Network Convergence System 560 Series Routers


Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.

  • Use faceted search to locate content that is most relevant to you.

  • Create customized PDFs for ready reference.

  • Benefit from context-based recommendations.

Get started with the Content Hub at to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.

What's New in Cisco IOS XR Release 7.3.1

Feature Description


BGP PIC for MPLS for multi-path backup

Unlabeled BGP PIC EDGE for global prefixes is not supported.

Per-Prefix Label Allocation Support on BVI

You can configure connected routes and static routes in per-prefix mode on the BVI. However, dynamic protocols such as BGP in per-prefix mode on the BVI is not supported.

Interface and Hardware Component

16 bundle members in LAG or LACP

The bundle members on the router are increased to 16. Also, the maximum number of supported subinterfaces per system is increased. This feature increases the performance and memory of the router.

Bundle Consistency Checker (BCC)

This feature provides an on-the-router mechanism to check and verify the correct programming for the bundle interface. The system performs the check on ingress and egress traffic. From the running configuration, BCC fetches information from bundle, sub-bundle, and member information and saves that information in a database. Later, BCC collects data from all the running nodes and verifies the information with the information that is saved in the database.

BCC then reports inconsistencies, programming errors, stale entries, and deletes any pending objects.

SPAN to File - PCAPng File Format

This feature introduces new format for recording packet traces. The network packets are mirrored to a file instead of an interface, so that they can be analyzed later. The PCAPng file format:

  • Provides the capability to enhance and extend the existing capabilities of data storage over time.

  • Allows you to merge or append data to an existing file.

  • Enables to read data independently from network, hardware, and operating system of the machine that made the capture.

Modular QoS

4K Pseudowire on Bundle with QoS Enhancement

With this feature you can configure a desired traffic policy, to which your network complies, by using the bandwidth management technique of two-level traffic shaping. You can also increase the Link Aggregation Group (LAG) subinterface scale or pseudowires up to 4K. This increased scale value enables you to increase the number of devices that are connected to your router, resulting in benefits such as increased bandwidth and cost-effective operations.

Conditional Marking of MPLS Experimental Bits for EVPN-VPWS Single-Homing Services

This feature enables you to differentiate traffic in the MPLS forwarding domain and manage traffic from ingress PE to egress PE based on the MPLS EXP bit of the MPLS header. This feature is supported only for EVPN-VPWS single-homing services, and not supported for EVPN-VPWS multi-homing services.

Scaling of Unique Ingress Policy Maps

With this feature, unique policy maps associated to the same template are shared in TCAM, thus enabling scaling of—Or creating more number of—Policy maps.

Shared Policy Instance

This feature allows you to share a single instance of QoS policy across multiple subinterfaces, allowing for aggregate shaping of the subinterfaces to one rate. The ability to facilitate queue consumption in this manner offers the advantage of saving on QoS and hardware resources, while ensuring that the specified rate is not exceeded.


2-port 100-Gigabit Ethernet interface module

The Cisco NCS 560-4 and NCS560-7 Routers now support 2-port 100-Gigabit Ethernet QSFP28 or QSFP-DD module pluggable optics (N560-IMA-2C-DD). This reduces the cost of hardware by retaining the same port density when combining multiple interface types such as 100GE. QSFP DD optics support is planned for future software release.

8-port 10-Gigabit Ethernet SFP+ interface module

The Cisco NCS 560-4 and NCS560-7 Routers now support the new 8-port 10-Gigabit Ethernet SFP+ module (A900-IMA-8Z-L). This reduces the cost of hardware by retaining the same port density when combining multiple interface types such as 10GE.

Enable NCS 4200 Ethernet IMs for NCS 560

The Cisco NCS 4200 Ethernet interface module features are now supported in Cisco NCS 560-4 routers.

  • 2-port 100 Gigabit Ethernet QSFP-28 Module (NCS4200-2H-PQ)

  • 8-port 10 Gigabit Ethernet SFP+ Module (NCS4200-8T-PS)

  • 8/16-port 1 Gigabit Ethernet + 1-port 10 Gigabit Ethernet Module (NCS4200-1T16G-PS)

Segment Routing

Advertisement of SID-Mapping Entries Between IS-IS Levels

This feature supports the advertisement of SID-mapping entries between IS-IS levels (for example, from L1 to L2-only and from L2 to L1). A mapping server is not required for each IS-IS area.

Cumulative Metric Bounds (Delay-Bound use-case)

With this feature, SRTE calculates a shortest path that satisfies multiple metric bounds. This feature provides flexibility for finding paths within metric bounds, for parameters such as latency, hop count, IGP, and TE.

IPv6 Unlabeled Traffic protection with TI-LFA

This feature adds support for IPv6 unlabeled traffic protection for IS-ISv6.

Link Delay Measurement with IPv6 Link Local Address

With Performance Measurement, the source and destination IP addresses used in the OAM packet are determined by the IP address present on the interface where the delay-measurement operation is enabled. If an IPv4 or IPv6 address is not configured under the interface, this feature enables the use of the interface's IPv6 link-local address as the OAM packet source IP address.

Multicast VPN: Tree-SID MVPN With TI-LFA

With this feature, you can use SR for optimally transporting IP VPN multicast traffic between (BGP/MPLS) IP VPN customer sites, across an SP network. To optimize the traffic flow, SR-PCE is used. It dynamically builds, instantiates, and updates a multicast distribution tree on the multicast routers, through an SR policy.

OSPF: TI-LFA for Flexible Algorithm

This feature extends the current TI-LFA functionality to support OSPF.

SR OAM for SR Policy (Policy Name / Binding SID / Custom label stack)

This feature extends SR OAM ping and traceroute function for an SR policy (or binding SID)-LSP end-point combination. This addresses the limitations of the Nil-FEC LSP Ping and Traceroute function which cannot perform a ping operation to a segment list that is not associated with an installed SR policy. Also, it cannot validate egress device-specific SR policies.

SR Performance Measurement Named Profiles

With this feature, users can create specific performance measurement delay profiles for SR policies, based on the interface type or network area the performance management probes are enabled on. This enhances performance measurement capabilities.

SRv6 Micro-Segment (uSID)

This feature is an extension of the SRv6 architecture. It leverages the existing SRv6 Network Programming architecture to encode up to 6 SRv6 Micro-SID (uSID) instructions within a single 128-bit IPv6 address, called the uSID Container. In addition, this feature leverages the existing the SRv6 data plane (SRH) and the SRv6 control plane with no changes. It also provides low MTU overhead. SRv6 uSID supports the following existing SRv6 functionality:

  • IS-IS: TI-LFA, Microloop Avoidance, Flexible Algorithm, OAM, Performance Measurement

  • QoS SRv6 BGP Services: IPv4 L3VPN Per-VRF

  • SRv6 BGP Services: BGP Global IPv4

SRv6 Services: BGP Global IPv6

With this feature, the egress PE can signal an SRv6 Service SID with the BGP overlay service route. The ingress PE encapsulates the IPv4/IPv6 payload in an outer IPv6 header where the destination address is the SRv6 Service SID provided by the egress PE. BGP messages between PEs carry SRv6 Service SIDs as a means to interconnect PEs.

SRv6 Services: IPv6 L3VPN

With this feature, the egress PE can signal an SRv6 Service SID with the BGP overlay service route. The ingress PE encapsulates the IPv4/IPv6 payload in an outer IPv6 header where the destination address is the SRv6 Service SID provided by the egress PE. BGP messages between PEs carry SRv6 Service SIDs as a means to interconnect PEs and form VPNs.

Weighted Anycast SID-Aware Path Computation

This feature extends Anycast SIDs with weighted nodes.

Weighted Anycast nodes advertise a cost (weight) along with the Anycast SID. Traffic is then distributed according to the weights.

Weighted Anycast SIDs allow for highly available paths with node redundancy and path optimality that provide Fast ReRoute (FRR) for node failure of service provider edge (PE) routers and ABR/ASBRs nodes in multi-domain networks.

TI-LFA Open Ring Support

This feature allows the ABR to program a Generic Routing Encapsulation (GRE) tunnel as an outgoing interface for TI-LFA backup paths computed by the IGP in a Segment Routing network.

SR Policy Liveness Monitoring

This feature allows you to verify end-to-end traffic forwarding over an SR Policy candidate path by periodically sending performance monitoring packets.

System Security

User Configurable Maximum Authentication Attempts for SSH

This feature allows you to set a limit on the number of user authentication attempts allowed for SSH connection, using the three authentication methods that are supported by Cisco IOS XR. The limit that you set is an overall limit that covers all the authentication methods together. If the user fails to enter the correct login credentials within the configured number of attempts, the connection is denied and the session is terminated. This command is introduced for this feature: ssh server max-auth-limit.

Ed25519 Public-Key Signature Algorithm Support for SSH

Support for this algorithm is added, when establishing SSH sessions, to Cisco IOS XR 64-bit platforms. It is a modern and secure public-key signature algorithm that provides several benefits, particularly resistance against several side-channel attacks. Prior to this release, DSA, ECDSA, and RSA public-key algorithms were supported. This command is modified for this feature: ssh server algorithms host-key.

Password Masking

With this feature, when you key in a password or secret, it is not displayed on the screen. This enhances security. The feature is enabled by default. The following options are added to the username command:

  • masked-password

  • masked-secret

Support for Ed25519 Public-Key Signature System

This feature allows you to generate and securely store crypto key pair for the Ed25519 public-key signature algorithm on Cisco IOS XR 64-bit platforms. This signature system provides fast signing, fast key generation, fool proof session keys, collision resilience, and small signatures. The feature also facilitates integration of Cisco IOS XR with Cisco Crosswork Trust Insights.

Commands introduced for this feature are:

  • crypto key generate ed25519

  • crypto key zeroize ed25519

  • show crypto key mypubkey ed25519

Commands modified for this feature are:

  • ca-keypair

  • keypair

Network Synchronization

Network Synchronization

The following features are supported on A900-IMA-8Z-L and NCS560-IMA-2C-DD interface modules:

  • PTP Telecom G.8262 Profile

  • PTP Telecom G.8275.1 and G.8275.2 Profiles and Frequency Synchronization

PTP Delay Asymmetry

Asymmetrical delays can significantly degrade synchronization in PTP networks and impact PTP accuracy. This feature allows you to set a delay asymmetry to offset the static delays on PTP paths. This facilitates better synchronization between real-time clocks of devices in a network.

The delay-symmetry command is introduced for this feature.

L2VPN and Ethernet Services

EVPN Access-Driven DF Election

This feature enables a new DF election mechanism to allow the access network to control EVPN PE devices through the interface state. This mechanism allows the PE devices to define the backup path much before the event of failure. This feature reduces the convergence time. The following keywords are added to the service-carving command:



EVPN Convergence Using NTP Synchronization

This feature leverages the NTP clock synchronization mechanism to handle the transfer of DF role from one edge device to another. In this mechanism, the newly added or recovered PE advertises the Service Carving Timestamp along with the current time to peering PEs. This improves convergence by reducing the time for DF election from three seconds to a few tens of milliseconds. The show evpn ethernet-segment command is modified to display the Service-Carving wall clock Timestamp (SCT).

EVPN Preferred Nexthop

With this feature, you can set an active and backup path, in a dual-homed mode based on the nexthop IP address, thereby allowing greater control over traffic patterns. If you are unable to use single-active mode due to hardware, topology, or technological limitations, this feature enables you to direct traffic to a specific remote PE. This feature introduces the preferred nexthop command.

Layer 2 Fast Reroute

In the event of a link failure, this feature enables the router to switch traffic quickly to a precomputed loop-free alternative (LFA) path by allocating a label to the incoming traffic. Thus minimizes the traffic loss ensuring fast convergence. This feature is supported only when PE devices are in an EVPN single-flow-active mode. This feature introduces the convergence reroute command.


EoMPLS 16K Pseudowire scale

This feature is now enhanced to support 16K Pseudowires for Ethernet-over-MPLS.


Bundle Member Selection

This feature enables selecting a bundle member in the control plane to steer the L2 and L3 multicast traffic traversing over bundle at the egress NP. This feature helps optimize fabric bandwidth as the member selection is performed in the control plane.

Multicast Counters

When enabled, this feature provides information on the rate of packets that are received for a multicast route. Starting this release, the feature is extended on the Cisco NCS 560 series routers.

Restrictions and Limitations on the Cisco NCS 560 Series Router

  • Unlabeled BGP PIC EDGE for global prefixes is not supported.


This section describes open and resolved severity 1 and 2 caveats and select severity 3 caveats:

  • The “Open Caveats” sections list open caveats that apply to the current release and may apply to previous releases. A caveat that is open for a prior release and is still unresolved applies to all future releases until it is resolved.

  • The “Resolved Caveats” sections list caveats resolved in a specific release, but open in previous releases.

The bug IDs are sorted alphanumerically.


The Caveats section includes the bug ID and a short description of the bug. For details on the symptoms, conditions, and workaround for a specific caveat you must use the Bug Search Tool.

Cisco IOS XR Caveats Release 7.3.1

There are no caveats for this release.

Bug Search Tool

Use the Cisco Bug Search Tool to access open and resolved bugs for a release.

The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.

Supported Packages and System Requirements

For more information on system upgrade and package installation process, see Perform System Upgrade and Install Feature Packages.

For a complete list of supported optics, hardware and ordering information, see the Cisco NCS 560 Series Routers Interface Modules Data Sheet and Cisco Network Convergence System 560-4 Router Data Sheet.

To install the Cisco NCS 560 Series Routers, see Cisco N560-RSP4 and Cisco N560-RSP4-E Route Processor Hardware Installation Guide and Cisco NCS 560-4 Router Hardware Installation Guide.

Release 7.3.1 Packages

This following table lists the supported packages and their corresponding file names.

Table 1. Release 7.3.1 Packages for Cisco NCS 560 Series Router

Composite Package

Feature Set



Cisco IOS XR IP Unicast Routing Core Bundle


Contains base image contents that includes:

  • Host operating system

  • System Admin boot image

  • IOS XR boot image

  • BGP packages

  • OS

  • Admin

  • Base

  • Forwarding

  • Modular Services Card

  • Routing

  • SNMP Agent

  • Alarm Correlation

Cisco IOS XR Manageability Package


Telemetry, Extensible Markup Language (XML), Parser, and HTTP server packages, NETCONF, YANG Models, gRPC.

Cisco IOS XR OSPF package


Supports OSPF

Cisco IOS XR Security Package


Support for Encryption, Decryption, Secure Shell (SSH), Secure Socket Layer (SSL), and Public-key infrastructure (PKI)

Multicast Package


Supports Multicast

Supports Automatic Multicast Tunneling (AMT), IGMP Multicast Listener Discovery (MLD), Multicast Label Distribution Protocol (MLDP), Multicast Source Discovery Protocol (MSDP) and PIM.

Cisco IOS XR ISIS package


Supports Intermediate System to Intermediate System (IS-IS).

Cisco IOS XR USB Boot Package

Supports Cisco IOS XR USB Boot Package

Cisco IOS XR MPLS Package



Supports MPLS and MPLS Traffic Engineering (MPLS-TE) RPM. Label Distribution Protocol (LDP), MPLS Forwarding, MPLS Operations, Administration, and Maintenance (OAM), Link Manager Protocol (LMP), Optical User Network Interface (OUNI) and Layer-3 VPN.

Cisco IOS XR MPLS-TE and RSVP Package

MPLS Traffic Engineering (MPLS-TE) and Resource Reservation Protocol (RSVP).

Cisco IOS XR LI Package


Lawful Intercept

Cisco IOS XR EIGRP Package


(Optional) Includes EIGRP protocol support software

Determine Software Version

Log in to the router and enter the show version command.

RP/0/RP0/CPU0:R3_PE3_RSP4#show version 
Cisco IOS XR Software, Version 7.3.1
Copyright (c) 2013-2021 by Cisco Systems, Inc.

Build Information:
 Built By     : ingunawa
 Built On     : Thu Feb 25 19:40:08 PST 2021
 Built Host   : iox-ucs-024
 Workspace    : /auto/srcarchive17/prod/7.3.1/ncs560/ws
 Version      : 7.3.1
 Location     : /opt/cisco/XR/packages/
 Label        : 7.3.1

cisco NCS-560 () processor
System uptime is 19 hours 53 minutes

Determine Firmware Support

Log in to the router and enter the show hw-module fpd command.

RP/0/RP0/CPU0:R3_PE3_RSP4#show hw fpd 

                               FPD Versions
Location   Card type             HWver FPD device       ATR Status   Running Programd
0/0        A900-IMA8CS1Z-M       0.0   IMFPGA               CURRENT    1.96    1.96  
0/1        A900-IMA8CS1Z-M       0.0   IMFPGA               CURRENT    1.96    1.96  
0/2        A900-IMA8CS1Z-M       0.0   IMFPGA               CURRENT    1.96    1.96  
0/3        A900-IMA8CS1Z-M       0.0   IMFPGA               CURRENT    1.96    1.96  
0/4        A900-IMA8Z            0.0   IMFPGA               CURRENT   17.05   17.05  
0/5        A900-IMA8Z-L          0.0   IMFPGA               CURRENT    1.48    1.48  
0/7        N560-IMA2C-DD         0.0   IMFPGA               CURRENT    1.26    1.26  
0/9        N560-IMA1W            65.32 CFP2-DE-DCO          CURRENT  38.26887 38.26887
0/9        N560-IMA1W            0.0   IMFPGA               CURRENT    1.26    1.26  
0/10       A900-IMA8Z            0.0   IMFPGA               CURRENT   17.05   17.05  
0/11       A900-IMA8Z-L          0.0   IMFPGA               CURRENT    1.48    1.48  
0/12       A900-IMA8CS1Z-M       0.0   IMFPGA               CURRENT    1.96    1.96  
0/13       A900-IMA8CS1Z-M       0.0   IMFPGA               CURRENT    1.96    1.96  
0/14       NCS4200-1T16G-PS      0.0   IMFPGA               CURRENT    1.96    1.96  
0/15       A900-IMA8CS1Z-M       0.0   IMFPGA               CURRENT    1.96    1.96  
0/RP0      N560-RSP4-E           0.0   ADM                  CURRENT    1.06    1.06  
0/RP0      N560-RSP4-E           0.0   IOFPGA               CURRENT    0.64    0.64  
0/RP0      N560-RSP4-E           0.0   PRIMARY-BIOS         CURRENT    0.17    0.17  
0/RP0      N560-RSP4-E           0.0   SATA                 CURRENT    2.10    2.10  
0/RP1      N560-RSP4-E           0.0   ADM                  CURRENT    1.06    1.06  
0/RP1      N560-RSP4-E           0.0   IOFPGA               CURRENT    0.64    0.64  
0/RP1      N560-RSP4-E           0.0   PRIMARY-BIOS         CURRENT    0.17    0.17  
0/RP1      N560-RSP4-E           0.0   SATA                 CURRENT    2.10    2.10  
0/FT0      N560-FAN-H            1.0   PSOC                 CURRENT    2.02    2.02  

Other Important Information

Upgrading Cisco IOS XR Software

Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).

The upgrade document for Cisco NCS 560 router is available along with the software image in NCS560_Upgrade_MOP_7.3.1.tar file.

Additional References

Supported MIBs

The Cisco NCS 5500 MIB support list is also applicable to the Cisco NCS 560 Series Routers. For the list of supported MIBs, see the Cisco NCS5500 MIB Support List.