First Published: April 23, 2021

This document provides an overview of the new and changed features in Cisco Prime Network Registrar 11.3, and describes how to access information about the known problems.

This document contains the following sections:


Note

You can access the most current Cisco Prime Network Registrar documentation, including these release notes, online at:

https://www.cisco.com/c/en/us/support/cloud-systems-management/prime-network-registrar/tsd-products-support-series-home.html

Introduction

Cisco Prime Network Registrar 11.3 is comprised of these components:

  • An Authoritative Domain Name System (DNS) protocol service

  • A Caching DNS service

  • A Dynamic Host Configuration Protocol (DHCP) service

Cisco offers these components as individually licensed applications or in a mix of suites.

Before You Begin

Before you install Cisco Prime Network Registrar 11.0, review the system requirements and licensing information available in Cisco Prime Network Registrar 11.0 Installation Guide.


Note

  1. If you are migrating to Cisco Prime Network Registrar 11.0 from an earlier version of Cisco Prime Network Registrar, you must review the release notes for the releases that occurred in between, to fully understand all the changes.

  2. Licenses for Cisco Prime Network Registrar 10.x or earlier are not valid for Cisco Prime Network Registrar 11.x. You should have a new license for Cisco Prime Network Registrar 11.x. For the 11.x regional, if one has 10.x CDNS clusters, the 10.x CDNS licenses must be added on the regional server (10.x CDNS clusters will use 10.x licenses, 11.x CDNS clusters will use 11.x licenses).

  3. Smart Licensing is enabled by default in Cisco Prime Network Registrar 11.0. Cisco Prime Network Registrar 11.x regional, working in Smart License mode, does not support pre-11.0 local clusters. For more details, see the "Using Smart Licensing" section in "Cisco Prime Network Registrar 11.0 Installation Guide".


Warning

Before upgrading the regional Cisco Prime Network Registrar to version 11.x, ensure that the local clusters are upgraded to version 10.1.1 or later. Do not upgrade the local clusters directly to version 11.0 (or later), as they will not be able to register with the regional version until it has also been upgraded to 11.0 (or later).

The Cisco Prime Network Registrar regional server manages and licenses the DHCP, Authoritative DNS, and Caching DNS components. It licenses all services in the local clusters. Only the regional installation requires a license and can accept new licenses. Afterward, the regional server authorizes individual local clusters according to the available licenses.

The Cisco Prime Network Registrar 11.0 kit contains the following files and directories:

  • Linux-CPNR Regional, Local and Client RPM applications for RHEL 8.x/AlmaLinux 8.x/RockyLinux 8.x and RHEL 9.x/AlmaLinux 9.x/RockyLinux 9.x

  • OVA-Regional and Local OVA on AlmaLinux 9.4

  • QCOW2 - Regional and Local QCOW2 on AlmaLinux 9.4

  • Container-Containers for Docker on Red Hat UBI 9.5

  • Kubernetes-Sample YAML files for deployment of Cisco Prime Network Registrar container on Kubernetes

  • Docs-Bugs and Enhancement List

For more details about Licensing, see the "License Files" section in Cisco Prime Network Registrar 11.0 Installation Guide.

Cisco Prime Network Registrar 11.0 is available as a virtual appliance, which includes all its functionalities along with AlmaLinux 9.4 operating systems. The virtual appliance supports VMware ESXi 7.x and 8.x platforms, as well as OpenStack. For more details, see the "Cisco Prime Network Registrar Virtual Appliance" section in Cisco Prime Network Registrar 11.0 Installation Guide.


Note

  1. The Linux distribution included with the optional pre-built VM downloads for Cisco Prime Network Registrar is open-source software and is not owned or supported by Cisco. Customers needing support for Linux should contact third-party software providers.

  2. Cisco Prime Network Registrar 11.0 has been tested with Red Hat Enterprise Linux ES 8.10, AlmaLinux 8.10, RockyLinux 8.10, Red Hat Enterprise Linux ES 9.4, AlmaLinux 9.4, and Rocky Linux 9.4. End users are expected to apply patches and maintenance releases to keep their operating systems up to date with bug fixes and security patches. While Cisco does not expect these updates within the same major OS version to cause issues, it is strongly recommended to lab test any updates before applying them to production servers.

Licensing

Cisco Prime Network Registrar 11.0 supports both Smart Licensing and traditional licensing. However, it does not support the hybrid model, that is, you can use only one of the license types at a time. For a more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide.

Licensing Overview for Cisco Prime Network Registrar 11.x

  1. License Components: Cisco Prime Network Registrar 11.x is licensed in two parts:

    1. Permanent License: Grants ongoing usage rights.

    2. SIA License: Allows for upgrades to future releases.

  2. Upgrade Eligibility: If you have an unexpired SIA license from Cisco Prime Network Registrar 10.x, or an unexpired SWSS contract from version 9.x, you can upgrade until these entitlements expire.

  3. Licensing Methods:

    1. PAK-based Licensing: Requires installation of the PAK onto the Cisco Prime Network Registrar regional server.

    2. Smart Licensing: Delivers licenses to your Smart Account and is enabled by default in version 11.3. You can override it after installation.


      Note
      Starting with the 11.3 release, communication between the regional server and CSSM using Call Home transport is deprecated.

      To upgrade to version 11.3 while using Call Home Transport, refer to the "Upgrade Considerations" section in Cisco Prime Network Registrar 11.3 Installation Guide.

  4. Service-Based Licensing: In version 11.3, licensing is based on the services you require.

For more information, see the "License Files" section in Cisco Prime Network Registrar 11.0 Installation Guide.


Note
Do not delete any individual licenses loaded from the file. If necessary, you may remove older versions of DNS and DHCP licenses after upgrading. However, retain older versions of CDNS licenses if the servers have not been upgraded.

Interoperability

Cisco Prime Network Registrar 11.0 uses individual component licenses. This allows users to purchase and install DHCP services, Authoritative DNS services, and Caching DNS services individually, or as a suite.

If you need additional DNS caching licenses, you should order them based on Server count since DNS caching is a server based license.

To install and manage DHCP, DNS, and Caching DNS licenses, you must deploy a regional server. The regional server, among other things, is used to install, count, and manage licensing for these components.

The synchronization between version 11.3 and pre-11.3 local clusters must be done from a 11.3 regional cluster. Cisco Prime Network Registrar 11.0 protocol servers interoperate with versions 10.1 or later.

What's New in Cisco Prime Network Registrar 11.0

The following table lists the new and modified features we documented in the user and installation guides. For information on additional features and fixes that were committed in Cisco Prime Network Registrar 11.0, see Resolved Bugs and Enhancement Features.

Feature

Description

Docker Container Support

Cisco Prime Network Registrar 11.0 can be run as Docker container that you can install in your own infrastructure. Two Docker images are provided for Cisco Prime Network Registrar 11.0: a regional container and a local container.

DNS over TLS (DoT) Support (Caching DNS)

DNS over TLS (DoT) Support (Authoritative DNS)

DNS queries without encryption are vulnerable to spoofing and other attacks that threaten privacy. To address these issues, Cisco Prime Network Registrar 11.0 supports DNS over TLS (DoT) as specified by RFC 7858. DNS over TLS is a security protocol for encrypting and wrapping DNS queries and answers via the Transport Layer Security (TLS) protocol. It improves privacy and security between clients and resolvers. It uses TCP as the basic connection protocol and layers over TLS encryption and authentication. Cisco Prime Network Registrar 11.0 supports TLS in both Authoritative DNS server and Caching DNS server.

Alternate Views

In Cisco Prime Network Registrar 11.0, zones can be referenced by multiple views without the need to make copies of the zone. This can be useful in a viewed configuration where a subset of zones are common across multiple views. To make the zones visible to other views, set the alternate-view-ids attribute for the zone and reload the DNS server.

