Network Convergence System 5500 Series Routers


Note

Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.

  • Use faceted search to locate content that is most relevant to you.

  • Create customized PDFs for ready reference.

  • Benefit from context-based recommendations.

Get started with the Content Hub at content.cisco.com to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.


The Network Convergence System 5500 Series routers deliver a programmable, high-capacity and modular answer for Core, Peering, and WAN Transport deployments. Running the latest version of Cisco IOS XR Software, the 5500 Series supports segment routing, advanced forwarding feature sets, and programmable network management.

This series of routers deliver:

  • High-Performance, High-Density 100 Gb centric deployments

  • Option for redundant route processors, fabric cards, power modules and system controllers

  • Extreme focus on optimized power consumption in watts/Gbps

  • An infrastructure for hosting applications

  • Programmability with YANG model based APIs

The latest release of Cisco IOS XR operating system opens up the architecture of Cisco IOS XR using a 64-bit Linux-based operating system to deliver greater agility, automation and simplicity, while reducing cost of operating the networks.

Software Features Introduced in this Release

Segment Routing Data Plane Monitoring

Traffic black holes in MPLS networks could be difficult to detect and isolate. They can be caused by user configuration, out-of-sync neighbors, or incorrect data-plane programming. Segment Routing Data Plane Monitoring (SR DPM) provides a scalable solution to address data-plane consistency verification and traffic black hole detection. SR DPM validates the actual data plane status of all FIB entries associated with SR IGP prefix SIDs. SR DPM uses existing MPLS OAM tools and leverages SR forwarding principles to enforce test traffic paths.

For more information, see the Using Segment Routing OAM chapter in the Segment Routing Configuration Guide for Cisco NCS 5500 Series Routers.

OSPF Segment Routing Flexible Algorithm

This release introduces OSPF extensions to support Segment Routing Flexible Algorithm.

Segment Routing Flexible Algorithm allows operators to customize IGP shortest path computation according to their own needs. An operator can assign custom SR prefix-SIDs to realize forwarding beyond link-cost-based SPF. As a result, Flexible Algorithm provides a traffic engineered path automatically computed by the IGP to any destination reachable by the IGP.

The SR architecture associates prefix-SIDs to an algorithm which defines how the path is computed. Flexible Algorithm allows for user-defined algorithms where the IGP computes paths based on a user-defined combination of metric type and constraint.

For more information, see the Enabling Segment Routing Flexible Algorithm chapter in the Segment Routing Configuration Guide for Cisco NCS 5500 Series Routers.

Segment Routing Anycast SID-Aware Path Computation

An Anycast SID is a type of prefix SID that identifies a set of nodes and is configured with n-flag clear. The set of nodes (Anycast group) is configured to advertise a shared prefix address and prefix SID. Anycast routing enables the steering of traffic toward multiple advertising nodes, providing load-balancing and redundancy. Packets addressed to an Anycast address are forwarded to the topologically nearest nodes.

For more information, see the Configure SR-TE Policies chapter in the Segment Routing Configuration Guide for Cisco NCS 5500 Series Routers.

Segment Routing IS-IS Flexible Algorithm Prefix-SID Redistribution

Previously, prefix redistribution from IS-IS to another IS-IS instance or protocol was limited to SR algorithm 0 (regular SPF) prefix SIDs; SR algorithm 1 (Strict SPF) and SR algorithms 128-255 (Flexible Algorithm) prefix SIDs were not redistributed along with the prefix. The Segment Routing IS-IS Flexible Algorithm Prefix SID Redistribution feature allows redistribution of strict and flexible algorithms prefix SIDs from IS-IS to another IS-IS instance or protocols. This feature is enabled automatically when you configure redistribution of IS-IS Routes with strict or Flexible Algorithm SIDs.

For more information, see the Enabling Segment Routing Flexible Algorithm chapter in the Segment Routing Configuration Guide for Cisco NCS 5500 Series Routers.

