About Cisco 1000 Series Integrated Services Routers

The Cisco 1000 Series Integrated Services Routers (also referred to as router in this document) are powerful fixed branch routers based on the Cisco IOS XE operating system. They are multi-core routers with separate core for data plane and control plane. There are two primary models with 8 LAN ports and 4 LAN ports. Features such as Smart Licensing, VDSL2 and ADSL2/2+, 802.11ac with Wave 2, 4G LTE-Advanced and 3G/4G LTE and LTEA Omnidirectional Dipole Antenna (LTE-ANTM-SMA-D) are supported on the router.


Note

Explore Content Hub, the all new portal that offers an enhanced product documentation experience. Content Hub offers the following features to personalize your content experience:

  • Faceted Search to find relevant content

  • Customized PDFs

  • Contextual recommendations


New and Enhanced-Hardware and Software Features

New and Changed Hardware Features

New Hardware Features

There are no new hardware features in the Cisco IOS XE Amsterdam 17.3.1 release.

New and Changed Software Features

Table 1. New Software Features in Cisco ISR1000 Series Release, Cisco IOS XE Bengaluru 17.3.3

Feature

Description

Smart Software Manager On-Prem (SSM On-Prem) Support for Smart Licensing Using Policy

SSM On-Prem is an asset manager, which works in conjunction with CSSM. It enables you to administer products and licenses on your premises instead of having to directly connect to CSSM.

Here, a product instance is connected to SSM On-Prem, and SSM On-Prem becomes the single point of interface with CSSM. The product instance can be configured to push the required information to SSM On-Prem. Alternatively, SSM On-Prem can be set-up to pull the required information from a product instance at a configurable frequency. After usage information is available in SSM On-Prem, you must synchronize the same with CSSM, to ensure that the product instance count, license count and license usage information is the same on both, CSSM and SSM On‐Prem. Offline and online options are available for synchronization between CSSM and SSM On‐Prem.

Minimum Required SSM On-Prem Version: Version 8, Release 202102

Minimum Required Cisco IOS XE Version: Cisco IOS XE Amsterdam 17.3.3

For more information, see Smart Licensing Using Policy for Cisco Enterprise Routing Platforms.

Table 2. New Software Features in Cisco ISR1000 Series Release, Cisco IOS XE Bengaluru 17.3.2

Feature

Description

Smart Licensing Using Policy

An enhanced version of Smart Licensing with the overall objective of providing a licensing solution that does not interrupt the operations of your network but also enables a compliance relationship to account for the hardware and software licenses you purchase and use.

With this licensing model, you do not have to complete any licensing-specific operations such as registering or generating keys before you start using the software and the licenses that are tied to it. License usage is recorded on your device with timestamps and the required workflows can be completed at a later date.

Multiple options are available for license usage reporting which depends on the topology you implement. You can use the Cisco Smart Licensing Utility (CSLU) Windows application or report usage information directly to CSSM. A provision for offline reporting for air-gapped networks where you download usage information and upload to CSSM is also available.

Starting with this release, Smart Licensing Using Policy is automatically enabled on the device. This is also the case when you upgrade to the current version of the release.

By default, your Smart Account and Virtual Account in CSSM are enabled for Smart Licensing Using Policy.

For conceptual, configuration, migration, and troubleshooting information for Smart Licensing Using Policy, see the Smart Licensing Using Policy for Cisco Enterprise Routing Platforms Guide.

For a more detailed overview on Cisco Licensing, go to https://cisco.com/go/licensingguide.

Cisco DNA Support for Smart Licensing Using Policy

Cisco DNA Center supports Smart Licensing Using Policy functionality starting with Cisco DNA Center Release 2.2.2. The corresponding minimum required Cisco IOS XE Release for this platform is 17.3.2.

