Live chat with Cisco expert Hitesh Kumar on April 16, 2013 on Architecture and troubleshooting Cisco ASR. 1000 Series Aggregation Services Routers
Hitesh Kumar is a customer support engineer in the High Touch Technical Services team at Cisco specializing in routing protocols. He has been supporting major service providers and enterprise customers in routing, Multiprotocol Label Switching (MPLS), Multicast, and Layer 2 Virtual Private Network (L2VPN) issues on Routing platforms for more than three years. He has more than six years of experience in the IT industry and holds a CCIE certification in Service (#38757).
Please go to Cisco Support Facebook Page on the event day: http://www.facebook.com/CiscoSupportCommunity
April 16, 2013 8:00 AM PST (San Francisco; UTC -7 hrs)
What is Facebook Forum?
Facebook forums are online conversations, held at a pre-arranged time on our Facebook page. It gives you an opportunity to interact with a live Cisco expert and get more information about a particular technology, service or product.
How do I participate?
On the day of the event, go to our Facebook page http://www.facebook.com/CiscoSupportCommunity.
To RSVP Click Here
Here's a condensed summary of our April 2013 Facebook Forum : Architecture and troubleshooting Cisco ASR 1000 Series Aggregation Services Routers
Does asr1k supports external USB
Yes, The route processor can support a 1-GB eUSB module. We can copy the IOS from bootflash to USB using below command:
copy bootflash:asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin usb0:
or startup-config from nvram to usb:
copy nvram:startup-config usb0:
How do we actually get a shell on the latest IOS-XE for ASR1K equipment ? The old-way (service internal + platform shell + request platform software system shell now requires a LICENSE ?????).
Cisco voluntarily restricting access to the shell under ASR 1K is _REALLY_ a problem. Especially when half of the usual system command on IOS XE are not functionnal since IOSd cannot really see the details of the hardware underneath (ok,have monitor platform software process, but that's limited) - So I assume that you have configured "platform shell" and getting the below error on trying to acess shell mode
Enter configuration commands, one per line. End with CNTL/Z.
COVE-CASR1001-CE2#request platform software system shell RP active
Activity within this shell can jeopardize the functioning of the system.
Are you sure you want to continue? [y/n] y
Error acquiring an internal services license: Request failed due to no license
Linux shell access is not available to customers on the ASR1K platforms which require licensing (such as the ASR1001).
The SHELL license can be obtained on an internal Cisco site but it is only meant to be installed and utilized by Cisco personnel (TAC, SE). It also must be removed from any customer router following its use. The reason for this is that with Linux shell access, a user can have full access to the license directories which can lead to a security problem.
Is VPLS supported on ASR 1000? How do we verify if the packet is actually reaching ASR1000 or not? is there any way to capture the packet on ASR1k? Can you please explain in detail as its very important in troubleshooting scenarios?
Answer to your first question is Yes VPLS is supported on ASR1k. VPLS is supported, from 3.5 release. regarding packet capture yes its important and We do have a packet capture on ASR1k....before 3.7 release you would have to use the SPAN. in 3.7 Embedded Packet Capture have been added and are available for use
I will try to explain it with the commands and output
To start a capture it is as simple as:
monitor capture TestCap2 interface both
monitor capture TestCap2 match ipv4 protocol tcp any any
monitor capture TestCap2 start
Then you can either stop the capture or display it
monitor capture TestCap2 stop
F340.03.11-ASR1000-4#show monitor capture TestCap2 buffer brief
# size timestamp source destination protocol
0 58 0.000000 10.180.91.22 -> 10.180.91.1 TCP
1 54 0.001007 10.180.91.1 -> 10.180.91.22 TCP
F340.03.11-ASR1000-4#show monitor capture TestCap2 buffer det
F340.03.11-ASR1000-4#show monitor capture TestCap2 buffer detailed
# size timestamp source destination protocol
0 58 0.000000 10.180.91.22 -> 10.180.91.1 TCP
0000: 8843E13C D478C471 FE9E8D01 080045C0 .C.0010: 002C49FD 0000FF06 A58F0AB4 5B160AB4 .,I.........[...
0020: 5B01D071 00B3FF98 B7BA0000 00006002 [..q..........`.
0030: 1020340F 00000204 05B4 . 4.......
1 54 0.001007 10.180.91.1 -> 10.180.91.22 TCP
0000: C471FE9E 8D018843 E13CD478 08004500 .q.....C.0010: 00285E45 0000FF06 920B0AB4 5B010AB4 .(^E........[...
0020: 5B1600B3 D0710000 0000FF98 B7BB5014 [....q........P.
0030: 00005BD8 0000 ..[...
and when done its easy to export it
F340.03.11-ASR1000-4#monitor capture TestCap2 export
Hi Is there any specific H/w requirement also to support VPLS?
You can go through the below link for more informattion on VPLS
please let me know in case you still have any queries
What is the bandwidth capacity and the backplane capacity on ASR1K routers?
It depends on SIp and ESP. The SIP10 enables 10 Gbps of aggregate bandwidth per slot and SIP40 enables 40 Gbps of aggregate bandwidth per slot. The SIP10 connects to the Cisco ASR 1000 Series Embedded Services Processor (ESP) through the passive midplane with 10 Gbps point-to-point links. The SIP40 connects to an ESP in the same way.The ESP module in the chassis determines the forwarding capacity of Router. For example, ESP40 has 40 Gbps forwarding capacity, ESP20 has 20 Gbps forwarding capacity & ESP10 has 10 Gbps forwarding capacity.
Is traffic forwarding affected if the Route Processor crashes and where do I find the crashinfo ?
No, traffic forwarding is not affected if the RP crashes as the traffic forwarding is performed by the QFP. The crashinfo is stored in the bootflash:, check out this CCO link for more info.
I had few questions regarding ASR 1000:
I am unable to see any stats on asr1k using fnf ? (answer) Regarding FNF which software version are you using? I am using 12.2(33)XNC. Below link shows that the fnf was introduced in 15.0(1)S release
12.2(33)XNC is release 2.3.X 15.0(1)S - 3.1.0S So that is the reason for flexible netflow not working in 12.2(33)
Can you let me know if the ASR1k support per packet load-sharing?
- no ASR1k doesn't supports per packet load balancing.
What is dual and standalone mode in Cisco IOSXE software? Also, I would like to know what are the advantages and disadvantages of the 2 modes?
The Cisco ASR 1000 Series Router introduces a dual IOS process model that allows for increased high availability at all times. Using SSO or RPR, a second IOS process can be enabled on a Cisco ASR 1002 or 1004 Router. On Cisco ASR 1000 Series Routers configured with dual Route Processors, the second IOS process runs on the standby Route Processor.
- Increased fault tolerance
-In the event of an active IOS failure, the second IOS process immediately becomes the active IOS process with little to no service disruption.
- No downtime software upgrades—
IOS and other software on the router can be upgraded using the In Service Software Upgrade (ISSU) feature in the standby IOS process, thereby allowing the network to remain active during the software upgrade.
The disadvantage of running dual mode is that hen running dual Cisco IOS XE Software processes, the maximum routing table supported is reduced by approximately 50 percent.
Also, which command can I use to check the memory utilization on the various cards ?
You should use "show platform software status control-processor brief" command.
Can u pls guide us on best approach to troublshoot packet drop on ASR 1000?
Below is a very good document having troubleshooting steps for packet drop issue.
Kindly go through it and let me know in case of any queries.
There have been incidents where ASR hangs without any reason. Once we reload the box we dont find any crashinfo/ Traceback or core dump generated
Could you please shed some light as in how can we troubleshoot such issues to get to the root cause. Set of commands that we should capture would be really appreciated?
That's a very good question. the best way to troubleshoot an ASR1k hang according to me is as below:
The first three steps are the same as other - set conf register to 0x2002 - reload - send break sequence when problem occurs, however you will be dropped to a diag prompt rather than the rommon prompt. At this prompt enter the command: request platform software system shell (you may have to have already configured 'platform shell' prior to this) This will drop you to a linux prompt.
At the linux prompt issue the command:
ps -A | grep ios
This will return the PID of the linux process. In my case this was 24897:
[mcp-syd-08_RP_0:/harddisk/phpetty]$ ps -A | grep ios
24897 ? 00:23:30 linux_iosd-imag
Then issue the command: kill -s SIGABRT This procedure does restart the router however it will also generate a core file in doing so which, when decoded, should point you to the function in which the router was hung. I think this is very important information to be collected to get to the root cause.Please let me know in case of any other query.
I have heard Cisco AVC technology is supported on ASR 1000. Can you please tell me which license and software release support this?
AVC is supported on the Cisco ASR 1000 starting with Cisco IOS® XE Software Release 3.4S.AVC support is provided by Right-To-Use (RTU) licenses on both Cisco ASR1k
So I have couple of questions on this, basically I want to know about certain features: 1) Is mpls nsf sso supported on ASR1000? 2) will an ESP switchover cause RP switchover or any effect on RP? and 3) Can you also explain about the redundancy and HA features on ASR ?..
1. yes its supported on asr 1006 with redundnat RP's. LFIB is synchronized between active and standby
2. No, ESP is used for forwarding and RP is route processor they are seperate modules.
3. The Cisco ASR 1000 Series offers the following features:
• The Cisco ASR 1006/1013 supports 1+1 active and standby redundancy in dual RP and dual ESP configuration. Switchover of the route processor does not result in switchover of the ESP, and switchover of the ESP does not result in switchover of the route processor.
• The Cisco ASR 1001, ASR1002-F, ASR 1002, ASR 1002-X, and Cisco ASR 1004 support dual Cisco IOS Software redundancy with a single route processor configuration. This feature is not supported on the Cisco ASR 1006 or Cisco ASR 1013.
• Cisco ASR 1000 Series routers support Nonstop Forwarding (NSF), Stateful Switchover (SSO), In-Service ISSU, and online Insertion and removal (OIR).
1: What are the requirements for ISSU on a single Cisco ASR 1000 Series route processor system? 2. Does asr 1000 supports ISSU?
Yes, Each software package for the Cisco ASR 1000 Series consists of seven different sub-packages. The sub-packages are designed to support the In-Service Software Upgrade (ISSU) capability.
Below are the requirements for ISSU:
The Cisco ASR 1000 Series RP1 must have 4 GB of DRAM. ISSU is supported only on RPControl, RPSecurity, and RPIOS images on single Cisco ASR 1000 Series Route Processor systems.
Is online insertion and removal (OIR) supported on the Cisco ASR 1000 Series SIP10 and SIP40? Is forwarding capacity also affected by choice of SIp?"
Yes. Both the Cisco SIP10 and SIP40 support OIR, as do the SPAs housed by the SIPs.
Regarding second question, forwarding capacity of ASR1k depends upon the ESP. The Cisco ASR 1000 Series ESP makes all forwarding decisions. However, the SIP10 and SIP40 support ingress classification and buffering to allow interface oversubscription.
I had few queries: Q1. what are the maximum arp entries per port supported in asr 1004 ? Q2. Does asr1k support GUI like other cisco routers? Thanks
Ans1. ARP entries are not classified per port but a limit for the whole device. Please chcek the link below:
http://www.cisco.com/en/US/prod/collateral/routers/ps9343/data_sheet_c78-447652.html ASR Supports 64,000 Layer 3 adjacencies.
Answer2. yes GUI is supported, its supported 2.1.1 onwards
Does asr 1000 supports ISSU?
Yes, ASR supports ISSU.
Does it support SBC High Availability?
One of the key differentiators of the Cisco ASR 1000 Series Router is its support for SBC functions. In particular, the Cisco ASR 1000 Series Router can function as a distributed border element (DBE) in an SBC environment. It receives control messages from the session border element (SBE) using the H.248 control protocol, and thus can open and close media pinholes and provide the data plane for session border-controlled traffic.
As with the High Availability features discussed previously, the Cisco ASR 1006 Series Router can synchronize SBC session state between the active and standby route processors or ESPs. A failure of the active route processor again results in a switchover to the standby route processor. Any H.248 control message processing can immediately be resumed on the standby route processor. Similarly, the standby ESP also maintains a copy of the DBE forwarding state tables, and is thus immediately ready to take over the forwarding function for SBC-controlled traffic if the active ESP fail.
I also wanted to know the side effects of dual mode, (if there are any)?
The disadvantage of running dual Cisco IOS XE Software processes is that the maximum routing table supported is reduced by approximately 50 percent
Here's a link to the Facebook Forum Archive in the Cisco Support Community Online:
Here are links to the actual Facebook Forum events:
Here's a link to the event announcement on the Facebook page: