Network Convergence System 560 Series Routers


This software release has reached end-of-life status. For more information, see the End-of-Life and End-of-Sale Notices.


Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.

  • Use faceted search to locate content that is most relevant to you.

  • Create customized PDFs for ready reference.

  • Benefit from context-based recommendations.

Get started with the Content Hub at to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.


Cisco IOS XR Release 7.1.2 is an Extended Maintenance Release of Cisco IOS XR Release 7.1.1 for Cisco NCS 560 Series routers. For more details on the Cisco IOS XR release model and associated support, see Guidelines for Cisco IOS XR Software.

Supported Packages and System Requirements

For more information on system upgrade and package installation process, see Perform System Upgrade and Install Feature Packages.

For a complete list of supported optics, hardware and ordering information, see the Cisco NCS 560 Series Routers Interface Modules Data Sheet and Cisco Network Convergence System 560-4 Router Data Sheet.

To install the Cisco NCS 560 Series Routers, see Cisco N560-RSP4 and Cisco N560-RSP4-E Route Processor Hardware Installation Guide and Cisco NCS 560-4 Router Hardware Installation Guide.

Release 7.1.2 Packages

This table lists the Cisco IOS XR Software feature set matrix (packages) with associated filenames.

Table 1. Release 7.1.2 Packages for Cisco NCS 560 Series Router

Composite Package

Feature Set



Cisco IOS XR IP Unicast Routing Core Bundle


Contains base image contents that includes:

  • Host operating system

  • System Admin boot image

  • IOS XR boot image

  • BGP packages

  • OS

  • Admin

  • Base

  • Forwarding

  • Modular Services Card

  • Routing

  • SNMP Agent

  • Alarm Correlation

Cisco IOS XR Manageability Package


Telemetry, Extensible Markup Language (XML), Parser, and HTTP server packages, NETCONF, YANG Models, gRPC.

Cisco IOS XR OSPF package


Supports OSPF

Cisco IOS XR Security Package


Support for Encryption, Decryption, Secure Shell (SSH), Secure Socket Layer (SSL), and Public-key infrastructure (PKI)

Multicast Package


Supports Multicast

Supports Automatic Multicast Tunneling (AMT), IGMP Multicast Listener Discovery (MLD), Multicast Source Discovery Protocol (MSDP) and PIM.

Cisco IOS XR ISIS package


Supports Intermediate System to Intermediate System (IS-IS).

Cisco IOS XR USB Boot Package

Supports Cisco IOS XR USB Boot Package

Cisco IOS XR MPLS Package



Supports MPLS and MPLS Traffic Engineering (MPLS-TE) RPM. Label Distribution Protocol (LDP), MPLS Forwarding, MPLS Operations, Administration, and Maintenance (OAM), Link Manager Protocol (LMP), Optical User Network Interface (OUNI) and Layer-3 VPN.

Cisco IOS XR MPLS-TE and RSVP Package

MPLS Traffic Engineering (MPLS-TE) and Resource Reservation Protocol (RSVP).

Cisco IOS XR EIGRP Package


Includes EIGRP protocol support software

Cisco IOS XR LI Package


Lawful Intercept

Determine Software Version

Log in to the router and enter the show version command.

RP/0/RP1/CPU0:ROUTER#show version

Mon Aug 31 03:57:29.212 UTC
Cisco IOS XR Software, Version 7.1.2
Copyright (c) 2013-2020 by Cisco Systems, Inc.

Build Information:
 Built By     : ahoang
 Built On     : Sat Aug 29 13:23:32 PDT 2020
 Built Host   : iox-ucs-026
 Workspace    : /auto/srcarchive13/prod/7.1.2/ncs560/ws
 Version      : 7.1.2
 Location     : /opt/cisco/XR/packages/
 Label        : 7.1.2

cisco NCS-560 () processor
System uptime is 18 hours 19 minutes


Mon Aug 31 03:58:00.671 UTC
Last login: Sun Aug 30 08:49:41 2020 from

root connected from using ssh on sysadmin-vm:0_RP1

Determine Firmware Support

Log in to the router and enter the show hw-module fpd commands.

RP/0/RP1/CPU0:ROUTER#show hw-module fpd

Mon Aug  31 03:58:07.624 UTC+00:00
                                                                   FPD Versions
Location  Card type         HWver FPD device       ATR Status   Run    Programd
0/RP0     N560-RSP4-E       0.0   ADM                  CURRENT    1.05    1.05  
0/RP0     N560-RSP4-E       0.0   IOFPGA               CURRENT    0.56    0.56  
0/RP0     N560-RSP4-E       0.0   PRIMARY-BIOS         CURRENT    0.17    0.17  
0/RP0     N560-RSP4-E       0.0   SATA                 CURRENT    2.10    2.10  
0/RP1     N560-RSP4-E       0.0   ADM                  CURRENT    1.05    1.05  
0/RP1     N560-RSP4-E       0.0   IOFPGA               CURRENT    0.56    0.56  
0/RP1     N560-RSP4-E       0.0   PRIMARY-BIOS         CURRENT    0.17    0.17  
0/RP1     N560-RSP4-E       0.0   SATA                 CURRENT    2.10    2.10  
0/FT0     A907-FAN-E        1.0   PSOC                 CURRENT    1.65    1.65  


Access Pseudowire Redundancy

The Access Pseudowire Redundancy feature allows you to configure a backup pseudowire under the bridge domain. When the primary pseudowire fails, the provider edge (PE) router switches to the backup pseudowire. The primary pseudowire resumes operation after it becomes functional. The primary pseudowire fails when the PE router fails or when there is a network outage.

See NCS 560 Content Link.

Hardware Based Timestamp using TWAMP

The Cisco IOS XR 7.1.2 Release introduces Hardware based timestamp using TWAMP. This feature provides greater accuracy than other time synchronization protocols which enables the service providers to achieve microsecond precision and better performance at scale.

See NCS 560 Content link.

ITU-T Y.1564

Y.1564 or Ethernet Service Activation (or performance test methodology) is a testing procedure which tests service turn-up, installation and troubleshooting of Ethernet-based services.

Y.1564 allows simultaneous testing of multiple Ethernet services and measures. It validates the different service level agreements (SLAs) to ensure the service meets guaranteed performance settings in a controlled test time. It helps to ensure all the services carried by the network meet the SLA objectives at the maximum committed rate proving that under maximum load, the network devices and paths can support the traffic as designed, even under stress.

See NCS 560 Content Link.

MPLS Over Single-Pass GRE Tunnels

This feature allows MPLS static forwarding over a single-pass GRE tunnel at line rate. One use case is for sending incoming customer traffic over the GRE tunnel, addressed to an anycast virtual IP address (VIP) destination shared by a set of load balancing servers.

See MPLS Over Single-Pass GRE Tunnels.

Segment Routing Path Computation Element Support for MPLS-TE LSPs

The PCE Support for MPLS-TE LSPs feature allows Cisco's SR-PCE to act as a Path Computation Element (PCE) for MPLS Traffic Engineering Label Switched Paths (MPLS-TE LSPs).

See .

Segment Routing Performance Measurement for Link Delay and SR Policy Delay Using RFC5357 (TWAMP Light) Encoding

This feature introduces support for Two-Way Active Measurement Protocol (TWAMP) Light (RFC5357) for link delay and SR policy delay measurement. TWAMP Light adds two-way or round-trip measurement capabilities.

Network performance data such as packet loss, delay and delay variation, and bandwidth utilization is a critical measure for Traffic Engineering (TE). This data provides service providers the characteristics of their networks for performance evaluation that is required to ensure the Service Level Agreements (SLAs). The performance measurement and delay variation feature allows you to measure those metrics and advertise them through IGP extensions as extended TE metrics.

See 560.

Set QoS-group and DSCP at Ingress

With the introduction of this feature, you can set both qos-group and DSCP values within the same QoS policy that is applied in the ingress direction. You can use any permitted value to set the qos-group value.

To set the possible DSCP values for set dscp, configure these values using the following command:

RP/0/RP0/CPU0:ios(config)# hw-module profile qos qosg-dscp-mark-enable 13 15

In the preceding example, only the set dscp 13 and set dscp 15 values are allowed in any QoS policy that contains both set qos-group and set dscp configurations.


Ensure that you reload the router for the hw-module command to be functional.

See .

The command, hw-module profile qos qosg-dscp-mark-enable is introduced.

Behavior Change Introduced

Behavior change refers to any modification of an existing software feature, configuration, or a command. This release introduces following behavior change:

Guidelines for Enabling FIPS

You must follow these guidelines while enabling FIPS mode:

  • You must configure the session with a FIPS-approved cryptographic algorithm. A session configured with non-approved cryptographic algorithm for FIPS (such as, MD5 and HMAC-MD5) does not work. This is applicable for OSPF, BGP, RSVP, ISIS, or any application using key chain with non-approved cryptographic algorithm, and only for FIPS mode (that is, when crypto fips-mode command is configured).

