This Product Bulletin introduces Cisco IOS® Software Release 12.2SR and includes the following sections:
1) Cisco IOS Software Release 12.2SR Introduction
2) Release 12.2(33)SRC Highlights
3) Release 12.2(33)SRB Highlights
4) Release 12.2SR Additional Information
1) Cisco IOS Software Release 12.2SR Introduction
Cisco IOS Software Release 12.2S is designed for Service Provider edge and Enterprise campus networks that require world-class IP and Multiprotocol Label Switching (MPLS) services.
Release 12.2SR is the premier Cisco IOS Software for delivering industry-leading Carrier Ethernet, Broadband Aggregation and Subscriber Services, and MPLS Provider Edge functionality for next generation Service Provider edge, Enterprise MAN / WAN, and Federal networks that run the Cisco 7600 Series Routers, Cisco 7200 Series Routers, and the Cisco 7301 Router. Releases 12.2(33)SRC, 12.2(33)SRB, and 12.2(33)SRA are available from Cisco.com.
Release 12.2(33)SRC, the latest customer release of Release 12.2SR, delivers over 150 new Cisco IOS Software features and powerful new hardware support for the Cisco 7600 Series Routers. Release 12.2(33)SRC also adds support for the Cisco 7200 Series Routers, the Cisco 7201 Router, and the Cisco 7301 Router.
Release 12.2(33)SRB and Release 12.2(33)SRA, the second and initial customer releases of Release 12.2SR, are specific to Cisco 7600 Series Routers and include many new software features and additional hardware support.
For detailed information about the features and hardware supported in Releases 12.2(33)SRC, 12.2(33)SRB, and 12.2(33)SRA, refer to the Cisco IOS Software Release 12.2SR release notes and customer documentation at the following website:
Not all features may be supported on all platforms. Use Cisco Feature Navigator to find information about platform support and Cisco IOS Software image support. Access Cisco Feature Navigator at http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp. You must have an account on Cisco.com.
2) Release 12.2(33)SRC Feature Highlights
The following sections include Release 12.2(33)SRC hardware and software feature highlights.
Like all Release 12.2SR releases, this Release 12.2(33)SRC integrates Cisco IOS Software innovations that span multiple technology areas, including Broadband, Quality of Service, Layer 2 VPN, MPLS and Layer 3 VPN, IP Addressing and Services, and IPv6, IP Routing, and Infrastructure and Embedded Management.
The Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet uplinks is specifically designed to deliver high scalability, performance, and fast convergence required for today's and tomorrow's demanding voice, video, data, and mobility (quadruple-play) services. The RSP720-10GE offers Carrier Ethernet Service Providers tremendous flexibility, scalability and performance at the access or aggregation edge while deploying advanced IP video and triple-play (voice, video, and data) system applications in both the residential and business services markets. In essence, it gives Service Providers and Enterprises true service convergence with the ability to manage a wide variety of applications over a range of access mediums using a single platform, the Cisco 7600 Series. (See Figure 1).
Note: The RSP720-10GE in Release 12.2(33)SRC is orderable on a limited basis. Contact your Cisco sales representative for details.
Figure 1. Cisco 7600 Series Route Switch Processor 720-10GE
Benefits
• Integrated 720-Gbps switch fabric
– Offers Layer 2 forwarding rates of up to 30 million packets per second (Mpps)
– Provides bandwidth capacity of 40 Gbps per slot
– Allows additional slots for increased port density
• Hardware-based Cisco Express Forwarding
– Offers Layer 3 (IP and MPLS) forwarding rates of 30 Mpps
• 10GE and GE port options
– Offers 2x10Gigabit Ethernet and 3xGigabit Ethernet ports options (including 1x 10/100/1000 RJ45 port) on the RSP
– Interfaces are configured either in 10GE port mode only or in mixed-mode
• Faster CPU and added memory-Performance improvements include:
– Faster protocol convergence times
– Improved Internet Group Management Protocol (IGMP) snooping times
– Improved router boot-up times
– Faster rates of establishing Dynamic Host Configuration Protocol (DHCP) server, Label Distribution Protocol (LDP), IP sessions, and traffic engineering
2.1.2) 8-Port 10 Gigabit Ethernet Module for Cisco 7600 Series Routers
The 8-port 10 Gigabit Ethernet module doubles the 10 Gigabit Ethernet density on the Cisco 7600 Series, providing up to 64 ports of 10 Gigabit Ethernet in a single Cisco 7600 Series chassis. (See Figure 2).
There are two versions of the Series 8-port 10 Gigabit Ethernet module:
Both modules contain the WS-X6708-10GE base board and a distributed forwarding card. The base module supports up to eight pluggable X2 optics and has a 40 Gbps connection to the fabric and is therefore 2:1 oversubscribed. The distributed forwarding card provides hardware-based MAC learning and forwards traffic at 48 Mpps. 8-port 10 Gigabit Ethernet module can demonstrate up to 64 Gbps local switching. Besides port density, it also has increased port buffering and enhanced queuing and scheduling mechanisms for congestion management.
Figure 2. 8-Port 10 Gigabit Ethernet Module for Cisco 7600 Series Routers
Benefits
• Increased port density
– 8 ports per module (up to 64 ports per chassis)
– Consolidates chassis for bandwidth aggregation
• Increased port buffering
– 200MB per port
– More efficient transmissions for long haul connections
• New scheduler
– Shaped Round Robin (SRR) in egress
– More efficient handling of bursty traffic
• New queuing mechanism
– Differentiated Services Code Point (DSCP)-based queue mapping
– Allows both ingress and egress queuing based on Layer 3 TOS and provides more granular classes of traffic
• Increased memory
– Default 1 GB DRAM
– Storage of larger forwarding table
Hardware
Routers
• Cisco 7604, 7606, 7606-S, 7609, 7609-S, and 7613
2.1.3) Wireless Services Module for Cisco 7600 Series Routers
Wireless Services Module (WiSM) support for Cisco 7600 Series Routers provides unparalleled security, mobility, redundancy, and ease of use for business-critical wireless LANs (WLANs). It delivers the most secure wireless system available for Enterprise-scale WLANs. As a Cisco 7600 Series module, it delivers centralized security policies, wireless Intrusion Prevention System (IPS) capabilities, award-winning RF management, Quality of Service (QoS), and Layer 3 fast secure roaming for WLANs. As a key component of the Cisco Unified Wireless Network, the Cisco WiSM provides the control, security, redundancy, and reliability that network managers need to scale and manage their wireless networks easily. (See Figure 3).
Figure 3. Cisco 7600 Series Wireless Services Module
The Cisco WiSM is a member of the Cisco Wireless LAN Controller family. It works in conjunction with Cisco Aironet® access points, the Cisco Wireless Control System (WCS) and the Cisco Wireless Location Appliance to support mission-critical wireless data, voice, and video applications. It provides real-time communication between access points and other WLAN controllers to deliver a secure and unified wireless solution.
The Cisco WiSM smoothly integrates into existing Cisco 7600 Series Enterprise networks. It communicates using the emerging Lightweight Access Point Protocol (LWAPP) standard to establish secure connectivity between access points and modules across Layer 3 networks. This protocol enables the automation of important WLAN configuration and management functions for cost-effective WLAN operations. With this integrated approach to large-scale wireless networking, customers can realize significant total cost of ownership benefits by streamlining support costs and reducing planned and unplanned network downtime.
Because the Cisco WiSM supports 802.11a/b/g and the IEEE 802.11n draft 2.0 standard, organizations can deploy the solution that best meets their individual requirements. Organizations can offer robust coverage with 802.11 a/b/g or deliver greater performance with 5x the throughput and unprecedented reliability using 802.11n and Cisco's Next-Generation Wireless Solutions and Cisco Enterprise Wireless Mesh.
Benefits
• Cisco 7600 Series Integration-Embedded system for the Cisco 7600 Series infrastructure, delivering centralized security policies, IPS, RF management, QoS, and Layer 3 fast secure roaming for WLANs
• Enterprise Scalability-Scalable architecture provides business-critical wireless services for deployments of all sizes
• Enterprise Reliability-Automated recovery from failures of Cisco Aironet access points, Cisco WiSMs, and Cisco 7600 Series Supervisor Engine 720 maximizes the availability of the wireless network
• Integrated RRM-Creates an intelligent RF control plane for self-configuration, self-healing, and self-optimization
• Zero-Configuration Deployment-The Cisco WiSM is deployed without manually configuring access points or modifying existing network infrastructures
• Intrusion Detection, Location, and Containment-Integrated wireless intrusion protection preserves the integrity of wireless networks and sensitive corporate information
• Mobility Management-Users can roam between access points and across bridged and routed subnets without requiring changes to the underlying infrastructure
• Intuitive Management Interfaces-Better visibility and control of the air space reduces operational costs
2.1.4) PA-MC-T3-EC and PA-MC-2T3-EC for Cisco 7200 and 7301 Series Routers
The 1- and 2-port multichannel T3 port adapters for the Cisco 7200 Series Routers and Cisco 7301 Router are enhanced versions of the previous multichannel T3 port adapters (part numbers PA-MC-T3 and PA-MC-2T3+). (See Figure 4).
The new port adapters address specific scalability challenges by increasing performance and lowering CPU usage. They offload advanced capabilities and features from the CPU, delivering them directly to meet Enterprise and Service Provider WAN link-aggregation service requirements. Each port adapter T3 interface can be independently configured for either multichannel T3 or clear-channel packet-over-T3 operation. With T3 port configurations, connections to DS-3 and subrate DS-3 services can be provisioned. With multichannel T3 port configurations, up to 28 T1 links per T3 interface can be brought in on a singlewide port adapter. Each T1 can be further channelized to DS-0, making the port adapters highly flexible interfaces for WAN provisioning.
Figure 4. Cisco 1- and 2-Port Multichannel Enhanced Capability Port Adapters
The combination of multichannel T3 and clear-channel functions makes the Cisco 1- and 2-Port Multichannel Enhanced Capability Port Adapters ideal for today's rapidly changing WAN environment. Specific features such as MLPPP, MLFR, LFI, and FRF.12 have been offloaded from the CPU to further enable agile response to new services while using existing infrastructure connections to better advantage.
As an integral part of a service node where customer bandwidth needs are uncertain, the port adapters allow Service Providers to avoid determining beforehand how ports will be allocated between DS-0, DS-1, and DS-3 connections. For Enterprise remote-site connection, the flexibility to support DS-0, DS-1, and DS-3 connections means the port adapters reduce equipment expenditures by integrating the capabilities and services of numerous port adapters onto a single adapter. They also provide investment protection by growing with the Enterprise to meet the needs of both today's DS-0 and DS-1 aggregation networks and tomorrow's T3 aggregation networks.
Benefits
• Operation Modes
– Multichannel (channelized)-28 T1 ports multiplexed onto a single T3 connection per interface
– Clear channel (unchanelized)-Offers an unchannelized 45-Mbps T3 clear channel per interface
• Performance
– Line rate-Provides full T3 line usage and throughput
– New intelligent software architecture-Lower CPU usage increases router efficiency and improves resource usage, enabling more services
• Feature Offloads
– MLPPP-Port adapter intelligence alleviates heavy processing of CPU-intensive features
– MLFR-Lowers CPU processing while performing fragmentation and defragmentation
– LFI-Reduces delay on slower-speed links by breaking up large datagrams and interleaving low-delay traffic packets with the smaller packets resulting from the fragmented datagram
– FRF.12-Controls delay and delay variation when real-time traffic such as voice is carried across the same interfaces as data
2.1.5) Cisco 7200 Series Routers, Cisco 7201 Router, and Cisco 7301 Router Support
Starting with Cisco IOS Software Release 12.2(33)SRC, Release 12.2SR includes support for the Cisco 7200 Series Routers and the Cisco 7301 Router. Release 12.2(33)SRC also includes support for the Cisco 7201 Router, the latest generation of the Cisco 7200 Series Family.
Within the Cisco IOS Software Release 12.2S family, the migration path for new features on the Cisco 7200 Series Routers and the Cisco 7301 Router is from Release 12.2SB to Release 12.2SR. Release 12.2(31)SB2 is the last Release 12.2SB release to include support for the Cisco 7200 Series Routers and the Cisco 7301 Router.
Cisco 7200 Series Routers
The industry's most widely deployed universal services aggregation router for Enterprise and Service Provider edge applications, the Cisco 7200 Series offers (See Figure 5):
• Exceptional price/performance-The NPE-G2 Network Processing Engine aggregates services at up to 2 Mpps
• A wide range of connectivity options and numerous features including serviceability and manageability
• Increased VPN performance with VPN Services Adapter
• Increased scalability and flexibility with the Port Adapter Jacket Card
Figure 5. Cisco 7200 Series Routers
Cisco 7201 Router
The Cisco 7201 Router is the latest generation of the Cisco 7200 Series Family. It is a compact, high performance single Rack Unit (RU) router that uses the latest Cisco 7200VXR Network Processing Engine NPE-G2 coupled with a comprehensive range of interface options. (See Figure 6.)
Figure 6. Cisco 7201 Router
The Cisco 7201 Router addresses the demand for the same performance enhancements, and Cisco IOS Software features of the latest Cisco 7200VXR NPE-G2 but in a smaller form-factor and with low power consumption. The Cisco 7201 provides four built-in Gigabit Ethernet ports and one Port Adapter (PA) slot which make it ideal for various Service Providers and Enterprise applications. It also offers redundant and field-replaceable AC and DC power supplies
With its combination of scalable performance, compact architecture, high density, and low price per port, the Cisco 7301 is ideally suited for a variety of key applications within both the Service Provider and Enterprise markets.
Cisco 7301 Router
The Cisco 7300 Series is optimized for flexible, feature rich IP/MPLS services at the customer network edge, where Service Providers and Enterprises link together. (See Figure 7.) With 3 built-in Gigabit Ethernet interfaces (copper or optical) and a single slot for any Cisco 7000 Series port adapter, the Cisco 7301 is highly flexible for a variety of applications. Additionally for broadband aggregation, the Cisco 7301 supports up to 16,000 subscribers sessions making it ideal for pay-as-you-grow broadband deployment models.
Figure 7. Cisco 7301 Router
The following are some of the key Cisco IOS Software highlights on the Cisco 7200 Series, the Cisco 7201, and the Cisco 7301 Routers in Release 12.2(33)SRC:
Bidirectional Forwarding Detection (BFD)
BFD is a detection protocol designed to provide fast forwarding path failure detection times for all media types, encapsulations, topologies, and routing protocols. BFD also provides a consistent failure detection method for network administrators.
BFD support was first introduced to Release 12.2SR in Release 12.2(33)SRA for the Cisco 7600 Series Routers. Release 12.2(33)SRB and Release 12.2(33)SRC include BFD enhancements which are highlighted in the later sections of this document. For more detailed information on BFD support in Release 12.2SR, please visit:
The MPLS TE-Fast Reroute (FRR) Link and Node Protection feature provides link protection (backup tunnels that bypass only a single link of the Label-Switched Path (LSP)), node protection (backup tunnels that bypass next-hop nodes along LSPs), and the following FRR features:
• Backup tunnel support
• Backup bandwidth protection
• Resource Reservation Protocol (RSVP) Hellos
MPLS TE-FRR Link and Node Protection was first introduced to Release 12.2SR in Release 12.2(33)SRA for the Cisco 7600 Series Routers. For more detailed information on MPLS TE-FRR Link and Node Protection in Release 12.2(33)SRA, please visit:
The Cisco implementation of IPv6 VPN provider edge router over MPLS is referred to as Cisco 6VPE and enables IPv6 sites in a VPN that communicate with each other over an MPLS IPv4 core network using MPLS Label Switched Paths (LSPs).
Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) Interior Gateway Protocol (IGP) Synchronization ensures that LDP is fully established before the IGP path is used for switching. This feature is only supported on interfaces running OSPF or IS-IS processes.
MPLS LDP-IGP Synchronization was first introduced to Release 12.2SR in Release 12.2(33)SRB for the Cisco 7600 Series Routers. In Release 12.2(33)SRB and Release 12.2(33)SRC, MPLS LDP-IGP Synchronization is not supported with IS-IS. Only OSPF is supported. For more detailed information on MPLS LDP-IGP Synchronization in Release 12.2(33)SRB, please visit:
IP SLAs for MPLS Pseudo Wire (PWE3) via VCCV is used to schedule pseudo-wire ping operations and provide monitoring and alerts for Round Trip Time (RTT), failure, and connection threshold violations via SNMP Traps.
Cisco IOS IP Service Level Agreement (IP SLA) is a capability embedded in Cisco IOS Software. IP SLAs allow Cisco customers to understand IP service levels, increase productivity, lower operational costs, and reduce the frequency of network outages. IP SLA utilizes active monitoring of network performance and can be used for network troubleshooting, network assessment and health monitoring. The feature reduces MPLS network trouble shooting time and allows proactive monitoring of MPLS network performance. IP SLAs Pseudo Wire (PWE) Health Monitor automatically tests connectivity for PWE between MPLS network edges. Threshold violations and scalable operation scheduling are also available.
For more detailed information on IP SLAs for MPLS Pseudo Wire (PWE3) via VCCV support in Release 12.2(33)SRC, please visit:
Multicast VPN Extranet allows VPN closed user groups to share information and common multicast information to be distributed across multiple VPN customers.
An extranet can be viewed as part of a company's intranet that is extended to users outside the company. Extranet is a VPN connecting the corporate site or sites to external business partners or suppliers, to securely share part of the information of a business or operations among them. MPLS VPNs inherently provide security, ensuring that users access only appropriate information. The MPLS VPN Extranet service offers users unicast connectivity without comprising the integrity of their corporate data. Multicast VPN Extranet extends this service offering to include multicast connectivity to the extranet community of interest. It allows Service Providers to offer the next generation of flexible extranet services, helping to enable business partnerships between different Enterprises.
The MPLS LDP MD5 Global Configuration feature provides a configuration enhancement for enabling MD5-based session authentication of LDP sessions, which helps prevent unauthorized LDP peer applications from establishing LDP sessions with the local LDP process and also helps to block spoofed TCP messages.
Any Transport over MPLS (AToM) Tunnel Selection allows you to specify the path that AToM traffic uses.
AToM Tunnel Selection was first introduced to Release 12.2SR in Release 12.2(33)SRA for the Cisco 7600 Series Routers, and is further highlighted later in this document. For more detailed information on AToM Tunnel Selection in Release 12.2(33)SRA, please visit: http://www.cisco.com/en/US/products/ps6922/products_feature_guide09186a008067cf79.html
Multi-Topology Routing
Multi-Topology Routing (MTR) is a new and exciting technology that extends the capabilities of Cisco routing technologies. Multi-Topology Routing adds a service differentiation dimension to traditional destination based routing. In other words, different classes of services can follow different paths across the network.
The MPLS VPN carrier class feature portfolio is further enriched with MPLS VPN PE-CE link protection. Upon PE-CE link failure, VPN end-to-end convergence can be improved with an egress PE (Point of Local Repair) switching VPN traffic to an alternative egress PE before the control plane has converged.
2.2.1) Cisco Intelligent Services Gateway Session Control High Availability (SSO/EFSU)
Cisco IOS Software Release 12.2(33)SRC delivers Cisco IOS High Availability features with sub-second switchover during periods of hardware or software failure for Cisco Intelligent Services Gateway (ISG) PPP Sessions, IP Sessions or IP interface sessions on Cisco 7600 Series Routers.
Cisco ISG Session Control Stateful Switchover (SSO) enhancements extend Cisco SSO technologies to include PPPoEoX Sessions, IP Sessions, IOS Policy Manager and DHCP. With these enhancements, seamless route processor switchover is provided for dynamic session services available on a deployed Cisco ISG/BRAS. Cisco SSO protects from hardware or software faults on an active route processor by synchronizing session state information, including session initiator type, DHCP information, and Radius Change of Authorization (CoA) messages, with a standby router processor.
Release 12.2(33)SRC also delivers Cisco ISG Session Control Enhanced Fast Software Upgrade (ISSU/EFSU). Cisco IOS ISSU is the industry's first, true, in-service upgrade solution for the Broadband edge, mitigating network downtime due to upgrading or downgrading Cisco IOS Software images on Cisco 7600 Series Routers with redundant supervisor engines. Based on Nonstop Forwarding/Stateful Switchover (NSF/SSO), Cisco 7600 Series Routers implement Enhanced Fast Software Upgrade (eFSU), which allows users to upgrade or downgrade complete Cisco IOS Software images with only a short system outage. EFSU enables rapid software upgrades for new line cards, new power supplies, new features, or software fixes.
Currently, only session based-services are protected by SSO and EFSU. Services which apply to flow-based traffic classification (traffic classes) will have high availability services added to them in an upcoming release.
Benefits
Cisco ISG Session Control High Availability enhancements provide a route-processor protection solution with the following benefits:
• Provides automatic fault detection and seamless recovery-Allows for the persistence of PPP, Interface, or IP Sessions during an RP switchover scenario; the control plane recovers gracefully minimizing network churn.
• Reduces costs-Decreases network downtime expenses, including SLA penalties, lost revenue opportunities, user and administrative productivity costs, and emergency network expenditures
2.2.2) Cisco Intelligent Services Gateway Support for Cisco 7600 Series Routers
First introduced in Cisco IOS Software Release 12.2SB for Cisco 7200 Series Routers, the Cisco 7301 Router, and Cisco 10000 Series Routers, Release 12.2(33)SRC introduces Cisco Intelligent Services Gateway (ISG) support for Cisco 7600 Series Routers.
Cisco ISG is a Cisco IOS Software feature set that provides a structured framework in which edge access devices can deliver flexible and scalable services to subscribers. Because almost any IP device can be voice-, video-, or data-enabled, Service Providers are delivering many services to many screens over converged fixed and mobile networks. Today's consumers of data, voice and video (triple-play) services demand a unified, high-performance experience at home, at work, and on the move.
Cisco ISG controls subscriber access at the network edge to enable the provisioning and management of broadband networks for a broad range of access and edge technologies, subscriber numbers and service types, effectively linking subscriber service requests with distributed policy control to help ensure a high quality of experience for the emerging "Connected Life."
Cisco ISG provides advanced subscriber awareness, resource provisioning, and access control capabilities. Cisco ISG distributes service intelligence to the Internet Protocol (IP) network edge, which simplifies service creation and speeds delivery of advanced IP services over Cisco IP Next-Generation Networks (IP NGNs).
Cisco ISG handles the following key aspects of subscriber management:
• Subscriber identification
• Service and policy determination
• Session policy enforcement
• Session life-cycle management
• Accounting for access and service usage
• Session state monitoring
Cisco ISG also provides a dynamic element to the provisioning and activation of services through control policies and Change of Authorization (CoA) extensions to the RADIUS protocol. This element allows for "zero-touch" provisioning of an individual subscriber experience, all without impacting service to the end-user.
A Cisco ISG-enabled device may be deployed at the access edge and service edge of a network and is applicable to a range of subscriber network environments, such as a Digital Subscriber Line (DSL), public wireless LAN (PWLAN), and mobile wireless. Moreover, Cisco ISG has been designed to accommodate a flexible distribution of subscriber and service information within a given solution. Figure 8 illustrates the range of deployment types for which service profile data for individual subscribers may be stored in an Authentication, Authorization, and Accounting (AAA) database and retrieved and cached on demand.
Figure 8. Cisco ISG Sample Topology
It is also possible to define services directly on a Cisco ISG-enabled device. In all cases, service activation may be triggered as a result of a locally defined control policy, user profile associations, or CoA commands from an external policy server or portal application.
Benefits
• Advanced Subscriber Management-Cisco ISG allows for numerous methods of identifying subscribers with the concept of the multi-dimensional id.
