Cisco IOS XR Software - Cisco IOS XR Smart Licensing

Smart Licensing for Cisco IOS XR Routers

Smart Licensing (SL) is a cloud-based software licensing model that allows you to

activate and manage Cisco software licenses across your organization
easily track the status of your licenses and software usage trends, and
pool licenses or entitlements across the entire organization in a flexible and automated manner.

Benefits

These are the key benefits of Smart Licensing.

Easy activation: Establishes a pool of software licenses that can be used across your company—no more entering Product Activation Keys.
Unified management: Provides a complete view into all of your products and services in an user-friendly portal.
License flexibility: Allows you to easily use and move licenses as needed since the software is not node-locked to your hardware.

Key features

These are the key features of Smart licensing

Direct and Proxy Registration: Registers your device directly with the Cisco Smart Software Manager (CSSM) portal or through a proxy for restricted internet access environments.
Centralized Management: Manage your license inventory using CSSM, simplifying software asset tracking and management.
License Portability: Move or transfer your licenses easily between devices, offering flexibility in deploying software assets within the organization.
Simplified Activation: Simplifies this process by using a pool of licenses that aren’t tied to a specific device as against Traditional licensing.
Automatic License Renewal: Renews licenses automatically, reducing the administrative burden of tracking license expiration dates and manual renewals.
Usage Reporting: Generates detailed reports on license usage to understand device software consumption, optimizing your license investments.
Compliance Assurance: Provides visibility into license entitlements versus actual usage, helping that you stay compliant.
Support for Hybrid Environments: Supports both on-premises and cloud-based environments, allowing for consistent license management across different deployment models.
Real-time Updates: Receives real-time updates from Cisco, ensuring that you have access to the latest features and compliance information.

Comparison between traditional licensing and Smart Licensing

This table summarizes the main distinctions between Smart Licensing and traditional licensing.

**Smart Licensing versus traditional licensing**
Attributes	Traditional licensing	Smart Licensing
License activation	Activate licenses by manually installing them on the device.	Activate licenses by registering the device with the Cisco Smart Software Manager (CSSM).
License pooling	Associates each license with a specific device (node-locked) and does not support license pooling.	Pools licenses within a virtual network account, allowing activation or deactivation of license types on devices without installing license files.
License inventory	Does not provide a central location to view purchased licenses or software usage trends.	Maintains license inventory in CSSM and provides a centralized, statistical view of license usage and consumption.
License transfer	Does not support easy transfer of licenses between devices.	Enables easy movement of licenses between devices without manual transfer, simplifying reassignment during Return Material Authorization (RMA) processes.
License visibility	Offers limited visibility into software licenses, tracking licenses only on a per-node basis.	Provides consolidated usage reports and an overall snapshot of licenses in the network through a single portal.

Types of deployment models for Smart Licensing

Smart Licensing offers various deployment models to provide flexible options for managing software licenses. These are based on your specific network requirements and connectivity preferences.

On-Premises deployments: Organizations that prefer not to have their products communicate directly with Cisco Smart Software Manager (CSSM) over the internet, opt for this model.
Direct deployments: Organizations that have small networks and prefer not to manage an on-premises server, particularly in enterprise environments, opt for this model.
Offline deployments: Organizations that require highly secure environments opt for this model as it allows them to set up devices without internet access.

Deploying Smart Licensing

Summary

The key components involved in Smart Licensing are:

Network administrator: The network professional who oversees the license management process, ensuring compliance and optimal utilization.
Cisco Commerce Workspace (CCW): The platform where users order Cisco software licenses, including Smart License-enabled products.
Cisco Smart Software Manager (CSSM): The centralized portal where customers manage their Cisco software licenses. It allows creation and management of Smart Accounts and Virtual Accounts..
Smart Account (SA): A secure, centralized account on Cisco’s licensing portal that enables customers and partners to manage software licenses and entitlements.
Virtual Account (VA): A child container within a Smart Account that helps organize licenses into logical groups for easier management and delegation.
Network devices: Routers that require licenses
Smart Software Manager (SSM) On-Prem: An on-premises server to report license usage in On-Premises deployment model or Offline deployment model.
Offline server: An offline server to report license usage in Offline deployment model.

You can deploy Smart Licensing with various deployment models, including on-premises, direct, and offline environments. Each model has specific methods for license activation and usage reporting. The CSSM plays a central role in managing licenses, providing visibility into license usage and ownership, which aids in optimizing resource allocation.

Workflow

The process of deploying Smart Licensing involves these key stages:

Order licenses: The network administrator
- orders licenses from CCW, and
- accesses CSSM to create the Smart Account and Virtual Accounts to organize licenses effectively.
Activate licenses: The network administrator
- selects the deployment model based on their requirement
- configures the Smart Licensing transport mode, and
- registers the device with CSSM.
Manage licenses: The network administrator
- generates reports from the devices
- synchronizes reports with CSSM either automatically or manually, and
- monitors license usage and compliance status through the CSSM portal.

Guidelines for deploying Smart Licensing

Guidelines to avoid SSL communication errors

Starting with Cisco IOS XR Release 7.10.1, for secure HTTPS communication to SSM on-prem server or CSSM, either directly or via an HTTP proxy, the device validates the Common Name (CN) on the server certificate as a Fully Qualified Domain Name (FQDN). To avoid communication errors, such as "Error during SSL communication", follow these guidelines.

You must configure the CN in the X.509 server certificate to enable FQDN validation.
To allow certificates with IP addresses instead of FQDNs, you must configure the crypto ca fqdn-check ip-address allow command on your device.
If HTTPS communication occurs within a Virtual Routing and Forwarding (VRF) instance, you must configure the appropriate VRF for the trustpoint using the crypto ca trustpoint Trustpool vrf vrf-name command and the HTTP client using the http client vrf vrf-name command.

On-premises deployments

An on-premises deployment is a Smart Licensing deployment option that

allows organizations to manage product licenses internally
avoids direct communication between managed products and CSSM over the internet, and
requires a local license server, such as Smart Software Manager (SSM), to administer and manage devices and licenses.

Smart Software Manager (SSM) is an on-premises version of Cisco Smart Software Manager (CSSM) that

enables organizations to manage licenses internally and choose between online or offline connectivity with Cisco
serves as the single point of interface with CSSM for connected devices
supports multiple local accounts, and
enables devices to register locally and report license consumption.

SSM on-prem modes

SSM On-Prem connects with CSSM in the cloud to synchronize license consumption and usage at the desired frequency such as daily, weekly, or monthly.

These are the ways that you can connect SSM On-Prem with CSSM:

Connected - Manage your devices on the premises. Devices register to SSM on-prem and report license consumption to CSSM.
Disconnected - Manage your devices on premises without connecting to CSSM. SSM on-prem synchronizes to CSSM via a manual file transfer process for reporting license consumption and usage.

Report license usage

To report license usage, synchronize local accounts on SSM On-Prem with CSSM by using the Synchronization widget in the SSM On-Prem UI.

You can synchronize license usage with CSSM using any of these methods:

Set up on-demand synchronization with CSSM using the option Synchronize now with Cisco.
Schedule synchronization with CSSM at a specified time.
Synchronize the license usage with CSSM, either by connecting to CSSM or by downloading and uploading files.

Activate licenses on SSM on-prem

Smart Licensing on SSM on-prem server uses call home as the transport mode.

Follow these steps to activate licenses on SSM on-prem deployment.

Step 1	Download the Smart Software Manager On-Prem software to prepare for installation on the SSM on-prem server. Refer to the SSM On-Prem User Guide to configure the SSM on-prem server and create a local account.
Step 2	Navigate to the Licensing workspace > Inventory > General on SSM on-prem and select Smart Call Home Registration URL.
Step 3	Generate a Smart Licensing token from the smart account and virtual account in CSSM to register the devices
Step 4	Run the license smart register token id command on your device, to register the device with the Smart Licensing token. Example: `Router# license smart register idtoken $Tl4UytrNXBzbEs1ck8veUtWaG5abnZJOFdDa1FwbVRa%0AblRMbz0%3D%0A`
Step 5	Configure a Call Home destination profile on your device to report Smart Licensing data to CSSM. Example: Router# configure Router(config)# call-home Router(config-call-home)# profile test1 Router(config-call-home-profile)# reporting smart-licensing-data Router(config-call-home-profile)# destination transport-method http Router(config-call-home-profile)# destination address http https://209.165.201.15/Transportgateway/services/DeviceRequestHandler Router(config-call-home-profile)# destination preferred-msg-format xml Router(config-call-home-profile)# active Router(config-call-home-profile)# commit Router(config-call-home-profile)# exit The destination address http command allows you to configure the on-prem destination URL to send Call Home messages. Follow these best practices while configuring the destination URL : If the default destination address exists, then remove using the no destination address http command. Ensure that the IP address or the FQDN in the destination URL matches the IP address or the FQDN of the Host Name on the SSM on-prem server. Refer the topic Guidelines for deploying Smart Licensing to avoid SSL communication errors. The destination preferred-msg-format command allows you to set your preferred message format. The default message format is XML.
Step 6	Enter the http client source-interface command to configure source interface for the HTTP client. Example: `Router(config)# http client source-interface ipv4 Vlan100` This command is mandatory for a VRF interface.
Step 7	(Optional) Enter the crypto ca trustpoint command to declare the trustpoint. Example: `Router(config)# crypto ca trustpoint SLA-TrustPoint Router(config-trustp)# commit Router(config-trustp)# end`
Step 8	Run the show call-home profile all command to view the on-prem Call Home profile. Example: Router# show call-home profile all Tue Aug 18 23:52:16.590 UTC Profile Name: CiscoTAC-1 Profile status: ACTIVE Profile mode: Full Reporting Reporting Data: Smart Call Home, Smart Licensing Preferred Message Format: xml Message Size Limit: 3145728 Bytes Transport Method: http HTTP address(es): https://209.165.201.15/Transportgateway/services/DeviceRequestHandler Other address(es): default Periodic configuration info message is scheduled every 17 day of the month at 13:15 Periodic inventory info message is scheduled every 17 day of the month at 13:0 Alert-group Severity ------------------------ ------------ inventory normal Syslog-Pattern Severity ------------------------ ------------ .* critical
Step 9	Run the show license status command to verify the license status. Example: Router# show license status Smart Licensing is ENABLED Registration: Status: REGISTERED Smart Account: Forty-Two uLtd. Virtual Account: IOSXR Export-Controlled Functionality: ALLOWED Initial Registration: SUCCEEDED on Aug 18 2020 23:51:46 UTC Last Renewal Attempt: None Next Renewal Attempt: Feb 14 2021 23:51:46 UTC Registration Expires: Aug 18 2021 23:46:43 UTC License Authorization: Status: OUT OF COMPLIANCE on Aug 18 2020 23:51:57 UTC Last Communication Attempt: SUCCEEDED on Aug 18 2020 23:51:57 UTC Next Communication Attempt: Aug 19 2020 11:51:57 UTC Communication Deadline: Nov 16 2020 23:46:56 UTC Export Authorization Key: Features Authorized: <none> Utility: Status: DISABLED Data Privacy: Sending Hostname: yes Callhome hostname privacy: DISABLED Smart Licensing hostname privacy: DISABLED Version privacy: DISABLED Transport: Type: Callhome License Usage ============== Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G (ESS-100G-RTU-1): Description: Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G Count: 1 Version: 1.0 Status: OUT OF COMPLIANCE Export status: NOT RESTRICTED 5501 Base Hardware Tracking PID (NCS-5501-TRK): Description: 5501 Base Hardware Tracking PID Count: 1 Version: 1.0 Status: OUT OF COMPLIANCE Export status: NOT RESTRICTED Product Information =================== UDI: PID:NCS-5501,SN:FOC2137R1SL Agent Version ============= Smart Agent for Licensing: 4.9.6_rel/41 Reservation Info ================ License reservation: DISABLED

Manage licenses on SSM on-prem

To have visibility into license usage and stay compliant, you must manage the license.

Step 1

Log into SSM On-Prem > Smart Licensing workspace to synchronize the reports from SSM On-Prem with Cisco.

If your SSM on-prem deployment mode is	Then
Connected	Navigate to Reports and select the desired report. Enter a name and description at Run License Report to generate a report.
Disconnected	Navigate to Reports and select the desired report. Enter a name and description at Run License Report to generate a Run report. Select Export to Excel or Export to CSV reports to open a File Save dialog box. Save the report on the device after downloading the report.

Step 2

Run the show license summary or show license usage commands on your device to view the license consumption details.

Example:

Router# show license summary

Smart Licensing is ENABLED
 
Registration:
  Status: REGISTERED
  Smart Account: Forty-Two uLtd.
  Virtual Account: IOSXR
  Export-Controlled Functionality: ALLOWED
  Last Renewal Attempt: None
  Next Renewal Attempt: Feb 14 2021 23:51:46 UTC
 
License Authorization: 
  Status: OUT OF COMPLIANCE
  Last Communication Attempt: SUCCEEDED
  Next Communication Attempt: Aug 19 2020 11:51:56 UTC
 
License Usage:
  License                                   Entitlement tag               Count Status
  --------------------------------------------------------------------------------------------------
  Core and Aggregation...         (ESS-100G-RTU-1)        1 OUT OF COMPLIANCE
  5501 Base Hardware T...        (NCS-5501-TRK)            1 OUT OF COMPLIANCE

Router# show license usage

License Authorization: 
  Status: OUT OF COMPLIANCE on Aug 18 2020 23:51:57 UTC
 
Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G (ESS-100G-RTU-1):
  Description: Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G
  Count: 1
  Version: 1.0
  Status: OUT OF COMPLIANCE
  Export status: NOT RESTRICTED
 
5501 Base Hardware Tracking PID (NCS-5501-TRK):
  Description: 5501 Base Hardware Tracking PID
  Count: 1
  Version: 1.0
  Status: OUT OF COMPLIANCE
  Export status: NOT RESTRICTED

Direct Deployment

Direct deployment involves connecting devices to tools.cisco.com through the internet or an HTTP proxy server to report usage information using the Smart transport mode. Direct deployment works out of the box with no additional configuration.

Direct deployment is most suitable for small networks, especially in the enterprise world. It's when a user doesn't want to manage an on-premises server and communicates with Cisco directly or through a proxy.

The two ways to set up direct deployments are:

Smart Transport
Smart Call Home

Smart Transport

The Smart Transport is a transport method where a Smart Licensing (JSON) message is contained within an HTTP message and exchanged between a product instance and CSSM to communicate.

Direct Deployment Methods

Direct deployment offers the following methods:

Direct Cloud Access: In this method, devices send usage information directly over the internet to CSSM.
Direct Cloud access through an HTTPs proxy: In this method, devices send usage information over the internet through a proxy server using Smart transport to CSSM.

Report License Usage

In direct deployments, the device automatically generates reports once it’s registered with the CSSM.

Steps to Deploy Smart Licensing using Direct Deployment Mode

After you order the license and set up your smart accounts in CSSM:

Activate Licenses on Direct Deployment
Manage Licenses on Direct Deployment

Activate Licenses on Direct Deployment

Follow these steps to activate licenses in direct deployment.

Step 1	Enable smart transport mode on the device using the license smart transport smart command. Example: `Router# configure Router(config)# license smart transport smart`
Step 2	Configure the transport URL using the license smart url smart `transport-url` command. The router automatically configures the Smart URL (https://smartreceiver.cisco.com/licservice/license). Starting Cisco IOS XR Release 7.10.1, when using HTTPS to communicate directly or through HTTP proxy with SSM On-Prem or CSSM, it is necessary to configure a name server. If the Common Name (CN) in the X.509 server certificate cannot be validated as a Fully Qualified Domain Name (FQDN), communication results in an "Error during SSL communication" It's possible to configure cryptoca fqdn-check ip-address allow command to bypass the name-server configuration. Additionally, you must configure crypto ca trustpoint Trustpool vrf `vrf-name` with http client vrf `vrf-name` for communication in VRF. Example: `Router(config)# license smart url smart https://smartreceiver.cisco.com/licservice/license`
Step 3	If you are deploying Direct Cloud access through an HTTPS proxy method, configure a proxy for the Smart transport mode using the license smart proxy `hostname` port `port-number` command. Skip this step for Direct Cloud Access deployment. When you configure a proxy server, licensing messages are sent to the proxy along with the final destination URL (CSSM). The proxy sends the message to CSSM. Example: `Router(config)# license smart proxy hostname proxy.esl.cisco.com port 80 Router(config)# commit Router(config)# exit`
Step 4	Register the device by generating a token from the smart account and virtual account in CSSM and copy the token on the devices using the license smart register token id command. Example: `Router# license smart register idtoken $Tl4UytrNXBzbEs1ck8veUtWaG5abnZJOFdDa1FwbVRa%0AblRMbz0%3D%0A`
Step 5	Verify the license status using the show license status command. Example: Router# show license status Smart Licensing is ENABLED Utility: Status: DISABLED Data Privacy: Sending Hostname: yes Callhome hostname privacy: DISABLED Smart Licensing hostname privacy: DISABLED Version privacy: DISABLED Transport: Type: Smart URL: https://smartreceiver.cisco.com/licservice/license Proxy: Not Configure Registration: Status: UNREGISTERED Export-Controlled Functionality: NOT ALLOWED License Authorization: Status: EVAL MODE Evaluation Period Remaining: 83 days, 23 hours, 32 minutes, 57 seconds Export Authorization Key: Features Authorized

Manage Licenses on Direct Deployment

Step 1

In CSSM UI, navigate to Smart Software Licensing > Reports.

Step 2

Generate the report at Run License Report.

You can save the report to the device using Export to Excel or Export to CSV.

Step 3

Manage the license consumption on your devices. View the license status and summary using the show license summary or show license usage commands.

Example:

Router# show license summary

 Router# show license summary
Smart Licensing is ENABLED
 
Registration:
  Status: REGISTERED
  Smart Account: Forty-Two uLtd.
  Virtual Account: IOSXR
  Export-Controlled Functionality: ALLOWED
  Last Renewal Attempt: None
  Next Renewal Attempt: Feb 14 2021 23:51:46 UTC
 
License Authorization: 
  Status: OUT OF COMPLIANCE
  Last Communication Attempt: SUCCEEDED
  Next Communication Attempt: Aug 19 2020 11:51:56 UTC
 
License Usage:
  License                                   Entitlement tag               Count Status
  --------------------------------------------------------------------------------------------------
  Core and Aggregation...         (ESS-100G-RTU-1)        1 OUT OF COMPLIANCE
  5501 Base Hardware T...        (NCS-5501-TRK)            1 OUT OF COMPLIANCE

Router# show license usage
Router# show license usage
License Authorization: 
  Status: OUT OF COMPLIANCE on Aug 18 2020 23:51:57 UTC
 
Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G (ESS-100G-RTU-1):
  Description: Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G
  Count: 1
  Version: 1.0
  Status: OUT OF COMPLIANCE
  Export status: NOT RESTRICTED
 
5501 Base Hardware Tracking PID (NCS-5501-TRK):
  Description: 5501 Base Hardware Tracking PID
  Count: 1
  Version: 1.0
  Status: OUT OF COMPLIANCE
  Export status: NOT RESTRICTED

Smart Call Home

Call Home service provides email-based and web-based notification of critical system events to the Cisco Smart Software Manager.

You can also configure Call Home to collect syslog and diagnostic data, collect core dump data, or send email notifications for events. You can view your Call Home collected information with your Smart Licensing username and password at https://tools.cisco.com/sch/reports/deviceReport.do.

For more information on the Smart Call Home feature, see the Smart Call Home Deployment Guide.

Direct Deployment Methods

Direct deployment offers the following methods:

Direct Cloud Access: In this method, devices send usage information directly over the internet to CSSM.
Direct Cloud access through an HTTPs proxy: In this method, devices send usage information over the internet through a proxy server using the Call Home profile to CSSM.

Report License Usage

In direct deployments, the device automatically generates reports once it’s registered with the CSSM.

Steps to Deploy Smart Licensing in Direct Deployment Mode

After you order the license and set up your smart accounts in CSSM:

Activate Licenses on Direct Deployment
Manage Licenses on Direct Deployment

Activate Licenses on Direct Deployment

Follow these steps to activate licenses in direct deployment.

Step 1	Configure the Call Home profile using the call-home command. Enter a default email address using the contact-email-address `email-address` command. You can enter up to 200 characters in email address format. Avoid using spaces in the email address. Example: `Router(config)# call-home Router(config-call-home)# service active Router(config-call-home)# contact-email-addr sch-smart-licensing@cisco.com`
Step 2	If you are deploying Direct Cloud access through an HTTPS proxy method, configure a proxy server to the Call Home service using the http-proxy `proxy-address` port `port-number` command. Skip this step for Direct Cloud Access deployment. Example: `Router(config-call-home)# http-proxy 198.51.100.10 port 3128`
Step 3	Disable the email option for the Call Home service using the no destination transport-method email command in the CiscoTAC-1 profile for the Call Home service. Example: `Router(config-call-home)# profile CiscoTAC-1 Router(config-call-home-profile)# no destination transport-method email Router(config-call-home-profile)# exit`
Step 4	Create a Call Home destination profile using the profile `profile-name` command. Example: `Router(config-call-home)# profile test1` Enable data sharing with the Call Home service for HTTP using the reporting smart-licensing-data command. Example: `Router(config-call-home-profile)# reporting smart-licensing-data` Set the HTTP message transport method using the destination transport-method http command. Example: `Router(config-call-home-profile)# destination transport-method http` Specify the destination address using the destination address http `url` command to connect to CSSM. Starting Cisco IOS XR Release 7.10.1, when using HTTPS to communicate directly or through HTTP proxy with SSM On-Prem or CSSM, it is necessary to configure a name server. If the Common Name (CN) in the X.509 server certificate cannot be validated as a Fully Qualified Domain Name (FQDN), communication results in an "Error during SSL communication" It's possible to configure cryptoca fqdn-check ip-address allow command to bypass the name-server configuration. Additionally, you must configure crypto ca trustpoint Trustpool vrf `vrf-name` with http client vrf `vrf-name` for communication in VRF. Example: `Router(config-call-home-profile)# destination address http https://pteodc.cloudapps.cisco.com/its/service/oddce/services/DDCEService` Activate the profile using the active command and exit the configuration. Example: `Router(config-call-home-profile)# active Router(config-call-home-profile)# exit Router(config-call-home)# exit`
Step 5	View the Call Home profile using the show call-home profile all command. Example: Router# show call-home profile all Tue Aug 18 23:52:16.590 UTC Profile Name: CiscoTAC-1 Profile status: ACTIVE Profile mode: Full Reporting Reporting Data: Smart Call Home, Smart Licensing Preferred Message Format: xml Message Size Limit: 3145728 Bytes Transport Method: http HTTP address(es): https://pteodc.cloudapps.cisco.com/its/service/oddce/services/DDCEService Other address(es): default Periodic configuration info message is scheduled every 17 day of the month at 13:15 Periodic inventory info message is scheduled every 17 day of the month at 13:0 Alert-group Severity ------------------------ ------------ inventory normal Syslog-Pattern Severity ------------------------ ------------ .* critical
Step 6	Register the device by generating a token from the smart account and virtual account in CSSM and copy the token on the devices using the license smart register token id command. Example: `Router# license smart register idtoken $Tl4UytrNXBzbEs1ck8veUtWaG5abnZJOFdDa1FwbVRa%0AblRMbz0%3D%0A`
Step 7	Verify the license status using the show license status command. Example: `Router# show license status Smart Licensing is ENABLED Utility: Status: DISABLED Data Privacy: Sending Hostname: yes Callhome hostname privacy: DISABLED Smart Licensing hostname privacy: DISABLED Version privacy: DISABLED Transport: Transport: Type: Callhome Registration: Status: UNREGISTERED Export-Controlled Functionality: NOT ALLOWED License Authorization: Status: EVAL MODE Evaluation Period Remaining: 83 days, 23 hours, 32 minutes, 57 seconds Export Authorization Key: Features Authorized`

Manage Licenses on Direct Deployment

Step 1

In CSSM UI, navigate to Smart Software Licensing > Reports.

Step 2

Generate the report at Run License Report.

You can save the report to the device using Export to Excel or Export to CSV.

Step 3

Manage the license consumption on your devices. View the license status and summary using the show license summary or show license usage commands.

Example:

Router# show license summary

 Router# show license summary
Smart Licensing is ENABLED
 
Registration:
  Status: REGISTERED
  Smart Account: Forty-Two uLtd.
  Virtual Account: IOSXR
  Export-Controlled Functionality: ALLOWED
  Last Renewal Attempt: None
  Next Renewal Attempt: Feb 14 2021 23:51:46 UTC
 
License Authorization: 
  Status: OUT OF COMPLIANCE
  Last Communication Attempt: SUCCEEDED
  Next Communication Attempt: Aug 19 2020 11:51:56 UTC
 
License Usage:
  License                                   Entitlement tag               Count Status
  --------------------------------------------------------------------------------------------------
  Core and Aggregation...         (ESS-100G-RTU-1)        1 OUT OF COMPLIANCE
  5501 Base Hardware T...        (NCS-5501-TRK)            1 OUT OF COMPLIANCE

Router# show license usage
Router# show license usage
License Authorization: 
  Status: OUT OF COMPLIANCE on Aug 18 2020 23:51:57 UTC
 
Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G (ESS-100G-RTU-1):
  Description: Core and Aggregation Essentials SW Right-to-Use v1.0 per 100G
  Count: 1
  Version: 1.0
  Status: OUT OF COMPLIANCE
  Export status: NOT RESTRICTED
 
5501 Base Hardware Tracking PID (NCS-5501-TRK):
  Description: 5501 Base Hardware Tracking PID
  Count: 1
  Version: 1.0
  Status: OUT OF COMPLIANCE
  Export status: NOT RESTRICTED

Offline Deployment

Offline deployment is a type of smart licensing deployment that

allows devices to be set up without internet access
does not require communication with Cisco, and
is used in highly secure environments.

Offline Deployments Based on your Network

Depending on your network environment, you can select the offline deployment methods.

Remote deployments: Your On-Premises server offer disconnected mode. Use disconnected licensing mode by turning off communication with Cisco on the SSM On-Prem server. See Activate Licenses on SSM On-Prem.
Air-gapped deployments: Specific License Reservation (SLR) is a reservation of specific licenses from the smart account as per the license usage on the router. License reservation offers security for organizations that need a full air-gapped environment when on-premises licensing is not an option. The license reservation solution is for classified environments that don’t allow electronic communication in or out of the environment. With a license reservation solution, you are fully offline without any ongoing communication or additional infrastructure. To use the Specific License Reservation feature, you must have approval and authorization from Cisco. For assistance, go to www.cisco.com/go/scm or contact your account representative.

Report License Usage

Report license usage for remote environments: In remote offline deployments, turn off device communication to CSSM on the On-Premises servers. Manually upload the license consumption using RUM reports to establish trust and reporting to CSSM.

Report license usage for air-gapped environments: In fully offline deployment, no action is required, as there is no reporting of devices to CSSM.

Activate Licenses in Air-Gapped Deployments

Follow these steps to activate SLR licenses in air-gapped deployments.

Before you begin

For enabling Specific License Reservation, you must have approval and authorization from Cisco. For assistance, go to www.cisco.com/go/scm or contact your account.

Step 1	Obtain the license reservation code from Cisco by contacting your account representative.
Step 2	Enable SLR on the device with the license smart reservation command. Example: `Router# configure Router(config)# license smart reservation`
Step 3	Generate a request code with the license smart reservation request local command. Copy the request code and enter it at CSSM. Example: `Router# license smart reservation request local Enter this request code in the Cisco Smart Software Manager portal: CD-ZNCS-5501-SE:FOC2118R24P-AVYd1FABK-AC /* This is a sample code */`
Step 4	Navigate to Smart Software Licensing > Inventory in the CSSM UI, and select the virtual account. Then, navigate to Licenses > License Reservation. Enter or attach the reservation request code that you generated from the router at Enter Request Code. click Next. Navigate to Select License > Reserve a Specific License and select licenses. Enter the number of licenses you require and click Next. Generate an authorization code and copy it to the device.
Step 5	Install the authorization code on the device with the license smart reservation install command. Example: `Router# license smart reservation install file /disk2:/AuthorizationCode_SN_FOX24XXXXX.txt /* This is a sample code */ The "/" before the directory (/disk2:/ or /harddisk:/) is needed because of the linux file path.` The authorization code activates smart license reservation for your device.
Step 6	Verify the license status with the show license reservation command. `Router# show license reservation License reservation: ENABLED Overall status: Active: PID:NCS-55A2-MOD-S,SN:FOC2245R05H Reservation status: RESERVATION IN PROGRESS on Feb 05 2021 16:33:08 UTC Request code: CC-ZNCS-55A2-MOD-S:FOC2245R05H-AVYd1FABK-45`

YANG Data Models

Cisco IOS XR supports a programmatic way of configuring and collecting operational data of a network device using YANG data models. Although configurations using CLIs are easier and human-readable, automating the configuration using model-driven programmability results in scalability.

The data models are available in the release image, and are also published in the Github repository. Navigate to the release folder of interest to view the list of supported data models and their definitions. Each data model defines a complete and cohesive model, or augments an existing data model with additional XPaths. To view a comprehensive list of the data models supported in a release, navigate to the Available-Content.md file in the repository.

You can also view the data model definitions using the YANG Data Models Navigator tool. This GUI-based and easy-to-use tool helps you explore the nuances of the data model and view the dependencies between various containers in the model. You can view the list of models supported across Cisco IOS XR releases and platforms, locate a specific model, view the containers and their respective lists, leaves, and leaf lists presented visually in a tree structure. This visual tree form helps you get insights into nodes that can help you automate your network.

To get started with using the data models, see the Programmability Configuration Guide.

The data model handles the types of requirements for smart licensing.


Data	Data Model	CLI Commands
Configuration data: a set of writable data that is required to configure smart licensing on the router.	Native data model: Cisco-IOS-XR-smart-license-cfg.yang	license smart reservation [no] license smart reservation license smart flexible-consumption enables [no] license smart flexible-consumption enable
Operational state data: a set of data that the system obtains at run time.	Common data model: cisco-smart-license.yang Native data model: Cisco-IOS-XR-smart- license-platform-oper.yang Cisco-IOS-XR-infra- -smartlicense-oper.yang	show license platform summary show license platform detail show license [all \| summary \| usage \| udi]
Actions: a set of NETCONF actions that support robust networkwide configuration transactions.	Native data model: Cisco-IOS-XR-smart-license-act.yang	license smart register id token license smart deregister license smart renew id license smart renew auth license smart reservation request local license smart reservation cancels local license smart reservation install file <file path> license smart reservation return local license smart reservation return authorization file <file path> license smart transport smart license smart url <url> license smart software-upgrade enable license smart proxy hostname <hostname/ip> license smart proxy port <port>

Revision History

**Feature History Table**
Feature Name	Release Information	Feature Description
YANG Data Models for Smart Licensing	Release 7.4.1	With this feature, you can use data models for all the smart licensing operations such as registering your device with a token, renewing token ID, deregistering device to remove the software entitlements and so on using NETCONF remote procedure calls (RPCs). The following data models are introduced: Cisco-IOS-XR-smart-license-cfg.yang cisco-smart-license.yang Cisco-IOS-XR-smartlicense-platform-oper.yang Cisco-IOS-XR-infra-smartlicense-oper.yang Cisco-IOS-XR-smart-license-act.yang You can access these data models from the Github repository.
Smart Transport	Release 7.4.1	You can now use Smart transport to communicate with CSSM. Smart transport is a transport method where a Smart Licensing (JSON) message is contained within an HTTPs message, and exchanged between a product instance and CSSM, to communicate.
Specific License Reservation	Release 7.3.1	Specific License Reservation (SLR) allows customers in highly secure networks to utilize smart licenses without communicating the license information to the Cisco Smart Software manager (CSSM).

Cisco IOS XR Smart Licensing

Cisco IOS XR Smart Licensing

Smart Licensing for Cisco IOS XR Routers

Benefits

Key features

Comparison between traditional licensing and Smart Licensing

Types of deployment models for Smart Licensing

Deploying Smart Licensing

Summary

Workflow

Guidelines for deploying Smart Licensing

Guidelines to avoid SSL communication errors

On-premises deployments

SSM on-prem modes

Report license usage

Activate licenses on SSM on-prem

Example:

Example:

Example:

Example:

Example:

Example:

Manage licenses on SSM on-prem

Example:

Direct Deployment

Smart Transport

Direct Deployment Methods

Report License Usage

Steps to Deploy Smart Licensing using Direct Deployment Mode

Activate Licenses on Direct Deployment

Example:

Example:

Example:

Example:

Example:

Manage Licenses on Direct Deployment

Example:

Smart Call Home

Direct Deployment Methods

Report License Usage

Steps to Deploy Smart Licensing in Direct Deployment Mode

Activate Licenses on Direct Deployment

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Example:

Manage Licenses on Direct Deployment

Example:

Offline Deployment

Offline Deployments Based on your Network

Report License Usage

Activate Licenses in Air-Gapped Deployments

Before you begin

Example:

Example:

Example:

YANG Data Models

Revision History

Bias-Free Language

Need help?