  • If you are using any HMAC-SHA algorithm for a session, then you must ensure that the configured key-string has a minimum length of 14 characters. Otherwise, the session goes down. This is applicable only for FIPS mode.

  • If you try to execute the telnet configuration on a system where the FIPS mode is already enabled, then the system rejects the telnet configuration.

  • If telnet configuration already exists on the system, and if FIPS mode is enabled later, then the system rejects the telnet connection. But, it does not affect the telnet configuration as such.

  • It is recommended to configure the crypto fips-mode command first, followed by the FIPS-related commands in a separate commit. The list of commands related to FIPS with non-approved cryptographic algorithms are:

    • key chain key-chain-name key key-id cryptographic-algorithm MD5

    • key chain key-chain-name key key-id cryptographic-algorithm HMAC-MD5

    • router ospfv3 1 authentication ipsec spi 256 md5 md5-value

    • router ospfv3 1 encryption ipsec spi 256 esp des des-value

    • router ospfv3 1 encryption ipsec spi 256 esp des des-value authentication md5 md5-value

    • snmp-server user username usergroup-name v3 auth md5 priv des56

    • ssh server algorithms key-exchange diffie-hellman-group1-sha1

    • telnet vrf default ipv4 server max-servers server-limit

Logging Format BSD

Cisco IOS XR Release 7.1.2 introduces the command logging format bsd which enables the router to send system log messages to a remote server in BSD (Berkeley Software Distribution) format. This enables systems that are dependent on the BSD format to correctly interpret the log message.

The command, is introduced.

Supported MIBs

The Cisco NCS 5500 MIB support list is also applicable to the Cisco NCS 560 Series Routers. For the list of supported MIBs, see the Cisco NCS5500 MIB Support List.

Restrictions and Limitations on the Cisco NCS 560 Series Router

  • The show inventory and the show diagnostic commands do not display the fan serial number.

  • The hw-module profile mfib statistics command is not supported.

  • Ensure that the ISIS hello interval-timer value is not greater than six seconds, otherwise it may result in an ISIS adjacency flap.

  • Do not use the Cisco N560-RSP4 and Cisco N560-RSP4-E route processors together in the same router.


This section describes open and resolved severity 1 and 2 caveats and select severity 3 caveats:

  • The “Open Caveats” sections list open caveats that apply to the current release and may apply to previous releases. A caveat that is open for a prior release and is still unresolved applies to all future releases until it is resolved.

  • The “Resolved Caveats” sections list caveats resolved in a specific release, but open in previous releases.

The bug IDs are sorted alphanumerically.


The Caveats section includes the bug ID and a short description of the bug. For details on the symptoms, conditions, and workaround for a specific caveat you must use the Bug Search Tool.

Cisco IOS XR Caveats Release 7.1.2

Bug ID



MLDP profiles traffic drops 5-8mins seen on both IPv4 and IPv6 streams after RP FO and Fallback trigger.


After RP failover SR-policy counters are getting lost.


ssh_server drbg_instantiate failed.

Other Important Information

  • Starting with IOS-XR Release 7.1.2, you can configure a sub-interface as an EVPN Core. Previously, EVPN Core interface was not supported on a sub-interface. For more information on EVPN, see EVPN Features.

  • Before upgrading to Cisco IOS XR Release 7.1.2, if you configured and committed the set qos-group and set dscp options as part of the same policy on your router, the interface manager (ifmgr) crashes and the syslog displays the following error:

    “A policy with set qos-group AND set dscp is not supported. Note that this error does not impact any upgrade operations. For details, see the Release Notes”.


    This crash does not affect your upgrade process. The ifmgr restarts twice and ensures that the upgrade is successful.

  • LFA FRR feature is not supported.

Upgrading Cisco IOS XR Software

Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).

The upgrade document (NCS560_Upgrade_MOP_7.1.2.pdf) is available along with the software images.

Communications, Services, and Additional Information

  • To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.

  • To get the business impact you’re looking for with the technologies that matter, visit Cisco Services.

  • To submit a service request, visit Cisco Support.

  • To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco Marketplace.

  • To obtain general networking, training, and certification titles, visit Cisco Press.

  • To find warranty information for a specific product or product family, access Cisco Warranty Finder.

Cisco Bug Search Tool

Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.