About Cisco ASR 1000 Series Aggregation Services Routers
The Cisco ASR 1000 Series Routers carry a modular yet integrated design, so network operators can increase their network capacity and services without a hardware upgrade. The routers are engineered for reliability and performance, with industry-leading advancements in silicon and security to help your business succeed in a digital world that's always on. The Cisco ASR 1000 Series is supported by the Cisco IOS XE Software, a modular operating system with modular packaging, feature velocity, and powerful resiliency. The series is well suited for enterprises experiencing explosive network traffic and network service providers needing to deliver high-performance services.
 Note |
For more information on the features and specifications of Cisco ASR 1000 Series Routers, refer to the Cisco ASR 1000 Series Routers datasheet. For information on the End-of-Life and End-of-Sale Announcements for Cisco ASR 1000 Series routers, refer to the ASR 1000 Series End-of-Life and End-of-Sale Notices. |
Note |
Cisco IOS XE Amsterdam 17.2.1r is the first release for Cisco ASR 1000 Series Aggregation Services Routers in the Cisco IOS XE Amsterdam 17.2.x release series. |
New and Enhanced Software Features for Cisco IOS XE Amsterdam 17.2.1r
New and Enhanced Features for Cisco IOS XE Amsterdam 17.2.1r
Note |
Cisco IOS XE Amsterdam 17.2.1r is the first release for Cisco ASR 1000 Series Aggregation Services Routers in the Cisco IOS XE Amsterdam 17.2.1 release series. |
Note |
When you upgrade from one IOS XE release to another, you may see |
-
eZPM Performance Improvement—The ezPM (easy performance monitor) introduces a performance improvement to the Application Performance profile for the following monitors:
-
application-client-server-stats
-
application-response-time
-
application-stats
-
media
-
url
The performance improvement is achieved by using the mode optimised command, which is enabled by default. If any other monitors are enabled, the performance improvement is automatically disabled.
-
-
6VPE over DMVPN with IPv6 Transport—This feature supports multi-tenant IPv6 LAN prefixes. You can create these prefixes using an IPv6 DMVPN transport over the IPv4 overlay neighborship.
-
MAG or customer-specific SLA Configuration—This feature lets you configure MAG and customer-specific SLA to enable or disable IP SLA probes for PMIPv6 multipath management. To change the IP SLA probe parameters, use the enable-sla command.
-
Install and Deploy Cisco IOS XE and Cisco IOS XE SD-WAN Functionality on Edge Router—This feature supports the use of a single universalk9 image to deploy Cisco IOS XE SD-WAN and Cisco IOS XE functionality on all the supported devices. This universalk9 image supports two modes - Autonomous mode (for IOS XE features) and controlled mode (for SD-WAN features).
-
Fail Close Revert Mode—This feature lets group members remove the downloaded key server policy when there is no rekey or the group member is not able to re-register to the key server, and therefore return to the fail close mode.
-
Partial Configuration on CPE—This feature supports use of Download RPC and Transfer Complete RPC to apply partial configuration on a CPE. It helps in the configuration of the CPE using download RPC method in CWMP instead of a manual configuration.
-
Enhanced VRF option for TCL socket—In this release, the -myvrf keyword is added to the fconfigure command. This command specifies the options in a channel and enables you to associate a VRF table name with it.
-
Support for configuring GRE in tunnel encapsulation mode —You can now configure a GRE tunnel in tunnel encapsulation mode in addition to the existing support for UDP tunnels.
-
MACSec on Port Channel—This feature lets you configure MACsec encryption support on port channels therefore increasing the security of the traffic.
-
Improving NAT 44 performance—This enhancement introduces ip nat settings high command that allows high connection set up rate for non-ALG NAT traffic.
-
VPN-ID in NetFlow exported packet—This feature helps in identification of VPN using the MPLS VPN-ID.
-
Ingress and Egress Accounting MIB—This feature allows the user to access all VxLAN accounting information in a single SNMP request.
-
DHCP unicast support on IOS-XE—This feature introduces support for unicast mode on DHCP. This helps with splitting the horizon therefore improving security of the network.
-
Block BGP Dynamic Neighbor Sessions—This feature allows you to block a router from establishing BGP dynamic neighbor sessions with certain nodes in a BGP peer group - these nodes are identified with their IP addresses. The ability to shut down or prevent the creation of BGP dynamic neighbor sessions is useful when a peer needs maintenance.
-
Support for Spoke Nodes as P Nodes in MPLS over DMVPN Phase 3—This feature helps you configure a spoke node as either a P node or PE node in an MPLS over DMVPN deployment. To configure the spoke node, MP-BGP redistributes the route or label information between the spoke node and a PE node behind it.
-
LISP Support for TCP Authentication Option—This feature helps you configure TCP Authentication Option (TCP AO) to prevent spoofed TCP segments in the sessions between an ETR and an MS.
-
EBGP Route Propagation without Policies— This feature helps you configure an EBGP router to not propagate routes to and from an EBGP neighbor, when at least one inbound and one outbound policy are not configured for the neighbor.
-
Debug commands for PIM and VRF — This release introduces debug commands for VRF (debug condition vrf) and PIM (debug ip pim)details. The debug condition vrf command lets you limit the debug output to a specific virtual routing and forwarding (VRF) instance. The debug ip pim command displays PIM packets received and transmitted, as well as PIM related events.
-
CUBE: Fax detect for IP-IP flows on IOS XE platform — This release introduces support for fax detection for SIP calls and transfer on Cisco IOS XE platforms.
-
gNMI Protocol— This release introduces support for gNMI protocol on ASR 1000 routers.
New Hardware Supported for Cisco IOS XE Amsterdam 17.2.1r
-
ESP-100X and ESP-200X—Cisco ASR 1000 ESP100-X and ESP-200X are QFP-based embedded services processors for the Cisco ASR1000 Series Routers. These ESP's are based on third-generation QFP ASIC. The ESP100-X contains one, third-generation QFP ASIC and the ESP200-X contains two, third-generation QFP ASIC.
Resolved and Open Bugs for Cisco IOS XE Amsterdam 17.2.1r
Resolved Bugs for Cisco IOS XE Amsterdam 17.2.1r
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.
|
Caveat ID Number |
Description |
|---|---|
|
enable platform ipsec control plane conditional debug might cause FP/QFP IPsec outbound SA leak |
|
|
Ucode crash in infra with injected jumbo packet |
|
|
C1111-4P doesn't restart authentication for "clear authen session" if "authen open" the port |
|
|
CLI "config-exchange request" for any ikev2 profile has inconsistent behavior between IOS and confd |
|
|
Crash after executing "show archive config differences" |
|
|
freed rpi_parent is hit when deleting parent route by route update event |
|
|
Router crashes with ZBF HA sync. |
|
|
QoS configuration download failed when device reloading |
|
|
FlexVPN with password encryption -- after primary key change password in profile is not working |
|
|
getvpn suiteb:KS sends delete payload to gm's while scheduled rekey after primary KS dead/readded |
|
|
NHRP process crash on using same tunnel address on multiple spokes |
|
|
ASR1k crash in NAT code when processing PPTP traffic |
|
|
Passive FTP will fail when going over NAT and either client or server are off a SM-X-ES3 |
|
|
Gi0/0/0 interface stays up/up and LED green after cable removed |
|
|
ASR1000-RP3: Punt Keepalive Failure (Punt LINK DOWN) or RP FREEZE |
|
|
ISR4451-X / 16.09.01 / Crash when IPSEC SA installation fails |
|
|
Crashes when trying to bring-up / bring-down IPsec crypto session for OSPFv3 |
|
|
Unrecoverable Error with PVDM in 0/4 and Thule+dreamliner in 1/0 on ISR4300 |
|
|
incorrect Total number of translations on show ip nat translations |
|
|