Installation/Upgrade Updates

Cisco Prime Network Registrar 11.0 runs on Red Hat/CentOS 7.x and 8.x. Earlier versions of RHEL/CentOS are not supported.

Starting from Cisco Prime Network Registrar 11.0, you need to use the yum install, rpm -i, or dnf install command to install the product. For complete details on installing and upgrading, see Cisco Prime Network Registrar 11.0 Installation Guide.

The major change introduced with Cisco Prime Network Registrar 11.0 is to better separate the distributed files (that is, those installed by the RPM) from those that are data and configuration files specific to your installation. Basically, the /opt/nwreg2 area should not include files that are not provided as part of the installation. Everything that is specific to your installation, should now be in the /var/nwreg2 area.

Starting from Cisco Prime Network Registrar 11.0, HTTPS is enabled by default. HTTP has been disabled due to its inherent insecurity.

Two sets of RPM kits (one set for RHEL/CentOS 7.x and the other set for RHEL/CentOS 8.x) are provided for Cisco Prime Network Registrar 11.0. Each set consists of three RPM kits: One for regional clusters, one for local clusters (DHCP, DNS, and CDNS servers), and one for client-only (this provides the CLI and other tools, no servers).

Smart Licensing

Cisco Prime Network Registrar 11.0 supports both Smart Licensing and traditional licensing.

Cisco Smart Licensing is a flexible licensing model that provides you with an easier, faster, and more consistent way to purchase and manage software across the Cisco portfolio and across your organization. And it’s secure – you control what users can access. With Smart Licensing you get:

  • Easy Activation: Smart Licensing establishes a pool of software licenses that can be used across the entire organization—no more PAKs (Product Activation Keys).

  • Unified Management: My Cisco Entitlements (MCE) provides a complete view into all of your Cisco products and services in an easy-to-use portal, so you always know what you have and what you are using.

  • License Flexibility: Your software is not node-locked to your hardware, so you can easily use and transfer licenses as needed.

To use Smart Licensing, you must first set up a Smart Account on Cisco Software Central (software.cisco.com).

For a more detailed overview on Cisco Licensing, go to cisco.com/go/licensingguide.

Certificate Management

Cisco Prime Network Registrar uses SSL/TLS certificate in various parts of the product (web UI, Caching DNS, and Authoritative DNS). Cisco Prime Network Registrar 11.0 allows you to input certificate files and have them stored in the appropriate location based on the Cisco Prime Network Registrar component. It also allows to keep track of the certificate expiration and warns when the certificate is about to expire.

Oracle Berkeley Database Upgrade

In Cisco Prime Network Registrar 11.0, the Oracle Berkeley database used by the product is upgraded from 4.5.20 to 18.1.32.

The required database upgrade steps are handled automatically the first time Cisco Prime Network Registrar is started after installation.

Command Line Interface Enhancements

The following commands are modified in the CLI. For more information, see Cisco Prime Network Registrar 11.0 CLI Reference Guide.

Modified Commands

The following are the commands that have been removed in Smart Mode:

  • [no] license smart transport [callhome|smart]

  • no call-home destination address http

  • no call-home http-proxy

  • no call-home data-privacy hostname

  • no call-home debug <error|trace|detail|all>

Cisco Prime Network Registrar Bugs

For more information on a specific bug or to search all bugs in a particular Cisco Prime Network Registrar 11.3 release, see Using the Bug Search Tool.

This section contains the following information:

Resolved Bugs

The following table lists the key issues resolved in the Cisco Prime Network Registrar 11.0 release.

Table 1. Resolved Bugs in Cisco Prime Network Registrar 11.0

Bug ID

Description

CSCwm57256

Prefetch function fails to operate correctly when dns64 is enabled

CSCwm52486

CDNS summary log messages may incorrectly mark records are being smart-cached

CSCwk75951

Restart button is displaced in FO/HA objects in the web UI

CSCwm42725

DHCP crashes on receiving INFORM request for non existing lease

CSCwm50600

CDNS failure when RPZ tls connection not verified

CSCwk40173

Multiple concurrent AXFRs can cause the server to hit the concurrent limit and stop any further AXFR

CSCwi70723

Some of the host-health-check(HHC) stats are not updated

CSCwi92768

 Multithreaded Execution Leads to REST Connection Abortions

CSCwj04025

Enabling Create PTR Records for a host does not result in the creation of a PTR record

CSCwh97872

 Java IO Error(keystore password was incorrect) after CPNR upgrade

CSCwk82684

 Returned TFTP completed transfer times are inaccurate

CSCwi61894

 DHCP General Indicator is not showing data when enabled for more that 1 cluster

For the complete list of bugs for this release, see the cpnr_11_3_buglist.pdf file available on the product download site. See this list especially for information about fixes to customer-reported issues.

Enhancement Features

The following table lists the key enhancement feature added in the Cisco Prime Network Registrar 11.0 release.

Table 2. Enhancements in Cisco Prime Network Registrar 11.3
Bug ID Description

CSCwc34714

Running CPNR as non-root

CSCwj43341

Add upstream packet statistics

CSCwi63901

CPNR Kerberos integration roles should be mapped to Group at kerberos end instead of users

CSCwk41399

Expose IPv6 Source Link Address to Dex Extensions

CSCwk83628

Deprecate Call Home transport for Smart License

CSCwj25693

Allow cdns to adjust the TCP listen backlog

CSCwk20929

CDNS Network Settings doc missing some attributes

CSCwa53416

CDNS query-over-ipv4 and query-over-udp counter to be displayed on statistics

For the complete list of bugs for this release, see the cpnr_11_3_enhancements.pdf file available on the product download site. See this list especially for information about fixes to customer-reported issues.

Using the Bug Search Tool

Use the Bug Search tool to search for a specific bug or to search for all bugs in a release.

Procedure

Step 1

Go to the Cisco Bug Search Tool.

Step 2

In the Log In screen, enter your registered Cisco.com username and password. Click Log In.

Note

 
If you do not have a Cisco.com username and password, you can register here.
The Bug Search page is dispayed.

Step 3

To search for a specific bug, enter the bug ID in the search for field and click Search.

Step 4

To search for bugs in the current release, select from the drop-down mean and specify the following criteria:

  1. In the Search For field, enter Cisco Prime Network Registrar 11.0 and click Search.

  2. When the search results are displayed, use the filter tools to find the types of bugs you are looking for. You can search for bugs by status, severity, modified date, and so forth.

Note

 
To export the results to a spreadsheet, click the Export Results to Excel button.

Important Notes

This section contains the important information related to this software release and information in response to recent customer queries.


Note

Call Home transport is no longer supported in CPNR 11.3. Smart Transport is required to connect to the Cisco Smart License server.

  • Before upgrading to version 11.3, ensure that any regional cluster configured to use Call Home transport for registration with the Smart License server is deregistered from the server.

  • After upgrading to 11.3, update the Smart Transport configurations and then re-register the regional cluster with the Smart License server.

For more information see the "Upgrade Considerations" section in Cisco Prime Network Registrar 11.3 Installation Guide.


Note

There is approximately a 30% reduction in DHCPv6 cold performance metrics for version 11.3 on Linux 9 compared to Linux 8. Cold performance refers to new clients, where the Discover/Offer/Request/Ack cycle involves writing to the disk. For returning clients in version 11.3, performance remains consistent between Linux 8 and Linux 9.

Accessibility Features in Cisco Prime Network Registrar 11.0

All product documents are accessible except for images, graphics, and some charts. If you would like to receive the product documentation in audio format, braille, or large print, contact accessibility@cisco.com.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What's New in Cisco Product Documentation.

To receive new and revised Cisco technical content directly to your desktop, you can subscribe to the What's New in Cisco Product Documentation RSS feed. RSS feeds are a free service.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2024 Cisco Systems, Inc. All rights reserved.