About Cisco Catalyst 8300 Series Edge Platforms
The Cisco Catalyst 8300 Series Edge Platforms are best-of-breed, 5G-ready, cloud edge platforms designed for accelerated services, multi-layer security, cloud-native agility, and edge intelligence to accelerate your journey to cloud.
Cisco Catalyst 8300 Series Edge Platforms with Cisco IOS XE SD-WAN Software deliver Cisco’s secure, cloud-scale SD-WAN solution for the branch. The Cisco Catalyst 8300 Series Edge Platforms is built for high performance and integrated SD-WAN Services along with flexibility to deliver security and networking services together from the cloud or on premises. It provides higher WAN port density and a redundant power supply capability. The Cisco Catalyst 8300 Series Edge Platforms have a wide variety of interface options to choose from—ranging from lower and higher module density with backward compatibility to a variety of existing WAN, LAN, voice, and compute modules. Powered by Cisco IOS XE, fully programmable software architecture, and API support, these platforms can facilitate automation at scale to achieve zero-touch IT capability while migrating workloads to the cloud. The Cisco Catalyst 8300 Series Edge Platforms also come with Trustworthy Solutions 2.0 infrastructure that secures the platforms against threats and vulnerabilities with integrity verification and remediation of threats.
The Cisco Catalyst 8300 Series Edge Platforms are well suited for medium-sized and large enterprise branch offices for high WAN IPSec performance with integrated SD-WAN services.
For more information on the features and specifications of Cisco Catalyst 8300 Series Edge Platforms, refer to the Cisco Catalyst 8300 Series Edge platforms datasheet.
![]() Note |
Sections in this documentation apply to all models of Cisco Catalyst 8300 Series Edge Platforms unless a reference to a specific model is made explicitly. |
![]() Note |
Starting with Cisco IOS XE Amsterdam 17.3.2, with the introduction of Smart Licensing Using Policy, even if you configure a hostname for a product instance or device, only the Unique Device Identifier (UDI) is displayed. This change in the display can be observed in all licensing utilities and user interfaces where the hostname was displayed in earlier releases. It does not affect any licensing functionality. There is no workaround for this limitation. The licensing utilities and user interfaces that are affected by this limitation include only the following:
|
![]() Note |
Cisco IOS XE Bengaluru 17.4.1a is the first release for Cisco Catalyst 8300 Series Edge Platforms. |
Hardware and Software Features-New and Enhanced
New and Changed Hardware Features
New Hardware Features
-
Cisco Catalyst 8300 Series Edge Platforms are available in these models:
-
C8300-1N1S-4T2X
-
C8300-1N1S-6T
-
C8300-2N2S-4T2X
-
C8300-2N2S-6T
![]() Note |
N=Network Interface Modue, S=Services Module, and T=Gigabit Ethernet, X=Ten Gigabit |
For information on the hardware features supported on the Cisco Catalyst 8300 Series Edge Platforms, refer to the Cisco Catalyst 8300 Series Edge Platforms datasheet.
-
NIM-PVDM is the next-generation digital signal processor (DSP) module to utilize a PVDM4 chip for IP media services. This module enables the Catalyst 8300 Series Edge platforms to provide rich-media capabilities, such as high-density voice connectivity, conferencing, transcoding, media optimization, transrating, and secure voice for Cisco Unified Communications solutions
For information on the hardware features supported on the NIM-PVDM, refer to the Cisco Packet Voice Digital Signal Processor Modules for Cisco Unified Communications Solutions datasheet.
New and Changed Software Features
This section enlists the new and enhanced or modified features that are supported on the Cisco Catalyst 8300 Series Edge Platforms:
Feature Navigator
You can use Cisco Feature Navigator (CFN) to find information about the software features, platform, and software image support on Cisco Catalyst 8300 Series Edge Platforms. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn.
![]() Note |
To access CFN, you do not require an account on cisco.com. |
Software Features
Smart Licensing Using Policy: An enhanced version of Smart Licensing, with the overarching objective of providing a licensing solution that does not interrupt the operations of your network, rather, one that enables a compliance relationship to account for the hardware and software licenses you purchase and use.
With this licensing model, you do not have to complete any licensing-specific operations, such as registering or generating keys before you start using the software and the licenses that are tied to it. Only export-controlled and enforced licenses require Cisco authorization. License usage is recorded on your device with timestamps and the required workflows can be completed at a later date.
Multiple options are available for license usage reporting – this depends on the topology you implement. You can use the Cisco Smart Licensing Utility (CSLU) Windows application, or report usage information directly to CSSM. A provision for offline reporting for air-gapped networks, where you download usage information and upload to CSSM, is also available.
Starting with this release, Smart Licensing Using Policy is automatically enabled on the device. This is also the case when you upgrade to this release. By default, your Smart Account and Virtual Account in CSSM is enabled for Smart Licensing Using Policy.
For conceptual, configuration, migration, and troubleshooting information for Smart Licensing Using Policy, see Cisco 8300 Series Software Configuration guide.
For a more detailed overview on Cisco Licensing, go to https://cisco.com/go/licensingguide.
Feature |
Description |
||
---|---|---|---|
This feature utilizes Posture Assessment capabilites to validate the compliance of endpoints according to security policies of your enterprise. Identity Services Engine (ISE) Posture functions are integrated into Cisco 1100 Integrated Services Routers. Change of Authorization (CoA) provides a mechanism to change the attributes of an authentication,authorization, and accounting (AAA) session after it is authenticated. Identity-Based Networking Services supports change of authorization (CoA) commands for session query,reauthentication, and termination, port bounce and port shutdown, and service template activation and deactivation |
|||
This feature has enhanced capabilities of IP SLA device tracking with HTTPS probes and helps to verify reachability in the network. |
|||
Cisco Catalyst Cellular Gateways combine the latest in cellular technology with deployment flexibility, investment protection, and ease of management, with both traditional and SD-WAN deployments. |
|||
To classify the data packets, enable NBAR FIA-trace data on the Ethernet flow point (EFP) interface. Quality of service (QoS) takes action on the EPF interface based on the results from the NBAR traffic classification. |
|||
The BGP large communities provide the capability for tagging routes and modifying BGP routing policy on routers. BGP large communities can be appended or removed selectively on the large community attribute as the route travels from router to router. |
|||
With the introduction of the dev-key install functionality, a subset of Cisco IOS XE platforms that support dev-key functionality are shipped only with a release public key.
|
|||
This feature enables hardware timestamping. The Performance Measurement (PM) for link delay uses the light version of Two-Way Active Measurement Protocol (TWAMP) over IP and UDP |
|||
You can now configure the same global address within the static NAT and static PAT. This configuration is supported only on outside static NAT. |
|||
Static Network Address Translation (NAT) allows the user to configure one-to-one translations of the inside local addresses to the outside global addresses. A new keyword stateless is introduced for Cisco IOS XE static NAT configuration and it applies only to static NAT command. When the static mapping is set to stateless, no sessions will be created for that traffic flow. |
|||
Platforms allow limited flexibility on how services run on the service plane cores. Dynamic core allocation allows in-service upgrade of Services, which eliminates the inactivity of compute resources. But, this requires reboot of the system to let the changes take effect. |
Feature |
Description |
---|---|
Smart Licensing using Policy reports license usage periodically based on an account policy, rather than requesting licenses based on past usage as in previous releases. Evaluation mode and license reservation are not supported. License usage is reported to Smart Agent three minutes after the last configuration change. Now all the devices within a network follow the uniform approach of reporting their license usage to Smart Agent. The Smart Agent in turn creates a Resource Utilization Monitoring (RUM) report and dispatches to CSSM based on the Smart Agent reporting policy. |
|
With server groups, you can create simpler configurations by specifying a list of destination SIP servers for a single dial peer. When a call matches a dial peer that is configured with a server group, the destination is selected from the list of candidates based on a configured policy. If it is not possible to complete that call, the next candidate is selected. Alternatively, you can also choose to stop hunting through the group if a specified response code is received. If the call cannot be placed to any of the servers in the group, or hunting is stopped, call processing continues to the next preferred dial-peer. |
|
Smart Licensing using Policy reports license usage periodically based on an account policy, rather than requesting licenses based on past usage as in previous releases. Evaluation mode and license reservation are not supported. License usage is reported to Smart Agent three minutes after the last configuration change. Now all the devices within a network follow the uniform approach of reporting their license usage to Smart Agent. The Smart Agent in turn creates a Resource Utilization Monitoring (RUM) report and dispatches to CSSM based on the Smart Agent reporting policy. |
|
VoIP Trace is a Cisco Unified Border Element (CUBE) serviceability framework, which provides a binary trace facility for persistently monitoring and troubleshooting SIP call issues. The VoIP Trace framework records both successful and failed calls. All call trace data is stored in system memory. In addition, data for calls with IEC errors is written to the logging buffer. |
|
When establishing a call, CUBE allocates several RTP ports that are based on the media that are negotiated for the session. Some ports remain assigned even after the call ends. In the current behavior, show voip rtp statscommand displays only the ports allocated from the global table, even if the ports are allocated from all the three tables (Global port, media IP address-based, and media VRF-based). Now this command is enhanced to display the ports allocated from all the three tables. The command also displays the hung ports and allows you to release those ports. Releasing the hung ports increases the efficiency of the routers as more ports are available to receive calls. |
Cisco Catalyst 8300 Series Edge Platforms ROMmon Compatibility Matrix
The following table lists the ROMmon releases supported in Cisco IOS XE 17.3.x releases
Cisco IOS XE Release |
Minimum ROMmon Release Supported for IOS XE |
Recommended ROMmon Release Supported for IOS XE |
---|---|---|
17.3.1 |
17.3(1r) |
17.3(5r) |
Cisco IOS XE Release |
Minimum ROMmon Release Supported for IOS XE |
Recommended ROMmon Release Supported for IOS XE |
---|---|---|
17.3.1 |
17.3(1.2r) |
17.3(1.2r) |
Resolved and Open Caveats
About the Cisco Bug Search Tool
Use the Cisco Bug Search Tool to access open and resolved bugs for a release.
The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.
You can filter the search results by last modified date, bug status (open, resolved), severity, rating, and support cases.
Resolved Caveats in Cisco IOS XE Bengaluru 17.4.2
There are no resolved caveats in this release.
Open Caveats in Cisco IOS XE Bengaluru 17.4.2
Caveat ID Number |
Description |
---|---|
DDNS feature triggers crash on IOS XE 16.X and 17.X releases due to memory corruption. |
Resolved Bugs in Cisco IOS XE Bengaluru 17.4.1a
Caveat ID Number |
Description |
---|---|
Mishandling of dsmpSession pointer causes a crash |
|
IOS-XE device crashed with CGD shared memory corruption freed by FMAN-FP |
|
UTD policy on global VPN does not work properly for DIA traffic |
|
Performance monitor caused QoS miss classification |
|
Umbrella custom dns config not in sync between confd and ios |
|
IOS-XE MTP Fails to Interwork DTMF RFC2833 from Payload 100 to Payload 101 |
|
Crash due to a segmentation fault in the "IPsec background proc" process |
|
Calls going through T1 are rejected with "no dsps found" Analog/TDM Hairpin calls |
|
Packets are not dropped as expected in selfzone to zone vpn 0 firewall config |
|
%IP-4-DUPADDR: Duplicate address issue at NAT-HSRP ISR4k router |
|
Traffic drop from branch overlay ping to service side without zp vpn1 to vpn1 when FW & IPS enabled |
|
Curie : DP_Stuck is observed after reloading the NIM-VA-B module overnight |
|
PMAN-3-PROCFAIL: Chassis 1 R0/0: pman: R0/0: The process keyman has failed (rc 139) |
|
Template push error due to NAT-MIB process helper traceback/warm restart |
|
Huge amount of Crypto PKI RECV memory leaks keep increasing during clients' SCEP enrollments. |
|
Crash in sre_dp_traverse_dfa_legacy as SIP invite messages crosses a GRE Tunnel |
|
IOS-XE: IPv6 OSPF authentication ipsec - adjacency fails |
|
Netconf deleting wrong IKEv2 parameters |
|
ZBFW HA redundancy stuck in STANDBY-COLK-BULK. Bulksync Traceback seen in logs |
|
Removing and Adding Bulk ACL leads to Tracebacks and Error-Objects |
|
Crash due to a NULL pointer while bringing down PPPoE sessions. |
|
Memory Leak in MallocLite / Crypto IKMP |
|
Reload: IOS-XE router crashing due to DN mismatch |
|
Router may crash when using Stateful NAT64 |
|
Summary/default-map routes getting ignored for p2p interface |
|
"platform ipsec reassemble transit" tail-drops unencrypted IPv4 Fragments with specific payload |
|
LMR Unable to hear first seconds of audio |
|
During Soak run, lot of policy drops due to less CPS rate set on Thorium |
|
Curie 2RU Uranium: Make default filesystem format as ext4 on M2.NVMe |
|
C8300-1N1S-4T2X: QFP uCode crash @ ipv4_nat_create_out2in_session_entry with traffic soak |
|
PKTlog functionality is broken |
Open Caveats in Cisco IOS XE Bengaluru 17.4.1a
Caveat ID Number |
Description |
---|---|
SIM failover within the same modem takes long time to detect LTE network for AT&T |
|
IGMP snooping table not populated on ISR4k |
|
AppQoe Clear Alarm is not generated from device |
|
Observed HTX core at tcpproxy_libuinet_pkt_process during longevity test |
|
No responder-bytes from cEdge when UTD is enabled |
|
25G license tags is retained and throughput throttled after upgrade from 17.3.1 to 17.3.2 |
|
GETVPN: All GM will crash when Primary KS recovers its COOP role after network outage |
|
Passive FTP doesn't work with NAT |
|
crash observed at NHRP while using summary-map |
|
Unexpected reload in NHRP when access to an invalid memory region |
|
APPNAV CFT Crashes |
|
CPP ucode crash with fw_base_flow_create |
|
HSL Export over VASI Interface causes Netflow v9 Template Flooding |
|
unable to transfer 1500 byte IP packet when using BRI bundled Multilink |
|
crypto ikev2 proposals are not processed separately |
|
[SIT]: BFD sessions not established between Edges, with UTD enabled |
|
FlexVPN reactivate primary peer feature does not work with secondary peer tracking |
|
SDWAN ZBFW CPU punted traffic mishandling -- Out2In packet looped |
|
17.4 ZBFW:Classification of traffic not happening correctly sometimes when a rule in RS is edited. |
|
QFP crash in cpp_ess_tc_tgt_if_fm_edit_helper |
|
IPSec SA receives HMAC error" observed during the tunnel interface flap |