Punt fragment crash when receive EoGRE packets which have many fragments |
|
|
IOS PKI | Intermittently SubCA fails to rollover |
|
|
NAT translation table is removed before IKE SA deleted when idle timeout occur |
|
|
ISR4K Router CPP ucode Crash due IPv4 Fragmented packets |
|
|
vManage push "media-type rj45" when trying to configure duplex on ISR1k |
|
|
ASR1K/ISR4K Calls fade to no-way audio due to media inactivity detection after 20 minutes |
|
|
High memory utilization under "ezman" due to excessive parity error logging |
|
|
qfp ucode crash with media monitor |
|
|
When user cancel Call Forward All from the analog phone, user can't hear the confirmation tone |
|
|
keyman_rp Memory Leak |
|
|
Crash due to NBAR classification |
|
|
ASR1000-RP2/ASR1000-RP3: OIR after clock set doesn't save the time in RTC |
|
|
ASR1k - Egress byte count is innacurate |
|
|
GETVPN gikev2 Secondary KS doesn't push new policy after merging split condition |
|
|
Router may crash unexpectedly with Segmentation fault(11), Process = DSMP |
|
|
IPSEC install failed IPSEC_PAL_SA shows "unexpected number of parents" |
|
|
FMAN crashed after firewall reconfiguration |
|
|
Umbrella local domain bypass list is not programmed to DP, FMFP-3-OBJ_DWNLD_TO_DP_FAILED |
|
|
ASR1K DSP MIB cdspTotalChannels not responding |
|
|
ESP ucode crashed when running NAT with bpa (CGN) |
|
|
Device becomes unresponsive when configuring l2vpn context |
|
|
MGCP Calls with SRTP fail to connect with Cause Value=47 due to T.38 calls |
|
|
GetVPN-ISR4461// Getvpn traffic is failing with Transport mode with all the versions. |
|
|
ISR1K: dot1q-tunneling ports broadcast unknown unicast traffic to all other local switch ports |
|
|
ISR4k : Crash seen at Process Exec |
|
|
ISR4461: Large un-fragmented IPSEC packets cause router to crash |
|
|
CFT crashed frequently |
|
|
NIM interfaces go into shutdown after router bootup. |
|
|
C9800:ISSU: wncd crash@ crypto_engine_pk_crypto during ISSU downgrade scenario |
|
|
IOS-XE crash after doing a SCEP enrollment |
|
|
ISR 4K router crash during updating the OpenDNS bypass whitelist |
|
|
MKA session up but unable to pass data across link using AES-256-XPN cipher |
|
|
%IOSXE-3-PLATFORM: R0/0: kernel: DMA: Out of SW-IOMMU space |
|
|
Process = Exec crash seen on dmap longevity testbed with clear cry sa peer several times |
|
|
ESP40 crash in CGN mode after apply "ip nat setting mode cgn" and "no shut" interface |
|
|
Portchannel stats not working on ASR1002-HX |
|
|
Crash triggered with IPv6, IPv4, PPPoE, PortChannel and NAT |
|
|
ASR1K OTV: Incorrect MAC address count on EFP/BD QFP stats |
|
|
IWAN High CPU and Memory |
|
|
C1111X-8P Sku tagged to 4P software tag incorrectly |
|
|
IWAN crash related to DCA channel |
|
|
Standby RP2 crashes on ASR1009-X due to bulk sync in l2fib. |
|
|
ASR1K ucode crash after too many locks in ZBF pair setup |
|
|
ALG with NAT trigger a crash when a DNS writeback occurs |
|
|
Connect message is never forwarded to the calling side |
|
|
ASR1k: Unicast DHCPREQUEST dropped when received on a EoGRE tunnel configured with VRF |
Open Bugs for Cisco IOS XE Amsterdam 17.2.1r
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
|
Caveat ID Number |
Description |
|---|---|
|
PfRv3: Crash while Printing the Same TCA Message |
|
|
Performance Monitor crash |
|
|
Crash observed in QFP in ASR1001-X running 16.06.05 when GPM is running low |
|
|
Virtual address not reachable: "mac:0000:0c07:xxxx download to DP failed" for HSRP / VRRP over BDI. |
|
|
SRTP-RTP Crash on ASR with GCM Ciphers |
Resolved and Open Bugs for Cisco IOS XE Amsterdam 17.2.2
Resolved Bugs for Cisco IOS XE Amsterdam 17.2.2
All resolved bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.
