Network Convergence System 5000 Series Routers

The Network Convergence System 5000 Series offers a high-density, small-form-factor MPLS aggregation router for metro aggregation. It is designed to economically scale large enterprise, over-the-top (OTT), and service provider Data Center networking architectures.

The Cisco NCS 5000 Series is an extension to Cisco’s routing platform portfolio enabling Service Providers and MPLS enabled data center architectures to offer elastic networks with improved business agility and simplified operations to deliver high-bandwidth mobile, video, and cloud services.

The Cisco NCS 5000 series routers are small form factor dense aggregation systems. Powered by industry leading routing operation system, IOS-XR, the system also offers rich functions such as third party application hosting, machine-to-machine interface, telemetry and flexible package delivery.

What's New in Cisco IOS XR Release 7.7.1

New in Documentation

This release introduces rich and intuitive ways for you to access YANG data models supported in the Cisco IOS XR software.

Product Description

Cisco IOS XR Error Messages

Search by release number, error strings, or compare release numbers to view a detailed repository of error messages and descriptions.

Cisco IOS XR MIBs

Select the MIB of your choice from a drop-down to explore an extensive repository of MIB information.
YANG Data Models Navigator

We have launched the tool as an easy reference to view the Data Models (Native, Unified, OpenConfig) supported in IOS XR platforms and releases. You can explore the data model definitions, locate a specific model, and view the containers and their respective lists, leaves, leaf lists, Xpaths, and much more.

As we continue to enhance the tool, we would love to hear your feedback. You are welcome to drop us a note here.

Use Case-based Documentation at Learning Labs

You can now quickly explore and experiment on use-cases without setting up any hardware resources with the new Interactive documentation for Cisco 8000 routers on DevNet Learning Labs. Powered by Jupyter, the automated code blocks within the documentation enable you to configure the desired functionality on the routers and retrieve real-time output swiftly.

Check out the new interactive documentation here:

Software Features Enhanced and Introduced

To learn about features introduced in other Cisco IOS XR releases, select the release from the Documentation Landing Page.

Feature Description

Routing

Setting SPF interval in IS-IS to postpone the IS-IS SPF computations

You can now define a standard algorithm to postpone the IS-IS SPF computations by setting an SPF interval. This reduces the computational load and churn on IGP nodes when multiple temporally close network events trigger multiple SPF computations.

This algorithm also reduces the probability and the duration of transient forwarding loops during native IS-IS convergence when the protocol reacts to multiple temporally close events.

This feature complies with RFC 8405.

This feature introduces the spf-interval ietf command.

System Security

Non-Default SSH Port

We have enhanced the system security to minimize the automated attacks that may target the default Secure Socket Shell (SSH) port on your router. You can now specify a non-default port number for the SSH server on your router. The SSH, Secure Copy Protocol (SCP), and Secure File Transfer Protocol (SFTP) client services can then access your router only through this non-default port. The new port option also enables the SSH, SCP, and SFTP clients on your router to connect to SSH servers on the network that use a wide range of non-default port numbers. In earlier releases, these SSH, SCP, and SFTP connections were established through the default SSH port, 22. The non-default SSH port is supported only on SSH version 2.

The feature introduces the ssh server port command.

The feature modifies these commands to include the port option:

Password Policy to Restrict Consecutive Characters

We have enhanced the router security by enforcing a strong password policy for all users configured on the router. You can now specify a new password policy for the user that restricts the usage of a specific number of consecutive characters for the login passwords. These characters include English alphabets, the sequence of QWERTY keyboard layout, and numbers, such as, 'abcd', 'qwer', '1234', and so on. Apart from passwords, the feature is also applicable for secrets–the one-way encrypted secure login passwords that are not easy to decrypt to retrieve the original unencrypted password text.

The password policy is applicable only for the users configured on the local AAA server on the router; not those configured on the remote AAA server.

The feature introduces the restrict-consecutive-characters command.

YANG Data Models Introduced and Enhanced

This release introduces or enhances the following data models. For detailed information about the supported and unsupported sensor paths of all the data models, see the Github repository. To get a comprehensive list of the data models supported in a release, navigate to the Available-Content.md file for the release in the Github repository. The unsupported sensor paths are documented as deviations. For example, openconfig-acl.yang provides details about the supported sensor paths, whereas cisco-xr-openconfig-acl-deviations.yang provides the unsupported sensor paths for openconfig-acl.yang on Cisco IOS XR routers.

Feature Description

Programmability

openconfig-isis Revision 0.6.0

The OpenConfig data model supports to monitor the system performance by checking the packet counter statistics and bandwidth, time, length, and values (TLVs) of IS-IS database using the following XPaths:.

  • interfaces/interface[interface-id]/bfd/config/bfd-tlv

  • global/state/authentication-check

  • global/state/maximum-area-addresses

  • global/state/poi-tlv

  • global/state/iid-tlv

  • global/graceful-restart/state/helper-only

Root path for system-level counters: levels/level[level-number]/system-level-counters/state/

  • manual-address-drop-from-areas

  • part-changes

  • auth-fails

  • auth-type-fails

Root path for TLV type extended-is-reachability counters:

levels/level[level-number]/link-state-database/lsp[lsp-id]/tlvs/tlv[type]/extended-is-reachability/ neighbors/neighbor[system-id]/instances/instance[id]/subtlvs/subtlv[type]/

Root path for mt-isn counters:

levels/level[level-number]/link-state-database/lsp[lsp-id]/tlvs/tlv[type]/mt-isn/neighbors/neighbor[mt-idsystem-id]/ instances/ instance[id]/ subtlvs/subtlv[type]/

extended-is-reachability and mt-isn TLV counters:

  • link-id/state/local

  • link-id/state/remote

  • link-delay/state/a-bit

  • link-delay/state/delay

  • min-max-link-delay/state/a-bit

  • min-max-link-delay/state/min-delay

  • min-max-link-delay/state/max-delay

  • link-delay-variation/state/delay

  • link-loss/state/a-bit

  • link-loss/state/link-loss

  • residual-bandwidth/state/bandwidth

  • available-bandwidth/state/type

  • available-bandwidth/state/bandwidth

  • utilized-bandwidth/state/type

  • utilized-bandwidth/state/bandwidth

Root path for circuit-counters: interfaces/interface[interface-id]/circuit-counters/state/

  • init-fails

  • auth-type-fails

  • adj-number

Root path for packet counters:

interfaces/interface[interface-id]/levels/level[level-number]/packet-counters/

  • lsp/state/dropped

  • lsp/state/retransmit

  • iih/state/dropped

  • iih/state/retransmit

  • psnp/state/dropped

  • psnp/state/retransmit

  • csnp/state/dropped

  • csnp/state/retransmit

  • unknown/state/received

  • unknown/state/processed

  • unknown/state/dropped

  • unknown/state/sent

  • unknown/state/retransmit

Following statistics always displays the value as ZERO.

  • interfaces/interface[interface-id]/circuit-counters/state/init-fails

  • levels/level[level-number]/system-level-counters/state/auth-type-fails

  • interfaces/interface[interface-id]/levels/level[level-number]/packet-counters/iih/state/retransmit

  • interfaces/interface[interface-id]/levels/level[level-number]/packet-counters/csnp/state/retransmit

  • interfaces/interface[interface-id]/levels/level[level-number]/packet-counters/psnp/state/retransmit

  • interfaces/interface[interface-id]/levels/level[level-number]/packet-counters/unknown/state/sent

  • interfaces/interface[interface-id]/levels/level[level-number]/packet-counters/unknown/state/retransmit

This feature introduces authentication-check disable command to disable authentication check.

Release 7.7.1 Packages

This table lists the Cisco IOS XR Software feature set matrix (packages) with associated filenames.

Table 1. Release 7.7.1 Packages for Cisco NCS 5000 Series Router

Composite Package

Feature Set

Filename

Description

Cisco IOS XR IP Unicast Routing Core Bundle

ncs5k-mini-x.iso

Contains base image contents that includes:

  • Host operating system

  • System Admin boot image

  • IOS XR boot image

  • Alarm co-relation

Individually-Installable Optional Packages

Feature Set

Filename

Description

Cisco IOS XR Manageability Package

ncs5k-mgbl-3.0.0.0-r771.x86_64..rpm

XML, Parser, HTTP Server, Telemetry, and gRPC.

Cisco IOS XR MPLS Package

ncs5k-mpls-3.1.0.0-r771.x86_64.rpm

Label Distribution Protocol (LDP), MPLS forwarding , MPLS operations , Administration and maintenance (OAM), Layer3-vpn , layer-2 vpn.

Cisco IOS XR MPLS RSVP TE package

ncs5k-mpls-te-rsvp-1.1.0.0-r771.x86_64.rpm

Supports MPLS RSVP-TE (Resource Reservation Protocol with Traffic Engineering extensions)

Cisco IOS XR Security Package

ncs5k-k9sec-3.2.0.0-r771.x86_64.rpm

Support for Encryption, Decryption, and Secure Shell (SSH),

Cisco IOS XR Multicast Package

ncs5k-mcast-2.2.0.0-r771.x86_64.rpm

Multicast routing protocols (PIM, IGMP, Auto-rp, BSR) and infrastructure (Multicast routing information Base) , Multicast forwarding (mfwd)

Cisco IOS XR ISIS package

ncs5k-isis-2.2.0.0-r771.x86_64.rpm

Supports ISIS

Cisco IOS XR OSPF package

ncs5k-ospf-2.0.0.0-r771.x86_64.rpm

Supports OSPF

Caveats

There are no caveats in this release.

Upgrading Cisco IOS XR Software

Cisco IOS XR Software is installed and activated from modular packages, allowing specific features or software patches to be installed, upgraded, or downgraded without affecting unrelated processes. Software packages can be upgraded or downgraded on all supported card types, or on a single card (node).

Before starting the software upgrade, use the show install health command in the admin mode. This command validates if the statuses of all relevant parameters of the system are ready for the software upgrade without interrupting the system.


Note

  • If you use a TAR package to upgrade from a Cisco IOS XR release prior to 7.x, the output of the show install health command in admin mode displays the following error messages: 

sysadmin-vm:0_RSP0# show install health
. . .
ERROR /install_repo/gl/xr -rw-r--r--. 1 8413 floppy 3230320 Mar 14 05:45 <platform>-isis-2.2.0.0-r702.x86_64
ERROR /install_repo/gl/xr -rwxr-x---. 1 8413 165 1485781 Mar 14 06:02 <platform>-k9sec-3.1.0.0-r702.x86_64
ERROR /install_repo/gl/xr -rw-r--r--. 1 8413 floppy 345144 Mar 14 05:45 <platform>-li-1.0.0.0-r702.x86_64

You can ignore these messages and proceed with the installation operation.