Network Convergence System 5500 Series Routers


Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.

  • Use faceted search to locate content that is most relevant to you.

  • Create customized PDFs for ready reference.

  • Benefit from context-based recommendations.

Get started with the Content Hub at to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.

What's New in Cisco IOS XR Release 7.0.1

Cisco is continuously enhancing the product with every release and this section covers a brief description of key features and enhancements. It also includes links to detailed documentation, where available.


OSPF Segment Routing Flexible Algorithm

This release introduces OSPF extensions to support Segment Routing Flexible Algorithm.

Segment Routing Flexible Algorithm allows operators to customize IGP shortest path computation according to their own needs. An operator can assign custom SR prefix-SIDs to realize forwarding beyond link-cost-based SPF. As a result, Flexible Algorithm provides a traffic engineered path automatically computed by the IGP to any destination reachable by the IGP.

The SR architecture associates prefix-SIDs to an algorithm which defines how the path is computed. Flexible Algorithm allows for user-defined algorithms where the IGP computes paths based on a user-defined combination of metric type and constraint.

See Configuring Flexible Algorithm.

Segment Routing Anycast SID-Aware Path Computation

An Anycast SID is a type of prefix SID that identifies a set of nodes and is configured with n-flag clear. The set of nodes (Anycast group) is configured to advertise a shared prefix address and prefix SID. Anycast routing enables the steering of traffic toward multiple advertising nodes, providing load-balancing and redundancy. Packets addressed to an Anycast address are forwarded to the topologically nearest nodes.

See Anycast SID-Aware Path Computation.

Segment Routing IS-IS Flexible Algorithm Prefix-SID Redistribution

Previously, prefix redistribution from IS-IS to another IS-IS instance or protocol was limited to SR algorithm 0 (regular SPF) prefix SIDs; SR algorithm 1 (Strict SPF) and SR algorithms 128-255 (Flexible Algorithm) prefix SIDs were not redistributed along with the prefix. The Segment Routing IS-IS Flexible Algorithm Prefix SID Redistribution feature allows redistribution of strict and flexible algorithms prefix SIDs from IS-IS to another IS-IS instance or protocols. This feature is enabled automatically when you configure redistribution of IS-IS Routes with strict or Flexible Algorithm SIDs.

See Flexible Algorithm Prefix-SID Redistribution.

Segment Routing Tree-SID

Tree Segment Identifier (TreeSID) is a tree-building solution that uses a controller (SR-PCE using PCEP) to calculate the point-to-multipoint (P2MP) tree using SR policies. TreeSID uses a single MPLS label for building a multicast replication tree in an SR network. TreeSID does not require multicast control protocols such as RSVP, mLDP, and PIM.

A P2MP SR policy provides an SR-based TE solution for transporting multicast traffic. It works on existing data-plane (MPLS and IP) and supports TE capabilities and single/multi routing domains. At each node of the tree, the forwarding state is represented by the same segment (using a global TreeSID allocated from the SRLB). P2MP SR policy supports fast protection and prevents transient loop/loss when updating the path of a P2MP SR policy.

See Segment Routing Tree Segment Identifier.

SR-TE Affinity Maps Enhancements

SR-TE Affinity Maps provides a simplified and more flexible means of configuring link attributes and path affinities to compute paths for SR-TE policies. SR-TE Affinity Maps lets you assign, or map, color names for affinity and attribute-flag attributes instead of 32-bit hexadecimal numbers. This enhancement increases the number of color names you can assign on the head-end router from 32 to 256.

See Named Interface Link Admin Groups and SR-TE Affinity Maps.

Ltrace Information Stored in Persistent Storage

The ltrace information is now stored in a persistence storage. This helps to store historic ltraces information in the memory. This trace information is used to augment diagnosis of platform issues.

Prior to this release, ltrace information was stored in a shared memory. The shared memory has limited buffer size. When the buffer was full, the historic data was lost.

To view the ltrace information use the show <component> trace file <filename> original location command.

Support for hw-module shut command in configuration mode

From this release onwards, the hw-module shut and hw-module unshut commands are supported in the configuration mode.

This facilitates in automating the network hardware replacement procedure.

Earlier, the hw-module shut command was supported in admin mode.

SSH and SFTP in Baseline Cisco IOS XR Software Image

From Cisco IOS XR Software Release 7.0.1 and later, the management plane and control plane components that were part of the Cisco IOS XR security package (k9sec package) are moved to the base Cisco IOS XR software image. These include SSH, SCP, SFTP and IPSec control plane. This segreg ation of package components makes the software more modular. It also gives you the flexibility of including or excluding the security package as per your requirements.

See SSH and SFTP in Baseline Cisco IOS XR Software Image.

SSH Configuration Option to Restrict Cipher Public Key and HMAC Algorithm

The Cisco IOS XR software provides a new configuration option to control the key algorithms to be negotiated with the peer while establishing an SSH connection with the router. With this feature, you can enable the insecure SSH algorithms on the SSH server, which are otherwise disabled by default. A new configuration option is also available to restrict the SSH client from choosing the HMAC, or hash-based message authentication codes algorithm while connecting to the SSH server on the router. You can also configure a list of ciphers as the default cipher list, thereby having the flexibility to enable or disable any particular cipher.

See the SSH Configuration Option to Restrict Cipher Public Key and HMAC Algorithm.

Commands introduced:

QoS L2 Re-Marking of Ethernet Packets on L3 Flows in Egress Direction

With this release, you now have the ability to perform Layer 2 (802.1p) marking on Layer 3 flows in the egress direction. This allows you to re-mark the priority of Ethernet packets on L3VPN traffic, but only in the peering mode. (To enable the peering feature, use the hw-module profile qos ingress-model peering configuration. You must reload the router for the hw-module configuration to be functional.)

See QoS L2 Re-Marking of Ethernet Packets on L3 Flows in Egress Direction.

Layer 3 QinQ

The Layer 3 QinQ feature allows you to terminate Layer 3 VPN service transport over QinQ subinterfaces. This feature enables you to increase the number of VLAN tags in an interface and increment the number of subinterfaces. Customers of service providers often have specific requirements for VLAN tags and the number of VLANs they support. Different customers require separate VLAN ranges to avoid network overlaps in the same service-provider network, and to prevent mixing of traffic of different customers in the same network infrastructure. Assigning unique range of VLAN IDs to each customer restricts customer configurations and exceeds the VLAN limit of 4096 of the 802.1Q specification. This feature allows you to enable the dual tag and efficiently manage customers services.

See Layer 3 QinQ.

Timing Features

The following table lists timing features supported on NCS 5500 chassis:

Table 1.

Timing Feature

Hardware Variant

G.8273.2, G.8275.1, G.8275.2



Line Card:


See Timing Hardware Support Matrix.

Scale Limit for Bridge Domain

On Cisco NCS 5500, the number of bridge domains that you can configure with BVI on physical and bundle interfaces is 1250. The number of bridge domains that you can have without BVI on physical and bundle interfaces is 1500.

The above mentioned scale value is calculated when a single attachment circuit is configured on a bridge domain. The scale value reduces if you want to configure more than one attachment circuit on a bridge domain.

Tunable MAC Address Aging Timer

The Tunable MAC Address Aging Timer feature allows you to configure the MAC aging time between 300 seconds to 30,000 seconds. The defualt value is 300 seconds.

See MAC Address Aging.

SSHv2 Support for CBC Mode Ciphers

SSHv2 server and client connections support enabling of CBC mode ciphers 3DES-CBC and AES-CBC at the same time. These ciphers are disabled by default.

See Configuring CBC Mode Ciphers.

IS-IS Restart Signaling Support

The IS-IS Restart Signaling feature provides a mechanism for a restarting router to signal to its neighbor that it is restarting. This feature allows the neighboring routers of a restarting router to reestablish their adjacencies without any disruption.

The restarting router sends Suppress adjacency advertisement (SA) towards the neighbour. Intermediate-to-Intermediate Hello (IIH) messages are sent to its neighbor to suppress the advertisement of the adjacency until the router is able to propagate newer versions of LSPs. The neighbor continues to suppress the advertisement of adjacency until the SA bit clear message is received.

The ISIS Restart Signaling Support conforms to the specifications detailed in RFC 5306.

See IS-IS Restart Signaling Support.

Netflow Full Packet Capture

This feature helps capturing the exact packet size of the ingress Netflow packet.

Earlier, when a L2VPN packet with a destination MAC address starting with number 6 is received, the packet gets wrongly decoded as IPv6 packet; the packet size consequently gets reported inaccurately to the collector.

See Netflow Full Packet Capture.

The command, hw-module profile netflow fpc-enable is introduced.

Automatic Generation of SSH Host-Key Pairs

This feature brings in the functionality of automatically generating the SSH host-key pairs for the DSA, ECDSA (such as ecdsa-nistp256 , ecdsa-nistp384 , and ecdsa-nistp521 ) and RSA algorithms. This in turn eliminates the need for explicitly generating each SSH host-key pair after the router boots up. Because the keys are already present in the system, the SSH client can establish connection with the SSH server soon after the router boots up with the basic SSH configuration. This is useful especially during zero touch provisioning (ZTP) and Golden ISO boot up scenarios.

See Automatic Generation of SSH Host-Key Pairs.

The command, ssh server algorithms host-key is introduced.

Clearing the Memory and Partitions of a Card

Users can clear the memory and the partitions of an RP or a line card before an RMA (Return Merchandise Authorization). Clearing the memory and partitions of the card is performed when the card is defective and has to be returned.

See Clear the Memory and the Partitions of a Card.

Enhancements to Zero Touch Provisioning

This release has the following enhancements to the Zero Touch Provisioning (ZTP) feature:

  • You can perform these additional operations using Zero Touch Provisioning:

    • Enable or disable ZTP at boot using CLI (ztp enable, ztp disable).

    • Customize the ZTP configurable options using the configuration file (ztp.ini).

    • View the ZTP status as a Progress Bar on a console.

  • ZTP follows a default sequential flow as defined in the ztp.ini file. ZTP first sends IPv4 DHCP request on all the management ports. In case there is a failure, then ZTP sends IPv6 DHCP request on all the management ports. Similarly, the same order is followed on all the data ports.

See Customize the ZTP Configurable Options.

Event-driven Telemetry Support for LLDP

The OpenConfig (OC) data models are defined by the OC community to create configuration and retreive operational state data of the network. This release supports:

  • Event-driven Telemetry support for OC-LLDP data model.

See New and Changed Programmability Features.

OpenConfig Data Models for Network Programmability

The OpenConfig (OC) data models are defined by the OC community to create configuration and retreive operational state data of the network. This release supports:

  • OC-LLDP data model for event-driven telemetry.

  • OC-Interfaces-Aggregate data model to manage aggregated interfaces. This model augments the existing oc-interfaces data model.

See New and Changed Programmability Features.

Monitor MLDP Events for Telemetry using NETCONF

Event-driven telemetry supports monitoring Multicast Label Distribution Protocol (MLDP) using NETCONF and YANG data model. If there is a state change in MLDP, the router streams data about flow statistics for multicast labels, and control plane statistics for mLDP.

See New and Changed Telemetry Features.

gRPC Network Operations Interface

gRPC Network Operations Interface (gNOI) defines a set of gRPC-based microservices for executing operational commands on network devices. Extensible Manageability Services (EMS) gNOI is the Cisco IOS XR implementation of gNOI. gNOI uses gRPC as the transport protocol and the configuration is same as that of gRPC. These gNOI RPCs are supported:

  • Reboot

  • RebootStatus

  • SetPackage

  • File Get

  • File Remove

See gRPC Network Operations Interface.


This release introduces the following new hardware:

  • New version V02 of CFP2-WDM-DET-1HL—This pluggable module is a new version of digital CFP2 Modules with Tunable Optical Filter (TOF). The product description is 200G, 100G, WDM Digital CFP2 pluggable Licensed for 100G only with TOF. Version ID (VID) information can be obtained from show controllers optics r/s/i/p command output.

    For more information, see the System Management Configuration Guide for Cisco NCS 5500 Series Routers .


Caveats describe unexpected behavior in Cisco IOS XR Software releases. Severity-1 caveats are the most critical caveats; severity-2 caveats are less critical.

Caveats Specific to the NCS 5500 Series Routers

Caveats describe unexpected behavior in Cisco IOS XR Software releases. These caveats are speicifc to NCS 5500 Series Routers:

Bug ID



Traffic loss observed for Prefixes doing loop with vrf-fallback on RPFO


VRRP Enabled BVI - Incoming Traffic Dropped as PQP_DSCRD_UC_PKT_CNT


VPLS Flood traffic getting doubled for some vlans after peer control plane flap


VPLS traffic dropping due to encap allocation issue


Warm reset to recover from bootloader netbooting timeout condition" after FC reload


Few AC interfaces fails to learn IGMP Groups , with IGMP Snooping enabled in EVPN SH Bridge-Domain

Supported Packages and System Requirements

For a complete list of supported optics, hardware and ordering information, see the Cisco NCS 5500 Series Data Sheet

To install the Cisco NCS 5500 router, see Hardware Installation Guide for Cisco NCS 5500 Series Routers.

Release 7.0.1 Packages

This table lists the Cisco IOS XR Software feature set matrix (packages) with associated filenames.

Table 2. Release 7.0.1 Packages for Cisco NCS 5500 Series Router

Composite Package

Feature Set



Cisco IOS XR IP Unicast Routing Core Bundle


Contains base image contents that includes:

  • Host operating system

  • System Admin boot image

  • IOS XR boot image

  • BGP packages

Individually-Installable Optional Packages

Feature Set



Cisco IOS XR Manageability Package


Extensible Markup Language (XML) Parser, Telemetry, Netconf, gRPC and HTTP server packages.

Cisco IOS XR MPLS Package



MPLS and MPLS Traffic Engineering (MPLS-TE) RPM.

Cisco IOS XR Security Package


Support for Encryption, Decryption, Secure Shell (SSH), Secure Socket Layer (SSL), and Public-key infrastructure (PKI)

Cisco IOS XR ISIS package


Support ISIS

Cisco IOS XR OSPF package


Support OSPF

Lawful Intercept (LI) Package


Includes LI software images

Multicast Package


Support Multicast

Determine Software Version

To verify the software version running on the router, use show version command in the EXEC mode.

RP/0/RP0/CPU0:router# show versionCisco IOS XR Software, Version 7.0.1
Cisco IOS XR Software, Version 7.0.1
Copyright (c) 2013-2019 by Cisco Systems, Inc.

Build Information:
Built By     : <username>
Built On     : Thu Aug 29 16:30:00 PDT 2019
Built Host   : iox-ucs-027
Workspace    : /auto/srcarchive15/prod/7.0.1/ncs5500/ws
Version      : 7.0.1
Location     : /opt/cisco/XR/packages/
cisco NCS-5500 () processor
System uptime is 7 hours 3 minutes

Determine Firmware Support

Use the show hw-module fpd command in EXEC mode to view the hardware components with their current FPD version and status. The status of the hardware must be CURRENT; Running and Programed version must be the same.

(RP/0/RP0/CPU0)#show hw-module fpd

                                                               FPD Versions
Location   Card type             HWver FPD device       ATR Status   Running Programd
0/0        NC55-24H12F-SE        1.0   MIFPGA               CURRENT    0.03    0.03  
0/0        NC55-24H12F-SE        1.0   Bootloader           CURRENT    1.14    1.14  
0/0        NC55-24H12F-SE        1.0   IOFPGA               CURRENT    0.09    0.09  
0/0        NC55-24H12F-SE        1.0   SATA                 CURRENT    5.00    5.00  
0/RP0      NC55-RP               1.0   Bootloader           CURRENT    9.30    9.30  
0/RP0      NC55-RP               1.0   IOFPGA               CURRENT    0.39    0.09  
0/RP1      NC55-RP               1.0   Bootloader           CURRENT    9.30    9.30  
0/RP1      NC55-RP               1.0   IOFPGA               CURRENT    0.09    0.09  
0/FC1      NC55-5504-FC          0.3   Bootloader           CURRENT    1.75    1.75  
0/FC1      NC55-5504-FC          0.3   IOFPGA               CURRENT    0.07    0.07  
0/FC3      NC55-5504-FC          0.3   Bootloader           CURRENT    1.75    1.75  
0/FC3      NC55-5504-FC          0.3   IOFPGA               CURRENT    0.07    0.07  
0/FC5      NC55-5504-FC          0.3   Bootloader           CURRENT    1.75    1.75  
0/FC5      NC55-5504-FC          0.3   IOFPGA               CURRENT    0.07    0.07  
0/SC0      NC55-SC               1.6   Bootloader           CURRENT    1.74    1.74  
0/SC0      NC55-SC               1.6   IOFPGA               CURRENT    0.10    0.10  
0/SC1      NC55-SC               1.6   Bootloader           CURRENT    1.74    1.74  
0/SC1      NC55-SC               1.6   IOFPGA               CURRENT    0.10    0.10  


The FPD versions on board shipped by manufacturer may have higher versions than the FPD package integrated in the IOS XR.

Other Important Information

  • The total number of bridge-domains (2*BDs) and GRE tunnels put together should not exceed 1518.

    Here the number 1518 represents the multi-dimensional scale value.

  • The offline diagnostics functionality is not supported in NCS 5500 platform. Therefore, the hw-module service offline location command will not work. However, you can use the (sysadmin)# hw-module shutdown location command to bring down the LC.

  • The warning message that the smart licensing evaluation period has expired is displayed in the console every hour. There is, however, no functionality impact on the device. The issue is seen on routers that do not have the Flexible Consumption licensing model enabled. To stop the repetitive messaging, register the device with the smart licensing server and enable the Flexible Consumption model. Later load a new registration token.

    To register the device with the smart licensing server, follow the instructions provided in this link: Register and Activate Your Device.

    However, if you do not want to enable the Flexible Consumption licensing model then install the CSCvk45026 SMU to stop the repetitive messages.

  • NCS55A1-36H-SE-S – Under Secure Domain Router (SDR) configuration, when you change the size of the RP VM memory from 12 GB (default) to 14 GB and commit your changes, the system reloads. When the system is brought back up, it can crash with a core dump by LC XR VM.

    0/RP0/ADMIN0:Oct 15 12:19:30.280 : dumper[3046]: %INFRA-CALVADOS_DUMPER-6-HOST_COPY_SUCCESS : Copied host file /misc/scratch/core/default-sdr--2.20201015-191552.core.0_RP0.lxcdump.tar.lz4 to 0/RP0:/misc/disk1
    0/RP0/ADMIN0:Oct 15 12:19:30.389 : dumper[3046]: %INFRA-CALVADOS_DUMPER-6-HOST_REMV_SUCCESS : Deleted HostOS file /misc/scratch/core/default-sdr--2.20201015-191552.core.0_RP0.lxcdump.tar.lz4

    This is a one-time reload. Other than the additional time required for the LC XR VM to reload, there is no impact to system functionality.

    After the configuration is applied, we recommend that you reload the chassis when prompted to ensure all VMs and host OS are in sync.

  • LFA FRR feature is not supported.

Supported Modular Port Adapters

For the compatibility details of Modular Port Adapters (MPAs) on the line cards, see the datasheet of that specific line card.

Upgrading Cisco IOS XR Software

Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).

Before starting the software upgrade, use the show install health command in the admin mode. This command validates if the statuses of all relevant parameters of the system are ready for the software upgrade without interrupting the system.


If you use a TAR package to upgrade from a Cisco IOS XR release prior to 7.x, the output of the show install health command in admin mode displays the following error messages:

sysadmin-vm:0_RSP0# show install health
. . .
ERROR /install_repo/gl/xr -rw-r--r--. 1 8413 floppy 3230320 Mar 14 05:45 <platform>-isis-
ERROR /install_repo/gl/xr -rwxr-x---. 1 8413 165 1485781 Mar 14 06:02 <platform>-k9sec-
ERROR /install_repo/gl/xr -rw-r--r--. 1 8413 floppy 345144 Mar 14 05:45 <platform>-li-

You can ignore these messages and proceed with the installation operation.

Production Software Maintenance Updates (SMUs)

A production SMU is a SMU that is formally requested, developed, tested, and released. Production SMUs are intended for use in a live network environment and are formally supported by the Cisco TAC and the relevant development teams. Software bugs identified through software recommendations or Bug Search Tools are not a basis for production SMU requests.

For information on production SMU types, refer the Production SMU Types section of the IOS XR Software Maintenance Updates (SMUs) guide.