Hello Cisco Community,

I am trying to enable OpenFlow on a Cisco ASR 9006 router with IOS XR version 6.3.2. I see https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC#:~:text=A%20vulnerability%20in%20the%20Topology,condition%20on%20an%20affected%20device says:

"The onePK feature is not supported in Cisco IOS XR Software releases 6.0 and later and cannot be enabled". Nevertheless, if I try to configure openflow without onep (which does not exist in configuration mode), the commit fails with the following:

openflow
!!% 'CfgMgr' detected the 'fatal' condition 'This configuration has not been verified and can not be accepted by the system.'
!

and I see the following in logs:

RP/0/RSP1/CPU0:Aug 10 20:39:18.139 : of_agent[1128]: %L2-OFA_PLUGIN-4-GEN_RC_WARNING : onep element_connect failed failed, rc=7: connection to network element failed: Fail to connect to /tmp/onep-sock. Socket connect failed: No such file or directory
RP/0/RSP1/CPU0:Aug 10 20:39:18.140 : of_agent[1128]: %L2-OFA_PLUGIN-4-GEN_RC_WARNING : onePK init failed failed, rc=1: operation failed

Which tells that OpenFlow agent is still trying to connect to onepk socket, which does not exist!

Could anyone help me please? Am I missing something or does enabling OpenFlow on IOS Xr require a license or something?

By the way, I am asking the same question for the second time as the my first question was strangely marked as spam, I hope this will not happen with this post, which I tried to make smaller!

Regards,

Firas