Not a user yet?
Log in Register for free Suggest a product
DE | EN
Update

Release Notes for Cisco 4000 Series ISRs

IOS XEIOS XE
Cisco
Update from alex-devicebaseUpdate from:
alex-devicebase (expert)

New and Changed Software Features

  • Enhanced IS-IS Fast Flooding

The IS-IS Fast Flooding feature optimizes LSP transmission to accelerate network convergence by dynamically adjusting the LSP rate based on receiver capability. From Cisco IOS XE 17.14.1a, IS-IS Fast Flooding can be configured using the router isis lsp-fast-flooding command. The LSP transmission can be further customized with arguments such as max-lsp-tx, psnp-interval, and per-interface within the same router isis command, and enhanced by using the isis remote-psnp-delay command. This feature is disabled by default, and requires manual configuration to enable.

  • Enhancement to the show reload-history Command

From Cisco IOS XE 17.14.1a, the show reload-history command is modified to show reload history. The output for the command is updated to include crash data, Cisco High Availability (HA) status, and software version.

  • Support for 4096 Key Pair

Cisco Voice Gateway (VG) series devices use 2048 RSA key as the default encryption policy. From Cisco IOS XE 17.14.1a, Cisco VG400 Voice Gateway and Cisco VG420 Voice Gateway support 4096 key pair with SHA256 hash function for TLS handshake process. For enhanced security and protection during data transmission, you can enable the 4096 key pair encryption using the crypto pki trustpoint 4k_keypair command.

  • Configure Secure Service Edge

Secure Service Edge is a cloud solution that provides seamless, transparent, and secure Direct Internet Access (DIA) to protect against internet-based threats. This solution can be configured through Policy Groups by using Cisco SD-WAN Manager.

  • Configuration Group Enhancements

This release introduces support for the following in Cisco SD-WAN Manager:

  1. Transport Profiles
  2. Management Profile
  3. Service Profile
  4. CLI Profile
  5. Policy Object Profile
  • View Unmodelled Commands on SD-Routing Devices

After an SD-Routing device is deployed, you can view the unmodelled commands on Cisco SD-WAN Manager. The list of unmodelled commands are regenerated if the device reboots.
YANG Configurational Model Support for SD-Routing Devices
This release introduces support for the following YANG Configurational Models:

  1. BGP
  2. MPLS
  3. RSVP
  4. SNMP
  5. AAA
  6. QoS
  7. ACL
  8. DHCP
  • Support to Configure VPN Solutions for SD-Routing devices

This release introduces support for the following VPN solutions:

  1. FlexVPN
  2. GETVPN
  3. DMVPN
  4. L3VPN

These VPN solutions can be configured by using Configuration > Configuration Groups > CLI Add-on Profile option in Cisco SD-WAN Manager.

Cisco Unified Border Element (CUBE) Features

  • Secure SIP with TLS 1.3 support

From Cisco IOS XE 17.14.1a onwards, security of the communication between the client and the server is enhanced with the support of Transport Layer Security (TLS) version 1.3 and associated cipher suites.

Open Bugs

CSCwj40589 - Endpoint tracker using DNS does not log "DOWN" message when DNS server reachability is lost.

CSCwi81026 - BFD sessions flapping during IPSec rekey in scaled environment.

CSCwj49941 - dns-snoop-agent has TCAM entry with all zeros for some regex patterns.

CSCwj09284 - Unexpected reboot in WLC due to SSL.

CSCwj40223 - appRouteStatisticsTable sequence misordered in CISCO-SDWAN-APP-ROUTE-MIB or OS returns wrong order.

CSCwj27108 - Not balancing traffic to default route.

CSCwj48421 - %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: received IPSEC packet has invalid SPI.

CSCwi59854 - show sdwan policy service-path command gives inconsistent results with app name specified.

CSCwj42448 - APN password in plain text when Cellular controller profile is configured.

CSCwj30334 - CVLA ucode crash when attempting merge on used block.

CSCwj26085 - Control connections in TLS goes to 'trying' state with UTD.

CSCwj32347 - DIA endpoint tracker not working with ECMP routes.

CSCwj45177 - "dmidecode: command not found" error seen executing show sdwan certificate validity.

CSCwe92181 - Device traceback and reload after detecing a fatal error in qfp-ucode-radium.

CSCwj34578 - NAT46 translations are dropped when NAT64 router is also Carrier Supporting Carrier CE.

CSCwj31354 - Template push failure due to service timestamps.

CSCwj02628 - Speed-test not working for device.

CSCwj13681 - Device can only store 64 FQDN patterns, but config accepts more than 64.

Resolved Bugs

CSCwh94906 - WLC segmentation fault crash with Network Mobility Services Protocol (NMSP).

CSCwi49846 - FTMD crashed when SIG GRE tunnels configs are removed.

CSCwi55725 - SDR CLI config group issue.

CSCwi61369 - Device may unexpectedly reload due to SIGABRT.

CSCwi35716 - AAR backup preferred color not working as expected.

CSCwi53306 - Unknown appID in ZBFW HSL log.

CSCwf84567 - Unexpected reload after re-connecting.

CSCwi14178 - Failed to connect to device : x.x.x.x Port: 830 user : vmanage-admin error : Connection failed.

CSCwj25493 - Device crashed twice with critical process linux_iosd_image fault on rp_0_0.

CSCwi40603 - Memory leak in the crypto IKMP process.

CSCwf08658 - Devices will flap the BFD sessions if we are in a non-equilibrium state and have symmetric NAT.

CSCwi35177 - Router crash caused by continuous interface flap, interface associated to many IPsec interfaces.

CSCwi60266 - Device with enterprise certificates not forming control connections with controllers after upgrade.

CSCwi67983 - Tracker state log is missing when DNS query fails.

CSCwi53951 - Packets with unicast MAC get dropped on a port channel L2 sub-intf after a router reboot.

CSCwb25507 - CWMP: Add vendor specific parameter for NBAR protocol pack version.

CSCwi53549 - Router crash with reason "Critical process fman_fp_image fault on fp_0_0 (rc=134)".

CSCwi82548 - Crash in IKEv2 cluster load balancer.

CSCwi51381 - TrapOID of ciscoSdwanBfdStateChange is different from MIB file.

CSCwi78365 - Trim installed certificate on upgrade.

CSCwi85293 - IKEv2 IPv6 cluster load balance: Secondary in cluster unable to connect to cluster in case of FVRF.

CSCwi86698 - No error message while using multicast address as system-ip in SD-Routing device.

CSCwj06622 - Segmentation fault and core files are seen on IOS-XE due to speedtest.

CSCwi16111 - ipv6 tcp adjust-mss not working after delete and reconfigure.

CSCwi62230 - SIG tunnel: 'SIG STATEĆ¢ is showing blank value.

CSCwj27545 - Router crashing due to FTMD.

Version: 17.14.1a Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Cisco IOS XE updates
The manufacturer Cisco has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad