CSR 1000v

Overview

The CSR 1000v is Cisco's Cloud Services Router 1000v. It is the same VM image that Cisco licenses for use as a production virtual router in public and private cloud environments. In CML, the CSR 1000v image runs in demo mode without any additional licensing. Use the CSR 1000v image when you want to simulate a platform that runs Cisco IOS-XE. The CSR 1000v image that is provided with CML is not the XE-SDWAN image.

For more details about CSR 1000v, refer to the following resources:

Using CSR 1000v Nodes in CML

There is a known issue with running CSR 1000v nodes in CML. When you start a CSR 1000v node for the first time or after a Wipe operation, the node will load the configuration provided in the node's Edit Config tab in the UI. In these cases, the CSR 1000v interfaces will all be in shutdown state after the configuration finishes loading. To prevent the interfaces from starting off in theshutdown state, add an explicit no shut for each interface configuration in the initial bootstrap configuration text.

Alternatively, you can add the following EEM applet to the node's Edit Config field in the UI, adjusting the interface range gi1-4 to match the number of interfaces on the specific CSR 1000v node. The EEM script will run whenever the node starts and will add the no shut to each interface in the specified range.

event manager applet no-shut-interfaces
  event timer cron cron-entry "@reboot"
  action 1.0 cli command "enable"
  action 2.0 cli command "config t"
  action 3.0 cli command "int range gi1-4"
  action 4.0 cli command "no shut"
  action 5.0 cli command "end"

Limitations

The CSR 1000v is performance limited when forwarding traffic. Achieved throughputs are ~1.6 Mb/s when passing traffic through one CSR 1000v device, and ~1.52 Mb/s when chained over two CSR 1000v devices.

The functionality of the CSR 1000v nodes in your labs depends on the network driver in use. The default CSR 1000v node definition uses the vmxnet3 network driver. Subinterfaces do not work properly if you are still using a CSR 1000v node definition that uses the virtio network driver. On the other hand, note that it may be necessary to use the virtio network driver when working with ICMP Echo requests with the DF (Don't Fragment) bit set. While the vmxnet3 network driver supports MTU values up to 2034 with the DF-bit set, the virtio network driver can support MTU values up to 9216.

You can check the node definition for your CML instance in Tools > Node and Image Definitions. Click CSR1000v on the Node Definitions page and scroll down to the Network Driver property in the Linux Native Simulation group. A CML admin user can edit the node definition to change this property. This setting applies to all nodes that use the CSR 1000v node definition. If you change the node definition's Network Driver property, note that the change will only affect nodes started after the change. That is, if you have previously run a lab with CSR 1000v nodes, after you make this change, you must wipe the CSR 1000v nodes and restart them before the node's VM will use the updated network driver.

Features Tested with CML

Each CML release is tested with the bundled version of CSR 1000v. The tests validate the following features:

Test Name Result
CDP Pass
ping Pass
OSPF single-area Pass
NAT - static Pass
HSRP Pass
DHCP Pass
Routed subinterface Pass
Restconf Pass
Netconf Pass

The lab used for the tests is CSR 1000v Feature Tests, which is one of the sample labs included with CML on the Tools > Sample Labs page.

CSR 1000v Feature Test Topology

CDP

  • peer device is detected on the interface and listed in the CDP table.
  • Neighbor types: CSR1000V, IOSv, IOSvL2

Ping test

  • Sending ICMP Echo packets to the neighbor IP
  • Direct reachability and reachability via routing

DHCP

  • DHCP pool configured on a router
  • Alpine linux connected to interface G3 successfully obtains IP address

OSPF Single-Area

  • loopback interfaces configured
  • point-to-point networks configured on links between routers
  • all interfaces in area 0
  • OSPF establishes connectivity
  • Can ping loopback interfaces on different routers

HSRP

  • Two CSR 1000v routers, interconnected by a IOSvL2 switch
  • Ubuntu VM connected to the switch
  • HSRP configured on the two routers
  • Verification: VM can successfully ping the HSRP IP address
Router#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp  Pri P State   Active          Standby         Virtual IP
Gi3         1    95  P Standby 192.168.253.3   local           192.168.253.1

NAT: Static

  • Alpine Linux VM connected to the router, configured static IP on VM and on router interface
  • static translation configured on a router
  • ping of the untranslated VM IP from the router
  • ping of the translated VM IP from a different router
  • verification: capturing traffic and inspecting IP addresses

Routed subinterface

  • created routed subinterface on two CSR 1000v routers
  • Interconnected them over the IOSvL2 switch; configured interfaces as trunks; configured VLANs on IOSvL2
  • Configured an IP on the SVI for that VLAN on IOSvL2

Restconf

  • Restconf enabled on CSR 1000v
  • Successfully fetching configuration data by sending GET request from VM
cisco@ubuntu:~$ curl -k --user 'cisco:cisco' --request GET 'https://192.168.253.2:443/restconf/data/ietf-interfaces:interfaces/interface=GigabitEthernet1' --header 'Accept: application/yang-data+json'
{
  "ietf-interfaces:interface": {
    "name": "GigabitEthernet1",
    "type": "iana-if-type:ethernetCsmacd",
    "enabled": true,
    "ietf-ip:ipv4": {
      "address": [
        {
          "ip": "192.168.255.1",
          "netmask": "255.255.255.252"
        }
      ]
    },
    "ietf-ip:ipv6": {
    }
  }
}

Netconf

  • Netconf enabled on CSR 1000v
  • Ubuntu VM successfully starts netconf session and device responds with the capabilities
cisco@ubuntu:~$ ssh -p 830 -s cisco@192.168.253.2 netconf
cisco@192.168.253.2's password:
<?xml version="1.0" encoding="UTF-8"?>
<hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<capabilities>
<capability>urn:ietf:params:netconf:base:1.0</capability>
<capability>urn:ietf:params:netconf:base:1.1</capability>
<capability>urn:ietf:params:netconf:capability:writable-running:1.0</capability>
<capability>urn:ietf:params:netconf:capability:rollback-on-error:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.0</capability>
<capability>urn:ietf:params:netconf:capability:validate:1.1</capability>
<capability>urn:ietf:params:netconf:capability:xpath:1.0</capability>
<capability>urn:ietf:params:netconf:capability:notification:1.0</capability>
<capability>urn:ietf:params:netconf:capability:interleave:1.0</capability>
<capability>urn:ietf:params:netconf:capability:with-defaults:1.0?basic-mode=explicit&amp;also-supported=report-all-tagged,report-all</capability>
<capability>urn:ietf:params:netconf:capability:yang-library:1.0?revision=2016-06-21&amp;module-set-id=2813650ac1095ad1d44042ecba7333c5</capability>
<capability>http://tail-f.com/ns/netconf/actions/1.0</capability>

<-- output omitted -->