Network Convergence System 5500 Series Routers

The NCS 5500 Series, and NCS 5700 line cards and routers, offer industry-leading 400 GbE port density to handle massive traffic growth. They are designed for flexibility and operational simplicity. The product and feature offerings efficiently meet the scaling needs of large enterprises, web, and service providers.

What's New in Cisco IOS XR Release 7.5.1

Cisco IOS XR Release 7.5.1 is a new feature release for Cisco NCS 5500 Series routers. For more details on the Cisco IOS XR release model and associated support, see Guidelines for Cisco IOS XR Software.

New in Documentation

This release introduces rich and intuitive ways for you to access information about error messages and supported MIBs.

Product Description
Cisco IOS XR Error messages

Search by release number, error strings, or compare release numbers to view a detailed repository of error messages and descriptions.

Cisco IOS XR MIBs

Select the MIB of your choice from a drop-down to explore an extensive repository of MIB information.

Software Features Introduced and Enhanced

To learn about features introduced in other Cisco IOS XR releases, select the release from the Documentation Landing Page.

Feature Description
System Setup and Software Installation
Check Integrity of Golden ISO (GISO) Files This feature enables an automated check during install [package] replace operations to ensure the files in GISO has not been corrupted. It does so by calculating the md5sum of the files and comparing it against md5sum value contained within the GISO that was calculated when the image was built.
Enhanced Golden ISO Build Tool This enhancement provides you with the flexibility to use the gisobuild.py tool to build GISO images using Cisco IOS XR software commands, YAML-based template file, or Docker capability to suit your customized install requirements. When you build a GISO, you can also specify Zero Touch Provisioning (ZTP) initialization file, script initialization file, Cisco IOS XR configuration file, and SMUs in addition to using the base image and optional RPMs to automatically provision the router.
Stream Model-Driven Telemetry (MDT) Data for Install Operations

This feature allows you to stream MDT data—both cadence-driven telemetry (CDT) and event-driven telemetry (EDT) data—for changes detected during install operation. After the install operation is complete, this functionality streams telemetry data such as the GISO label, image version, the status of install operation, and potential information about rectifying the installation process for all the active and committed packages.

With this feature, you can stream telemetry data from the following sensor paths:

Cisco-IOS-XR-install-oper:install/request

Cisco-IOS-XR-install-oper:install/packages/committed/summary

Cisco-IOS-XR-install-oper:install/packages/active/summary

Cisco-IOS-XR-install-oper:install/version

Supported Software Upgrade or Downgrade IOS XR Versions

You can determine whether a software version can be upgraded or downgraded to another version using this functionality. Before an actual upgrade or downgrade process, you can also view the hardware or software limitations that could cause the upgrade or downgrade to fail. This feature helps you plan successful software upgrades or downgrades.

This feature introduces the show install upgrade-matrix command.

Telemetry
Target-Defined Mode for Cached Generic Counters Data

This feature streams telemetry data for cached generic counters using a TARGET_DEFINED subscription. This subscription ensures that any change to the cache streams the latest data to the collector as an event-driven telemetry notification.

This feature introduces support for the following sensor path:

Cisco-IOS-XR-infra-statsd-oper:infra-

statistics/interfaces/interface/cache/generic-counters

BGP
BGP Best-External for VPN Address Family Identifier and Subaddress Family Identifier

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in native and compatibiltiy mode.

The feature advertises a best external route to its internal peers as a backup route. The backup route is stored in the RIB and Cisco Express Forwarding. If the primary path fails, the BGP PIC functionality enables the best external path to take over, enabling faster restoration of connectivity.

BGP Fallback Feature for LAG Bundles

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in native and compatibiltiy mode.

This feature enables recreate the essence of OSPF Cost Fallback feature for LAG bundles for directly connected BGP sessions from a PE to a core router.

BGP PIC Backup Path when the Primary Path is a Static Route with the next hop as an IP Address.

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in native and compatibiltiy mode.

This feature enables BGP PIC backup path when the primary path is a static route with the next hop as an IP Address.

Using Entropy Labels to Achieve Load Balancing of BGP LU Traffic

This feature uses entropy labels to load balance BGP LU traffic across the SP network. Entropy labels are additional labels that are added on the ingress Label Switching Router.

Since the core routers load balance labelled traffic flows using entropy labels, deep inspection of packets isn't necessary for transit routers, thus providing better load balancing and preventing congestion.

This feature is supported on Cisco NCS 5700 series routers and Cisco NCS 5500 series routers when configured in native mode (using the hw-module profile npu native-mode-enable command), and it supports RFC 6790 (The Use of Entropy Labels in MPLS Forwarding) specification.

Programmability
Add Multiple Events In a Policy Map With a Single EEM Script With this feature, you can add multiple events to a policy map with boolean (AND or OR) correlation. EEM triggers the script when the correlation defined in the policy map for the events is true. Using EEM scripts, you can create a logical correlation of events in the policy map and configure multiple actions for detectors such as timer, object-tracking, and telemetry events via sensor path.
Debug Automation Scripts

Use this feature to collect logs that contain debug information for ltraces and tech-support data. These logs aid in troubleshooting whenever the scripts are not working as expected.

This feature introduces the show tech-support script command.

Github Repository for Automation Scripts You now have access to sample scripts and templates published on the Github repository. You can leverage these samples to use the python packages and libraries developed by Cisco to build your custom automation scripts for your network
Manage Common Script Actions Using YANG RPCs This feature enables you to use YANG remote procedure calls (RPCs) on Cisco-IOS-XR-infra-script-mgmt-act.yang data model to perform actions on the automation scripts such as add or remove script from the script repository, run, or stop script from running.
Update Automation Scripts from Remote Server

This feature lets you update automation scripts across routers by accessing the master script from a remote site. This eases script management, where you make changes to the master script and then copy it to routers where it is deployed.

This feature introduces the auto-update keyword in the script exec command.

Upgraded IOS XR Python from Version 3.5 to Version 3.9 This upgrade adds new modules and capabilities to create Python scripts and execute the scripts on routers running Cisco IOS XR software. Some of the modules added as part of the upgraded IOS XR Python 3.9 are: hashlib, idna, packaging, pyparsing, six, yaml.
Validate Pre-configuration Using Config Scripts This feature allows you to use config scripts to validate pre-configuration during a commit or validate operation. Any active config scripts can read and validate (accept, reject or modify) pre-configuration. The pre-configuration is only applied to the system later on, when the relevant hardware is inserted, and does not require further script validation at that point. Previously, config scripts did not allow validating configuration until the corresponding hardware was present.
gRPC Connections over UNIX domain sockets for Enhanced Security and Control

This feature allows local containers and scripts on the router to establish gRPC connections over UNIX domain sockets. These sockets provide better inter-process communication eliminating the need to manage passwords for local communications. Configuring communication over UNIX domain sockets also gives you better control of permissions and security because UNIX file permissions come into force.

This feature introduces the grpc local-connection command.

Interface and Hardware Component
48 byte string-based MAID support for Offloaded Endpoints

This feature is supported on Cisco Network Convergence System 5700 Series routers and routers with the Cisco NC57 line cards operating in native mode. This feature extends MAID functionality to support the flexible format for hardware offloaded MEPs. This removes the restrictions on the type of MAID supported for sessions with less than 1 minute time intervals.

To enable the feature in native mode, run the hw-module profile oam 48byte-cfm-maid-enable command in the System Admin Config mode, and reload the router.

Extending GNSS Functionality to Cisco Network Convergence System 5700 Series variants

A Global Navigation Satellite System (GNSS) receiver receives radio signals from GNSS satellites and decodes the information from multiple satellites to determine its distance from each satellite. Based on this data, the GNSS receiver identifies the location of each satellite.

This feature is supported on the following variants of Cisco Network Convergence System 5700 Series fixed chassis:

  • NCS-57B1-6D24-SYS

  • NCS-57B1-5DSE-SYS

For more information about the Cisco NCS 5700 series fixed chassis, see the Cisco NCS-57B1 Fixed Chassis Data Sheet.

OTN Support for NC55-MPA-12T-S MPA on Cisco NCS 5500 Series Routers.

This release introduces support for Optical Network Transport (OTN) on NC55-MPA-12T-S Modular Port Adapter (MPA) on the following Cisco NCS 5500 Series Line cards:

  • NCS-55A2-MOD-S

  • NCS-55A2-MOD-SE-S

  • NCS-55A2-MOD-HX-S

  • NCS-55A2-MOD-SE-H-S

  • NCS-55A2-MOD-HD-S

OTN is a superior technology that bridges the gap between next-generation IP and legacy time-division multiplexing (TDM) networks by acting as a converged transport layer for newer packet-based and existing TDM services. OTN provides robust transport services that leverage many benefits of SONET/SDH, such as resiliency and performance monitoring, while adding enhanced multi-rate capabilities in packet traffic.

The Cisco NCS 5500 Series Routers support Ethernet, SONET/SDH, and OTN client interfaces with data rates from 1 to 10 Gigabits per second.

To enable OTN, use the pm otn report enable command in the otu2e or odu2e mode.

Support for Link Loss Forwarding on Cisco NCS 5500 Series Routers This feature, now available on Cisco NCS 5500 Series Routers, enables high availability between two bridged interfaces by disabling both interfaces if any one of them fails. This functionality allows a fault detected on one side of a CFM-protected network to propagate to the other side, enabling the device to re-route around the failure at that end. In earlier releases, a failure on one bridged interface did not disable the other interface, and connected devices remained unaware of the link loss.
8000 Logical Interfaces Support on NC57 Line Cards With the introduction of this enhancement, the logical interface scale on NC57 line cards has increased to 8000 logical interfaces. This enhanced logical interface scale allows more access-facing interfaces to provide connectivity.
IP Addresses and Services
Disabling ICMP Unreachable Messages

With this feature, you can disable generating the ICMP unreachable message when any traffic packet drops due to a deny ACE. This feature works in the global configuration mode and avoids the cumbersome task of disabling the ICMP unreachable per ACE. Disabling ICMP unreachable message in the router saves your network bandwidth. This feature applies to IPv4, IPv6, and MPLS enabled traffic.

Commands modified:

IPv6 ACL to Match on Fragment Type

With this feature, you can configure the IPv6 Extended Access Lists with Fragment Control. This feature allows more granularity of control over non-initial fragments of an incoming IPv6 packet. It also adds an extra layer of protection against Denial of Service ( DoS) attacks by filtering the incoming fragments of the IPv6 packet in a network.

This feature is now supported on Cisco NCS 5700 Series Fixed Port Routers and the Cisco NCS 5500 Series Routers that have the Cisco NC57 line cards installed and operating in the native mode.

Commands modified:

L2VPN and Ethernet Services
AC-based Virtual Ethernet Segment

This feature is supported on routers that have Cisco NC57 line cards installed and operate in native mode.

This feature allows you to extend the physical links to have VLANs (ACs) that act as Ethernet Virtual Circuits (EVCs). Many such EVCs can be aggregated on a single main interface called Virtual Ethernet Segment (vES). The main interface aggregates many vESs and creates a group to identify these vESs. This mechanism helps to minimize service disruption by mass withdrawal for main peering at the vES level.

Cisco NC57 Compatibility Mode: L2CP Tunneling

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in compatibility mode.

L2 Control Protocols (L2CP) tunneling helps initiate control packets from a local CE (customer-edge) device to a remote CE device.

EVPN E-Tree

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in native mode.

The EVPN E-Tree feature provides a rooted-multipoint Ethernet service over MPLS core. The E-Tree service enables you to define attachment circuits (ACs) as either a root site or a leaf site, which helps in load balancing and avoiding loops in a network.

EVPN E-Tree Per-PE (Scenario 1b) This feature allows you to configure an attachment circuit on a PE device either as a root site or a leaf site using the etree leaf label for an EVPN Instance (EVI) or for a given bridge-domain. By preventing communication among leaf ACs connected to the same PE and belonging to the same EVI, you can segregate traffic received and sent from different geographical locations. This segregation helps in load balancing traffic and avoiding traffic from going into loops in a network.
Support for DHCPv6 Client over BVI This feature is now supported on Cisco NCS 5700 Series Fixed Port Routers and the Cisco NCS 5500 Series Routers that have the Cisco NC57 line cards installed and operating in the native mode.
VPLS and EVPN services with Ethernet Data Plane Loopback

The Ethernet Data Plane Loopback feature allows you to run loopback tests to test the connectivity and quality of connections through a Layer 2 cloud. The Ethernet Data Plane Loopback supports the following services on routers that have the Cisco NC57 line cards installed and operate in the native mode:

  • BGP-VPLS

  • EVPN-ELAN

  • EVPN-VPWS

VPLS over SR-TE and RSVP-TE

For Traffic Engineering, VPLS traffic can be sent using MPLS-TE with RSVP or SR-TE.

Resource Reservation Protocol (RSVP) is a signaling protocol that enables systems to request resource reservations from the network. MPLS Traffic Engineering (MPLS-TE) learns the topology and resources available in a network and then maps traffic flows to particular paths, based on resource requirements and network resources such as bandwidth. MPLS-TE uses RSVP to signal LSPs.

Segment routing for traffic engineering (SR-TE) uses a “policy” to steer traffic through the network.

VPLS over SR-TE and RSVP-TE

For Traffic Engineering, VPLS traffic can be sent using MPLS-TE with RSVP or SR-TE.

Resource Reservation Protocol (RSVP) is a signaling protocol that enables systems to request resource reservations from the network. MPLS Traffic Engineering (MPLS-TE) learns the topology and resources available in a network and then maps traffic flows to particular paths, based on resource requirements and network resources such as bandwidth. MPLS-TE uses RSVP to signal LSPs.

Segment routing for traffic engineering (SR-TE) uses a “policy” to steer traffic through the network.

Y.1731 Support for BGP-VPWS

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in native mode.

BGP VPWS services support CFM continuity check, ITU-T Y.1731 compliant Delay Measurement Message (DMM) and Synthetic Loss Measurement (SLM) functions.

Y.1731 Support for EVPN-ELAN

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in native mode.

EVPN ELAN services support CFM continuity check, ITU-T Y.1731 compliant Delay Measurement Message (DMM) and Synthetic Loss Measurement (SLM) functions. This feature is supported only on single-homed EVPN ELAN.

Y.1731 Support for EVPN-VPWS

This feature is now supported on routers that have Cisco NC57 line cards installed and operate in native mode.

EVPN VPWS services support CFM continuity check, ITU-T Y.1731 compliant Delay Measurement Message (DMM) and Synthetic Loss Measurement (SLM) functions. This feature is supported only on single-homed EVPN VPWS.

Ethernet ACL Support on NC57 Line Cards

This release introduces support for Ethernet ACLs on NC57 line cards. This feature allows Layer 2 network traffic filtering via MAC addresses.

For more information, see L2VPN and Ethernet Services Configuration Guide for Cisco NCS 5500 Series Routers, IOS XR Release 7.5.x.

MPLS
Bandwidth Protection Functions to Enhance auto-tunnel backup Capabilities

This feature introduces bandwidth protection functions for auto-tunnel backups, such as signaled bandwidth, bandwidth protection, and soft-preemption. These functions provide better bandwidth usage and prevent traffic congestion and traffic loss.

In earlier releases, auto-tunnel backups provided only link protection and node protection. Backup tunnels were signaled with zero bandwidth, causing traffic congestion when FRR went active.

This feature introduces the following commands and keywords:

Multicast
Draft-Rosen Multicast VPN (Profile 0)

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in native and compatible modes.

MVPN profile 0 uses GRE tunnels to securely transmit multicast traffic between the PE routers.

Flexible Algorithm for MLDP

This feature gives you the flexibility to customize the metrics that IGP uses to route traffic for MLDP tunnels. With this feature, your router can generate two multicast streams for the same feed, thus ensuring low latency and high availability of multicast traffic.

This feature introduces the flex-algo keyword.

IPv6 Multicast for Multiple Sources

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in native and compatible modes.

IPv6 multicast supports multiple sources for a single multicast group.

Multicast Listener Discovery over BVI

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in native and compatible modes.

Routers use MLD to learn whether members of a group are present on their directly attached subnets over BVI interface.

Multicast Over IPV4 Unicast GRE Tunnels

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in native and compatible modes.

Multicast over GRE allows encapsulation of multicast packets using GRE tunnels, thereby enabling transport of multicast packets securely between source and destination routers located in different IP clouds.

PIM SM for mVPN Profile 14

With this feature, MVPN profile 14 is now extended to support PIM SM mode for IPv4 and static RP.

PIM SM for MVPN is not supported on Cisco NC57 line cards.

mLDP Loop-Free Alternative Fast Reroute

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in native and compatible mode.

With this feature, the router can quickly switch traffic to a precomputed loop-free alternative (LFA) path by allocating a label to the incoming traffic. This minimizes the traffic loss ensuring fast convergence.

mVPN using RSVP-TE P2MP (Profile 22) This feature uses RSVP-TE to establish MPLS transport LSPs through traffic engineering and securely transmits multicast traffic between the PE routers in a MPLS network.
Netflow
Sampled Flow

Sampled flow (sFlow) allows you to monitor real-time traffic in data networks that contain switches and routers. It uses the sampling mechanism in the sFlow agent software on routers to monitor traffic and to forward the sample data to the central data collector.

sFlow uses version 5 export format to forward sampled data.

Modular QoS
Layer 2 Ingress QoS Matching for IPv4 and IPv6 Destination Addresses

Using this feature, you can match class maps to IPv4 and IPv6 destination addresses on Layer 2 networks. The Layer 2 interface service policy has the relevant class maps, actioning them for ingress QoS operations.

This feature provides you with an additional level of classification for aggregated customer traffic at your ingress, thus giving you granular control on traffic flows.

This feature introduces the following commands:
Prioritization of IS-IS and ARP Packets to Manage Transit Traffic

This feature gives you the option to assign the highest priority to IS-IS and Address Resolution Protocol (ARP) packets in transit. This feature is disabled by default.

The feature provides more flexibility in transit traffic management on a per-hop basis and also fine-tunes the traffic profile management for transit traffic.

This feature introduces the hw-module profile qos arp-isis-priority-enable command.
Routing
BFD Support for VRRP

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in native and compatible modes.

This feature introduces BFD support over VRRP interfaces.

IPv4 BFD Multihop over MPLS Core and Segment Routing

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in native and compatible modes.

This feature feature enables you to configure IPv4 Multihop BFD on MPLS LDP and Segment Routing.