Segment Routing Tree-SID

Tree Segment Identifier (TreeSID) is a tree-building solution that uses a controller (SR-PCE using PCEP) to calculate the point-to-multipoint (P2MP) tree using SR policies. TreeSID uses a single MPLS label for building a multicast replication tree in an SR network. TreeSID does not require multicast control protocols such as RSVP, mLDP, and PIM.

A P2MP SR policy provides an SR-based TE solution for transporting multicast traffic. It works on existing data-plane (MPLS and IP) and supports TE capabilities and single/multi routing domains. At each node of the tree, the forwarding state is represented by the same segment (using a global TreeSID allocated from the SRLB). P2MP SR policy supports fast protection and prevents transient loop/loss when updating the path of a P2MP SR policy.

For more information, see the Configure SR-TE Policies chapter in the Segment Routing Configuration Guide for Cisco NCS 5500 Series Routers.

SR-TE Affinity Maps Enhancements

SR-TE Affinity Maps provides a simplified and more flexible means of configuring link attributes and path affinities to compute paths for SR-TE policies. SR-TE Affinity Maps lets you assign, or map, color names for affinity and attribute-flag attributes instead of 32-bit hexadecimal numbers. This enhancement increases the number of color names you can assign on the head-end router from 32 to 256.

For more information, see the Configure SR-TE Policies chapter in the Segment Routing Configuration Guide for Cisco NCS 5500 Series Routers.

Ltrace Information Stored in Persistent Storage

The ltrace information is now stored in a persistence storage. This helps to store historic ltraces information in the memory. This trace information is used to augment diagnosis of platform issues.

Prior to this release, ltrace information was stored in a shared memory. The shared memory has limited buffer size. When the buffer was full, the historic data was lost.

To view the ltrace information use the show <component> trace file <filename> original location command.

Support for hw-module shut command in configuration mode

From this release onwards, the hw-module shut and hw-module unshut commands are supported in the configuration mode.

This facilitates in automating the network hardware replacement procedure.

Earlier, the hw-module shut command was supported in admin mode

For more information on this feature, see the chapter Managing Router Hardware in the System Management Configuration Guide for Cisco NCS 5500 Series Routers, Release 7.0.x

SSH and SFTP in Baseline Cisco IOS XR Software Image

From Cisco IOS XR Software Release 7.0.1 and later, the management plane and control plane components that were part of the Cisco IOS XR security package (k9sec package) are moved to the base Cisco IOS XR software image. These include SSH, SCP, SFTP and IPSec control plane. However, the data plane components (such as Dot1x, MACSec) remain as a part of the security package as per the export compliance regulations. This segregation of package components makes the software more modular. It also gives you the flexibility of including or excluding the security package as per your requirements.

SSH Configuration Option to Restrict Cipher Public Key and HMAC Algorithm

The Cisco IOS XR software provides a new configuration option to control the key algorithms to be negotiated with the peer while establishing an SSH connection with the router. With this feature, you can enable the insecure SSH algorithms on the SSH server, which are otherwise disabled by default. A new configuration option is also available to restrict the SSH client from choosing the HMAC algorithm while connecting to the SSH server on the router. You can also configure a list of ciphers as the default cipher list, thereby having the flexibility to enable or disable any particular cipher.

For more information about this feature, see the Implementing Secure Shell chapter in the System Security Configuration Guide for Cisco NCS 5500 Series Routers. For complete command reference, see the Secure Shell Commands chapter in the System Security Command Reference for Cisco NCS 5500 Series Routers and Cisco NCS 540 Series Routers.

QoS L2 Re-Marking of Ethernet Packets on L3 Flows in Egress Direction

With this release, you now have the ability to perform Layer 2 (802.1p) marking on Layer 3 flows in the egress direction. This allows you to re-mark the priority of Ethernet packets on L3VPN traffic, but only in the peering mode. (To enable the peering feature, use the hw-module profile qos ingress-model peering configuration. You must reload the router for the hw-module configuration to be functional.)

