First Published: January 11, 2023

This document provides information about Cisco Crosswork Network Controller 4.1.x, including product overview, solution components, new features and functionality, compatibility information, and known issues and limitations.

Overview

Cisco Crosswork Network Controller empowers customers to simplify and automate intent-based network service provisioning, monitoring and optimization in a multi-vendor network environment with a common GUI and API.

The solution combines intent-based network automation to deliver critical capabilities for service orchestration and fulfilment, network optimization, service path computation, device deployment and management, and anomaly detection and automatic remediation. Using telemetry gathering and automated responses, Cisco Crosswork Network Controller delivers network optimization capabilities that would be nearly impossible to replicate even with a highly skilled and dedicated staff operating the network.

The fully integrated solution combines core capabilities from multiple innovative, industry-leading products including Cisco Network Services Orchestrator (NSO), Cisco Segment Routing Path Computation Element (SR-PCE), Cisco Crosswork Data Gateway, and Cisco Crosswork's infrastructure and suite of applications. Its unified user interface allows real-time visualization of the network topology and services, as well as service and transport provisioning, via a single pane of glass.

Primary Use Cases:

  • Orchestrated service provisioning: Provisioning of L2VPN and L3VPN services with underlay transport policies in order to define, meet, and maintain SLAs, using the UI or APIs.

  • Real-time network and bandwidth optimization:Intent-based closed-loop automation, congestion mitigation and dynamic bandwidth management based on Segment Routing and RSVP-TE. Optimization of bandwidth resource utilization by setting utilization thresholds on links and calculating tactical alternate paths when thresholds are exceeded. Real-time telemetry is used to detect changes in network traffic and then changes in the network are automatically implemented to deliver on the operator's intent.

  • Local Congestion Management: Local, interface-level congestion mitigation recommendations for rerouting traffic around the congested interface using tactical TE policies.

  • Visualization of network and service topology and inventory: Visibility into device and service inventory and visualization of devices, links, and transport/VPN services and their status on logical or geographical maps.

  • Performance-based closed-loop automation:Automated discovery and remediation of problems in the network by allowing Key Performance Indicator (KPI) customization and monitoring and triggering of pre-defined remediation tasks when a KPI threshold is breached. Cisco Crosswork Health Insights and Change Automation (optional add-ons) must be installed for this use case.

  • Planning, scheduling, and automating network maintenance tasks: Scheduling an appropriate maintenance window for a maintenance task after evaluating the potential impact of the down-time on the network (using WAE Design). Automating the execution of maintenance tasks (such as throughput checks, software upgrades, SMU installs) using playbooks. Cisco Crosswork Health Insights and Change Automation (optional add-ons) must be installed for this use case.

  • Secure zero-touch onboarding and provisioning of devices: Automatic onboarding of new IOS-XR devices and provisioning of Day0 configuration, resulting in faster deployment of new hardware at a lower operating cost. Cisco Crosswork Zero Touch Provisioning (optional add-on) must be installed for this use case.

  • Visualization of native SR paths: Visualizing the native path using the traceroute SR-MPLS multipath command to get the actual paths between the source and the destination can be achieved using Path Query. With Cisco Crosswork Network Controller, a traceroute command runs on the source device for the destination TE-Router ID and assists in retrieving the paths.

  • Discovery, Analysis, and Visualization of Multicast Trees using Tree-SID in Segment Routed Networks: Visualizing pre-provisioned Segment Routing Path Computation Elements (SR-PCE) created Multicast Trees using TREE-SID within your network is critical for video broadcasting and streaming service providers who must use multicast protocols to replicate traffic and send it to different points in the network. With Cisco Crosswork Network Controller, users can visualize pre-provisioned Tree Segment Identifier (Tree-SID) SR paths easily and quickly.

Solution Components

Cisco Crosswork Network Controller components hosted on the Crosswork cluster:

Table 1.

Component

Version

Description

Cisco Crosswork Infrastructure

4.4

A resilient and scalable platform on which all of the Cisco Crosswork applications can be deployed. The infrastructure is based on a cluster architecture for extensibility, scalability, and high availability.

Cisco Crosswork Data Gateway (CDG)

4.1

A secure, common collection platform for gathering network data from multi-vendor devices that supports multiple data collection protocols including MDT, SNMP, CLI, standards-based gNMI (dial-in), and syslog.

Cisco Crosswork Optimization Engine

4.1

Provides closed-loop tracking of the network state and real-time network optimization in response to changes in network state, allowing operators to effectively maximize network capacity utilization, as well as increase service velocity.

Provides traffic engineering visualization of SR-MPLS, SRv6, and RSVP-TE policies.

Cisco Crosswork Health Insights (optional add-on)

4.4

A network health application that performs real-time Key Performance Indicator (KPI) monitoring, alerting, and troubleshooting. It builds dynamic detection and analytics modules that allow operators to monitor and alert on network events based on user-defined logic.

Cisco Crosswork Change Automation (optional add-on)

4.4

Automates the process of deploying changes to the network.

Cisco Crosswork Active Topology

4.1

Provides a unified user interface for device and service inventory, topology visualization, and service provisioning.

Cisco Crosswork Zero-Touch Provisioning (optional add-on)

4.1

Automatic onboarding of new IOS-XR and IOS-XE devices and provisioning of Day0 configuration, resulting in faster deployment of new hardware at a lower operating cost.

Products that integrate with Cisco Crosswork Network Controller:

Table 2.

Component

Version

Description

Cisco Network Services Orchestrator

5.7.6

An orchestration platform that makes use of pluggable function packs to translate network-wide service intent into device-specific configuration. Cisco NSO provides flexible service orchestration and lifecycle management across physical network elements and cloud-based virtual network functions (VNFs), fulfilling the role of the Network Orchestrator (NFVO) within the ETSI architecture. It provides complete support for physical and virtual network elements, with a consistent operational model across both. It can orchestrate across multi-vendor environments and support multiple technology stacks, enabling extension of end-to-end automation to virtually any use case or device.

Cisco Segment Routing Path Computation Element (SR-PCE)

7.7.1

An IOS-XR multi-domain stateful PCE supporting both segment routing (SR) and Resource Reservation Protocol (RSVP). Cisco SR-PCE builds on the native Path Computation Engine (PCE) abilities within IOS-XR devices, and provides the ability to collect topology and segment routing IDs through BGP-LS, calculate paths that adhere to service SLAs, and program them into the source router as an ordered list of segments.

What's New

The table below lists the primary new features and functionality introduced in Cisco Crosswork Network Controller 4.1.x.

Table 3. New Features and Functionality in Cisco Crosswork Network Controller 4.1.x

Feature

What's New?
Service Health Service Health monitoring is available for both Basic Monitoring and Advanced Monitoring. With Basic Monitoring, there are fewer resources consumed, but more services (up to 50,000) can be monitored in less detail . With Advanced Monitoring, more resources are consumed, but fewer services (up to 2,000) can be monitored (but in greater detail). In total, Basic + Advanced Monitoring provides up to 52,000 services that can be monitored. For more information on Service Health, see Cisco Service Health in the Solution Components and Integrated Architecture section. Other new features and functionality:

  • External Storage supported, in conjunction with Internal Storage, for expanded historical Service Health monitoring data capacity.

  • The Service Health Collection Jobs administrative option provides the capability to view Parameterized Jobs (template-based collection jobs) that supports a greater number of jobs, adding the ability to view CLI collection jobs. This is useful when troubleshooting collection job issues by examining details of individual devices using Parameterized Jobs. Devices are identified by their Context ID (protocol) so to determine if they are GMNI, SNMP, or CLI-based jobs.

Brownfield Service Visualization API Extension

Brownfield support services API extension allows operators to create visualizations for services they have provisioned in the network that CW cannot already visualize. Details about the API including samples can be found on Cisco Devnet.

Cisco Customer Experience (CX) provides a new service offer to assist customers get started creating their own service visualizations. For more details, contact your CX representative.

Flexible Algorithm Visualization

Crosswork Network Controller now supports use of Segment Routing Flexible Algorithm (Flex-Algo) to view up to two Flexible Algorithm IDs in your network enabled in the Traffic Engineering topology view.

SRv6

Crosswork Network Controller now supports L2VPN services over SRv6 (L2VPN EVPN VPWS and VPLS)..

Multipoint VPLS using EVPN

Cisco Crosswork Network Controller now extends L2VPN EVPN VPWS support with the addition of L2VPN EVPN VPLS and the following service topologies: ELAN, ETREE, and Custom.

  • ELAN any-to-any: Full mesh topology where all sites communicate with one another. The same route targets (RTs) are assigned across all nodes.

  • ETREE hub-spoke: RTs are assigned in a manner which spokes are able to communicate with the hub, but not with each other. A spoke is defined if node-role is defined for a given site.