Implement the “Connected to CSSM Through a Controller” topology to have Cisco DNA Center manage a product instance. When you do, the product instance records license usage, but it is the Cisco DNA Center that initiates communication with the product instance to retrieve and report usage to Cisco Smart Software Manager (CSSM) and returns the acknowledgement (RUM ACK).

In order to meet reporting requirements, Cisco DNA Center provides ad hoc or on-demand reporting, as well as scheduled reporting options. Cisco DNA Center also provides workflows for the installation and removal of the Smart Licensing Authorization Code (SLAC) for a product instance, if applicable.

Note 
On the Cisco DNA Center GUI, you can generate a SLAC only for HSECK9 licenses, and only for certain product instances. See the configuration guide for details.
Table 3. New Software Features in Cisco ISR1000 Series Release, Cisco IOS XE Bengaluru 17.3.1

Feature

Description

Dial Peer Binding with Live Traffic

With the Live Bind feature, you can either change or add binding on a dial-peer that does not have any active calls, while other dial-peers with the same binding has active calls.

Posture Assessment Support

This feature enables you to utilize Posture Assessment capabilites to validate the compliance of endpoints according to security policies of your enterprise. Identity Services Engine (ISE) Posture functions are integrated into Cisco 1100 Integrated Services Routers. This feature can only be configured using the Add-On feature template in Cisco vManage.

show ip nat pool

The output of the show ip nat pool command provides extra details from this release.

show ip cef prefix all

To display all information of CEF, run the show ip cef command. This command in turn displays the output of other show commands therefore avoiding the need to run each of these commands individually:
- show ip route <network> <network mask>
	- show ip cef <network> <network mask> internel
	- show adjacency <adj_id> internel
	- show platform software ip rp active cef prefix <network>/<mask_length> detail
	- show platform software adjacency rp active index <platform_adj_id>
	- show platform software ip fp active cef prefix <network>/<mask_length> detail
	- show platform software adjacency fp active index <platform_adj_id>
	- show platform hardware qfp active feature cef-mpls adjacency handle <cpp_handle_id>

IPv6 Virtual-PPP interface

IPv6 and dual-stack is supported over Virtual-PPP and L2TPv2. This feature enhancement gives the capability of dual-stack support (flow of both IPv4 and IPv6 packets) over Virtual-PPP and L2TPv2.

TLS Server Name Indication (SNI) - RFC6066

With this feature, support is introduced for Server Name Indication (SNI). SNI is a TLS extension that allows a TLS client to indicate the name of the server that it is trying to connect during the initial TLS handshake process.

Up to 100 VRF Instances

The current support limit is 54 VRF instances on a CUBE box. This requires customers to purchase additional hardware to meet requirements. For deployments such as HCS that need to support greater number of tenants per box, the limit of VRF instances is enhanced to 100 with this feature. Also, support is introduced for this feature in CUBE Enterprise with this release.

Media Proxy Multi-forking using SIPREC

With this feature, the SIPREC-based CUBE Media Proxy solution now supports forking to multiple recorders.

OPUS Codec Negotiation

With this feature, support is introduced for OPUS audio codec with CUBE.

Consumption of INVITE with Replaces

Currently, CUBE has a known limitation in handling re-INVITE with replace headers. With this feature, this limitation is being addressed with CUBE consuming the INVITE with Replaces header and bridging the call dialogs appropriately. This feature enhancement is essential for interoperability of CUBE with Microsoft Teams.


Note

All pyang models are not fully compliant with all the IETF guidelines. For some pyang models, the errors and warnings display while executing pyang with .lintflag; these are currently deemed to be non-critical as they do not impact the semantic of the models or prevent the models from being used as part of toolchains. To determine the issues with the pyang models, ensure to enable the pyang.lintflag and then run the check-models.sh script.

It is recommended to ignore LEAFREF_IDENTIFIER_NOT_FOUND and STRICT_XPATH_FUNCTIONS errors.


Cisco ISR1000 ROMMON Compatibility Matrix

The following table lists the ROMmon releases supported in Cisco IOS XE 16.x.x releases and Cisco IOS XE 17.x.x releases

Table 4. Minimum and Recommended ROMmon Releases Supported on Cisco 1000 Series Integrated Services Routers

Cisco IOS XE Release

Minimum ROMmon Release Supported for IOS XE

Recommended ROMmon Release Supported for IOS XE

16.6.x

16.6(1r)

16.6(1r)

16.7.x

16.6(1r)

16.6(1r)

16.8.x

16.8(1r)

16.8(1r)

16.9.x

16.9(1r)

16.9(1r)

16.10.x

16.9(1r)

16.9(1r)

16.11.x

16.9(1r)

16.9(1r)

16.12.x

16.9(1r)

16.12(1r)

17.2.x

16.9(1r)

16.12(1r)

17.3.x

16.9(1r)

16.12(1r)

Resolved and Open Caveats

About the Cisco Bug Search Tool

Use the Cisco Bug Search Tool to access open and resolved bugs for a release.

The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.

You can filter the search results by last modified date, bug status (open, resolved), severity, rating, and support cases.

Resolved Caveats in Cisco IOS XE Amsterdam 17.3.4a

Caveat ID Number

Description

CSCvv92064

App-aware policy need to be honored when queuing is not set by localized policy

CSCvw05211

Pre-mature session deletion leading to churn and lower TPS at scale

CSCvw23197

BFD sessions go down on Service VPN after UTD is enabled on cEdge

CSCvw81572

Multiple crashes cpp_cp_svr and qfp-ucode on 16.12.4

CSCvw87300

IP address not correctly in SIP traffic

CSCvx02009

cEdge running 17.3.2 crashed - Critical software exception / IOSXE-WATCHDOG: Process = SNMP ENGINE

CSCvx21270

SDWAN custom policy that does not looked to be programmed correctly on the cedge platform

CSCvx23159

FW-4-ALERT_ON: (target:class)-():getting aggressive seen when no half open feature configed

CSCvx29856

Port mapping NAT configurations not saved to startup config

CSCvx32670

Wrong reload reason reflected after a power outage.

CSCvx36146

DCHP offer frame getting dropped on cEdge ISR4431 due to Policy

CSCvx36205

Removing and Adding Bulk ACL leads to dataplane programming failure

CSCvx36763

Zone Based Firewall on cEdge router dropping web traffic with the reason Zone-pair without policy

CSCvx38454

ISR Crash for CENT-MC-0 process

CSCvx45788

cannot apply ciscosdwan.cfg due to vpg-log-server-acl ACL on VirtualPortGroup0 for logging

CSCvx49102

PPPoE model enablement on CWMP

CSCvx53049

Crash when TPOOL is updating and 'wr mem' is issues at same time

CSCvx55296

CWMP: WANIPConnection.ExternalIPAddress sent in inform instead of WANPPPConnection.ExternalIPAddress

CSCvx55322

CWMP configures PPP chap callin when username is configured

CSCvx57615

ZBFW blocking ACK packets for applications using cloudexpress SaaS set to use a Gateway with synsent

CSCvx64846

"show sdwan policy service-path/tunnel-path" command cause device crash

CSCvx73741

custom app not getting detected after attached removed and re-attached- app-visibility is disabled

CSCvx75352

CWMP port mapping description is lost after CPE reload

CSCvx77203

[17.5] Router crashed when sending traffic through non-SDWAN interface with DIA NAT + debug enabled

CSCvx78215

An IOS XE device might crash at DoubleExceptionVector

CSCvx79113

SDWAN cedge : traffic simulation tool shows traffic blackhole

CSCvx88246

Packets dropped due to firewall + data policy interop issue

CSCvx89710

SCEP: CA server fails to rollover CA certificate with error: "Storage not accessible"

CSCvx97718

vtcp frees rx buffer when packet with expected next sequence arrives with no payload; phones reset

CSCvy03589

CWMP : Port mpping not created under WANPPP profile when WAN connection is set to PPP Dialer

CSCvy17964

Traceback seen when cwmp wan default interface changed

CSCvy25957

Security container is dropping legitimate FIN,ACK Packets

CSCvy30209

IOS-XE cpp ucode crash with fragmented packets

CSCvy35044

Signature update failure - SSL-CERTIFICATE_VERIFY_FAILED

CSCvy36311

CWMP : Portmapping with space in description field rejected after reload

CSCvy39019

CWMP: WANPPPConnection not reset when PPP credentials changed

Open Caveats in Cisco IOS XE Amsterdam 17.3.4a

Caveat ID Number

Description

CSCvt62123

DMVPN - after removing IPSec, traffic is dropped on a tunnel interface

CSCvu06483

Data consistancy errors seen on configuring mac-sec on the underlay interface with ipsec configured

CSCvv17346

unexpected reload due to Crypto IKEv2 process

CSCvv38438

Watchdog timeout due to Crypto IKMP

CSCvv48885

can not update local-address in a crypto keyring

CSCvw48943

crypto ikev2 proposals are not processed separately

CSCvw60359

cEdge-policy: set next-hop-ipv6 is not working next-hop-ip (ipv4) is working.

CSCvw91361

Crash when issuing "show crypto isakmp peers config"

CSCvw94166

IKE should have a mechanism to alert or mitigate resource exhaustion due to QM flooding

CSCvx74212

IKEv1 IPSec CAC (Call Admission Control) counter leak leading to %CRYPTO-4-IKE_DENY_SA_REQ

CSCvy10041

Removal of 'set reverse-route tag xxx' removes 'reverse-route' config from crypto map

CSCvy54314

Data-policy local-tloc with app-route is dropping packets when SLA is not met

CSCvy58115

Cedge : Cloudexpress Office 365 probes are hitting 100% loss

CSCvy67301

URL Filtering regex pattern match not working on large pattern

CSCvy68270

CWMP wrong parameter value

CSCvy73818

cEdge QFP starts dropping traffic - UTD Service Node not healthy ident

CSCvy78123

cEdge: High CPU usage due to Multicast and Data Policy configuration.

CSCvy82696

cEdge dropping packets [combination /16, /17 data prefix with multiple ports in policy]

CSCvy69555

Unable to fetch eigrp prefix, nexthop, omptag, and route origin

Resolved Caveats in Cisco IOS XE Amsterdam 17.3.3

Caveat ID Number

Description

CSCuv97577

Mishandling of dsmpSession pointer causes a crash

CSCvu23516

Static routes pointing to interface tunnel not valid after tunnel's source interface flaps.

CSCvu32771

IOSd Crash due to Segmentation fault at SISF Main Thread

CSCvv03229

Crash in sre_dp_traverse_dfa_legacy as SIP invite messages crosses a GRE Tunnel

CSCvv09342

Cloud Express probes fails when two default rules are present

CSCvv40006

Traceback: IP SLA triggers INJECT_HDR_LENGTH_ER and INJECT_FEATURE_ESCAPE log message

CSCvv61770

Crash seen in isis_sr_uloop_lspdb_dump with 'debug isis microloop' enabled

CSCvv64633

BGP: advertised community list is malformed due to GSHUT community

CSCvv71775

Cellular interface down/up frequently occurs with DoCoMo MVNO sim

CSCvv78028

No responder-bytes from cEdge when UTD is enabled

CSCvv79273

Router may crash when using Stateful NAT64

CSCvv88621

GETVPN: All GM will crash when Primary KS recovers its COOP role after network outage

CSCvv91575

Cisco 1111-8P ISR: NAT translations packet counter MIB OID counts unnecessary additional value

CSCvv91865

Moving PC from network causes static DHCP binding to be removed from the device.

CSCvw06719

"platform ipsec reassemble transit" tail-drops unencrypted IPv4 Fragments with specific payload

CSCvw06780

DMVPN with ipv6 link-local address do not register to HUB

CSCvw09486

Router might crash after apply a class-map in input direction with bandwidth percentage

CSCvw10972

NAT64 ALG: Router crashes on nat64_process_token

CSCvw11902

Passive FTP doesn't work with NAT

CSCvw14131

Crash in TCL Bytecode When Running RA Trace in Guestshell Python

CSCvw14836

ISR router running 16.9.6 crashes authenticating crypto certificate

CSCvw16643

Device Template failing to attach after changing few device variables

CSCvw19171

Smart license registration through explicit mode proxy server

CSCvw19362

[EVPN RT2-RT5] After few host moves RT2-RT5 re-origination happens even when there is no Remote RT2

CSCvw22760

MACSEC MKA stops forwarding data after every 3rd rekey

CSCvw23041

Crash seen on Fugazi due to %CPPHA-3-FAILURE: R0/0: cpp_ha: CPP 0 failure Stuck Thread(s)

CSCvw30128

ip-acl errors of correcting the logic of sequence id when there is an error with msg creation

CSCvw31389

pktlog functionality is broken

CSCvw32481

EVPN Type-2 IP/MAC route is created for not-connected SVI

CSCvw33113

Unexpected reload in NHRP when access to an invalid memory region

CSCvw34157

APPNAV CFT Crashes

CSCvw36514

cEdge crashes due to a large packet at vesen_ipsec_v4_input_get_vctrl_data

CSCvw36629

cEdge: NATed tuple flips for HSL deleted flow

CSCvw37109

Pseudowire interface may be unexpectedly removed from VFI on unrelated configuration change

CSCvw38433

OMP-Agent Routes in EIGRP changes AD to 252 on non-SDWAN devices

CSCvw39383

CPP ucode crash with fw_base_flow_create

CSCvw41482

SSH with Certificate authentication doesn't work after upgrade to 17.3.1

CSCvw47800

HSL Export over VASI Interface causes Netflow v9 Template Flooding

CSCvw48800

unable to transfer 1500 byte IP packet when using BRI bundled Multilink

CSCvw48811

RP went down due to __be_iosd_rec_malloc_free_before

CSCvw54076

[SIT]: BFD sessions not established between Edges, with UTD enabled

CSCvw55030

Dynamic Nat pool "ip aliases" are not created on the device

CSCvw56517

LMR Unable to hear first seconds of audio

CSCvw57860

Duplicate entries seen in MAC filter table.

CSCvw58560

FlexVPN reactivate primary peer feature does not work with secondary peer tracking

CSCvw58646

cEdge: Inspect rule cannot be modified to accept or drop without deactivating the policy

CSCvw62805

SDWAN ZBFW CPU punted traffic mishandling -- Out2In packet looped

CSCvw76715

OpenSSL vulnerability (CVE-2020-1971) evaluation for IOS-XE

CSCvw77485

Router may not send PIM Register message if RP is reachabile over TE tunnel

CSCvw80173

BGP AS-path prepend: cEdge won't update correctly better prepended route.

CSCvw84759

Device is crashing after Device Access Policy is attached

CSCvw84883

DDNS feature triggers crash on 16.X/17.X releases due to memory corruption

CSCvw86295

Crash wile configuring l2vpn evpn instance for VXLAN

CSCvw97748

Decouple mac aging from ARP aging on vlans not using the centralized gw feature

CSCvx02515

BGP IPv6 link-local session doesn't come up

CSCvx08852

Not able to create VFI instances

CSCvx12686

Memory Lock and system crashed while clearing ip access-list stats.

CSCvx19135

ISR crashes when ZBFW ALG inspects tunneled packet

CSCvx19209

ISIS crash in isis_sr_tilfa_compute_protection

CSCvx36844

Control plane hitting EID prefix entry limit for MAC after upgrade

Open Caveats in Cisco IOS XE Amsterdam 17.3.3

Caveat ID Number

Description

CSCvw88098

cEdge crashes while running web traffic testing with security features enabled

CSCvw89001

LTE interface is not getting IP address after upgrading teh router.

CSCvw89147

Crash at the moment of calculating tcp header

CSCvw92643

Netflow crash at fnf_ipv6_output_feature_final_internal with flow record on IPv6 IPsec tunnel.

CSCvw96723

CP process crashed while I95 driver was adding an IPC response to the receive ring

CSCvx02009

cEdge running 17.3.2 crashed - Critical software exception / IOSXE-WATCHDOG: Process = SNMP ENGINE

CSCvx14095

NETCONF ACL not working if ACL is referencing an object-group.

CSCvx18526

Clients using DHCP Server Port-Based Address Allocation not getting IP address.

CSCvx24332

ucode crash with firewall timer lock

CSCvx24707

bgp-neighbor down when push banner configuration failure

CSCvx25680

IOS-XE Memory Leak in SSS Manager

CSCvx26652

Router crash observed when AppNav Cluster delete with service-insertion enabled on LAN interface

CSCvx35902

fman_rp: qos_hqf [L:1.0, N:0x3485061e18 ] (0p, 0c) download to FP failed resulting in a crash.

CSCvx38454

ISR Crash for CENT-MC-0 process

CSCvx40030

IP PIM SPT-threshold infinity causes ICMP Echo Replies to not be generated for IP Multicast Requests

Resolved Caveats in Cisco IOS XE Amsterdam 17.3.2

Caveat ID Number

Description

CSCvv85766

Memory leak upon ssh/scp connections to a router

CSCvj29514

CME: Toll fraud app not automatically trusting traffic from phones

CSCvp73666

DNA - LAN Automation doesn't configure link between Peer Device and PnP Agent due CDP limitation

CSCvq65366

Cube might crash when sending a SIP message over TLS

CSCvq73575

TCP traceroute - response ICMP TTL exceeded packet dropped by ZBFW with NAT enabled

CSCvq90343

Secure SIP trunk between SIP-GW/CUBE and CUCM with multiple nodes not coming in to service.

CSCvq97906

"DHCPD Receive" process crash

CSCvq98999

Crash when IPSEC SA installation fails @ imgr_ipsec_sa_n2_install_done

CSCvq99498

Crashes when trying to bring-up / bring-down IPsec crypto session for OSPFv3

CSCvr01327

incorrect Total number of translations on show ip nat translations

CSCvr01454

Punt fragment crash when receive EoGRE packets which have many fragments

CSCvr05213

Smart licensing PID and SN logs filling up the IOSRP tracelogs

CSCvr05504

Dialer interface counter does not correlate to the counter of interfaces bounded to

CSCvr12455

KPML dialing fails after CSCvq20936 commit

CSCvr13358

STUN packet breaks MOH RTP packet flow

CSCvr13385

CUBE/LGW: STUN Indication packets generated constantly for call forking flows

CSCvr17169

qfp ucode crash with media monitor

CSCvr24316

Router crashes due to Segmentation Fault when 'ccb' gives a NULL Pointer

CSCvr26524

Crash due to NBAR classification

CSCvr31188

GETVPN gikev2 Secondary KS doesn't push new policy after merging split condition

CSCvr33415

Router may crash unexpectedly with Segmentation fault(11), Process = DSMP

CSCvr39932

IPSEC install failed IPSEC_PAL_SA shows "unexpected number of parents"

CSCvr41793

IOS PKI: CRL retrieval does not use HTTP Content-Length

CSCvr48349

ESP ucode crashed when running NAT with bpa (CGN)

CSCvr51860

Observed Traceback with SRTP-RTP call after hold/resume

CSCvr57565

MGCP Calls with SRTP fail to connect with Cause Value=47 due to T.38 calls

CSCvr58230

While signalling forking the CUBE is not Sending Re-INVITE for T.38 with the Authorized header.

CSCvr80706

IOSXE - ucode crash in ZBF during flow creation for TCP subflows

CSCvr90926

CUBE is updating the resolved IP only after the REGISTER expires

CSCvr96597

IOS-XE crash after doing a SCEP enrollment

CSCvs01943

"login authentication VTY_authen" is missing on "line vty 0 4" only

CSCvs13960

IWAN High CPU and Memory

CSCvs26625

C1113/1112 does not train up in ADSL2+ mode when configured in "operating mode auto"

CSCvs29535

IWAN crash related to DCA channel

CSCvs47682

Router crashed when attempting to remove a nonexistent trustpoint from dspfarm profile

CSCvs56721

spoke-to-spoke PLR packets should not change the interface PLR status

CSCvt20318

BGP Neighbors Stuck on Device

CSCvt48480

Flow monitor is removed from interface configuration on reload

CSCvt62112

Physical policy cannot be clean up with QoS policy in suspended mode on PPPoE Dialer

CSCvt91720

router see http wsma request as coming from 192.168.1.5

CSCvu09862

Call Rerouting functionality not working on 16.6/16.12/17.1 IOS-XE trains.

CSCvu18001

Segmentation fault observed in BGP -"UNIX-EXT-SIGNAL: Segmentation fault(11), Process = BGP Scanner"

CSCvu19733

Evaluation of CVE-2020-11868 for IOS

CSCvu26741

Punt-Keepalive crash with lsmpi_lo_drv and container app traffic.

CSCvu27953

Crash due to a segmentation fault in the "IPsec background proc" process

CSCvu54786

Crash on configuring a highest key identifier for OSPF authentication under an interface

CSCvu65369

Link auto-negotiation fails between C1111-4P ES-4 switch module and Meraki MX100

CSCvu70286

L2RIB thread crashed after removing global vrf definition for evpn

CSCvu98884

Rapid BFD events on CSR running HA solution causes CSR to get stuck in a non-operational state

CSCvv01445

Router Crashes when advertised-routes command executed for neighbours

CSCvv02486

Random MPLS-TE tunnels with explicit-path stay down after egress interface is bounced.

CSCvv04236

IOS-XE: IPv6 OSPF authentication ipsec - adjacency fails

CSCvv08341

Netconf deleting wrong IKEv2 parameters

CSCvv11443

Assertion Failed in MFIB causes Catalyst 9500 Switch to crash

CSCvv13193

Memory leak 'Admin group' with some triggers in ISIS

CSCvv17560

BMP BGP server can lead to CPUHOG and crashes

CSCvv20380

Removing and Adding Bulk ACL leads to Tracebacks and Error-Objects

CSCvv24156

FlexAlgo: ISIS crash when ISIS adjacency goes down

CSCvv25401

EWLC crash after querying an mDNS record

CSCvv26042

ios crash at l2rib_server_ios_obj_notification

CSCvv26538

Crash due to a NULL pointer while bringing down PPPoE sessions.

CSCvv29239

EFT[TUD]: WLC crashed @ mdns_io_event_callback_v6

CSCvv43279

[EVPN RT2-RT5] Routing Loop due to CGW re-originating the Type 2 MAC+IP with MAC+IP VRF details

CSCvv43957

Template push on ISR1k not working due to no authentication timer reauthenticateError

CSCvv59662

cEdge may crash when template with big security policy pushed

CSCvv64319

bgp crash in bgp_show_network_detail, bgp_imp_find_imported_path_topo

CSCvv70274

[EVPN BGP] crash@bgp_ipv6_best_metric, bgp_evpn_best_metric,bgp_best_metric,bgp_show_network_detail

CSCvv72254

EVPN incorrect duplicate v4/v6 default routes, crash eventually

CSCvv78226

cEdge does not install route from type3 LSA into the RIB from area 0

CSCvv94834

BGP crash during IOL testbed launch

Open Caveats in Cisco IOS XE Amsterdam 17.3.2

Caveat ID Number

Description

CSCvu77745

PMAN-3-PROCFAIL: Chassis 1 R0/0: pman: R0/0: The process keyman has failed (rc 139)

CSCvu89597

RM crash at __be_address_cmp __be_avl_get_next while doing shut/no shut or BR

CSCvu89599

BR crash at __be_strlen __be_fman_rtmap_create_route_map_msg

CSCvv40206

Router may crash under ZBF configuration

CSCvv51001

Crash during BGP VPN route import

CSCvv79273

Router may crash when using Stateful NAT64

CSCvv91204

SSS crashed the router at the moment of freeing AAA req

CSCvw05211

Pre-mature session deletion leading to churn and lower TPS at scale

CSCvw09093

route not getting installed, need to remove and reattach the template

CSCvw14836

ISR router running 16.9.6 crashes authenticating crypto certificate

CSCvw16643

Device Template failing to attach after changing few device variables

CSCvw22760

MACSEC MKA stops forwarding data after every 3rd rekey

Resolved Caveats in Cisco IOS XE Amsterdam 17.3.1

Caveat ID Number

Description

CSCvv54943

ISR1100: Bridge Domain does not pass traffic through SVI after an upgrade to 16.12.x onwards.

CSCvp24405

Router crashes after adding macsec reply-protection command on an interface

CSCvs45107

AnyConnect fails to reconnect when original session expires

CSCvs56559

show crypto pki server shows wrong expire certificate date

CSCvs63841

SDWAN ISR1100: No SW Image listed when .bin image booted from flash / usb

CSCvs65950

IOS PKI: P12 not generated on IOS Sub CA at rollover certificate generation

CSCvs81967

ISR4K: %BOOT-3-BOOT_SRC: R0/0: No space on boot /dev/bootflash5 for packages, using bootflash!

CSCvs88686

ISR4K / ASR / CBR8 crash in cpp_cp_svr due to watchdog timeout

CSCvs96540

SDWAN device admin-tech has empty "show running config" in /tech/ios file

CSCvs99705

PKI CLI - no warning that rsakeypair name starting from 0 (zero) is not working for cert regenerate

CSCvt03869

Router reloads due to crypto pki crl request <trustpoint-name> during get a fresh copy of CRL

CSCvt05373

SDWAN device and vmanage is not in sync when manual software reset is done

CSCvt21263

Crash upon delete of virtual-access when virtual-template has "no tunnel protection ipsec initiate"

CSCvt21691

VLAN1 is allowed on the trunk port even though it is not allowed in configurations of C111 interface

CSCvt31561

TBAR is not disabled in GM when it is disabled in KS

CSCvt35947

Duplicate ipv6 address while connecting to remote client

CSCvt40523

GETVPN: KS 16.12.x - COOP switchover causes GMs to immediately use new TEK rekey

CSCvt52051

IPsec tunnel is getting established for a backup NHS DMVPN hub

CSCvt52825

Memory leak in SCCP TLS Client on unexpected deregister event

CSCvt65588

FlexVPN IKEv2 Tunnel route removed after establishing new IKEv2 SA to another peer

CSCvu82189

Enabling guestshell gives "float division by zero"

Open Caveats in Cisco IOS XE Amsterdam 17.3.1

Caveat ID Number

Description

CSCvv02180

C1113-8PLTEEAWA failed to boot: Package does not support : PID not supported in 17.4

CSCvu59956

IOS cannot boot with 16.12(1r) or later rommon due to cookie PID field incorrectly programmed

CSCvu92277

Memory leak observed for FTM process leading to a device crash eventually.