Find all the information you need about this release—new features, known behavior, resolved and open bugs, and related information.


Note

Explore Content Hub, the all new portal that offers an enhanced product documentation experience. Content Hub offers the following features to personalize your content experience.

  • Faceted Search to help you find content that is most relevant

  • Customized PDFs

  • Contextual Recommendations


New and Enhanced Software Features for Cisco IOS XE Gibraltar 16.11.x

New and Enhanced Features for Cisco IOS XE Gibraltar 16.11.1a

  • 10G CWDM SFP+ support

  • Cisco Unified Border Element Smart Licensing—Cisco Unified Border Element Smart Licensing—Cisco Smart Software Licensing provides a simple cloud-based solution for managing and tracking the use of your licenses and entitlements across your business. License requirements for the use of CUBE trunk sessions are reported to Cisco Smart Licensing.

  • Channel-Based Metrics Measurement—Configures the performance monitors used by PfRv3 to employ a data collection method combining metadata and traffic sampling to provide traffic metrics.

  • Consent Token for Shell Access—Consent Token is a time-bound multi-factor authentication mechanism for secure access to Cisco devices. When you try to access the Secure Shell on a Consent-Token-enabled device, the device generates an authentication challenge. You must obtain the response to this challenge from a Cisco Authorized personnel through an out-of-band mechanism such as email or phone call, and enter the response on the device to gain access to the Secure Shell. Secure Shell access is revoked after the time interval you specified while requesting access.

  • Dynamic Application Policy Routing—Dynamic Application Policy Routing (DAPR) dynamically steers overlay and underlay egress application traffic flows between multihomed sites connected over RAR links (virtual-access interfaces). This feature extends the existing path management solution of PfRv2 to virtual access interfaces. DAPR routes your traffic based on policy criteria such as link preference and load balancing to meet performance requirements such as delay and jitter.

  • Enhanced Policy Based Routing and Site Manager—The Enhanced Policy-based Routing (ePBR) routing enables application-based routing. Application-based routing provides a flexible, device-agnostic policy routing solution, while also ensuring application performance.

  • FlexVPN IKEv2 Dynamic Route Tagging—The IKEv2 Dynamic Route Tagging feature enables a tag value for automatically-learned (connected) routes. It also helps to apply this tag value on hub site during installation.

  • FlexVPN Event Trace—Displays event trace messages for FlexVPN.

  • IPFIX support for ETA—IP Flow Information Export (IPFIX) protocol is another way for transmitting traffic flow information over the network. Support for ipfix keyword in flow destinations was added.

  • IPv6 Object Group ACL—This feature extends object group-based policy application to IPv6 ACLs. The Object group for access control list (ACL) allows you to classify users, devices, or applications into groups and apply those groups to ACLs to create access control policies for those groups. Object group-based ACL approach reduces configuration size, makes ACLs easily readable and easier to manage, thus minimizing complex and larger ACL configurations.

  • MACsec exception reports for invalid keys and replay attacks—You can use the show mka policy command to verify the XPN configuration. If you do not want to include icv-indicator in MKPDUs, use the no include-icv-indicator command in the MKA policy.

  • MACsec varialble length CKN and optional support for ICV—Use the platform macsec logging replay protection command in global configuration mode to configure the packet count global configuration mode to configure the packet count.

  • MAP-E—The MAP-E feature in this release complements the existing MAP-T capability by providing connectivity to IPv4 hosts across IPv6 domains on CE devices while encapsulating the original IPv4 packet. MAP-E also enables mapping of address between IPv6 and IPv4 addresses, and across transport layer ports. Additionally, the CE device performs NAPT44 translation between a customer private IPv4 address and the MAP-E NAT64 translation to ensure that different CE devices share a common public IPv4 address.

  • PfRv3 Intelligent Load Balance—The PfRv3 Intelligent Load Balance feature detects the remote bandwidth overrun at the earliest possible. It helps to reduce the packet drop caused by per tunnel QoS and increases the bandwidth utilization.

  • PKI - EST CA Certs on Reykey—This feature enables client devices to obtain CA certificate automatically as part of rekey. The CA certificate certifies a new public key for a device.

  • Programmability—The following programmability features are introduced in this release:

    • Kill Telemetry Subscription—he ability to delete a dynamic model driven telemetry dynamic subscription using either:

      • The clear telemetry ietf subscription Cisco IOS command, or

      • The <kill-subscription> RPC

    • NETCONF and RESTCONF Service Level Access Control Lists: Enable you to configure an IPv4 or IPv6 access control list (ACL) for NETCONF and RESTCONF sessions.

      Clients that do not conform to the configured ACL are not allowed to access the NETCONF or RESTCONF subsystems. When service-level ACLs are configured, NETCONF and RESTCONF connection requests are filtered based on the source IP address.

    • YANG Data Models: For the list of Cisco IOS XE YANG models available with this release, navigate tohttps://github.com/YangModels/yang/tree/master/vendor/cisco/xe/16111.

      Revision statements embedded in the YANG files indicate if there has been a model revision. The README.md file in the same GitHub location highlights changes that have been made in the release.

  • Removal of Weak Encryption Types 0, 5, and 7 in AAA—Support has been added for auto-conversion of weak password types 0 and 7 to encrypted password type 6. Configure AES password encryption feature and master encryption key to auto-convert password types 0 and 7 to password type 6.

  • Security Readiness Criteria (SRC) Closure—Refer to the following documents for information about this feature: Security Readiness Criteria (SRC) closure for Cisco Unified Border Element—SRC is a program to meet a set of security criteria before releasing the product offering to the customers. SRC helps to prioritize security requirements that are necessary to reduce the associated risk.

  • Show commands for ETA—Simplified show commands to display ETA configurations, flow statistics, and export statistics for quick troubleshooting.

  • show interface gigabitethernet accounting—The show command output was modified to display the number of packets of each protocol type that have been sent through all configured interfaces.

  • show platform resources - Display bootflash and harddisk Details for RP modules—With this feature, you can use the show platform resources command to view utilization of boot flash and hard disk of a Route Processor.

  • Source interface support for ETA Netflow records—Support for source-interface interface-name for ETA Netflow records was added.

  • Specific License Reservation—With Specific License Reservation, you can deploy a Smart License on a device without directly connecting it to the Cisco Cloud.

  • Support certificate CN/SAN validation—Server Identity Validation on Cisco Unified Border Element—Cisco Unified Border Element supports server identity validation through Common Name (CN) and Subject Alternate Name (SAN) fields in the server certificate during client-side SIP/TLS connections. Validation of CN and SAN fields of the server certificate ensures that the server-side domain is a valid entity.

  • VxLAN Static Routing—Provides a method for connecting multiple servers in a data center to an enterprise edge router, using one-to-many static routes and point-to-multipoint (P2MP) VxLAN tunnels.

  • Web User Interface—Supports an embedded GUI-based device-management tool that provides the ability to provision the router, simplifies device deployment and manageability, and enhances user experience. The following features are supported on Web User Interface from Cisco IOS XE Gibraltar 16.11.1:

    • Nat Statistics

    • IPv6 Support for AAA

    For information on how to access the Web User Interface, see Configure the Router for Web User Interface section.

  • ZBFW HSL using Source Interface Capability—Zone-based Firewall supports export of logged data record to an external collector using NetFlow Version 9, where the collector parses and interprets the data record based on the template. Zone-based firewall uses the High Speed Logging (HSL) capability to generate NetFlow data through the log flow-export v9 udp destination command under the parameter-map type inspect-global configuration.

Resolved and Open Bugs for Cisco IOS XE Gibraltar 16.11.x

About the Cisco Bug Search Tool

Use the Cisco Bug Search Tool to access open and resolved bugs for a release.

The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.

You can filter the search results by last modified date, bug status (open, resolved), severity, rating, and support cases.

Resolved Bugs for Cisco IOS XE Gibraltar 16.11.1a

All resolved bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Caveat ID Number

Description

CSCuw36080

SNMP with Extended ACL

CSCvb03610

Watchdog crash after "% AAA/AUTHEN/CONT: Bad state in aaa_cont_login()."

CSCvh57657

NAT MIB not populated when using traditional NAT

CSCvh59431

Byte counters for physical interface and subinterface don't match

CSCvh77984

Router shows "Flash disk quota exceeded" during the reload, but it still has 60% of free memory left

CSCvi32156

Router crashes when DMVPN tunnel moves accoss ports

CSCvi43518

qWLC-Sanity: interface down due to %EZMAN_RM-3-SERDES_AUTOTUNE_FAIL-R0/0: Failed on lane 54

CSCvi58996

Several OID from CISCO-CLASS-BASED-QOS-MIB stop working when performing upgrade to Denali-16.3.x

CSCvi79674

CPP 0 failure Stuck Thread resulting in Unexpected Reboot

CSCvi93967

EEM: event mat mac-address not triggered on router with NIM-ES2-8-P

CSCvi96874

ASR1001 has crashed with cgm_avlmgr_find_node

CSCvi97054

When configured vlan unlimited with port-channel subinterface, statistics does not increment

CSCvj02081

CPP crash on L2TP router

CSCvj03263

H225 gatekeeper request dropping under "ALG PARSER" with ZBF

CSCvj06493

NAT ALG ASR1K does not translate call id 0 of PPTP client correctlly.

CSCvj08229

ASR1001-X: interface LED remains amber after shut/no shut on the interface

CSCvj08248

Packet throughput drops down when enable tunnel visibility with single tcp flow(>1MPPS)

CSCvj11876

Provide Passthrough Reason in IOS-XE for AppNav

CSCvj12370

ASR1002-X router crashed in cpp_qm_event_collapse_hl_node

CSCvj13382

IOS-XE FIPS mode is enabled by default in QFP even if it is not enabled in CLI

CSCvj15262

ASR1k with stateful nat conf, mapping ID got locked after vrf delete

CSCvj17682

MAC filtering incorrectly set on builtin ports of ISR4300

CSCvj29593

debug platform condition start causes keepalive failures with Vasi interface

CSCvj31705

ASR1k unexpected crash when appNav holds a stale pointer.

CSCvj37835

EPA-1X100GE/CPAK-100G-SR4 stays in a down/down state after a reset.

CSCvj47957

Packet trace does not work with re-injected UTD packets

CSCvj51510

Crash after service-policy APPNAV change on WAAS instance

CSCvj53634

The OID - adslAtucCurrOutputPwr returns incorrect output.

CSCvj56098

CDP over EVC is not working

CSCvj67042

LAN Switches does not learn the right ED upon OTV failover

CSCvj67623

DNS ALG will not work when trying to match specific destination hosts

CSCvj71853

"sdavc_ppdk.pack force" command not accepted during boot up

CSCvj76662

GetVPN TBAR failure does not generate syslogs

CSCvj78083

Path of Last Resort Sending Probes in Standby State

CSCvj78551

ASR1001X @incorrect traffic statistics reported of port-channel sub interface using SNMP.

CSCvj80490

ASR1001-X: Investigate "license request failed , err=0x22" seen at Manufacturing test

CSCvj84104

PLR channel is not muted for some time

CSCvj88138

VASI NAT: FTP ALG translation is sometimes failed

CSCvj88805

ASR1K - No kernel/coredump generated with watchdog reload event

CSCvj89345

AVC license should be activated only in case of smart licensing model

CSCvj90426

Dash i2c Kernel message outputted during boot up

CSCvj90814

Crash due to Memory corruption in ISR4k

CSCvj94133

ASR1001-X : netconf interface goes into oper down state afer reboot tests

CSCvj94863

Channel with wrong label may be created on hub border

CSCvj97483

ASR 1009/1013 (ESP200) will drop traffic when setting police rate over 67.104gbps

CSCvj99489

standby router shows warning message as image is missing when image in present in active and standby

CSCvk00074

cBR-8 crash after issuing show platform hardware qfp active infrastructure bqs

CSCvk00895

double exception in ipv4_nat_icmp_lookup_embedded

CSCvk02072

Hoot-n-holler multicast traffic marked with DSCP 0

CSCvk04614

ASR1K not reachable by Unicast on Port-Channel Sub interfaces when EVC + Sub-interface is configured

CSCvk12152

Unable to remove command 'ip nat inside destination'

CSCvk12448

ESP crash due to fatal error

CSCvk15062

Modification to ZBFW access-lists do not reflect in TCAM

CSCvk17777

ASR1001X - when using VRF NAT port used for ftp data is not freed

CSCvk20336

Ingress ping crash on asr1001x when packet size > 9K

CSCvk26471

Traffic fails after changing Copper SFP to Fiber SFP on 1GE built-in interface.

CSCvk34152

Invalid throughput level in the "show version" output

CSCvk47929

IOS XE 16.08.01 - monitor capture missing packets (TCP ACKed unseen sgmts)

CSCvk51560

Fixed ISR: Increase Maximum Configurable VLAN# and STP# from 32 to 63

CSCvk53938

IOS-XE : IPv6 ACL for Tunnel QoS not matched

CSCvk63602

WAAS Policy Configuration push may caused AppNav Class-maps programming issue in TCAM

CSCvk63706

ASR1000-6TGE / ASR1000-2T+20X1GE in status Unknown after Active RP3 OIR

CSCvk63782

Quick RP3 recovery after the Punt Path XAUI link goes down

CSCvk65072

Crash due ZBF + NAT

CSCvk67137

Crash observed on ASR1002-X @ fnf_age_recalculate_record_len with AVC performance monitor config

CSCvm03744

"%FMFP-3-OBJ_DWNLD_TO_DP_FAILED:fman_fp_image:xxx" appears when configured "ip port-map" on ISR44xx.

