Release Notes for Cisco IOS XRv 9000 Routers, IOS XR Release 26.2.1
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- US/Canada 800-553-2447
- Worldwide Support Phone Numbers
- All Tools
Feedback
Feedback
Cisco XRv 9000 Routers, IOS XR Release 26.2.1
Cisco XRv 9000 Routers, IOS XR Release 26.2.1
There are no new software features introduced in this release.
● Removal of Model-driven CLI Commands:
Starting from Cisco IOS-XR software release 26.2.1, the Model-driven CLI specifically the show YANG operational data commands have been removed.
● SNMP Traps Dropped in the Buffer Queue:
Starting with IOS-XR software release 24.1.2, SNMP traps will be dropped from the trap queue during the first five minutes after configuring a new NMS server or after a device reload.
o This issue is observed on all current releases of the Cisco IOS XR routers running IOS XR Release 24.1.2.
The defect applies only to NMS servers that are located behind a firewall or within a security network where ICMP packets are blocked.
● Updated Command Syntax and Usage Guidelines
As an enhancement to the show cef commands, the internal, brief, and hardware keywords have been removed from these commands:
o show cef unresolved
o show cef ipv6 linklocal unresolved
The internal and brief keywords have been removed from these commands:
· show cef mpls unresolved
· show cef mpls local-label
Exceptions
This command retains support for the internal and brief keywords when a specific prefix is provided: show cef unresolved <prefix>
Usage Constraints for show cef mpls: When executing any command beginning with show cef mpls, you may use only one of these keywords at a time: brief, detail, or internal
Note: The exception mentioned above applies: if the command includes unresolved or local-label, the internal and brief keywords are explicitly blocked.
● Change in forwarding information base manager identifier reporting:
Previously, all forwarding information base manager (fib_mgr) instances across different locations—such as the Route Processor (RP) and Line Cards (LCs)—shared the same identifier, fib_mgr. Consequently, the show command output displayed only a single entry for application fib_mgr.
With this update, each fib_mgr instance is assigned a unique identifier corresponding to its specific location. As a result, the show route afi-all summary command now lists all instances individually. For example, the output will display fib_mgr for the RP and FIB node0_3_CPU0 for the LC located at node0_3_CPU0.
● Manual Remediation of Forward-Referenced SRLG Interfaces:
The existing Shared Risk Link Groups (SRLG) feature allows configuring SRLG values on interfaces that do not yet exist (forward-reference interfaces). These configurations appear in the output of the show srlg command. To avoid inconsistencies, manually remove all SRLG configurations related to non-existent or forward-referenced interfaces. This manual cleanup is essential to maintain system consistency and prevent misleading information in the SRLG display.
● Enhanced MPLS interface activation for IS-IS address-family lifecycle events:
Starting with Cisco IOS XR Release 26.2.1, IS-IS enables or disables MPLS on an interface when the first or last MPLS-enabled address family is created or deleted, instead of waiting for operational UP or DOWN state transitions. Previously, MPLS state changes occurred only during interface shutdown or link-down events. With this enhancement, MPLS state updates now also occur when the interface configuration is removed at the root level or when the last IPv4 or IPv6 address associated with an MPLS-enabled address family is removed from the interface.
● MPLS-TE tunnel event history for insufficient bandwidth events:
Starting with Cisco IOS XR Release 26.2.1, MPLS-TE tunnel events for insufficient bandwidth conditions are recorded in the tunnel event history. Previously, when a tunnel failed to reoptimize because the requested bandwidth was unavailable, the router generated syslog messages, but the event was not shown in the show mpls traffic-eng event-history tunnels output. This update adds a tunnel event for insufficient bandwidth so that you can review historical bandwidth-demand failures for debugging and capacity planning.
● Mandatory LDAP TLS Validation:
LDAP server certificate validation for TLS connections is now enabled by default. Unlike previous versions that skipped validation when no trustpoint was defined, the current implementation mandates the use of a configured ldaps trustpoint to establish a secure connection. If this trustpoint is absent, the connection is automatically rejected, ensuring that all LDAP traffic is strictly authenticated and verified.
These behaviors apply based on the configuration of the ldaps trustpoint:
· No trustpoint configured: The TLS connection to the LDAP server is rejected by the router.
· CA certificate only: The router uses the configured CA certificate to validate the LDAP server's certificate; the connection is established only upon successful validation.
· CA and client certificate configured: The router uses the CA certificate to validate the server's certificate while presenting the client certificate to satisfy mTLS requirements; the connection is established only if both validation checks pass.
● MACsec Licensing Tier Update:
Effective with Cisco IOS XR Software Release 26.2.1, MACsec on Cisco IOS XR routers utilizing the FCM 2.0 Access licensing model now requires the Advantage tier instead of the Premier tier. When MACsec is enabled on a physical interface, the interface bandwidth triggers Right-to-Use (RTU) consumption for the Access Advantage tier, calculated in 10G increments. This license consumption is reclaimed once the MACsec configuration is removed, or the interface is shut down.
● Deprecated Security Algorithms:
Starting Cisco IOS XR Release 26.2.1, the 3DES-CBC cipher and Diffie-Hellman Group 1 SHA1 key exchange are insecure and deprecated. You will see syslog warning messages for deprecated commands.
● Change in show media CLI output:
The directory path previously shown as /var/lib/docker now appears as apphost in the show media CLI output. This change enhances clarity for users managing third-party applications and Docker containers. It also accurately reflects the directory’s role within the Cisco IOS XR application hosting architecture.
● A deprecation notice is shown when you run the show tech-support netconf command.
● Starting Cisco IOS XR Release 26.2.1, you can set the ipv6 nd ns-interval value to less than 60 seconds on these virtual interfaces:
· Bundle Ethernet interfaces
· BVI interfaces
· Pseudowire Ethernet interfaces
● NACM show command visibility improvements:
Starting from Release 26.2.1, you get better visibility of NACM rules and groups in show nacm command outputs when dynamic NACM is used. This enhancement improves how information is displayed without changing existing functionality, ensuring NACM rules continue to operate as before.
● Enhancing BGP Routing Security:
You improve BGP routing security by enabling RPKI origin validation for both outbound advertisements and iBGP peer routes. This feature ensures only prefixes with valid or not-found ROA status are sent, while invalid prefixes are filtered, maintaining consistent and compliant routing across your network.
● Enhanced syslog reporting for discard-extra-paths limits:
Starting in Release 26.2.1, syslog notifications for the discard-extra-paths limit have been enhanced to provide per-neighbor and per-address-family reporting. This replaces the previous global notification behavior, which applied a 5-minute rate limit across the entire BGP process. The updated notifications are rate-limited to 30 seconds and reset automatically if the neighbor session flaps.
Open issues
There are no open issues in this release.
There are no known issues in this release.
Appliance model
Cisco IOS XRv 9000 Appliance is the pre-installed Cisco IOS XRv 9000 Router software that is sent from the factory on a bare metal UCS server hardware. It supports hyper scalability as it can scale to 70 million route prefixes when run as a Virtual Route Reflector. Therefore, the extra layer of software (hypervisor) is not required.
The Appliance also supports Zero Touch Provisioning (ZTP) which allows easier insertion into existing networks.
Table 1. Specification of the Cisco XRv 9000 Appliance
| Parameters |
Supported |
| Form Factor |
1 RU |
| Processor |
5th Gen Intel Xeon Scalable processor Intel(R) Xeon(R) Gold 5520+ 2.2GHz/205W 28C/52.5MB DDR5 4800MT/s |
| 4th Gen Intel Xeon Scalable processor Intel I5420+ 2GHz/205W 28C/52.5MB DDR5 4400MT/s |
|
| Memory size |
128GB (8x16GB DDR5-4800 RDIMM 1Rx8) |
| Internal storage |
480GB M.2 Boot SATA Intel SSD |
| Software version |
Cisco IOS-XR version 24.4.2 and later |
| Firmware version |
BIOS version: C220M7.6.0.1a.0_XRV9K CIMC/BMC version: 6.0(1.250129) |
| Physical NICs |
25G Model: Cisco-Intel E810XXVDA4L 4x25/10 GbE SFP28 PCIe 100G Model: Cisco-MLNX MCX623106AS-CDAT 2x100GbE QSFP56 PCIe Cisco-MLNX MCX623106AS-CDAT 2x100GbE QSFP56 PCIe |
Hypervisors
A hypervisor enables multiple operating systems to share a single hardware host machine. While each operating system appears to have the dedicated use of the host's processor, memory, and other resources; the hypervisor controls and allocates only needed resources to each operating system and ensures that the operating systems (VMs) do not disrupt each other.
Installation of the Cisco IOS XRv 9000 Router is supported on selected Type 1 (native, bare metal) hypervisors. Installation is not supported on Type 2 (hosted) hypervisors, such as VMware Fusion, VMware Player, or Virtual Box. The following table lists release specific supported hypervisor versions.
