Network Convergence System 5000 Series Routers


Note

Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.

  • Use faceted search to locate content that is most relevant to you.

  • Create customized PDFs for ready reference.

  • Benefit from context-based recommendations.

Get started with the Content Hub at content.cisco.com to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.


The Network Convergence System 5000 Series offers a high-density, small-form-factor MPLS aggregation router for metro aggregation. It is designed to economically scale large enterprise, over-the-top (OTT), and service provider Data Center networking architectures.

The Cisco NCS 5000 Series is an extension to Cisco’s routing platform portfolio enabling Service Providers and MPLS enabled data center architectures to offer elastic networks with improved business agility and simplified operations to deliver high-bandwidth mobile, video, and cloud services.

It can also operate as an extension shelf of Cisco ASR 9000 Series Aggregation Services Routers using Network Virtualization (nV) technology, consolidating multiple layers in the network and dramatically reducing operational costs.

The Cisco NCS 5000 series routers are small form factor dense aggregation systems. Powered by industry leading routing operation system, IOS-XR, the system also offers rich functions such as third party application hosting, machine-to-machine interface, telemetry and flexible package delivery.

The latest release of Cisco IOS XR operating system opens up the architecture of Cisco IOS XR using a 64-bit Linux-based operating system to deliver greater agility, automation and simplicity, while reducing cost of operating the networks.

Release 6.5.1 Packages

This table lists the Cisco IOS XR Software feature set matrix (packages) with associated filenames.

Table 1. Release 6.5.1 Packages for Cisco NCS 5000 Series Router

Composite Package

Feature Set

Filename

Description

Cisco IOS XR IP Unicast Routing Core Bundle

ncs5k-mini-x.iso

Contains base image contents that includes:

  • Host operating system

  • System Admin boot image

  • IOS XR boot image

  • Alarm co-relation

Individually-Installable Optional Packages

Feature Set

Filename

Description

Cisco IOS XR Manageability Package

ncs5k-mgbl-3.0.0.0-r651.x86_64..rpm

XML, Parser, HTTP Server, Telemetry, and gRPC.

Cisco IOS XR MPLS Package

ncs5k-mpls-3.1.0.0-r651.x86_64.rpm

Label Distribution Protocol (LDP), MPLS forwarding , MPLS operations , Administration and maintenance (OAM), Layer3-vpn , layer-2 vpn.

Cisco IOS XR MPLS RSVP TE package

ncs5k-mpls-te-rsvp-1.1.0.0-r651.x86_64.rpm

Supports MPLS RSVP-TE (Resource Reservation Protocol with Traffic Engineering extensions)

Cisco IOS XR Security Package

ncs5k-k9sec-3.2.0.0-r651.x86_64.rpm

Support for Encryption, Decryption, and Secure Shell (SSH),

Cisco IOS XR Multicast Package

ncs5k-mcast-2.2.0.0-r651.x86_64.rpm

Multicast routing protocols (PIM, IGMP, Auto-rp, BSR) and infrastructure (Multicast routing information Base) , Multicast forwarding (mfwd)

Cisco IOS XR ISIS package

ncs5k-isis-2.2.0.0-r651.x86_64.rpm

Supports ISIS

Cisco IOS XR OSPF package

ncs5k-ospf-2.0.0.0-r651.x86_64.rpm

Supports OSPF

Software Features Introduced in Cisco IOS XR Software Release 6.5.1

Bridge Virtual Interface on VRF

Bridge Virtual Interface (BVI) on VRF feature enables VRF support on BVI when the BVI is part of the bridge domain that is configured with Layer 2 main interfaces and Layer 2 single-tagged sub-interfaces with rewrites. BVI is a virtual interface that is defined with Integrated Routing and Bridging (IRB).

BGP Session Authentication and Integrity using TCP Authentication Option

BGP Session Authentication and Integrity using TCP Authentication Option feature enables you to use stronger message authentication codes that protect against replays, even for long-lived TCP connections.

It supports current infrastructure uses of TCP MD5, such as to protect long-lived connections, for example, as used in BGP. This feature supports a larger set of message authentication codes with minimal other system and operational changes.

This feature is compatible with both a static Master Key Tuple (MKT) configuration or an external, out-of-band MKT management mechanism. In either case, using traffic keys derived from the MKT, this feature also protects connections when using the same MKT across repeated instances of a connection, and it coordinates MKT changes between endpoints.

For more informnation about the feature, see the chapter Implementing BGP in the BGP Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.5.x.

Ingress ACL Over BVI

This feature provides support for Ingress ACL on BVI on Cisco NCS 5000.

Unicast Reverse Path Forwarding

This feature provides support for Unicast Reverse Path Forwarding (uRPF) on Cisco NCS 5000.

EVPN-VxLAN Layer 2 Gateway with All-Active Support

This feature provides support for EVPN-VxLAN on Cisco NCS 5000.

DHCP Circuit-ID and Helper Address Interface Configuration

This feature supports DHCP circuit-ID and helper address interface configuration on Cisco NCS 5000.

Bridge Virtual Interface on VRF

Bridge Virtual Interface (BVI) on VRF feature enables VRF support on BVI when the BVI is part of the bridge domain that is configured with Layer 2 main interfaces and Layer 2 single-tagged sub-interfaces with rewrites. BVI is a virtual interface that is defined with Integrated Routing and Bridging (IRB).

100 ms Convergence Under Software Upgrade or Failure

This feature supports convergence enhancements on Cisco NCS 5000 in case of software upgrade or failure.

Global LLDP Knob to Enable LLDP Configuration

Earlier, in IOS-XR platforms, LLDP was enabled only with global LLDP configuration and administrators had to manually disable each interface.

With this feature, you can now enable the global LLDP configuration per-interface basis. To enable the feature, you must make the necessary configuration changes. For more information on the feature, see .

EVPN VXLAN All-Active Multihoming

The EVPN VXLAN All-Active Multihoming feature allows you to manage VXLAN Ethernet services in a spine-leaf data center or service provider network over VXLAN IP tunnel. This feature allows routers to be used as top of racks (ToRs). This feature simplifies fabric management, optimizes the fabric infrastructure, and automates provisioning across physical and virtual environments.

MAC Move Notification

The MAC Move Notification feature enables you to configure MAC address security at the interfaces and at the bridge access ports (subinterfaces) levels. However, MAC security configured under an interface takes precedence to MAC security configured at the bridge domain level. When a MAC address is first learned on an Ethernet Flow Point (EFP) that is configured with MAC security and then the same MAC address is learned on another EFP, the following events occur:

  • the packet is dropped

  • the second EFP is shutdown

  • the packet is learned and the MAC from the original EFP is flushed

NETCONF Install YANG Actions

Traditionally, install operations are executed using CLIs, which require access to the routers. The NETCONF protocol is designed to automate the CLI executions for install operations, and address the shortcomings where the router access is required by implementing RPC mechanism.

For more information about this feature, see Components to Use Data Models Chapter of the Modular Programmability Configuration Guide for Cisco NCS 5000 Series Routers.

IPv6 Configurable LPTS

In Cisco IOS XR, the control packets, which are destined to the Route Processor (RP), are policed using a set of ingress policers in the incoming ports. These policers are programmed statically during bootup by Local Packet Transport Services (LPTS) components and applied on the basis of the flow type of the incoming control traffic.

This feature enables you to modify default policer rates and hence control traffic of a particular IPv6 LPTS session matching a IPv6 ACL rule and VRF ID.

IPv6 VPN Provider Edge

IPv6 VPN Provider Edge (6PE/VPE) uses the existing MPLS IPv4 core infrastructure for IPv6 transport. 6PE/VPE enables IPv6 sites to communicate with each other over an MPLS IPv4 core network using MPLS label switched paths (LSPs).

VLAN Switch

The VLAN Switch feature enables you to configure L2 VLAN switching with minimum configuration. This feature allows you to configure L2 bridging without having to configure and manage separate bridge instances and sub-interfaces for each per VLAN L2 forwarding domain.

Prior to implementation of this feature, to configure and manage basic L2 bridging, numerous sub-interfaces were required. Using separate sub-interfaces for each VLAN on a port overloads the system scalability and consumes hardware resources, slows down provisioning, and makes the device harder to manage due to the large number of sub-interface constructs that exists in the system.

For more information on this feature, see the Configure Virtual LANs in Layer 2 VPNs chapter in the L2VPN and Ethernet Services Configuration Guide for Cisco NCS 5000 Series Routers.

RPF Vector Encoding

RPF vector is a PIM proxy that lets core routers without RPF information forward join and prune messages for external sources (for example, a MPLS-based BGP-free core, where the MPLS core router is without external routes learned from BGP). The RPF vector encoding is now compatible with the new IETF encoding. Use the rpf-vector use-standard-encoding command to enable the feature.

For more information on RPF, see the Implementing Layer-3 Multicast Routing chapter in the Multicast Configuration Guide for Cisco NCS 5000 Series Routers

Replace Installed Files with Golden ISO

Golden ISO (GISO) upgrades to a version that has a predefined list of software maintenance update (SMUs) with a single operation. However, to update to the same version with a different set of SMUs requires a two-step process. This two-step process can be avoided using the install update replace functionality to replace the currently active version with the full package including the image and SMUs from the newly added GISO.

For information about the functionality and configuration, see Customize Installation using Golden ISO chapter in the System Setup and Software Installation Guide for NCS5000 Series Routers, IOS XR 6.5.x.

Purge Originator Identification TLV for IS-IS

At present, an IS-IS purge does not contain any information to identify the Intermediate System (IS) that generates the purge. This makes it difficult to locate the source IS.

To address this issue, the Purge Originator Identification (POI) TLV for IS-IS feature defines a type, length, and value (TLV) that can be added to the purges, to record the system ID of the IS that had initiated the purge. This makes it easier to locate the origin of the purge and its cause. If you are using cryptographic authentication, then the enable-poi keyword in lsp-password command must be enabled to insert the Purge Originator Identification (POI). If you are not using cryptographic authentication, then the POI is inserted by default. This TLV is also helpful in lab environments.

For more information about this feature, see Implementing IS-IS Chapter of the Routing Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.5.x.

Telemetry over gNMI subscribe RPC

Cisco IOS XR supports Google network management interface (gNMI) protocol in dial-in mode where the client establishes a connection to the router. gNMI is an unified mangement protocol for streaming telemetry data using OpenConfig RPC framework. This framework and protocol does not need explicit configuration, but simplifies telemetry configuration on the router by only starting the gRPC server.

In addition, support is provided for transport layer security (TLS) ciphers in gRPC session. Two new gRPC configuration parameters max-streams and max-streams-per-user are provided to stream only the gRPC-specific requests.

To enable the gRPC server in dial-in mode, see Configure Model-driven Telemetry chapter in Telemetry Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.5.x .

OSPF Authentication with Keychain

OSPF Authentication with Keychain feature enables the support of Hashed Message Authentication Code (HMAC) during OSPF authentication. New crypto algorithms such as, HMAC-SHA-256 and HMAC-SHA1-96 are added under key-chain infra as part of this feature. These algorithms provide more secured authentication.

Keychains can be configured at different levels of OSPF like at the router level, or the area level, or the interface level.

For more information about OSPF Authentication, see Implementing OSPF Chapter of the Routing Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.5.x.

For more information about Keychain configuration, see Implementing Keychain Management Chapter of the System Security Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.5.x

Minimum Remaining Lifetime for IS-IS

The Minimum Remaining Lifetime for IS-IS feature helps to maintain the stability of the network when the Remaining Lifetime field in a Link State Protocol (LSP) is corrupted. Corruption of the Remaining Lifetime field in a LSP data unit can go undetected. In certain scenarios, this may cause or exacerbate flooding of LSPs. This feature resolves this problem by enabling IS-IS to reset the Remaining Lifetime value of the received LSP, to the maximum LSP lifetime (1200 seconds), if the Remaining Lifetime value of the received LSP is less than the maximum LSP lifetime configured in a local node. If the received LSP lifetime value is less than the Zero Age Lifetime (60 seconds), IS-IS generates an error message indicating that it’s a corrupted lifetime event.

IS-IS saves the received Remaining Lifetime value in LSP database. The value is shown in the show isis database command output under the Rcvd field.

For more information about the show isis database command, see IS-IS Commands Chapter of the Routing Command Reference for Cisco NCS 5000 Series Routers.

For more information about this feature, see Implementing IS-IS Chapter of the Routing Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.5.x.

IS-IS Authentication with Keychain

IS-IS Authentication with Keychain feature enables the support of Hashed Message Authentication Code (HMAC) and Cipher-based Message Authentication Code (CMAC) during IS-IS authentication. New cryptographic algorithms such as, AES-128-CMAC-96, HMAC-SHA-256, and HMAC-SHA1-96 are added under Keychain infra as part of this feature. These algorithms provide more secured authentication.

Keychains can be configured at the router level (in case of the lsp-password command) and at the interface level (in case of the hello-password command) within IS-IS. These commands refer to the global keychain configuration and instruct the IS-IS protocol to obtain security parameters from the global set of configured keychains.

For more information about Keychain configuration, see Implementing Keychain Management Chapter of the System Security Configuration Guide for Cisco NCS 5000 Series Routers.

Replace Installed Files with Golden ISO

Golden ISO (GISO) upgrades to a version that has a predefined list of software maintenance update (SMUs) with a single operation. However, to update to the same version with a different set of SMUs requires a two-step process. This two-step process can be avoided using the install update replace functionality to replace the currently active version with the full package including the image and SMUs from the newly added GISO.

For information about the functionality and configuration, see Customize Installation using Golden ISO chapter in the System Setup and Software Installation Guide for NCS5000 Series Routers, IOS XR 6.5.x.

NRSSVR Process Infra Hardening on Repeated Configuration Commits

This feature provides resolution to prevent RDSFS process crash, and memory leakage at Name Registration Service (NRS) and Replicated Data Services File System (RDSFS) Server due to large number of configuration commits. To achieve this, nrs_purge API is enhanced to purge the NRS handles for files that are already deleted. This resolution provides significant improvements in the following aspects:

  • Enables a large number of configuration commits, without any issues

  • Ensures lower memory consumption for NRS server and RDSFS processes.

  • Prevents the need to reload the router when it has to recover from the following scenarios:

    • Continuous restarting or crashing of RDSFS processes

    • Not being able to commit any configurations

Enhancements to Programmability

Cisco IOS XR supports programmability of OC NI, OC local routing, OC-MPLS, OC-RSVP-SR, OC-RPL and OC-BGP-Policy OpenConfig data models for configuration and operational data.

For more information about YANG data models and configuration, see Using Data Models chapter in Programmability Configuration Guide for Cisco NCS 5000 Series Routers, IOS XR Release 6.5.x .

Hardware Features Introduced in Cisco IOS XR Software Release 6.5.1

There is no new hardware introduced in this release.

Hardware Enhancements Introduced in Cisco IOS XR Software Release 6.5.1

This release introduces following hardware enhancements:

  • Support for 1GE SFP optics modules for single-fiber bidirectional applications on the NCS 5001 and NCS 5002 routers:

    • GLC-BX-D, GLC-BX-U

    • GLC-BX40-D-I, GLC-BX40-DA-I, GLC-BX40-U-I

    • GLC-BX80-D-I, GLC-BX80-U-I

    The bidirectional SFP optics modules operate on a single strand of standard SMF. The communication over a single strand of fiber is achieved by separating the transmission wavelength of the two devices.

    Refer to the Cisco SFP Modules for Gigabit Ethernet Applications Data Sheet for descriptions and specifications.

Caveats

Caveats describe unexpected behavior in Cisco IOS XR Software releases. Severity-1 caveats are the most critical caveats; severity-2 caveats are less critical.

Cisco IOS XR Caveats

Bug ID

Headline

CSCvj73245

YANG framework detected the fatal condition Backend processing failed for cdp netconf request

CSCvk71334

Failed to obtain hardware interface key for BVI interface after series of 10+ reloads

Caveats Specific to the NCS 5000 Routers

There are no caveats in this release.

Upgrading Cisco IOS XR Software

Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).

The upgrade document is available along with the software images.

Cisco Software Manager (CSM) application provides an intuitive user interface to manage Cisco IOS XR installations, with pre-installation and post-installation checks and reports. CSM helps manage the process of software maintenance upgrades (SMUs) and service packs (SPs) on devices that run the Cisco IOS XR Software.

For information on using CSM, see Cisco Software Manager User Guide.

Related Documentation

The most current Cisco Network Convergence System 5000 Series documentation is located at this URL:

http://www.cisco.com/c/en/us/support/routers/network-convergence-system-5000-series/tsd-products-support-series-home.html

The document containing Cisco IOS XR System Error Messages (SEM) is located at this URL:

https://www.cisco.com/c/en/us/td/docs/ios_xr_sw/error/message/ios-xr-sem-guide.html

Production Software Maintenance Updates (SMUs)

A production SMU is a SMU that is formally requested, developed, tested, and released. Production SMUs are intended for use in a live network environment and are formally supported by the Cisco TAC and the relevant development teams. Software bugs identified through software recommendations or Bug Search Tools are not a basis for production SMU requests.

For information on production SMU types, refer the Production SMU Types section of the IOS XR Software Maintenance Updates (SMUs) guide.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What's New in Cisco Product Documentation.

To receive new and revised Cisco technical content directly to your desktop, you can subscribe to the . RSS feeds are a free service.