CSCvm06270

ICMP unrechables are not sent to the client on C1117 platform

CSCvm08377

IPSEC in DOWN-NEGOTIATING on HSRP Standby router with local-address config

CSCvm16619

CPP-mcplo-ucode crash while encrypting SIP packets with ALG NAT for SIP

CSCvm20374

Polaris Router - CPUHog - SNMP ENGINE crashed with Watchdog timeout

CSCvm25921

Signaling interface inactive on "show snmp mib ifmib ifindex de" on IOS 16.6.3

CSCvm36190

Traceback seen when attempting to recover sw port from bpduguard err-disable state

CSCvm42441

Router crash when clearing ip nat translations

CSCvm44488

ASR1001-HX 10GE SFP+ ports may operate as 1000Mbps

CSCvm47838

lacp max-bundle rejected with Aggregate PortChannel subinterface QoS

CSCvm56202

%Error formatting harddisk: (I/O error) - 0913 Polaris dev image

CSCvm56670

ACL dropping packets after updating it - %CPPEXMEM-3-NOMEM

CSCvm57644

Small clock changes or time drifts can cause GETVPN TBAR drops (Crypto-DP)

CSCvm57817

ASR1002-X crash due to ccp_cp_svr going into lockdown state.

CSCvm59483

Host crashes the DSP if ipv6 commands are configured under Service-Engine [Purge ipv6 config option]

CSCvm65397

Active RP crash at __be_datagram_done

CSCvm66103

Crash due to communication failure - IPC (Inter-Procedure Call) messages between DSP and RP.

CSCvm76464

ASR1k crash due to QoS in case of 4k subscribers per subinterface

CSCvm80502

Traceroute not working when sourced from NAT Inside interface

CSCvm96663

An IOS-XE router crashes after umbrella is configured.

CSCvn02419

Router crash occurs while running Dell software update

CSCvn07478

Ethernet FRR switchover takes more than 200ms on EPA10 and EPA100 if remote Rx fiber is pulled

CSCvn07614

Out of Band DTMF Events Not Passing to CUCM via SCCP When Using IOS MTP

CSCvn13257

Unable to reconfigure VTY lines on ISR4221 once deleted

CSCvn20383

show facility-alarm status doesn't reflect actual port state of cellular interface

CSCvn23732

show interface output reports incorrect bandwidth

CSCvn31658

Removal of loopback interface causes router to crash and erases the conf register settings

CSCvn31824

IOS-XE ISAKMP deletes new SPI if rx new SPI packet before installation is done

CSCvn37147

Lowering the severity of Harddisk Missing Alarm from Major to Info

CSCvn37915

Crash in cpp_bqs_rm_yoda_proc_pend_fc_cb

CSCvn40315

FMANFP-6-IPACCESSLOGP message have IP address byte reversed

CSCvn51553

QFP crashes with a HW interrupt

CSCvn52019

Crashed while checking condition debug

CSCvn72208

RP3 Punt Interface May Drop Traffic Due to VLAN Filter Hardware

CSCvn82245

EIGRP session is not coming up if the dynamic PBR is applied on interface

CSCvn85422

Int index is 0 for the Cellular inteface in the exported flow

CSCvo00664

SUP Crash after running the command " show plat hard qfp act infr bqs debug qmrt_dump "

CSCvo01298

Correction to Quick RP3 recovery after the Punt Path XAUI link goes down

CSCvo01504

%QFPOOR-4-TOP_EXMEM_USER reports negative memory allocation

CSCvo12799

Call is not getting connected in Forking Re-INVITE scenario

CSCvo17113

Show call media forking match failed

CSCvo04856

DataPlane crash observed in MMOH call flow

Open Bugs for Cisco IOS XE Gibraltar 16.11

All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.

Caveat ID Number

Description

CSCvf94088

router crashed while running system test script during configuring Tunnel interface

CSCvh92659

BFD flaps everytime with dynamic tunnel creation in DMVPN

CSCvn54470

ASR1006X linecard down after Active RP3 OIR

CSCvn76837

DMVPN Phase 2 shortcut triggered from a spoke behind PAT may end up in stuck DNX state

CSCvn92709

SNG_AO unavailable alarms are not clearing after removing the monitor-load feature under policy

CSCvo03458

PKI "revocation check crl none" does not fallback if CRL not reachable

CSCvo46138

Stuck CPP Thread while processing H323 packet

CSCvo47436

IOSXE - firewall corrupts half open list

CSCvo61610

FXS - no busy tone is generated on remote-onhook condition with call pickup scenario

CSCvo66216

IPSec-Session count in "show crypto eli" reaches max causing VPN failure

CSCvo79193

Router configured with ZBFW reloads with a last reload reason of LocalSoft

CSCvo80960

Streaming CRCs seen with GLC-GE-100FX VID: V02 on ISR4k

Important Notes, Known Behavior, and Workaround

Important Notes

As of August 2017, Autonomic Networking is no longer supported in any version of Cisco IOS-XE software.

Recover from the ROMmon mode

When you upgrade your IOS software image, you might accidentally delete your old image without updating the boot statement. This could result in entering the ROMmon (ROMMonitor) mode. To recover from the ROMmon mode, the following enhancements are supported for different use cases.

Supported Workaround

Table 1. Exiting from ROMmon Mode

Use Case

Supported Enhancement

Reload the router with config-reg configuration

Before reloading, the routerchecks if the first boot statement points to an image that exists and verifies it. If the image is missing or invalid, the users are prompted for confirmation to proceed with reload of the router.

Reload the router with config-register 0x2102–autoboot

The router checks if the boot variableis set properly, and accordingly prompts the users to proceed with caution.

Reload the router with config-register 0x2102

Auto boot and the boot variable (bootvar) is set, but there is no image in bootvar set path–The router checks if the bootvar is properly set and if there is any image set in the bootvar path. If there is no image in the bootvar path (harddisk/bootflash/flash,and so on), then the reload is aborted with a warning message,and the users are prompted to correct the boot statement or copy the image to hard disk

Auto boot and boot variableis set

If the image is present in the bootvar path, then the router reload is allowed.

Cisco Unified Border Element

Cisco Unified Border Element on Cisco IOS XE Gibraltar Release 16.11.1 is not a recommended version for Media Forking and call flows that include Multicast Music On Hold (MMOH).

ROMmon Release Requirements

The following table provides information about field-replaceable units (FRUs) of Cisco ASR 1000 Series Aggregation Services Routers supported in each ROMmon release.

Table 2. Supported ROMmon Releases for ASR 1000 Series Aggregation Services Routers FRUs

FRU

16.2 (1r)

16.2(2r)

16.3 (2r)

16.7 (1r)

16.9(4r)

16.9(5r)

ASR 1000 RP2

Yes

Yes

Yes

Yes

ASR 1000 RP3

Yes

Yes

Yes

ASR 1001-X

Yes

Yes

Yes

Yes

-

ASR 1002-X

Yes

Yes

Yes

-

ASR 1001-HX

Yes

Yes

Yes

-

ASR 1002-HX

Yes

Yes

Yes

-

ASR 1000- ESP20

Yes

Yes

-

ASR 1000- ESP40

Yes

Yes

-

ASR 1000- ESP100

Yes

Yes

-

ASR 1000- ESP200

Yes

Yes

-

ASR 1000- SIP40

Yes

Yes

-

ASR 1000- 2T+ 20x 1GE

Yes

Yes

-

ASR 1000- 6TGE

Yes

Yes

-

ASR 1000- MIP100

Yes

Yes

-

The following table lists the minimum ROMmon release supported for RP and ESP FRUs in Cisco IOS XE 16.x.x releases.

Table 3. Minimum ROMmon Release Supported for RP and ESP FRUs

Cisco IOS XE Release

ASR 1000 RP2

ASR 1000 RP3

ASR 1000-ESP20

ASR 1000-ESP40

ASR 1000-ESP100

ASR 1000-ESP200

16.2.x

16.2(1r)

16.2(1r)

16.2(1r)

16.2(1r)

16.2(1r)

16.3.x

15.2(1r)S

16.3(2r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.4.x

15.2(1r)S

16.3(2r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.5.x

15.2(1r)S

16.3(2r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.6.x

15.2(1r)S

16.3(2r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.7.x

15.2(1r)S

16.3(2r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.8.x

15.2(1r)S

16.3(2r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.9.x

15.2(1r)S

16.3(2r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.10.x

16.9(5r)

16.9(5r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S

16.11.x

16.9(5r)

16.9(5r)

XNC

15.0(1r)S

15.3(1r)S

15.3(1r)S


Note

If you are on ASR 1000-RP2 platform, after upgrading ROMmon to 16.9(5r), upgrade FPGA to asr1000rpx86-hw-programmables.16.08.01.SPA.pkg or greater [FPGA version >=17071402]

To upgrade asr1000rpx86-hw-programmables.16.08.01.SPA.pkg, it is mandatory that you are on IOS XE Polaris 16.x image. Upgrading FPGA from IOS XE Denali 3.x is not supported.