For more information, see the section QoS Re-marking of Ethernet Packets in Egress Direction in the Modular QoS Configuration Guide for Cisco NCS 5500 Series Routers.

Layer 3 QinQ

The Layer 3 QinQ feature enables you to increase the number of VLAN tags in an interface and increment the number of subinterfaces up to 4094. Hence, with the dual tag, the number of VLANs can reach up to 4094*4094. You can enable this feature either on a physical interface or a bundle interface. When you cofigure this feature with the dual tag, interfaces check for IP addresses along with MAC addresses. Layer 3 QinQ is an extension of IEEE 802.1 QinQ VLAN tag stacking.

For more information about this feature, see the Implementing MPLS Layer 3 VPNs chapter in the L3VPN Configuration Guide for Cisco NCS 5500 Series Routers.

Timing Features

The following table lists timing features supported on NCS 5500 chassis:

Table 1.

Timing Feature

Hardware Variant

G.8273.2, G.8275.1, G.8275.2

NCS-55A1-36H-SE/CR

G.8275.2

Line Card:

NC55-36X100G-A-SE

For more information on the Timing features, see the Configuring Precision Time Protocol chapter in the System Management Configuration Guide for Cisco NCS 5500 Series Routers

Scale Limit for Bridge Domain

On Cisco NCS 5500, the number of bridge domains that you can configure with BVI on physical and bundle interfaces is 1250. The number of bridge domains that you can have without BVI on physical and bundle interfaces is 1500.

The above mentioned scale value is calculated when a single attachment circuit is configured on a bridge domain. The scale value reduces if you want to configure more than one attachment circuit on a bridge domain.

Tunable MAC Address Aging Timer

The Tunable MAC Address Aging Timer feature allows you to configure the MAC aging time between 300 seconds to 30,000 seconds. The defualt value is 300 seconds.

For more information about this feature, see the Configure Multipoint Layer 2 Services chapter in the L2VPN and Ethernet Services Configuration Guide for Cisco NCS 5500 Series Routers.

SSHv2 Support for CBC Mode Ciphers

SSHv2 server and client connections support enabling of CBC mode ciphers 3DES-CBC and AES-CBC at the same time. The ciphers are disabled by default.

For information on how to enable the CBC mode ciphers, see the Implementing Secure Shell chapter in the System Security Configuration Guide.

Type 6 Password Encryption

Type 6 password encryption securely stores plain text key strings for authenticating BGP, IP SLA, IS-IS, MACsec, OSPF, and RSVP sessions.

For information on how to enable Type 6 password encryption, see the Implementing Keychain Management chapter in the System Security Configuration Guide.

IS-IS Restart Signaling Support

The IS-IS Restart Signaling feature provides a mechanism for a restarting router to signal to its neighbor that it is restarting. This feature allows the neighboring routers of a restarting router to reestablish their adjacencies without any disruption.

The restarting router sends Suppress adjacency advertisement (SA) towards the neighbour. Intermediate-to-Intermediate Hello (IIH) messages are sent to its neighbor to suppress the advertisement of the adjacency until the router is able to propagate newer versions of LSPs. The neighbor continues to suppress the advertisement of adjacency until the SA bit clear message is received.

The ISIS Restart Signaling Support conforms to the specifications detailed in RFC 5306.

For more information about the feature, see the chapter Configuring Subscriber Features in the Routing Configuration Guide for Cisco NCS 5500 Series Routers.

Netflow Full Packet Capture

This feature helps capturing the exact packet size of the ingress Netflow packet.

Earlier, when a L2VPN packet with a destination MAC address starting with number 6 is received, the packet gets wrongly decoded as IPv6 packet; the packet size consequently gets reported inaccurately to the collector.

For more information on Netflow, see the Netflow Configuration Guide for Cisco NCS 5500 Series Routers.

Automatic Generation of SSH Host-Key Pairs

This feature brings in the functionality of automatically generating the SSH host-key pairs for the algorithms such as dsa , ecdsa-nistp256 , ecdsa-nistp384 , ecdsa-nistp521 , and rsa . This in turn eliminates the need for explicitly generating each SSH host-key pair after the router boots up. Because the keys are already present in the system, the SSH client can establish connection with the SSH server soon after the router boots up with the basic SSH configuration. This is useful especially during zero touch provisioning (ZTP) and Golden ISO boot up scenarios.

For more information about this feature, see the Implementing Secure Shell chapter in the System Security Configuration Guide for Cisco NCS 5500 Series Routers. For complete command reference, see the Secure Shell Commands chapter in the System Security Command Reference for Cisco NCS 5500 Series Routers and Cisco NCS 540 Series Routers.

Clearing the Memory and Partitions of a Card

Users can clear the memory and the partitions of an RP or a line card before an RMA (Return Merchandise Authorization). Clearing the memory and partitions of the card is performed when the card is defective and has to be returned.

For more information about this feature, see the Managing Router Hardware chapter in the System Management Configuration Guide for Cisco NCS 5500 Series Routers.

Enhancements to Zero Touch Provisioning

This release has the following enhancements to the Zero Touch Provisioning (ZTP) feature:

  • You can perform these additional operations using Zero Touch Provisioning:

    • Enable or disable ZTP at boot using CLI (ztp enable, ztp disable).

    • Customize the ZTP configurable options using the configuration file (ztp.ini).

    • View the ZTP status as a Progress Bar on a console.

  • ZTP follows a default sequential flow as defined in the ztp.ini file. ZTP first sends IPv4 DHCP request on all the management ports. In case there is a failure, then ZTP sends IPv6 DHCP request on all the management ports. Similarly, the same order is followed on all the data ports.

For more information on ZTP, see the Configuring ZTP chapter in the System Management Configuration Guide for Cisco NCS 5500 Series Routers, Release 7.0.x

Event-driven Telemetry Support for LLDP

The OpenConfig (OC) data models are defined by the OC community to create configuration and retreive operational state data of the network. This release supports:

  • Event-driven Telemetry support for OC-LLDP data model.

For more information about OC models and instructions to use these models, see the Modular Programmability Configuration Guide for Cisco NCS 5500 Series Routers

OpenConfig Data Models for Network Programmability

The OpenConfig (OC) data models are defined by the OC community to create configuration and retreive operational state data of the network. This release supports:

  • OC-LLDP data model for event-driven telemetry.

  • OC-Interfaces-Aggregate data model to manage aggregated interfaces. This model augments the existing oc-interfaces data model.

For more information about OC models and instructions to use these models, see the Modular Programmability Configuration Guide for Cisco NCS 5500 Series Routers.

Monitor MLDP Events for Telemetry using NETCONF

Event-driven telemetry supports monitoring Multicast Label Distribution Protocol (MLDP) using NETCONF and YANG data model. If there is a state change in MLDP, the router streams data about flow statistics for multicast labels, and control plane statistics for mLDP.

For more information about streaming event-driven telemetry data, see Telemetry Configuration Guide for Cisco NCS 5500 Series Routers

gRPC Network Operations Interface

gRPC Network Operations Interface (gNOI) defines a set of gRPC-based microservices for executing operational commands on network devices. Extensible Manageability Services (EMS) gNOI is the Cisco IOS XR implementation of gNOI. gNOI uses gRPC as the transport protocol and the configuration is same as that of gRPC. These gNOI RPCs are supported:

  • Reboot

  • RebootStatus

  • SetPackage

  • File Get

  • File Remove

To understand how RPCs work in a gRPC session, see Modular Programmability Configuration Guide for Cisco NCS 5500 Series Routers

Hardware Features Introduced in this Release

This release introduces the following new hardware:

  • New version or V02 of CFP2-WDM-DET-1HL—This new version of the optical module supports Staircase FEC. Staircase FEC is an industry standard that enables high-speed optical communications. Version ID (VID) information can be obtained from show controllers optics r/s/i/p command output. Forward error correction (FEC) is a method of obtaining error control in data transmission in which the source (transmitter) sends redundant data and the destination (receiver) recognizes only the portion of the data that contains no apparent errors.

    For more information, see the System Management Configuration Guide for Cisco NCS 5500 Series Routers.

Release 7.0.1 Packages

This table lists the Cisco IOS XR Software feature set matrix (packages) with associated filenames.

Table 2. Release 7.0.1 Packages for Cisco NCS 5500 Series Router

Composite Package

Feature Set

Filename

Description

Cisco IOS XR IP Unicast Routing Core Bundle

ncs5500-mini-x.iso

Contains base image contents that includes:

  • Host operating system

  • System Admin boot image

  • IOS XR boot image

  • BGP packages

Individually-Installable Optional Packages

Feature Set

Filename

Description

Cisco IOS XR Manageability Package

ncs5500-mgbl-3.0.0.0-r701.x86_64.rpm

Extensible Markup Language (XML) Parser, Telemetry, Netconf, gRPC and HTTP server packages.

Cisco IOS XR MPLS Package

ncs5500-mpls-2.1.0.0-r701.x86_64.rpm

ncs5500-mpls-te-rsvp-2.2.0.0-r701.x86_64.rpm

MPLS and MPLS Traffic Engineering (MPLS-TE) RPM.

Cisco IOS XR Security Package

ncs5500-k9sec-3.1.0.0-r701.x86_64.rpm

Support for Encryption, Decryption, Secure Shell (SSH), Secure Socket Layer (SSL), and Public-key infrastructure (PKI)

Cisco IOS XR ISIS package

ncs5500-isis-1.2.0.0-r701.x86_64.rpm

Support ISIS

Cisco IOS XR OSPF package

ncs5500-ospf-2.0.0.0-r701.x86_64.rpm

Support OSPF

Lawful Intercept (LI) Package

ncs5500-li-1.0.0.0-r701.x86_64.rpm

Includes LI software images

Multicast Package

ncs5500-mcast-1.0.0.0-r701.rpm

Support Multicast

Determine Software Version

To verify the software version running on the router, use show version command in the EXEC mode.

RP/0/RP0/CPU0:router# show versionCisco IOS XR Software, Version 7.0.1
Cisco IOS XR Software, Version 7.0.1
Copyright (c) 2013-2019 by Cisco Systems, Inc.

Build Information:
Built By     : <username>
Built On     : Thu Aug 29 16:30:00 PDT 2019
Built Host   : iox-ucs-027
Workspace    : /auto/srcarchive15/prod/7.0.1/ncs5500/ws
Version      : 7.0.1
Location     : /opt/cisco/XR/packages/
cisco NCS-5500 () processor
System uptime is 7 hours 3 minutes

Caveats

Caveats describe unexpected behavior in Cisco IOS XR Software releases. Severity-1 caveats are the most critical caveats; severity-2 caveats are less critical.

Caveats Specific to the NCS 5500 Series Routers

Caveats describe unexpected behavior in Cisco IOS XR Software releases.

Bug ID

Headline

CSCvq86129

Traffic loss observed for Prefixes doing loop with vrf-fallback on RPFO

CSCvq93905

VRRP Enabled BVI - Incoming Traffic Dropped as PQP_DSCRD_UC_PKT_CNT

CSCvr07521

VPLS Flood traffic getting doubled for some vlans after peer control plane flap

CSCvq69327

VPLS traffic dropping due to encap allocation issue

CSCvr08090

Warm reset to recover from bootloader netbooting timeout condition" after FC reload

CSCvq36930

Few AC interfaces fails to learn IGMP Groups , with IGMP Snooping enabled in EVPN SH Bridge-Domain

Determine Firmware Support

Use the show hw-module fpd command in EXEC mode to view the hardware components with their current FPD version and status. The status of the hardware must be CURRENT; Running and Programed version must be the same.

(RP/0/RP0/CPU0)#show hw-module fpd

                                                               FPD Versions
                                                               =================
Location   Card type             HWver FPD device       ATR Status   Running Programd
-----------------------------------------------------------------------------------
0/0        NC55-24H12F-SE        1.0   MIFPGA               CURRENT    0.03    0.03  
0/0        NC55-24H12F-SE        1.0   Bootloader           CURRENT    1.14    1.14  
0/0        NC55-24H12F-SE        1.0   IOFPGA               CURRENT    0.09    0.09  
0/0        NC55-24H12F-SE        1.0   SATA                 CURRENT    5.00    5.00  
0/RP0      NC55-RP               1.0   Bootloader           CURRENT    9.30    9.30  
0/RP0      NC55-RP               1.0   IOFPGA               CURRENT    0.39    0.09  
0/RP1      NC55-RP               1.0   Bootloader           CURRENT    9.30    9.30  
0/RP1      NC55-RP               1.0   IOFPGA               CURRENT    0.09    0.09  
0/FC1      NC55-5504-FC          0.3   Bootloader           CURRENT    1.75    1.75  
0/FC1      NC55-5504-FC          0.3   IOFPGA               CURRENT    0.07    0.07  
0/FC3      NC55-5504-FC          0.3   Bootloader           CURRENT    1.75    1.75  
0/FC3      NC55-5504-FC          0.3   IOFPGA               CURRENT    0.07    0.07  
0/FC5      NC55-5504-FC          0.3   Bootloader           CURRENT    1.75    1.75  
0/FC5      NC55-5504-FC          0.3   IOFPGA               CURRENT    0.07    0.07  
0/SC0      NC55-SC               1.6   Bootloader           CURRENT    1.74    1.74  
0/SC0      NC55-SC               1.6   IOFPGA               CURRENT    0.10    0.10  
0/SC1      NC55-SC               1.6   Bootloader           CURRENT    1.74    1.74  
0/SC1      NC55-SC               1.6   IOFPGA               CURRENT    0.10    0.10  


Note

The FPD versions on board shipped by manufacturer may have higher versions than the FPD package integrated in the IOS XR.


Important Notes

  • The total number of bridge-domains (2*BDs) and GRE tunnels put together should not exceed 1518.

    Here the number 1518 represents the multi-dimensional scale value.

  • The offline diagnostics functionality is not supported in NCS 5500 platform. Therefore, the hw-module service offline location command will not work. However, you can use the (sysadmin)# hw-module shutdown location command to bring down the LC.

  • The warning message that the smart licensing evaluation period has expired is displayed on the console every hour. There is, however, no functionality impact on the device. To stop the repetitive messaging, register the device with the smart licensing server and load a new registration token.

    To register the device with the smart licensing server, follow the instructions provided in this link: Register and Activate Your Device.

Upgrading Cisco IOS XR Software

Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).

Related Documentation

The most current Cisco Network Convergence System 5500 Series documentation is located at this URL:

http://www.cisco.com/c/en/us/support/routers/network-convergence-system-5500-series/tsd-products-support-series-home.html

The document containing Cisco IOS XR System Error Messages (SEM) is located at this URL:

https://www.cisco.com/c/en/us/td/docs/ios_xr_sw/error/message/ios-xr-sem-guide.html

Production Software Maintenance Updates (SMUs)

A production SMU is a SMU that is formally requested, developed, tested, and released. Production SMUs are intended for use in a live network environment and are formally supported by the Cisco TAC and the relevant development teams. Software bugs identified through software recommendations or Bug Search Tools are not a basis for production SMU requests.

For information on production SMU types, refer the Production SMU Types section of the IOS XR Software Maintenance Updates (SMUs) guide.

Communications, Services, and Additional Information

  • To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

  • To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.

  • To submit a service request, visit Cisco Support.

  • To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco Marketplace.

  • To obtain general networking, training, and certification titles, visit Cisco Press.

  • To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Cisco Bug Search Tool

Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.