Table 2. Support Matrix for Hypervisor Versions
| Cisco IOS XR Version |
VMWare ESXi |
Kernel Based Virtual Machine (KVM) |
| Release 26.2.1 |
Version 8.0 |
Linux KVM based on Red Hat Enterprise Linux 8.10 and 9.6 |
Virtual machines
Cisco IOS XRv 9000 Router virtual machines must meet the following requirements:
Table 3. VM Requirement for VMware Environment
| Parameters |
Supported |
| VMware ESXi |
Version 8.0 |
| Virtual CPU cores |
1 socket with a minimum of 4 cores Note: For multicast heavy deployments we recommend configuring 8 cores (with 4 assigned for control plane and 4 assigned for data plane). Note: For production environment minimum of 4 cores is recommended. |
| Virtual Machine memory size |
24GB minimum for VRR, recommended to increase as per VM and scale requirements |
| Virtual Machine hard disk size |
64GB minimum for vPE and vRR image variants |
| Virtual Interfaces |
● E1000
● VMXNET3 for traffic interfaces only
|
| Physical NICs |
For pass-through:
● Intel X710, XXV710
● Mellanox ConnectX 6
SR-IOV supported for:
● Intel E810 XXV, E810 C
● Intel X710, XXV710
|
| Number of interfaces |
Maximum of 11 NICs where:
● 1 for management
● 2 are reserved
● 8 for traffic
|
| Default video, SCSI controller set |
Required SCSI controller not required for IDE disk. |
| Virtual CD/DVD drive installed |
Virtual CD/DVD is required when installing the Cisco IOS XRv 9000 Router on the VM using ISO template. |
| IDE hard disk |
Single IDE hard disk Note: Multiple hard disk drives on a VM are not supported. |
Firmware update available for UCS M7 appliance (xrv9k-ucs-c220m7-huu-container-6.0.1.250127.tar.gz)
A firmware update package, xrv9k-ucs-c220m7-huu-container-6.0.1.250127.tar.gz, is now available for the UCS M7 appliance. This package includes firmware for both the CIMC and BIOS.
The SHA256SUM checksum for the package is: 5a7b409b58003f3b298227b6d3cc83325f0b3b0b4ef2181553209f4df942048e
The SHA256SUM checksum for the CIMC and BIOS binaries are:
● bios.pkg 5567aea1a085dd1e8300be692639fbad01f792d6aed39a5a7bad1e162673a031
● cimc.bin b5bace7d6126de3196057b08aa54391c2a178d3e7532ce62ef1c6803dfd75aec
For detailed instructions on extracting and installing the firmware, please refer to the documentation at Firmware Files.
Optics support
Table 4. Optics support for the XRv 9000 Routers
| Product |
Product Code |
Product Recommendation |
| Cisco 100GBASE LR4 QSFP Transceiver, LC, 10km over SMF |
Cisco QSFP-100G-LR4-S |
XRv9000 Appliance with UCS-C220 M7 server, 2X100G |
| Cisco 100GBASE SR4 QSFP Transceiver, MPO, 100m over OM4 MMF |
Cisco QSFP-100G-SR4-S |
|
| Cisco 10GBASE SFP+, Short Range |
Cisco SFP-10G-SR |
XRv9000 Appliance with UCS-C220 M7 server - 4X10/25G |
| Cisco 10GBASE SFP+, Long Range |
Cisco SFP-10G-LR |
Table 5. Related resources
| Resource |
Description |
| Provides access to Cisco product documentation for checking feature support details. |
|
| Allows searching by release number, error strings, or comparing release numbers to view a detailed repository of error messages and descriptions. |
|
| Allows selecting the MIB of your choice from a drop-down to explore an extensive repository of MIB information. |
|
| Provides CDC documentation for Cisco XRv 9000 routers. |
|
| Outlines the features currently supported by each operating system.
|
|
| Provides a list of insecure features and protocols that are scheduled for systematic deprecation and eventual removal from specified Cisco products.
|
|
| Details the reasons why certain features or protocols are deemed insecure and offers secure alternatives when available. |
|
| Provides a general guide in case of upgrading IOS XR routers or new deployments that involve IOS XR routers. |
|
| Provides information about Smart Licensing Using Policy solutions and their deployment on IOS XR routers. |
|
| Allows searching by product family, product ID, data rate, reach, cable type, or form factor to determine the transceivers that Cisco hardware device supports. |
|
| Provides yang data models introduced and enhanced in every IOS XR release. |
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2026 Cisco Systems, Inc. All rights reserved.