  • Custom: User will manually define RT values for each site.

Tree-SID Visualization

Cisco Crosswork Network Controller lets you visualize the Tree-SID policies implemented in your network that uses the Segment Routing Path Computation Element (SR-PCE) using path computation element protocol (PCEP). You can view the details of the Tree-SID root, transit and leaf nodes, bud nodes. You can easily confirm that Tree-SID is implemented correctly in your network.

Note 

Tree-SID paths for Bud nodes are not displayed on the topology-map UI and the policy details section.

Tree-SID policies are not deleted from the UI when PCE is down.

EMS Services Support

To enable service-driven workflow for packet networks, Element Management System (EMS) services are bundled with the Crosswork Network Controller Advantage pack. The EMS functions include inventory, fault, and Software Image Management (SWIM).

  • Inventory service integrates deep inventory collection with Cisco Crosswork’s Device Lifecycle Management (DLM). It enriches the existing device onboarding workflow to gather more insights about the device. Built-in device packages enable deep inventory collection when the user manually attaches a device to the Crosswork Data Gateway. The collection is persisted in the database and monitored using the Inventory APIs.

  • Fault service is associated with alarm management. It provides API support for subscription, request, retrieval, and auto-clearing of alarms for Topology Visualization services. Monitored using the Fault APIs, the fault service improves the existing topology views by showing the alarm status for devices and links.

  • SWIM is integrated with Crosswork Change Automation and managed with SWIM APIs. It allows operators to view, import, and delete software images, as well as push software images to the devices in the network. SWIM improves compliance and accelerates upgrades.

Configurable Service Points

The configurable service points feature allows a user to define a list of service points and to appear on the service provisioning tree in the Provisioning UI.

Policy and Tunnel Provisioning

  • Policy and tunnel provisioning preview details have been updated with more details and topology map enhancements.

  • Only PCC nodes that have a PCEP session with the PCE are available for headend selection.

Traffic Engineering

TE Dashboard provides a summary of SR-MPLS, RSVP-TE tunnel, SRv6, and Tree SID policy information. You can also view the historic data associated with the policies.

TE affinity, retention of historical utilization data, timeout, and unused utilization threshold configuration can be found in Administration > Settings > Traffic Engineering.

User Interface/Usability

  • Numerous UI improvements to enhance usability.

Topology

  • Numerous topology improvements to enhance usability and visualization.

RESTCONF APIs

API Enhancement and Additions: The Crosswork environment is developed as an API first platform. All new features and functions described are accessible using the API. Details about the API can be found on Cisco Devnet.

Documentation

  • The Cisco Crosswork Infrastructure 4.4 and Applications Installation Guide covers installation of the cluster and installation of Crosswork applications on top of the infrastructure.

  • The Cisco Crosswork Infrastructure 4.4 and Applications Administration Guide covers setup and maintenance of the Crosswork system. There is no longer a Getting Started Guide for Cisco Crosswork Network Controller.

  • The Cisco Crosswork Network Controller 4.1.x Solution Workflow Guide provides an overview of the solution and its supported use cases. It walks users step-by-step through various common usage scenarios to illustrate how users can work with the solution components to achieve the desired benefits.

Compatibility Information

Table 4. Cisco IOS Software Version Support
Operating System Version SR-PCE PCE-Init PCC-Init NSO + CFP CLI NSO + CFP NETCONF Crosswork Infrastructure 4.4 Crosswork Optimization Engine Crosswork ZTP Service Health
IOS-XR

6.5.3

6.6.3

7.1.2

7.2.1

7.3.1

7.3.2

7.4.1

7.5.2

7.7.11
IOS-XE

17.4.1

17.5.1

17.6.1

17.7.1

17.8.1
1 Not supported on Cisco ASR 9000 (32-bit)

Note

Many features on Cisco Crosswork Network Controller depend on the underlying router XR/XE versions and the SR-PCE software versions to support it. Verify those are supported and working in the combination of software versions on router platforms and SR-PCE.


Note

For more information on IOS/Platform support information for IOS-XR versions 6.7.2, 7.0.2, 7.4.2, 7.6.1 and IOS-XE version 17.6.3, see the Cisco Crosswork Optimization Engine Release Notes.

Scale Support

To support large scale deployment, the applications that make up Cisco Crosswork Network Controller (Cisco Crosswork Optimization, Cisco Crosswork Active Topology, and other applications) are built with workload and endpoint load balancing using the Cisco Crosswork infrastructure's cluster architecture.

The following scale support numbers only apply to Cisco Crosswork solution applications.

Table 5. Scale Support

Feature

Scale Support

Devices

25,000

Total Interfaces2

350,0003

Provision of SR-TE policies and RSVP-TE tunnel (PCE-initiated)

100,000

IGP links

200,000

VPN Services (L2VPN, L3VPN)

300,000
2 This is the total number of interfaces that Cisco Crosswork can receive and process.
3 This number has been validated with a total collection load of 650,000 interface entries across 25,000 devices (with 300,000 entries filtered out in the CDGs based on interface type). The number of CDG VMs can be increased to support higher collection loads.

Note

Supported scale numbers for Cisco Crosswork Network Controller Essentials deployment is a 3-node cluster, while Advantage deployment is a 5-node cluster (required).


Note

200K active IGP interfaces provided.

Important Notes

Take into consideration the following important information before starting to use Cisco Crosswork Network Controller 4.1.x:

  • Cisco Crosswork Change Automation 4.4 & Cisco Crosswork Health Insights 4.4:

    Cisco Crosswork Change Automation 4.4 and Cisco Crosswork Health Insights 4.4 are available as an add-on license in the purchase of Cisco Crosswork Network Controller 4.1.x.

  • Obtaining Cisco Geomaps for topology map renditions:

    Cisco Crosswork Network Controller allows users to obtain downloadable geographical maps (geomaps) based on their specific topology mapping needs. If your environment allows contact with the map provider website we specify in Crosswork, you do not need to download the map files. If your environment does not allow outside access, you will need to download the map files for the areas where your network requires coverage.

  • VPN Service Provisioning:

    The Cisco NSO sample function packs are provided as a starting point for VPN service and RSVP-TE provisioning functionality in Cisco Crosswork Network Controller. While the samples can be used “as is” in some limited network configurations, they are intended to demonstrate the extensible design of Cisco Crosswork Network Controller. Answers to common questions can be found here and Cisco Customer Experience representatives can provide answers to general questions about the samples. Support for customization of the samples for your specific use cases can be arranged through your Cisco account team.


Note

For licensing and ordering information, work with your Cisco Partner or Cisco Sales representative to review the options described in the Cisco Crosswork Network Controller Ordering Guide.

Known Issues and Limitations

The table below shows known issues and limitations that should be taken into account before starting to work with Cisco Crosswork Network Controller 4.1.x.

Table 6. Known Issues and Limitations

Issue/Limitation

Context within Cisco Crosswork Network Controller

If you shut down an SR Policy (L2VPN EVPN SR-TE service with fallback enable with Y1731 configured) at one endpoint, it results in packet loss and the Y1731 peer MEP check fails with symptoms flapping between up and peer-mep-failed and cross-check-missing in the device.

SR Policy

If service monitoring fails due to transient errors, such as HPM “nats time out”, stop and then restart service monitoring.

Service Health

Only enable one discovery protocol (CDP or LLDP) on an ethernet link when enabling protocols in the Layer 2 (L2) discovery settings. If you enable both CDP and LLDP on the same ethernet link and enable both protocols in the L2 discovery settings, it will result in duplicate links in the UI.

Layer 2 Discovery

After monitoring fails in one of the worker nodes in a cluster, stopping and restarting the monitoring again does not resolve the issue and the service remains in error state while Assurance Graph remains unavailable. After the node is recovered and is again up (with all CAPPs and pods in a healthy state), the service remains in error state.

Service Health

NSO service pack implementation should support proper handling of zombies and ensure that the delete service-state-change notifications be sent when a zombies for the service are removed for a proper integration with Cisco Crosswork Network Controller UI. Without this support, deleting or redeploy of a service from Cisco Crosswork Network Controller UI may not work as expected.

NSO service pack implementation

Service Health’s corresponding VPN remains in a healthy state (it does not fail or move to a degraded state) after the user powers off Cisco Data Gateway (CDG) and the collection jobs become degraded as expected. In this scenario, a user onboards devices attached to a CDG with no spare on the pool. An L3VPN service is created and is enabled to monitor with Advanced/gold profile. Once the Service Health service shows a healthy state, CDG is powered off and collection jobs become degraded. Because Service Health is live monitoring, the user would expect the corresponding VPNs to also become degraded or fail and not remain in a healthy state.

Service Health
L2VPN cannot support the use of the SRv6TE or SRv6TE ODN (via route policy). Route Policy

Explicit path is not supported for SRv6 policy. However, when provisioning an SRv6 policy, if the candidate path is configured prior to enabling SRv6, the Explicit Path option is visible and can be committed with no warning and the explicit path config is ignored when SRv6 policy is pushed to the devices. If SRv6 is enabled first, before configuring the path, the Explicit Path option is not visible due to no SRv6 explicit path support.

Provisioning an SRv6 policy and configuring the Path

Custom templates cannot be created using the GUI, nor can their contents be visualized in the GUI. Custom templates created offline can be applied to service models via GUI and API. However, topology map overlays and service configuration views will not display custom template configuration.

Provisioning GUI

Services can be provisioned to devices when devices are not mapped to Cisco Crosswork Network Controller or are operationally down, provided they are reachable and in sync with NSO.

Provisioning GUI

Product Documentation

The following documents are provided for Cisco Crosswork Network Controller 4.1.x. For links to related documentation that you might find useful, see Additional Related Documentation.

Table 7. Cisco Crosswork Network Controller 4.1.x Documentation

Document

What is Included
Cisco Crosswork Network Controller 4.1.x Release Notes

This document
Cisco Crosswork Infrastructure 4.4 and Applications Installation Guide

Shared installation guide for all the Cisco Crosswork applications and their common infrastructure. Covers:

  • System requirements

  • Installation prerequisites

  • Installation instructions

  • Upgrade instructions
Cisco Crosswork Infrastructure 4.4 and Application Administration Guide

Shared administration guide for all the Cisco Crosswork applications and their common infrastructure. Covers:

  • Managing clusters and data gateway

  • Data collection

  • High availability

  • Backup and restore

  • Onboard and manage devices

  • Zero touch provisioning

  • Set up maps

  • Managing users, access and security

  • Maintain system health
Cisco Crosswork Network Controller 4.1.x Solution Workflow Guide

  • Solution overview

  • Supported use cases and their benefits.

  • Procedures for achieving the desired outcome for real-life usage scenarios using the Cisco Crosswork Network Controller UI.

Open Source Used in Cisco Crosswork Network Controller 4.1

Lists of licenses and notices for open source software used in Cisco Crosswork Network Controller 4.1.x.

API Documentation

Advanced users can extend the Cisco Crosswork functionality using the APIs. API documentation is available on Cisco Devnet.

Related Product Documentation

This section provides links to documentation for products related to Cisco Crosswork Network Controller:

You can access documentation for all Cisco Crosswork products at https://www.cisco.com/c/en/us/support/cloud-systems-management/crosswork-network-automation/tsd-products-support-series-home.html

Bugs

If you encounter problems while working with Cisco Crosswork, check this list of open bugs. Each bug ID in the list links to a more detailed descritption and workaround. You can use the Cisco Bug Search Tool to search for bugs.

  1. Go to the Cisco Bug Search Tool.

  2. Enter your registered Cisco.com username and password, and click Log In.

    The Bug Search page opens.


    Note

    If you do not have a Cisco.com username and password, you can register here.

  3. To search for all Cisco Crosswork bugs, from the Product list select Cloud and Systems Management > Routing and Switching Management > Cisco Crosswork Network Automation and enter additional criteria (such as bug ID, problem description, a feature, or a product name) in the Search For field. Examples: "Optimization Engine" or "CSCwc62479"

  4. When the search results are displayed, use the filter tools to narrow the results. You can filter the bugs by status, severity, and so on.


Note

To export the results to a spreadsheet, click Export Results to Excel.

Security

Cisco takes great strides to ensure that all our products conform to the latest industry recommendations. We firmly believe that security is an end-to-end commitment and are here to help secure your entire environment. Please work with your Cisco account team to review the security profile of your network.

For details on how we validate our products, see Cisco Secure Products and Solutions and Cisco Security Advisories.

If you have questions or concerns regarding the security of any Cisco products, please open a case with the Cisco Customer Experience team and include details about the tool being used and any vulnerabilities it reports.

Support & Downloads

The Cisco Support and Downloads website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies.

Access to most tools on the Cisco Support and Downloads website requires a Cisco.com user ID and password.

For more information:

https://www.cisco.com/c/en/us/support/index.html

Obtain Additional Information

Information about Cisco products, services, technologies, and networking solutions is available from various online sources.