Cisco brings in its new software release IOS-XE 17.9.1 which offers a bunch of new software features and introduces new platforms across Enterprise Networking. This is the first Extended Maintenance Release (EMR) for C9K-X platforms and, becomes the first EMR for all C9K platforms. It has a support lifetime of thirty-six months and will be the recommended release for wide-scale production deployments supporting SMU and ISSU. In this release as we focussed on delivering key capabilities with quality across products and solutions, we have also encompassed our key customer asks for easy deployment.
This release introduces both hardware and software capabilities that are added across Catalyst C9K Switching Platform, Security, Routing, and Programmability. Key feature summary of the 17.9.1 release.
New Hardware additions with IOS-XE 17.9.1
IOS-XE 17.9.1 introduces new hardware platforms to our Access and Core portfolios.
Starting with the access portfolio, IOS-XE 17.9.1 adds support for the new Catalyst 9200CX compact Switch. This next-generation switch is powered by the UADP 2.0 Mini, Cisco IOS-XE Lite, Fanless, and comes in a compact form factor. The switch also has enhanced security with MACsec 256 and is optimized for smart building deployments.
This switch provides flexibility in architecture, best suited for small branch deployments. There are three different SKUs available - 1 Data and 2 POE options. This switch supports Full Flexible NetFlow, IOS-XE Programmability and Telemetry, ZTP and is suitable for deployment as a fabric edge (FE) node in an SDA fabric.
New Catalyst 9300LM shallow depth fixed uplink versions have been added to the C9300 family of switches now offering a C9K migration option for the Catalyst 3650 mini series. The Catalyst 9300LM comes in both 48/24 ports in the data and POE variants. All models come with 4 SFP28 uplink ports of speeds up to 25G. All ports on UPOE models can provide up to 60W UPOE power. Additionally, up to eight C9300LM switches can be stacked with a maximum stacking bandwidth of 320G.
The switch has scale parity with our existing C9300L switches and supports HA, Hot patching, MACsec 256 along with App hosting, SD-Access, BGP-EVPN, and Full Flexible NetFlow. The switch uses new Stack adapters and cables and new power supplies rated at 715W for DC and 600 and 1000W for AC installations.
On the core side, IOS-XE 17.9.1 adds support for C9600X-LC-32DC line card for the Catalyst 9600 series switches. This is a Generation 2 line card compatible with C9600X-SUP2. With dedicated PHYs in the line card, we support line-rate MACSEC and WAN-MACSEC on all 32 ports.
New software features introduced with IOS-XE 17.9.1
The IOS-XE 17.9.1 brings in the Catalyst 9400X-Sup2/XL to parity with our existing Catalyst 9400-Sup1/XL/XL-Y with the addition of several features.
Differentiated Value with C9400X
First, support for StackWise Virtual (SVL) is enabled for C9400X-SUP2/XL with support for SVL links and Dual Active Detection (DAD) links on either Supervisor uplinks or on the line cards (speeds of 10Gbps and greater).
Additionally, on the C9400X-SUP2/XL, we are increasing the active VLAN and SVIs up to 4K. This will support the distribution deployment.
By popular request, the port channel count on the 9400X SUP-2/XL has been increased to 432 from 252. This is applicable only for the 9400X Sup-2/XL and Sup-1/XL continues to support 252 port channels.
On the C9400X-Sup2/XL, we now have support for Perpetual Power Over Ethernet (PPOE to provide resiliency to POE endpoints. Even in a single supervisor configuration, POE endpoints continue to draw the last negotiated power from the port during image upgrades, software crashes, or manual reboots.
Industry-leading IPSEC Capabilities on 9300X
We support NAT traversal for IP reuse, VRF awareness for segmented overlay traffic, and BGP EVPN transport, over IPSec tunnels to provide end-to-end security to build a robust infrastructure.
Enhanced services beyond connectivity
With 17.9.1, we are adding support for conditional NAT operations using route maps. This helps in changing the source address depending on the destination IP address thereby indirectly increasing the NAT scale for 9500H and 9600 platforms. This allows IP reuse and promotes more traffic handling with limited IP addresses.
Also, on the core platforms (Catalyst 9500 High Performance series and Catalyst 9600 Sup1) we are increasing the NAT scale using Custom SDM templates. With IOS-XE 17.9.1, the scale has increased from 15.5K NAT entries to 27K NAT entries.
Redundancy between RPs for PIM bidirectional flows is introduced by adding Phantom RP support for both Catalyst 9500H and the Catalyst 9600-SUP1 series switches.
This release adds support of AVB on 9500 High Performance platforms and now AVB is supported on all C9500 models enabling an end-to-end (access/distribution/core) AVB deployment.
Open and programmable Catalyst platforms
IOS-XE 17.9.1 introduces an array of new features in Programmability and Automation.
YANG model support for config CLI allows the config CLI to be pushed to the devices using the yang interfaces. This brings configuration ease and improves efficiency in large-scale deployments. gNMI SetReplace now supports full config replace enabling Infrastructure as Code workflow.
AAA method list for NETCONF and RESTCONF makes programmatic access more resilient by allowing multiple upstream authentication options.
With 17.9.1 the Open Config (OC) models are upgraded, and now it is easier to configure and manage the network without needing to use Cisco Native Models.
Additionally, OpenConfig Network YANG is now supported with BGP and SVL. YANG Service Model can additionally be used to manage EVPN configuration via YANG API supporting further abstraction and minimizing the impact to feature construct.
Find platform specific release notes for IOS-XE 17.9.1 below
What’s Next?
IOS-XE 17.10.1 will be a standard maintenance release and is targeted for release in November of 2022. Stay tuned for more information on new software releases!
2 Comments
