New and Enhanced Features for Cisco IOS XE Amsterdam 17.1.x

• Syslog for Improper Card Seating—This feature helps you detect if the card is seated properly in the chassis. If the card is not inserted correctly, a message is displayed on the console prompting you to re-insert the card correctly again.

• SMU Integrity Hash Verification against Known Good Value—This feature helps you to authenticate and maintain the integrity of Cisco IOS XE software SMU images and keep track of security changes in the software.

• Stronger Network Time Protocol (NTP) Authentication—The authentication keys of NTP and Simple Network Time Protocol (SNTP) support enhanced cryptographic options such as CMAC, SHA-1, and SHA-256. These options enhance the security of the message exchange of NTP and SNTP.

• MPLS over DMVPN Enhancement —In an MPLS over DMVPN configuration, spoke nodes can now be configured as Provider (P) nodes. This removes the limitation of previous releases in which spoke nodes had to be configured as Provider Edge (PE) nodes.

• Select IPv6 DNS traffic for ALG Processing This is an enhancement to the existing ip nat service dns-v6 command. You can now use the keyword list with this command to select the IPv6 DNS traffic to be processed by ALG.

• Accounting and Policing for VXLAN—This enhancement to the existing VXLAN static routing feature deploys the Cisco ASR 1000 router at the gateway of the core network and offers the following support:

  • Accounting: Helps charge for egress/ingress traffic that flows from any core network through the ASR 1000 network.

  • Policy: Helps track ingress traffic flowing into a specific VNET through the ASR 1000 network, to protect virtual machines deployed in the cloud.

• New default credentials for WebUI—The login credentials for connecting to the device using WebUI at day 0 are updated.

• RFC 8263 compliance for GDOI implementation—The Group Domain of Interpretation (GDOI) feature includes the ability of a Key Server (KS) to provide a set of current Group Member (GM) devices with additional security associations. RFC 8263 has added the ability for a KS to request that the GM devices return an acknowledgement of its rekey message and specify the acknowledgement method.

• Configuring the Routing Information Protocol via Web User Interface—Supports an embedded GUI-based device-management tool that provides the ability to provision the router, simplifies device deployment and manageability, and enhances user experience.

• Debug Messages for OSPF LSA MaxAge Events—

  To display debug messages about OSPF LSA MaxAge events, use the following commands:

  • debug ip ospf lsa-maxage

  • debug ospfv3 lsa-maxage

• Suppression of ESI Re-frame Errors During Upgrade or OIR—ESI re-frame errors are expected after an OIR or upgrade of a line card and need no troubleshooting. This feature supresses these expected ESI re-frame error messages so that you can skip investigating these messages.

• Link Delay Measurement for SR-TE—With this feature, you can configure the measurement and advertisement of link delay metrics such as minimum link delay, maximum link delay, average link delay, and delay variation. You can use these metrics to evaluate the performance of your network and as input for traffic engineering to direct the flow of traffic through the network to conform to SLAs.

Note	The last supported release for Cisco ASR 1000 Series 20-Gbps Embedded Services Processor (ASR1000-ESP20) is IOS XE release 16.12.x