The following table lists the minimum ROMmon release supported for other FRUs in each Cisco IOS XE 16.x.x release.

Table 4. Minimum ROMmon Release Supported for Other FRUs

Cisco IOS XE Release

ASR 1001-X

ASR 1002-X

ASR 1001-HX

ASR 1002-HX

ASR 1000-2T+20 x1GE

ASR 1000-6TGE

ASR 1000-MIP100

ASR 1000-SIP40

16.2.x

16.2(1r)

16.2(1r)

16.2(2r)

16.2(1r)

16.2(1r)

16.2(1r)

16.2(1r)

16.3.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

15.5(3r)S1

15.4(2r)S

15.5(3r)S1

15.3(1r)S

16.4.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

15.5(3r)S1

15.4(2r)S

15.5(3r)S1

15.3(1r)S

16.5.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

15.5(3r)S1

15.4(2r)S

15.5(3r)S1

15.3(1r)S

16.6.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

15.5(3r)S1

15.4(2r)S

15.5(3r)S1

15.3(1r)S

16.7.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

16.3(2r)

16.3(2r)

15.5(3r)S1

15.3(1r)S

16.8.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

16.3(2r)

16.3(2r)

15.5(3r)S1

15.3(1r)S

16.9.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

16.3(2r)

16.3(2r)

15.5(3r)S1

15.3(1r)S

16.10.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

16.3(2r)

16.3(2r)

15.5(3r)S1

15.3(1r)S

16.11.x

15.4(2r)S

15.5(3r)S1

16.2(2r)

16.2(2r)

16.3(2r)

16.3(2r)

15.5(3r)S1

15.3(1r)S


Note

Due to the effect of CSCve29180 on Cisco ASR 1002-X Router, it is recommended that the ROMMON release on Cisco ASR 1002-X Router be upgraded to 16.7(1r).


The following table lists the recommended ROMmon release for RP and ESP FRUs in each Cisco IOS XE 16.x.x release.

Table 5. Recommended ROMmon Release for RP and ESP FRUs

Cisco IOS XE Release

ASR 1000 RP2

ASR 1000 RP3

ASR 1000-ESP20

ASR 1000-ESP40

ASR 1000-ESP100

16.2.x

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3.x

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.4.x

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.5.x

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.6.x

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.7.x

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.8.x

16.9(5r)

16.9(5r)

16.3(2r)

16.3(2r)

16.3(2r)

16.9.x

16.9(5r)

16.9(5r)

16.3(2r)

16.3(2r)

16.3(2r)

16.10.x

16.9(5r)

16.9(5r)

16.3(2r)

16.3(2r)

16.3(2r)

16.11.x

16.9(5r)

16.9(5r)

16.3(2r)

16.3(2r)

16.3(2r)

The following table lists the recommended ROMmon release for other FRUs in each Cisco IOS XE 16.x.x release.

Table 6. Recommended ROMmon Release for Other FRUs

Cisco IOS XE Release

ASR 1001-X

ASR 1002-X

ASR 1001-HX

ASR 1002-HX

ASR 1000-2T+20x 1GE

ASR 1000-6TGE

ASR 1000-MIP100

ASR 1000-SIP40

16.2.x

16.3(2r)

16.7(1r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3.x

16.3(2r)

16.7(1r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.4.x

16.3(2r)

16.7(1r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.5.x

16.3(2r)

16.7(1r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.6.x

16.3(2r)

16.7(1r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.7.x

16.3(2r)

16.7(1r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.8.x

16.9(1r)

16.7(1r)

16.9(1r)

16.9(1r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.9.x

16.9(4r)

16.7(1r)

16.9(4r)

16.9(4r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.10.x

16.9(4r)

16.7(1r)

16.9(4r)

16.9(4r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)

16.11.x

16.9(4r)

16.7(1r)

16.9(4r)

16.9(4r)

16.3(2r)

16.3(2r)

16.3(2r)

16.3(2r)