About Cisco ASR 1000 Series Aggregation Services Routers
The Cisco ASR 1000 Series Routers carry a modular yet integrated design, so network operators can increase their network capacity and services without a hardware upgrade. The routers are engineered for reliability and performance, with industry-leading advancements in silicon and security to help your business succeed in a digital world that's always on. The Cisco ASR 1000 Series is supported by the Cisco IOS XE Software, a modular operating system with modular packaging, feature velocity, and powerful resiliency. The series is well suited for enterprises experiencing explosive network traffic and network service providers needing to deliver high-performance services.
 Note |
For more information on the features and specifications of Cisco ASR 1000 Series Routers, refer to the Cisco ASR 1000 Series Routers datasheet. For information on the End-of-Life and End-of-Sale Announcements for Cisco ASR 1000 Series routers, refer to the ASR 1000 Series End-of-Life and End-of-Sale Notices. |
Note |
Cisco IOS XE 17.18.1a is the first release for Cisco ASR 1000 Series Aggregation Services Routers in the Cisco IOS XE 17.18.x release series. |
Product Field Notice
Cisco publishes Field Notices to notify customers and partners about significant issues in Cisco products that typically require an upgrade, workaround or other user action. For more information, see https://www.cisco.com/c/en/us/support/web/field-notice-overview.html.
We recommend that you review the field notices to determine whether your software or hardware platforms are affected. You can access the field notices from https://www.cisco.com/c/en/us/support/web/tsd-products-field-notice-summary.html#%7Etab-product-categories.
New and Changed Hardware Features
There are no new hardware features for this release.
New and Changed Software Features in Cisco IOS XE 17.18.2
|
Product Impact |
Feature |
Description |
||
|---|---|---|---|---|
|
Ease of Setup |
From Cisco IOS XE 17.18.2, you can configure IPv6 data prefix lists, rule with rule sets, and object groups in security policy using Cisco SD-WAN Manager. For more information, see Security Policy |
|||
|
Upgrade |
IPv6 GRE-TP tunnel as protected link support for SRv6 TI-LFA with IS-IS |
From Cisco IOS XE 17.18.2, this feature extends IPv6 GRE-TP tunnel as protected link support for SRv6 TILFA with ISIS. |
||
|
Upgrade |
IPv4 GRE-TP tunnel as protected link support for SR-MPLS TI-LFA with OSPFv2 |
From Cisco IOS XE 17.18.2 this feature extends IPv4 GRE-TP tunnel as protected link support for SR-MPLS TILFA with OSPFv2. |
||
|
Upgrade |
IPv4 GRE-TP tunnel as protected link support for SR-MPLS TI-LFA with IS-IS |
From Cisco IOS XE 17.18.2 this feature extends IPv4 GRE-TP tunnel as protected link support for SR-MPLS TILFA with ISIS. |
||
|
CUBE Features |
||||
|
Upgrade |
From Cisco IOS XE 17.18.2 onwards, for a recorder response with INACTIVE SDP attributes, CUBE stops media packets transmission towards that recorder. |
|||
|
Security |
Security warnings for usage of legacy TLS and associated weaker ciphers – CUBE and SRST |
From Cisco IOS XE 17.18.2 onwards, CUBE and SRST display warning messages during handshake for configurations with legacy TLS (v1.0, v 1.1) and associated weaker ciphers. |
||
|
Infrastructure Resiliency |
||||
|
Security |
Infrastructure Resiliency |
Starting with the Cisco IOS XE 17.18.2 release and in future releases, Cisco software will display warning messages when configuring features or protocols that do not provide sufficient security such as those transmitting sensitive data without encryption or using outdated encryption mechanisms. Warnings will also appear when security best practices are not followed, along with suggestions for secure alternatives. This list is subject to change, but the following is a list of features and protocols that are planned to generate warnings in releases beyond the version Cisco IOS XE 17.18.1. Release notes for each release will describe exact changes for that release:
|
||
New and Changed Software Features in Cisco IOS XE 17.18.1a
|
Product Impact |
Feature |
Description |
||
|---|---|---|---|---|
|
Ease of Use |
From Cisco IOS XE 17.18.1a release, Cisco Catalyst SD-WAN Manager supports deployment of IOx applications such as Cyber Vision, Thousand Eyes, UTD, and so on. The support to monitor these applications is introduced through Hosted Edge Services monitoring dashboard which offers a simplified user experience for overseeing IOx container applications across multiple devices. The Hosted Edge Services monitoring dashboard is introduced on Cisco Catalyst SD-WAN Manager version 20.18.x. |
|||
|
Ease of Use |
This feature introduces a new certificate authorization setting, Enterprise Certificate Settings, which unifies certificate configurations for SD-Routing devices. Cisco SD-WAN Manager automates certificate management by leveraging protocols like EST (Enrolment over Secure Transport) and SCEP (Simple Certificate Enrolment Protocol). The feature automates the enrolment, and renewal of certificates. |
|||
|
Upgrade |
This feature enables the transport of IPv4 MVPN traffic across an SRv6 network. It simplifies multicast deployment by using the existing SRv6 unicast infrastructure as the underlay. With this feature, the ingress PE router receives multicast traffic and creates a separate unicast SRv6-encapsulated copy for each egress PE router in the multicast group. |
|||
|
Upgrade |
This feature introduces a mechanism to determine the maximum transmission unit (MTU) for packets traversing an SRv6 underlay network. It ensures efficient packet forwarding by preventing fragmentation and packet drops, thereby allowing network devices to dynamically adjust packet sizes to avoid exceeding link MTU limits. The system relays ICMP Packet Too Big (PTB) messages from the SRv6 underlay to the IPv6/IPv4 overlay network, supporting both Transit-node and Headend-node PTB relay methods. |
|||
|
Upgrade |
From Cisco IOS XE 17.18.1a, Flexible Algorithm enhances SRv6 by including functions like Topology Independent Loop-Free Alternate (TI-LFA) and microloop (uLoop) avoidance. This feature improves network resilience and efficiency. |
|||
|
Ease of setup |
Cisco IOS XE 17.18.1a introduces the Cisco Secure Routers Swim and Onboarding tool that helps customers upgrade and onboard autonomous hardware devices to cloud-hosted or on-premises Catalyst Cisco SD-WAN Manager. |
|||
|
Ease of setup |
Security Cloud Control is a cloud-based multi-device manager that facilitates management of security policies to achieve consistent policy implementation. Security Cloud Control helps optimize your security policies by identifying inconsistencies with them and by giving you tools to fix the inconsistencies. From Cisco IOS XE 17.18.1a release, you can integrate Cisco SD-WAN Manager with Security Cloud Control, which allows you to import existing NGFW policies, security objects, and security profiles into Security Cloud Control. With this integration, you can share objects and policies as well as make configuration templates to promote policy consistency across devices. |
|||
|
CUBE Features |
||||
|
Ease of Use |
From Cisco IOS XE 17.18.1a onwards, serviceability is enhanced to display consolidated information on forked and associated anchor call legs. |
|||
|
Upgrade |
Third-Party GUID capture for correlation between call transfers and SIP-based recording |
From Cisco IOS XE 17.18.1a onwards, the Third-Party GUID capture for correlation between calls and SIP-based recording is extended to support transmission of globally unique identifiers (GUIDs) to the recording server during call transfers. |
||
|
Upgrade |
IOS UC apps reports smart licensing flex subscription entitlement tag |
From Cisco IOS XE 17.18.1a onwards, CUBE and SRST smart licensing reports flex subscription entitlement tag on all the supported platforms. |
||
Resolved and Open Bugs for Cisco IOS XE 17.18.x
Resolved Bugs for Cisco IOS XE 17.18.2
|
Bug ID |
Description |
|---|---|
|
Tunnel key/protection do not work together for VPLS multipoint connections. |
|
|
SDWAN On-Demand Tunnels Do Not Expire When UMTS Is Enabled |
|
|
NAT64 static entry removed when command to delete non-existent entry is applied. |
|
|
cEdge: device may boot up into prev_packages.conf due to power outage. |
|
|
NWPI not capturing self-generated syslog traffic. |
|
|
Router crash when removing SGT caching on an interface. |
|
|
Router sending a 2 Byte packet of FLOW_SAMPLER_RANDOM_INTERVAL instead of a 4-Byte packet. |
|
|
After upgrade to 17.15 for earlier releases sd-wan service-tracker in vrf selects source IP address from GRT when MPLS Inter-AS VPN option B configured. |
|
|
ISR exporters with ETA enabled are generating invalid template data errors in SN. |
|
|
EPBR set interface action get missing after reboot. |
|
|
vDaemon crash when initializing DNS channels. |
Open Bugs for Cisco IOS XE 17.18.2
|
Bug ID |
Description |
|---|---|
|
Cedge ignore the keepalive command under the SIG tunnel interface pushed by the SD-WAN Manager. |
|
|
Incorrect NAT translation from service-vrf to global for self-generated ICMP 11 (Time Exceeded) packets. |
|
|
fman crash after FNF config changes. |
|
|
Not able to onboard sd-routing devices using generic bootstrap file stored in USB. |
|
|
Cedge port forward issue with multiple ISP. |
|
|
Out of sync when CLI Template was attached. |
|
|
Strange behavior with the Cisco Umbrella SIG tunnels configured from vManage to Umbrella. |
|
|
TLOC Extension unable to program due to module boot up timing. |
|
|
Cipher Suites TLS 1.2 for control connections. |
|
|
Router crashes when configuring SSL VPN with Policy-Based Routing (PBR) and NAT. |
|
|
There seems to be an issue where the NAT router is not responding to ARP requests. |
|
|
SDWAN C-Edge Router Crashes - CPU Usage due to Memory Pressure exceeds threshold. |
|
|
Slow performance on Netconf RPC on 17.15.2a on stateless static NAT translation. |
|
|
FIB table routes: Next Hop (NH) ID 0 is getting corrupted and assigned to a value other than Blackhole. |
|
|
dmiauthd process crashes, due to which the configuration does not sync between startup-config and the running-config. |
|
|
17.9 cEdges - Control Connection to vManage is only Attempted over Highest Priority TLOC. |
|
|
Add CLI to change per MPLS label CEF statistics query interval on FMAN FP. |
|
|
Router experienced Critical process ompd fault on rp_0_0. |
|
|
Router crash in TDM-TDM call when debug voip fpi enabled. |
|
|
[XE MCAST] Multicast traffic not forwarded over P2P DMVPN phase 1 tunnel. |
|
|
BFD sessions flapping and not recovering - SYMNAT port not updating to data-plane. |
|
|
SD-WAN Edge: Periodic Service Restart May Generate Crash Files. |
|
|
Unexpected reload on ftmd SDWAN device. |
|
|
cEdge experiences an unexpected reboot due to NAT in the data-plane after a policy push |
|
|
v1718/polaris: flapping nat will casue bfd session down with ipsec session shown. |
|
|
BFD SD-WAN PMTUD: PMTU Converges Unexpectedly to 970 Bytes After dbg2:1 Event |
|
|
Router crashed in crypto library. |
Resolved Bugs for Cisco IOS XE 17.18.1a
|
Bug ID |
Description |
|---|---|
|
VFR is not dynamically disabled after ZBFW removal. |
|
|
Speed test download / Throughput issue on router seen with IPSEC ESP-NULL transform using Zscaler. |
|
|
SGW offline with SSH error Unable to open socket while establishing NETCONF session. |
Open Bugs for Cisco IOS XE 17.18.1a
|
Bug ID |
Description |
|---|---|
|
17.12 - keyman core files on router. |
ROMmon Release Requirements
For more information on ROMmon support for Route Processors (RPs), Embedded Services Processors (ESPs), Modular Interface Processors (MIPs), and Shared Port Adapter Interface Processors (SIPs) on Cisco ASR 1000 Series Aggregation Services Routers, see https://www.cisco.com/c/en/us/td/docs/routers/asr1000/rommon/asr1000-rommon-upg-guide.html.
Note |
After upgrading the ROMmon to version 17.3(1r), you cannot revert it to a version earlier than 17.3(1r) for the following platforms:
This restriction is only applicable for these platforms. If you have upgraded to ROMmon version 17.3(1r) on any other platform, reverting to an earlier version of ROMmon is permitted and does not cause any technical issues. |
Related Documentation
Communications, Services, and Additional Information
-
To receive timely, relevant information from Cisco, sign up at Cisco Profile Manager.
-
To get the business results you’re looking for with the technologies that matter, visit Cisco Services.
-
To submit a service request, visit Cisco Support.
-
To discover and browse secure, validated enterprise-class apps, products, solutions and services, visit Cisco DevNet.
-
To obtain general networking, training, and certification titles, visit Cisco Press.
-
To find warranty information for a specific product or product family, access Cisco Warranty Finder.
Cisco Bug Search Tool
Cisco Bug Search Tool (BST) is a web-based tool that acts as a gateway to the Cisco bug tracking system that maintains a comprehensive list of defects and vulnerabilities in Cisco products and software. BST provides you with detailed defect information about your products and software.
Documentation Feedback
To provide feedback about Cisco technical documentation, use the feedback form available in the right pane of every online document.
Troubleshooting
For the most up-to-date, detailed troubleshooting information, see the Cisco TAC website at https://www.cisco.com/en/US/support/index.html.
Go to Products by Category and choose your product from the list, or enter the name of your product. Look under Troubleshoot and Alerts to find information for the issue that you are experiencing.
Feedback