification. SR-IOV is not supported with Virtual LANs (VLANs).
6.Requires VMware ESXi 5.1 and later.
7.Supported beginning with Cisco IOS XE Release 3.12.1S.
The VMXNET3, VIF and Virtio NIC types are para-virtualized NICs.
Cisco CSR 1000V and Hypervisor Limitations
This section describes performance limitations due to how the Cisco CSR 1000V integrates with the supported hypervisors.
Cisco CSR 1000V and Hypervisor Limitations for Cisco IOS XE Release 3.12S
When the Cisco CSR 1000V is installed on Microsoft Hyper-V, the interface numbers can change after Microsoft Hyper-V fails over to a new server, or restarts after a live migration.
– If the server is set to perform ungraceful failover, there is no workaround.
– If the server is set to perform graceful failover or restart, enter the clear platform software vnic-if nvtable command before executing the failover or restart.
This issue is not seen if the maximum number of interfaces is configured.
When the Cisco CSR 1000V is installed on Microsoft Hyper-V, if you want to configure a VLAN, you must configure the VLAN interfaces on Microsoft Hyper-V using the Hyper-V Power Shell CLI.
When the Cisco CSR 1000V is installed on Microsoft Hyper-V and an NSF-based virtual hard disk is used, if there is a network connectivity issue between the Cisco CSR 1000V and the NSF server, the Cisco CSR 1000V is unable to use the virtual hard disk even if the network connection is restored. You must reboot the Cisco CSR 1000V to restore access to the virtual hard disk.
The Microsoft Hyper-V GUI only allows one VLAN to be specified for a Virtual Machine interface. This limits deployments where multiple VLANS for a Virtual Machine interface are used.
When the MAC address of a Cisco CSR1000V interface is changed from the address assigned by the hypervisor traffic with external devices is unsuccessful. This occurs even when MAC address spoofing is enabled on the Microsoft Hyper-V vSwitch. Operation of protocols like FHRP, CLNS, and Etherchannel that use their own MAC address may be unsuccessful.
In Microsoft Hyper-V environments, the following limitations apply when the Windows Power Shell CLI is used to configure VLANs:
– The power shell CLI commands must be reapplied each time the Cisco CSR1000V is reloaded.
– When a large AllowedVlanIdList is configured, only lower numbered VLANS may successfully pass traffic. For example, when the following Power Shell CLI command is used:
Only VLANS lower than 300 may successfully pass traffic.
Cisco CSR 1000V and Hypervisor Limitations for Cisco IOS XE Release 3.10S
Configuring Network Based Application Recognition (NBAR), or Application Visibility and Control (AVC) support on the Cisco CSR 1000V requires a minimum of 4GB of DRAM on the VM, even when using the one vCPU configuration on the VM.
On the Cisco CSR 1000V, all the NICs are logically named as the Gigabit Ethernet interface. The Cisco CSR 1000V does support the 10G IXGBE vNIC in passthrough mode; but that interface also is also logically named as a Gigabit Ethernet interface. Note that with emulated devices like VMXNET3/PV/VIRTIO from the hypervisor, the Cisco CSR 1000V is not aware of the underlying interfaces. The vSwitch may be connected to a 10-GB physical NIC or 1-GB physical NICs or multiple NICs (with NIC teaming on the hypervisor) as well.
The Cisco CSR 1000V supports an MTU range from 1500 to 9216 bytes. However, the maximum MTU supported on your hypervisor version may be lower. The MTU value configured on the Cisco CSR 1000V should not exceed the maximum MTU value supported on the hypervisor.
Cisco CSR 1000V and Hypervisor Limitations for Cisco IOS XE Release 3.9S
The following are the Cisco CSR 1000V and VMware ESXi limitations for Cisco IOS XE Release 3.9S:
The Cisco CSR 1000V interface bandwidth defaults to 1 GB, irrespective of the hypervisor’s physical NIC bandwidth. The routing protocols (OSPF, EIGRP) use the Cisco CSR 1000V interface bandwidth values for calculating the costs, not the physical NIC bandwidth.
When a Cisco CSR 1000V interface is directly connected to a physical router, and that physical router’s connecting interface goes down, the change is not reflected on the Cisco CSR 1000V. This is because the Cisco CSR 1000V is actually connected to the hypervisor’s vSwitch and the vSwitch uplink port is connected to the physical interface of the router. This behavior is expected.
The Cisco CSR 1000V provides an MTU range from 1500 to 9216 bytes. However, ESXi 5.0 supports only a maximum value of 9000 bytes.
The server and processor requirements are different depending on the Cisco CSR 1000V release.
Table 1-3 Server Requirements
Cisco CSR 1000V Release
Cisco IOS XE Release 3.9S
Intel Nehalem and later-generation processors are supported.
Cisco IOS XE Releases 3.10S, 3.11S, 3.12S, 3.13S
Intel processors prior to the Nehalem generation are supported.
NoteIn Cisco IOS XE Release 3.9S, the Cisco CSR 1000V uses instructions not supported on Intel pre-Nehalem generation processors. The existence of the required Nehalem or later processor instruction set is determined at boot time. If the required instructions are not present, the following message is displayed: In Cisco IOS XE Release 3.9S, the Cisco CSR 1000V uses instructions not supported on Intel pre-Nehalem generation processors. The existence of the required Nehalem or later processor instruction set is determined at boot time. If the required instructions are not present, the following message is displayed:
%IOSXEBOOT-4-BOOT_HALT: (rp/0): Halted boot due to missing CPU feature requirement(s)
The Cisco CSR 1000V Series software supports the standard Cisco software licensing process in Cisco IOS XE. The software activation process is similar to other Cisco router products, but there are some differences and additional requirements.
The Cisco CSR 1000V supports the following license types depending on the software release:
Perpetual and subscription term licenses for 1, 3, and 5 years based on the following attributes:
– Cisco IOS XE technology packages (Standard, Advanced and Premium) in Cisco IOS XE releases 3.12S and earlier
– Cisco IOS XE technology packages (IPBase, Security, AX and APPX) in Cisco IOS XE 3.13S and higher
– Maximum supported throughput level (10, 25, 50, 100, 250, or 500 Mbps, and 1, 2.5, 5 or 10 Gbps)
Memory upgrade licenses (selected technology packages and throughput levels only)
13.The additional memory is allocated to control plane (IOSD) processes on the router only. The memory upgrade license does not add available memory on the VM. By default, 2.5 GB is allocated to the control plane; adding 4 GB of memory can increase the control plane allocation to 6.5 GB.
The supported performance indicates the maximum throughput supported by the Cisco CSR 1000V for the license. If the throughput exceeds the supported performance, the router may experience dropped packets and you will receive notification that the supported performance has been exceeded. The Cisco CSR 1000V uses a performance limiter to regulate the throughput level. For more information, see the “Configuring the 10 Gbps Interface” section.
If additional performance is required, an additional license for a separate Cisco CSR 1000V VM must be purchased. The Cisco CSR 1000V supports only one router instance per VM.
The Cisco CSR 1000V software licenses operate as follows:
Each software license can be used for only one VM.
You can install more than one license on a VM, but the multiple licenses can only apply to that VM.
Similar to Cisco hardware products, the software license is node-locked to the unique device identifier (UDI) of that product. The Cisco CSR 1000V generates a Virtual UDI (vUDI) when first installed on the VM, and licenses are node-locked to that vUDI. One license per VM instance is required. Instances that are cloned from a repository must generate a new vUDI.
Note When you clone the Cisco CSR 1000V, you will automatically get a new vUDI, and all the licenses from the original VM should be removed.
You must purchase and install a new technology package license if you want to upgrade or downgrade the technology level. For example, if you have a Premium technology package license and you want to downgrade to the Standard technology package, you must purchase a new Standard technology package license.
In Cisco IOS XE Release 3.10S, the default license will not enable advanced IPsec features and MPLS.
The Cisco CSR 1000V does not provide or support Right-to-Use performance licenses.
You will receive warning notices that the subscription term license will expire beginning eight weeks before license expiration.
The licenses must be activated in order for the Cisco CSR 1000V network ports to provide the supported throughput.
When the Cisco CSR 1000V is first booted, the router operates in evaluation mode, and provides limited feature support and limited throughput. To obtain the full feature support and throughput provided by your license, you must install the license using the license install command. The configuration requirements depend on the release version:
In Cisco IOS XE 3.12S and earlier, to access the features supported in your license, you must enter the license boot level command and set it to the level supported by your license. The Cisco CSR 1000V must be rebooted for the new license level to take effect and to have the new license applied.
In Cisco IOS XE 3.13S and later, the Cisco CSR 1000V first boots up in the AX technology mode by default, so all features in this package are supported. Installing an AX technology license applies the AX license immediately, and the throughput is increased to the maximum throughput of the installed license. Rebooting the router is not required.
If you install a different technology license (IPBase, Security or APPX), the corresponding license boot level command setting is automatically added to the running configuration, but you must reboot the router for the new license technology level to take effect and to have the license applied.
The installed license technology package must match the router’s current technology level (as shown with the show version command). If the license package does not match the current license level the throughput is limited to 100kbps. To apply a license belonging to a different technology package level, you must update the license level using the license boot level command and reboot the Cisco CSR 1000V for the new license level to take effect.
If the throughput license expires or becomes invalid, the maximum throughput of the router reverts to 2.5 Mbps (Cisco IOS XE 3.12S and earlier), or 100 Kbps (Cisco IOS XE 3.13S and later).
The subscription term begins on the day the license is issued.
Evaluation licenses are available to sample the Cisco CSR 1000V features, and are obtained differently depending on the release version:
(Cisco IOS XE 3.12S and earlier) Evaluation licenses valid for 60 days are bundled with the software image.
The evaluation license defaults to the Standard feature technology level. To evaluate features at the Advanced or Premium level, you must configure the license boot level command and reboot the Cisco CSR 1000V for the new technology level to take effect.
You can change the throughput of the evaluation license using the platform hardware throughput-level command. When the 60-day evaluation license expires, the maximum throughput reverts to 2.5 Mbps and to the limited feature set.
(Cisco IOS XE 3.13S and later) Evaluation licenses valid for 30 days are available at the Cisco licensing portal at:
– AX feature set license with 50 Mbps maximum throughput
– APPX feature set license that supports higher throughput, set using the platform hardware throughput-level command.
When the 60-day evaluation license expires, the maximum throughput is limited to 100 Kbps.
Cisco CSR 1000V Series Architecture Differences from Hardware Platforms
Unlike traditional Cisco hardware router platforms, the Cisco CSR 1000V Series is a virtual router that runs independently on an x86 machine. As a result, the Cisco CSR 1000V Series architecture has unique attributes that differentiate it from hardware-based router platforms.
For example, Table 1-5 lists a comparison of some key areas where the Cisco CSR 1000V Series differs from the Cisco ASR 1000 series routers.
Table 1-5 Cisco CSR 1000V Series Architecture Differences with Cisco ASR 1000 Series Routers
Cisco ASR 1000 Series
Cisco CSR 1000V Series
The Cisco CSR 1000V does not include a hard disk. The software image is stored on bootflash only (8 GB).
Managed by architecture of the hardware platform.
Managed by the hypervisor. Physical resources are shared among VMs.
Console types supported
Physical serial port.
VMware soft console
Network option (virtual terminal server)
Named pipe option
Physical serial port on the ESXi or KVM host
The Cisco CSR 1000V does not include ROMMON, but uses GRUB to provide similar but more limited functionality.
The Cisco CSR 1000V Series Cloud Services Router supports selected Cisco IOS XE technologies. The Cisco CSR 1000V supports a more limited set of functionality compared to other router platforms.
Table 1-6 lists the major Cisco IOS XE technologies the Cisco CSR 1000V supports. Technologies not listed are not currently supported on the Cisco CSR 1000V. Not all features in a given technology may be supported. To verify support for specific features, use Cisco Feature Navigator. For more information, see the “Using Cisco Feature Navigator” section.
NoteThe IPBase, Security, and AX license technology packages are available beginning with Cisco IOS XE release 3.12.1. The IPBase, Security, and AX license technology packages are available beginning with Cisco IOS XE release 3.12.1.
Unless otherwise noted, each technology is supported on Cisco IOS XE 3.9S and higher.
Table 1-6 Cisco IOS XE Technologies Supported on the Cisco CSR 1000V Cloud Services Router
Technology Package Licenses Supported in Cisco IOS XE Releases 3.12S and Earlier
Technology Package Licenses Supported in Cisco IOS XE Releases 3.13S and Later
Managing the Router Using Cisco Configuration Professional
Beginning with Cisco IOS XE Release 3.12S, the Cisco CSR 1000V supports managing the router using Cisco Configuration Professional. The minimum version required is Cisco Configuration Professional 2.8. For more information, see the Cisco Configuration Professional documentation.
Managing the Router Using the Cisco CSR 1000V REST API
Beginning with Cisco IOS XE Release 3.10S, the Cisco CSR 1000V provides a REST API as an alternative method of managing the router. The following requirements apply to the Cisco CSR 1000V REST API:
The Cisco CSR 1000V REST API supports only selected features and technologies compared to the Cisco IOS XE command-line interface.
Note The Cisco CSR 1000V currently does not support IPv6 for the REST API.
The Cisco CSR 1000V REST API is supported over HTTPS only.
– In Cisco IOS XE Release 3.10S, you must enable HTTPS support.
– Beginning with Cisco IOS XE Release 3.11S, HTTPS support is enabled by default.
The Cisco CSR 1000V Amazon Machine Image (AMI) does not support management of the router using the REST API.
Managing the Router Using Cisco Prime Network Services Controller
Beginning with Cisco IOS XE Release 3.11S, you can use the Cisco Prime Network Services Controller to provision, manage, and monitor the Cisco CSR 1000V. Cisco Prime Network Services Controller can be used to streamline configuration when you are provisioning and managing many Cisco CSR 1000V VMs.
If deploying the Cisco CSR 1000V on ESXi, support for remote management using PNSC can be configured while deploying the OVA template. If deploying the Cisco CSR 1000V on other hypervisors, or if launching the Cisco CSR 1000V on an AWS instance, the PNSC configuration settings are performed using the Cisco IOS CLI.
Finding Support Information for Platforms and Cisco Software Images
Cisco software is packaged in feature sets consisting of software images that support specific platforms. The feature sets available for a specific platform depend on which Cisco software images are included in a release. To identify the set of software images available in a specific release or to find out if a feature is available in a given Cisco IOS XE software image, you can use Cisco Feature Navigator, the Software Advisor, or the software release notes.
Using Cisco Feature Navigator
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS XE software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn . An account on Cisco.com is not required.
Using the Software Advisor
To see if a feature is supported by a Cisco IOS XE release, to locate the software document for that feature, or to check the minimum Cisco IOS XE software requirements with your router, Cisco maintains the Software Advisor tool on Cisco.com at:
You must be a registered user on Cisco.com to access this tool.
Using the Software Release Notes
Cisco IOS XE software release notes provide the following information:
Open and resolved severity 1 and 2 caveats
Release notes are intended to be release-specific for the most current release, and the information provided in these documents may not be cumulative in providing information about features that first appeared in previous releases. See Cisco Feature Navigator for cumulative feature information.