|
Caveat ID Number |
Description |
|---|---|
|
SPA modules on ASR1002-X/ASR1001-X does not get recognized under show platform |
|
|
PfRv3: Crash while Printing the Same TCA Message |
|
|
Router crashes after adding macsec reply-protection command on an interface |
|
|
Performance Monitor crash |
|
|
Update "bandwidth remaining percent" doesn't take effective reliably on datapath |
|
|
vManage should be able to work with cEdge banners in the same way as with vEdges |
|
|
ping is not working on port-channel after router reload |
|
|
Memory leak in CC-API_VCM and CCSIP_SPI_CONTROL |
|
|
Enabling Telemetry can cause router to crash. |
|
|
SRTP - RTP Crash on ASR with GCM Ciphers |
|
|
crash with shared-line command |
|
|
Random IPSEC drops on ESP200 with esp-gcm transform set |
|
|
Ping fails on hundred gig primary interface with FRR configured though MPLS traffic is not impacted |
|
|
CUBE DNS cache clear should be limited only to the matched connection id |
|
|
Template push fails when enabling ipv4 addr family on BGP ipv4 neighbor |
|
|
Crash when removing interface not running isis but has isis config |
|
|
ASR 1000 : OIR after clock set doesn't save the time in RTC(recommit of CSCvr27554) |
|
|
Interface does down when "l2vpn xconnect" command is removed |
|
|
bgp crash @ bgp_db_ipstr2address when get bgp neighbor via bgp-oper yang |
|
|
16.12.3 ZBFW-Mismatch in firewall stats between the device and vmanage |
|
|
Unable to detach device from Integration Management |
|
|
IOS XE SDWAN routers experience slow memory leak over time in 'ncsshd' process |
|
|
Existing configuration on a cEdge could not be modified by a new template |
|
|
Router crash when doing 'show bgp ipv6 unicast summary' |
|
|
ASR 1000 crash at SSS manager sss_info_get_next_elem() |
|
|
Stackwise Virtual FMAN-RP IPC channel stuck (paused) |
|
|
unexpected reload in CPP ucode forced by nat 514 . |
|
|
MACsec 128/256 XPN on 40g/100g, stop passing traffic for one of AN and interface link flap seen |
|
|
Virtual address not reachable: "mac:0000:0c07:xxxx download to DP failed" for HSRP / VRRP over BDI. |
|
|
SNMP TIMETICKS difference between sysUpTime vs ipslaEtherJAggStatsStartTimeId |
|
|
Omp-tag is not being set via route-map configuration under bgp |
|
|
Traffic is not getting optimized and it goes as PT connections on CSR router reload in 17.2.1 |
|
|
BGP config does not rollback if template push errors out |
|
|
Leaf sends packets to a wrong BVI MAC of ASR GOLF routers |
|
|
L2VPN Crash @ Process = XC Mgr |
|
|
Incorrect CEF programming for local SVI |
|
|
VPLS:MAC learning not happening on SSO |
|
|
1731: ODN Policy for Global prefix still UP even after withdrawing global routes |
|
|
FlexVPN IKEv2 Tunnel route removed after establishing new IKEv2 SA to another peer |
|
|
Object (IPv6 ACL ) stuck in forwarding data plane. No ipv6 traffic goes towards the upstream router |
|
|
missing/corrupt IOS-XE PKSC10 format |
|
|
Cert validation failures seen for traffic after template push with SSL |
|
|
Crash due to "Crimson flush transactions Process" |
|
|
Code review: Just fire assert when we reach limit of counter |
|
|
Incorrect Source IP when resolving DNS |
|
|
IOS-XE device crashed with CGD shared memory corruption freed by FMAN-FP |
|
|
CRC increasing on down int Te0/0/20 |
|
|
Incorrect CEF entry for LISP action signal-fwd |
|
|
BGP communities: changes to route-map which sets BGP communities discards existing communities |
|
|
RP3/ESP100/X: Traffic loss of over 1s at FP switchover (plain ipv4) |
|
|
RAR: PADG and PADC are not being consumed properly. PPPoE session statistics are not matching. |
|
|
vManage FW dashboard doesn't show all matched applications |
|
|
Keepalive CLI needs to be unhidden for GRE tunnel |
|
|
RSP3: BGP crash seen on Stand by router when 100 BGP sessions are established. |
|
|
Some qos config lost during upgrade to 17.02 |
|
|
Punt-Keepalive crash with lsmpi_lo_drv and container app traffic. |
|
|
Complete Traffic drop seen on Head Node Post configuring Binding SID on PFP Policy |
|
|
Packets are not dropped as expected in selfzone to zone vpn 0 firewall config |
|
|
Router crashes frequently on NBAR |
|
|
Crash on configuring a highest key identifier for OSPF authentication under an interface |
|
|
Traffic drop from branch overlay ping to service side without zp vpn1 to vpn1 when FW & IPS enabled |
|
|
Evaluation of CVE-2020-10188 - Cisco IOS XE Persistent Telnet |
|
|
SDWAN router ASR1001-X crashes when object-group service configuration is added |
|
|
LSP Checksum error when default-info originate is configured |
|
|
CUBE Segmentation Fault @ sipSPIFreeOneSCB due to corrupt ccb |
|
|
Template push error due to NAT-MIB process helper traceback/warm restart |
|
|
Snort initiate reset and Failed to load - Real websites in Browser |
|
|
CUBE router crashed due to memory corruption in subscription control block |
|
|
ASR1001-X: Issue a cpld reset instead of reboot in kcrash |
|
|
Memory leak 'Admin group' with some triggers in ISIS |
|
|
RSVP TE is not working for broadcast interfaces due to CSCvu94532 |
|
|
Removing and Adding Bulk ACL leads to Tracebacks and Error-Objects |
Open Bugs for Cisco IOS XE Amsterdam 17.2.2
All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.
|
Caveat ID Number |
Description |
|---|---|
|
DHCP Server configuration inn Vmanage Template for a Cedge change order of the DNS servers |
|
|
Unexpected Reload due to Sessmgr |
|
|
ASR1002-X ESP crash in multikey_hash_ager_tw_timer_to() |
|
|
IWAN routers ISR4K unexpected reload multiple times |
|
|
Unexpected Reload in Device Classifier Code due to Segmentation Fault |
|
|
Controller crashes when FNF is configured under physical interface |
|
|
Controller crashes when FNF is configured under physical/port-channel interface |
|
|
Crash in sre_dp_traverse_dfa_legacy as SIP invite messages crosses a GRE Tunnel |
|
|
Remote EID space prefix not installed in CEF when overlapping prefix exists as Local EID |
|
|
Reload: IOS-XE router crashing due to DN mismatch |
|
|
ASR 1002-HX crashes due to stuck threads. |
|
|
Crash after flexible netflow cache cleanup |
|
|
Sup crashed with cpp-bqs fatal |
ROMmon Release Requirements
For more information on ROMmon support for Route Processors (RPs), Embedded Services Processors (ESPs), Modular Interface Processors (MIPs), and Shared Port Adapter Interface Processors (SIPs) on Cisco ASR 1000 Series Aggregation Services Routers, see https://www.cisco.com/c/en/us/td/docs/routers/asr1000/rommon/asr1000-rommon-upg-guide.html
Related Documentation
-
Release Notes for Previous Versions of ASR 1000 Series Aggregation Services Routers
-
Hardware Guides for Cisco ASR 1000 Series Aggregation Services Routers
-
Configuration Guides for ASR 1000 Series Aggregation Services Routers
-
Command Reference Guides for ASR 1000 Series Aggregation Services Routers
-
Product Landing Page for ASR 1000 Series Aggregation Services Routers
-
Upgrading Field Programmable Hardware Devices for Cisco ASR 1000 Series Routers
-
Cisco ASR 1000 Series Aggregation Services Routers ROMmon Upgrade Guide
Feedback