Segment Routing
BGP Route Leaking This feature adds support for importing routes from default-VRF to non-default VRF and routes from non-default VRF to default VRF.
IS-IS Flexible Algorithm: Exclude-SRLG Constraint

This feature allows the Flexible Algorithm definition to specify Shared Risk Link Groups (SRLGs) that the operator wants to exclude during the Flex-Algorithm path computation.

This allows the setup of disjoint paths between two or more Flex Algos by leveraging deployed SRLG configurations.

Per-Prefix SRv6 Locator Assignment

This feature provides the ability to assign a specific SRv6 locator for a given prefix or a set of prefixes (IPv4/IPv6 GRT, IPv4/IPv6 VPN).

The egress PE advertises the prefix with the specified locator. This allows for per-prefix steering into desired transport behaviors, such as Flex Algo.

Prefix Metric support for OSPF Flexible Algorithm

This feature extends the current OSPF Flexible Algorithm functionality to support Flex-Algo Prefix Metric.

This feature introduces a Flexible Algorithm-specific prefix-metric in the OSPF prefix advertisement. The prefix-metric provides a way to compute the best end-to-end Flexible Algorithm optimized paths across multiple areas or domains.

SR-PCE: Single PCE scale enhancement With this feature, support for a single PCE is enhanced to 50000 nodes, 100000 LSPs, 500000 links, and 2000 PCEP sessions.
SR-PCE: Stateful North-Bound API for Tree-SID

The SR-PCE provides a north-bound HTTP-based API to allow communication between SR-PCE and external clients and applications. The Cisco Crosswork Optimization Engine is an application that leverages the SR-PCE.

This release adds support for the following:

  • Stateful North-Bound API for Tree-SID using a subscription model

  • SR-PCE continuous notifications of modified or deleted Tree-SIDs as they occur

SRv6 IS-IS Flexible Algorithm This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 IS-IS Microloop Avoidance This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 IS-IS TI-LFA This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 Network Instructions This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 OAM — Ping, Traceroute, SID Verification This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 Services: BGP Global IPv4 This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 Services: EVPN VPWS — All-Active Multi-Homing This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 Services: IPv4 L3VPN This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 under IS-IS This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6 under IS-IS This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
SRv6/MPLS L3 Service Interworking Gateway This feature is now supported on Cisco NCS 5700 series fixed port routers and the Cisco NCS 5500 series routers that have the Cisco NC57 line cards installed and operating in the native mode.
Support for iBGP as PE-CE protocol This feature introduces support for iBGP as PE-CE protocol.
System Security
Command Authorization Using Local User Account

This feature allows locally authenticated users—authenticated by the AAA server internal to the router—to run all XR VM commands even if a remote TACACS+ AAA server is not reachable for authorization. It prevents a complete router lockdown. The feature also prevents remotely authenticated users—authenticated using a remote AAA server (say, TACACS+ server)—from running any non-permitted commands on the router, and thus prevents misuse of user privileges.

This feature modifies the aaa authorization commands default command to include the local option for XR VM command authorization.

LI Enablement with Consent-Token

This feature enables users to optionally gate the Lawful Intercept (LI) enablement on their routers with network vendor's consent, using a consent-token. It also provides an optional package to disable the LI feature for the first time on their routers. This feature is in compliance with the latest ANSSI (Agence nationale de la sécurité des systèmes d'information) security standards.

Prior to this release, there was no gating for LI enablement on routers.

The associated command is:

MPP Parity for Management Ethernet Interface

This release brings in parity between inband interfaces and management Ethernet interfaces with respect to the default behavior for network management traffic permissions. The feature provides a default configuration option to block the management traffic on management Ethernet interfaces when MPP is enabled. This feature thus enhances router-level security and provides more granularity in controlling management access to the router.

In earlier releases, all management traffic was allowed, by default, on the management Ethernet interfaces, even with MPP enabled.

This feature is supported on routers that have the Cisco NC57 line cards installed and operating in the native mode.

This feature introduces the enable-inband-behaviour command.

SSD Encryption This feature enables trust and security in the system’s steady state by encrypting data at the disk level. The encrypted data can be accessed only with a specific key stored in the TAm.
MACSec Encryption Support for NC57-MPA-2D4H-S MPA This release introduces MACSec encryption for the NC57-MPA-2D4H-S Modular Port Adapter (MPA) on the NCS 57C3 and NCS-55A2-MOD-S chassis. This MPA has the advantage of supporting various port combinations and offering 400 and 800Gbps of throughput, depending on the slot you insert it in. This flexibility of port combinations and throughput helps in realizing the entire bandwidth capacity of the chassis.
System Monitoring
Archiving Local Command Accounting Logs

This feature securely stores local command accounting log files that you don't need to access regularly in a specified archive location. Archiving allows you to retain infrequently used log files for operational or regulatory requirements.

