cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
tasharm3
Cisco Employee
Cisco Employee

Cisco brings in its new software release IOS-XE 17.9.1 which offers a bunch of new software features and introduces new platforms across Enterprise Networking. This is the first Extended Maintenance Release (EMR) for C9K-X platforms and, becomes the first EMR for all C9K platforms. It has a support lifetime of thirty-six months and will be the recommended release for wide-scale production deployments supporting SMU and ISSU. In this release as we focussed on delivering key capabilities with quality across products and solutions, we have also encompassed our key customer asks for easy deployment.

Screen Shot 2022-08-05 at 12.07.56 PM.png

This release introduces both hardware and software capabilities that are added across Catalyst C9K Switching Platform, Security, Routing, and Programmability. Key feature summary of the 17.9.1 release. 

 

Screen Shot 2022-07-29 at 4.31.32 PM.png

New Hardware additions with IOS-XE 17.9.1 

IOS-XE 17.9.1 introduces new hardware platforms to our Access and Core portfolios.  

Screen Shot 2022-08-08 at 10.21.28 AM.png

 

Starting with the access portfolio, IOS-XE 17.9.1 adds support for the new Catalyst 9200CX compact Switch. This next-generation switch is powered by the UADP 2.0 Mini, Cisco IOS-XE Lite, Fanless, and comes in a compact form factor. The switch also has enhanced security with MACsec 256 and is optimized for smart building deployments. 

Screen Shot 2022-07-29 at 4.48.32 PM.png

This switch provides flexibility in architecture, best suited for small branch deployments. There are three different SKUs available - 1 Data and 2 POE options. This switch supports Full Flexible NetFlow, IOS-XE Programmability and Telemetry, ZTP and is suitable for deployment as a fabric edge (FE) node in an SDA fabric. 

New Catalyst 9300LM shallow depth fixed uplink versions have been added to the C9300 family of switches now offering a C9K migration option for the Catalyst 3650 mini series. The Catalyst 9300LM comes in both 48/24 ports in the data and POE variants. All models come with 4 SFP28 uplink ports of speeds up to 25G. All ports on UPOE models can provide up to 60W UPOE power. Additionally, up to eight C9300LM switches can be stacked with a maximum stacking bandwidth of 320G.  

Screen Shot 2022-08-03 at 2.48.07 PM.png

The switch has scale parity with our existing C9300L switches and supports HA, Hot patching, MACsec 256 along with App hosting, SD-Access, BGP-EVPN, and Full Flexible NetFlow. The switch uses new Stack adapters and cables and new power supplies rated at 715W for DC and 600 and 1000W for AC installations.  

On the core side, IOS-XE 17.9.1 adds support for C9600X-LC-32DC line card for the Catalyst 9600 series switches. This is a Generation 2 line card compatible with C9600X-SUP2. With dedicated PHYs in the line card, we support line-rate MACSEC and WAN-MACSEC on all 32 ports.  

Screen Shot 2022-08-05 at 11.04.02 AM.png

New software features introduced with IOS-XE 17.9.1 

The IOS-XE 17.9.1 brings in the Catalyst 9400X-Sup2/XL to parity with our existing Catalyst 9400-Sup1/XL/XL-Y with the addition of several features.  

Differentiated Value with C9400X 

First, support for StackWise Virtual (SVL) is enabled for C9400X-SUP2/XL with support for SVL links and Dual Active Detection (DAD) links on either Supervisor uplinks or on the line cards (speeds of 10Gbps and greater). 

Screen Shot 2022-08-03 at 2.41.54 PM.png

 

Additionally, on the C9400X-SUP2/XL, we are increasing the active VLAN and SVIs up to 4K. This will support the distribution deployment.

By popular request, the port channel count on the 9400X SUP-2/XL has been increased to 432 from 252. This is applicable only for the 9400X Sup-2/XL and Sup-1/XL continues to support 252 port channels.  

On the C9400X-Sup2/XL, we now have support for Perpetual Power Over Ethernet (PPOE to provide resiliency to POE endpoints. Even in a single supervisor configuration, POE endpoints continue to draw the last negotiated power from the port during image upgrades, software crashes, or manual reboots. 

Screen Shot 2022-08-05 at 12.53.45 PM.png

Industry-leading IPSEC Capabilities on 9300X 

We support NAT traversal for IP reuse, VRF awareness for segmented overlay traffic, and BGP EVPN transport, over IPSec tunnels to provide end-to-end security to build a robust infrastructure.    

Enhanced services beyond connectivity 

With 17.9.1, we are adding support for conditional NAT operations using route maps. This helps in changing the source address depending on the destination IP address thereby indirectly increasing the NAT scale for 9500H and 9600 platforms. This allows IP reuse and promotes more traffic handling with limited IP addresses. 

Also, on the core platforms (Catalyst 9500 High Performance series and Catalyst 9600 Sup1) we are increasing the NAT scale using Custom SDM templates. With IOS-XE 17.9.1, the scale has increased from 15.5K NAT entries to 27K NAT entries.  

Redundancy between RPs for PIM bidirectional flows is introduced by adding Phantom RP support for both Catalyst 9500H and the Catalyst 9600-SUP1 series switches.  

This release adds support of AVB on 9500 High Performance platforms and now AVB is supported on all C9500 models enabling an end-to-end (access/distribution/core) AVB deployment. 

Open and programmable Catalyst platforms 

IOS-XE 17.9.1 introduces an array of new features in Programmability and Automation. 

YANG model support for config CLI allows the config CLI to be pushed to the devices using the yang interfaces. This brings configuration ease and improves efficiency in large-scale deployments. gNMI SetReplace now supports full config replace enabling Infrastructure as Code workflow.  

AAA method list for NETCONF and RESTCONF makes programmatic access more resilient by allowing multiple upstream authentication options. 

With 17.9.1 the Open Config (OC) models are upgraded, and now it is easier to configure and manage the network without needing to use Cisco Native Models.  

Screen Shot 2022-08-04 at 4.24.34 PM.png

 

Additionally, OpenConfig Network YANG is now supported with BGP and SVL. YANG Service Model can additionally be used to manage EVPN configuration via YANG API supporting further abstraction and minimizing the impact to feature construct. 

Find platform specific release notes for IOS-XE 17.9.1 below 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9200/software/release/17-9/release_notes/ol-17-9-9200.html 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-9/release_notes/ol-17-9-9300.html 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9400/software/release/17-9/release_notes/ol-17-9-9400.html 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-9/release_notes/ol-17-9-9500.html 

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9600/software/release/17-9/release_notes/ol-17-9-9600.html 

What’s Next? 

IOS-XE 17.10.1 will be a standard maintenance release and is targeted for release in November of 2022. Stay tuned for more information on new software releases! 

2 Comments
jayshar
Cisco Employee
Cisco Employee

Great blog, Tarun. Looking forward to deploying 17.9.1 and enable many of these cool capabilities!

Leo Laohoo
VIP Community Legend VIP Community Legend
VIP Community Legend

@tasharm3 wrote:

Screen Shot 2022-08-05 at 10.12.33 AM.png


The image of the 9300LM-48UX-4Y is not entirely correct. 


@tasharm3 wrote:
POE endpoints continue to draw the last negotiated power from the port during ... manual reboots. 

Manual reboots or "soft reboot"?  I think it should be soft reboot (or the "reload" command). 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: