[c-nsp] ASR1K software trains

[Charles Sprickman]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So let me date myself here…

I started with IOS 10.3, mostly liked the 11.x GD train, loved the early 12.x "S" train of IOS.  Since maybe 12.3, I'm really out of the loop on how to best avoid bleeding-edge bugs and feature-creep in IOS.

So here sits an ASR-1002-X with whatever IOS load came from the factory and a brand new SmartNet contract to go with it.  This is replacing a 7206-VXR with an NPE-G2.  Our needs are pretty basic, the new gear is really just to handle additional traffic, be more resilient in the face of a DoS that's PPS-based, get more GigE ports on the chassis, and to replace hardware that is past its prime and EOL'd.

In the world of IOS-XE, is there an equivalent to the old "S" train for service provider use?

Out of the gate we need:

- -BGP to two transit providers (IPv4 + IPv6)
- -OSPF (IPv4-only for now)
- -basic route-map support
- -Basic VLAN support (and for our DSL customers coming in on a VLAN per, "ip unnumbered" so we can share the gateway between all customers with WAN IPs on the same subnet - NO PPPoE, all static)
- -IPv6 support, but no need for IPv6 routing protocols outside of BGP
- -NetFlow export (hopefully compatible with our old Flow-Tools collector, currently v5)
- -Basic DHCP server functionality
- -GRE tunnels

That seems like very barebones stuff to me, so finding an IOS train that's known to be stable on this hardware is really the main goal.

Things we'd like in the future, in order of usefulness:

- -IOS "hot swap" feature (we've got 16GB of RAM, so I assume two IOSd's plus all the BGP routes are going to fit with no issues
- -rate-limiting/shaping per-VLAN (and a suggestion on BCP on this platform)
- -QoS within a VLAN, or prioritization of one VLAN inside a QinQ bundle
- -QinQ features and the ability to cross-connect these VLANs for a handful of customers with multiple circuits through multiple layer-2 providers
- -MPLS if there's any business case for us in implementing this
- -Expanded firewall featureset for offering a "managed" Cisco-branded firewall to clients

I'm also totally open to anyone's hints/tips on this platform and pointers to any non-cisco web resources that give a good overview of the basic platform features and gotchas (I don't ask for much, do I?).  I'm digging around CCO for now, but the cisco web properties make me want to stab my eyes with rusty forks.

Thanks,

Charles

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQEcBAEBAgAGBQJTGmf8AAoJEMfwH0dqLIp2ItUIANF/HbzETRY/7IjvZCE5Bq5J
NH5f5KiEJvcYfBc2t3i4h3PpQwLUeZ/u5lAU2DV2zIDiW41bsUSPTh2b19SDjLlj
SmkAvRFw6tMVQZFKOMqiwMF6Oq+YbNaa9pDrbcI/sffCUrJjvZqPwdqpmVAtLaqK
gFuyT1Z9e62QUyqS42I3YW9VK8YA8cKDhfZdur3gFvEeUp3DEEpE1ltUnCn5+tXm
W5LZ/34ds0AI5BuF10X9GF7GqiJVM7CprkTrF+rdrP0YUUEprknZl2vN4e8WOafP
kOCvVY+4LbYEi8odTAgV0VrWFCszMqZ4UqCcjcgRdCmUG+aspAfQoJjZ8J4spCw=
=wlvA
-----END PGP SIGNATURE-----