The associated commands are:

Out of Resource Handling for Hierarchical Forward Equivalence Class (FEC) With this enhancement, you can view the details of the utilization of Forwarding Information Base (FIB) hardware resources, such as hierarchical FEC and hierarchical Equal Cost Multi-Path (ECMP) FEC, in the output of the command show controllers npu resources. This feature also enables the router to display system logs on the console that alert you when FEC resources have crossed the OOR threshold levels. These logs help you to take corrective action and free up FEC resources, to minimize traffic loss. This enhancement is supported only on Cisco NCS 5700 Series Routers and routers with the Cisco NC57 line cards installed and operating in native mode.
Supporting Custom Profile show tech command

This feature lets you run a customized list of show commands and System Admin show commands from all core protocols such as BGP, MPLS, Segment Routing etc. You can also generate tech-support information that is useful for Cisco Technical Support representatives when troubleshooting a router.

This feature introduces the show tech support custom profile-name command.

System Management
TDM2IP Smart SFP Optics support This feature that enables transparent forwarding of SDH signals, is now supported on Transparent SDH over Packet (TPoP) and Channelized SDH over Packet (CSoP) protocols with smart SFP.

Hardware Introduced

Cisco IOS XR Release 7.5.1 introduces the following hardware support:

Hardware Feature

Description

Supported Optical Modules on Cisco NCS 5500 Series Routers

The NCS-55A1-48Q6H router now supports the following optical modules:

The NCS-55A1-48Q6H and NCS-55A1-24Q6H-SS routers also support the following optical module:

These optical modules offer a wide variety of high-density and low-power 25 Gigabit Ethernet connectivity options for data center and high-performance computing networks applications. The 25G Modules are based on the SFP28 form factor.

For more information on these optical modules, see the Cisco 25GBASE SFP28 Modules Data Sheet.



The NC55-55A2-MOD-S and NC55-55A2-MOD-SE-S routers now support the following optical modules, using the NC57-MPA-2D4H-S modular port adapter (MPA):

  • QDD-400G-ZR-S

  • QDD-400G-ZRP-S

Combined with routers optimized for 400G port bandwidth (in 4x100G mode), these optical modules offer a simplified high capacity backhaul and uplink at a lower cost. The NC57-MPA-2D4H-S MPA can also co-exist with the other MPAs, including the NC55-MPA-1TH2H-S and NC55-MPA-2TH-S.

For more information on these optical modules, see the Cisco 400G Digital Coherent Optics QSFP-DD Optical Modules Data Sheet.

Features Supported on Cisco NC57 Line Cards and NCS 5700 Fixed Routers

The following table lists the parity features supported on Cisco NC57 line cards in compatibility mode (NC57 line cards with previous generation NC55 line cards in the same modular chassis) and native mode (modular chassis with only NC57 line cards and NCS5700 fixed chassis ).

Table 1. Parity Features Supported on Cisco NC57 Line Cards and NCS 5700 fixed routers

Feature

Compatible Mode

Native Mode

BGP Best-External forVPN Address Family Identifier and Subaddress Family Identifier

BGP Fallback Feature for LAG Bundles

BGP PIC Backup Path when the Primary Path is a Static Route with the next hop as an IP Address.

48 byte string-based MAID support for Offloaded Endpoints

Enabling GNSS for the57B1 variants of 5700 fixed-port routers

IPv6 ACL to Match on Fragment Type

Cisco NC57 Compatibility Mode: L2CP Tunneling

AC-based Virtual Ethernet Segment

Support for DHCPv6 Client over BVI

VPLS and EVPN services with Ethernet Data Plane Loopback

Y.1731 Support for BGP-VPWS

Y.1731 Support for EVPN-ELAN

Y.1731 Support for EVPN-VPWS

Draft-Rosen Multicast VPN (Profile 0)

IPv6 Multicast for Multiple Sources

Multicast Listener Discovery over BVI

Multicast Over IPV4 Unicast GRE Tunnels

mLDP Loop-Free Alternative Fast Reroute

BFD Support for VRRP

SRv6 IS-IS Flexible Algorithm

SRv6 IS-IS Microloop Avoidance

SRv6 IS-IS TI-LFA

SRv6 Network Instructions

SRv6 OAM — Ping,Traceroute, SID Verification

SRv6 Services: BGP Global IPv4

SRv6 Services: EVPN VPWS — All-Active Multi-Homing

SRv6 Services: IPv4 L3VPN

SRv6 under IS-IS

SRv6/MPLS L3 Service Interworking Gateway

Forward Equivalence Class (FEC) Out of Resource (OOR) System Logs

SyncE Support on Vigor400-Base (Cisco NC57 based 400GE Base Line Card)

SyncE Support on Vigor400-Base (Cisco NC57 based 400GE SE Line Card)

IPv4 BFD Multihop over MPLS Core and Segment Routing

For the complete list of parity features supported on Cisco NC57 line cards until Cisco IOS XR Release 7.5.1 , see:

Caveats

Table 2. Cisco NCS 5500 Series Routers Specific Bugs

Bug ID

Headline

CSCvz53722

Commit replace failed with message " 'OSPFV3' detected the 'resource not available' condition".

CSCwa19042

Login banner text leaf (line) is missed on Cisco-IOS-XR-um-banner-cfg when the total characters in text exceeds 1015.

CSCvz56160

[NCS-57C1-48Q6-SYS] Port details missing for few modules under 'show inventory raw details'

Release Package

This table lists the Cisco IOS XR Software feature set matrix (packages) with associated filenames.

Visit the Cisco Software Download page to download the Cisco IOS XR software images.

Table 3. Release 7.5.1 Packages for Cisco NCS 5500 Series Router

Composite Package

Feature Set

Filename

Description

Cisco IOS XR IP Unicast Routing Core Bundle

ncs5500-mini-x.iso

Contains base image contents that includes:

  • Host operating system

  • System Admin boot image

  • IOS XR boot image

  • BGP packages

Individually-Installable Optional Packages

Feature Set

Filename

Description

Cisco IOS XR Manageability Package

ncs5500-mgbl-3.0.0.0-r751.x86_64.rpm

Extensible Markup Language (XML) Parser, Telemetry, Netconf, gRPC and HTTP server packages.

Cisco IOS XR MPLS Package

ncs5500-mpls-2.1.0.0-r751.x86_64.rpm

ncs5500-mpls-te-rsvp-2.2.0.0-r751.x86_64.rpm

MPLS and MPLS Traffic Engineering (MPLS-TE) RPM.

Cisco IOS XR Security Package

ncs5500-k9sec-3.1.0.0-r751.x86_64.rpm

Support for Encryption, Decryption, Secure Shell (SSH), Secure Socket Layer (SSL), and Public-key infrastructure (PKI)

Cisco IOS XR ISIS package

ncs5500-isis-1.2.0.0-r751.x86_64.rpm

Support ISIS

Cisco IOS XR OSPF package

ncs5500-ospf-2.0.0.0-r751.x86_64.rpm

Support OSPF

Lawful Intercept (LI) Package

ncs5500-li-1.0.0.0-r751.x86_64.rpm

Includes LI software images

Multicast Package

ncs5500-mcast-1.0.0.0-r751.rpm

Support Multicast

Table 4. Release 7.5.1 TAR files for Cisco NCS 5500 Series Router

Feature Set

Filename

NCS 5500 IOS XR Software 3DES

NCS5500-iosxr-k9-7.5.1.tar

NCS 5500 IOS XR Software

NCS5500-iosxr-7.5.1.tar

NCS 5500 IOS XR Software

NCS5500-docs-7.5.1.tar

Table 5. Release 7.5.1 Packages for Cisco NCS 5700 Series Router

Feature Set

Filename

NCS 5700 IOS XR Software

ncs5700-x64-7.5.1.iso

NCS 5700 IOS XR Software (only k9 RPMs)

ncs5700-k9sec-rpms.7.5.1.tar

NCS 5700 IOS XR Software Optional Package

NCS5700-optional-rpms.7.5.1.tar

This TAR file contains the following RPMS:

  • optional-rpms/cdp/*

  • optional-rpms/eigrp/*

  • optional-rpms/telnet/*

Determine Software Version

To verify the software version running on the router, use show version command in the EXEC mode.

RP/0/RP0/CPU0:router# show version
Cisco IOS XR Software, Version 7.5.1
Copyright (c) 2013-2021 by Cisco Systems, Inc.
 
Build Information:
Built By     : username
Built On     : Sun Nov 28 11:12:48 PST 2021
Built Host   : iox-ucs-101
Workspace    : /auto/srcarchive15/prod/7.5.1/ncs5500/ws
Version      : 7.5.1
Location     : /opt/cisco/XR/packages/
Label        : 7.5.1
 
cisco NCS-5500 () processor
System uptime is 7 minutes

Determine Firmware Support

Use the show hw-module fpd command in EXEC and Admin mode to view the hardware components with their current FPD version and status. The status of the hardware must be CURRENT; Running and Programed version must be the same.


Note

You can also use the show fpd package command in Admin mode to check the fpd versions.


This sample output is for show hw-module fpd command from the Admin mode:

sysadmin-vm:0_RP0# show hw-module fpd
                                  FPD Versions
                                 ==============
Location  Card type         HWver FPD device       ATR Status      Run     Programd
-----------------------------------------------------------------------------------
0/3       NC55-24X100G-SE   1.0   Bootloader           CURRENT     1.19      1.19   
0/3       NC55-24X100G-SE   1.0   IOFPGA               CURRENT     0.13      0.13   
0/3       NC55-24X100G-SE   1.0   SATA-M600-MCT        CURRENT     5.00      5.00   
0/RP0     NC55-RP           1.1   Bootloader           CURRENT     9.31      9.31   
0/RP0     NC55-RP           1.1   IOFPGA               CURRENT     0.09      0.09   
0/RP0     NC55-RP           1.1   SATA-M600-MU         CURRENT     6.00      6.00   
0/RP1     NC55-RP           1.1   Bootloader           CURRENT     9.31      9.31   
0/RP1     NC55-RP           1.1   IOFPGA               CURRENT     0.09      0.09   
0/RP1     NC55-RP           1.1   SATA-M600-MU         CURRENT     6.00      6.00   
0/FC1     NC55-5504-FC      1.0   Bootloader           CURRENT     1.75      1.75   
0/FC1     NC55-5504-FC      1.0   IOFPGA               CURRENT     0.09      0.09   
0/FC3     NC55-5504-FC      1.0   Bootloader           CURRENT     1.75      1.75   
0/FC3     NC55-5504-FC      1.0   IOFPGA               CURRENT     0.09      0.09   
0/FC5     NC55-5504-FC      1.0   Bootloader           CURRENT     1.75      1.75   
0/FC5     NC55-5504-FC      1.0   IOFPGA               CURRENT     0.09      0.09   
0/SC0     NC55-SC           1.5   Bootloader           CURRENT     1.74      1.74   
0/SC0     NC55-SC           1.5   IOFPGA               CURRENT     0.10      0.10   
0/SC1     NC55-SC           1.5   Bootloader           CURRENT     1.74      1.74   
0/SC1     NC55-SC           1.5   IOFPGA               CURRENT     0.10      0.10 

Important Notes

  • The total number of bridge-domains (2*BDs) and GRE tunnels put together should not exceed 1518. Here the number 1518 represents the multi-dimensional scale value.

  • The offline diagnostics functionality is not supported in NCS 5500 platform. Therefore, the hw-module service offline location command will not work. However, you can use the (sysadmin)# hw-module shutdown location command to bring down the LC.

Supported Modular Port Adapters

For the compatibility details of Modular Port Adapters (MPAs) on the line cards, see the datasheet of that specific line card.

Upgrading Cisco IOS XR Software

Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).

Before starting the software upgrade, use the show install health command in the admin mode. This command validates if the statuses of all relevant parameters of the system are ready for the software upgrade without interrupting the system.


Note

  • If you use a TAR package to upgrade from a Cisco IOS XR release prior to 7.x, the output of the show install health command in admin mode displays the following error messages:

sysadmin-vm:0_RSP0# show install health
. . .
ERROR /install_repo/gl/xr -rw-r--r--. 1 8413 floppy 3230320 Mar 14 05:45 <platform>-isis-2.2.0.0-r702.x86_64
ERROR /install_repo/gl/xr -rwxr-x---. 1 8413 165 1485781 Mar 14 06:02 <platform>-k9sec-3.1.0.0-r702.x86_64
ERROR /install_repo/gl/xr -rw-r--r--. 1 8413 floppy 345144 Mar 14 05:45 <platform>-li-1.0.0.0-r702.x86_64

You can ignore these messages and proceed with the installation operation.

  • Quad configurations will be lost when you perform a software downgrade on a NCS-55A1-48Q6H device from IOS XR Release 7.5.1 onwards to a release prior to IOS XR Release 7.5.1 due to non-backward compatibility change. The lost configuration can be applied manually after the downgrade.


Production Software Maintenance Updates (SMUs)

A production SMU is a SMU that is formally requested, developed, tested, and released. Production SMUs are intended for use in a live network environment and are formally supported by the Cisco TAC and the relevant development teams. Software bugs identified through software recommendations or Bug Search Tools are not a basis for production SMU requests.

For information on production SMU types, refer the Production SMU Types section of the IOS XR Software Maintenance Updates (SMUs) guide.

Use user-class Option 'xr-config' Instead Of 'exr-config' To Provision ZTP

In Cisco IOS XR Release 7.3.1 and earlier, the system accepts the device sending user-class = "exr-config"; however starting Cisco IOS XR Release 7.3.2 and later, you must use only user-class = "xr-config".

In Cisco IOS XR Release 7.3.2 and later, use:

host cisco-rp0 {
   hardware ethernet e4:c7:22:be:10:ba;
   fixed-address 172.30.12.54;
   if exists user-class and option user-class = "iPXE" {
      filename = "http://172.30.0.22/boot.ipxe";
   } elsif exists user-class and option user-class = "xr-config" {
      filename = "http://172.30.0.22/scripts/cisco-rp0_ztp.sh";
   }
}