Home
Support
Product Support
Optical Networking
Cisco Network Convergence System 1000 Series
Configuration Guides

System Setup and Software Installation Guide for Cisco NCS 1010, IOS XR Releases

View all Saved Content

PDF

Is this content helpful?

Helpful Unhelpful

Suggestions for Improvement

Thank you for your feedback. Your response has been recorded.

Ask about this content

System Setup and Software Installation Guide for Cisco NCS 1010, IOS XR Releases

Expand all sections

About this content

Cisco NCS 1010 optical line system

Cisco NCS 1010 chassis and line cards
Cisco NCS 1000 passive modules

Software setup fundamentals

Types of software releases for Cisco NCS 1010
Downloadable software files for Cisco NCS 1010
Command modes for Cisco NCS 1010

Setup procedures

Pre-setup requirements for Cisco NCS 1010
Cisco NCS 1010 setup workflow
Cisco NCS 1010 software and hardware verification
Cisco NCS 1010 post-setup tasks

TACACS+ and RADIUS configuration

TACACS+ and RADIUS configuration details
Deprecation of type 7 password and type 5 secret
TACACS+ protocol
Configure TACACS+ server
Configure and verify TACACS+ server groups
RADIUS protocol
Configure and verify RADIUS server groups

Setup and upgrade workflow

NCS 1010 upgrade
Software and firmware compatibility matrix
Software upgrade plan
Back up the current configuration
Field programmable devices
System stability checks
Install file sources
Download install files from Cisco Software Center
Software upgrade methods
Data model software upgrade method
Software upgrade verification

Classic ZTP deployment

DHCP configuration
Provision Cisco NCS 1010 using DHCP-based ZTP fresh boot

Software maintenance

Install additional RPMs and bug fixes
Downgrade software version
Telemetry sensor paths for install operations

Setup and upgrade troubleshooting

NCS 1010 boot failure recovery
Recover password
Resolve insufficient disk space during software installation
Recover frozen console prompt

Disaster recovery

Disaster recovery partitions
CPU replacement considerations
Backup ISO image health check
Automated file management behavior

BGP configuration

BGP routing

CDP configurations

CDP support on Cisco NCS 1010

Daisy chain topology

Daisy chain topology
Configure daisy chain on management ports
Verify daisy chain
Enable storm control on TOR switch
Disable DAD on the management port

Access control lists

Access control lists
How access control lists work
Apply ACLs
ACL configuration procedures

Remote node management

Remote node management details for NCS 1010
Remote node management with OSC
Remote node management prerequisites
DHCP relay configuration for OLT node
Loopback IP address for OSC interface
OSPF neighbor discovery
ILA node configuration
OLT node configuration

Remote console connection workflow

Remote console connection details
Remote console connection support for Cisco NCS 1010
Find the MAC address of all the nodes
Connect to a remote node

Automated file management

Automated file management behavior

Audit log storage and monitoring

Audit logging and monitoring details
Audit logs
How audit logging works
Guideline: Use audit logging
Note: Review audit log storage behavior
Configure audit logging

Process memory management

Process memory management details
Core dump folders

How audit logging works

Updated: June 17, 2026

Want to summarize with AI?

This section describes how audit logging works on Cisco NCS 1010, including key stages, system behavior, and outcomes that support setup or management workflows.

Summary

These are the key components involved in this feature:

Network Administrator: The user who initiates configurations via CLI.
Linux audit daemon : The process that monitors system activity according to the installed rules and writes audit event logs.
Local rsyslog daemon: The process that forwards logs to a remote syslog server.
Remote syslog server: The external server that maintains the logs generated by the router.

The Linux audit daemon is the core service that actually performs event monitoring and logging, based on the audit rules configured by the administrator. It operates at the operating system level on each node, such as line cards and processors.

Workflow

These stages describe how audit monitoring and logging works.

The network administrator enables audit monitoring via CLI.
The router software receives the configurations, applies the relevant audit rules, and ensures these rules are distributed to all appropriate nodes.
On each node, the Linux audit daemon actively monitors system events as defined by the audit rules and writes the logs to a local log file at /var/log/audit/audit.log.
If the network administrator has enabled log forwarding, the audit logs are sent to the local rsyslog daemon, which then forwards the logs to a remote syslog server.

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.