[c-nsp] Cisco Friends

Curtis Piehler cpiehler2 at gmail.com
Mon Aug 4 08:39:22 EDT 2025 

We've been migrating (downsizing) from the ASR9001/9006/9010 to NCS5700.
Dual NCS57C1 for a redundant PE routers fronting VXLAN/EVPN BGP fabrics
(With temporary VRRP gateways until moving to VXLAN EVPN BGP) and NCS57C3
(Still has dual RSP capability) for a singular PE router for traditional
service provider access circuits hanging off the NCS57C1 or just singular
C3s in datacenters that warrant it.  I would say the biggest challenge for
us with the QoS changes since the 5700s using Broadcom merchant chipsets is
that the QoS is not as robust as the ASR9000s.  We've adapted but just
another PIA change to account for.  Also, do note, while the C1 and C3
chassis may seem like it's in the same family of routers they are quite
different with regards to software.  The C1s are much newer than the C3s
and run XR64 while the C3s still rely on the NCS5500 image.

Another thing to account for that bit us in the ass is having
distribute-lists on our OSPFv2 process.  Apparently this is a "known"
effect when configuring subsequent OSPF interfaces causes the OSPF routes
to get reinserted and MPLS labels reprogrammed.  This caused havoc for us
since it would lead to our legacy L2VPN based PW to briefly drop impairing
client services.  In the end we had to remove our OSPFv2 distribute-lists.

Other NCS5700 caveats...

   - Can no longer use Cisco Access List Based Forwarding to same
   inter-interface next-hop route traffic (must ust a different interface)
   - Auto-negotiate on 1000Base ports is spotty.
   - Cisco's doc says 1000BaseT does not support auto-neg and will always
   be link up so the router can not detect proper link-state
   - 1000BaseLX/SX while the auto-neg command does take on the router it
   does not do anything

Licensing wise I understand Cisco's move about the Nx100G licenses to
operate the router (Cisco will not sell you anything less than 4x100G up
front with a new router).  The good thing is the 100G licenses are fully
interchangeable between NCS57C1 and C3s.

Curtis

On Mon, Aug 4, 2025 at 8:19 AM Gert Doering via cisco-nsp <
cisco-nsp at puck.nether.net> wrote:

> Hi,
>
> On Mon, Aug 04, 2025 at 02:09:18PM +0200, Simon Leinen via cisco-nsp wrote:
> > > I'd be keen to hear what your experience running IOS XR on the NCS540
> > > (especially if it's in a high-volume metro setting) has been.
> >
> > Works nicely, like on the bigger routers (NCS-55A1 / Cisco 8000) as far
> > as I can tell.  We're using a relatively small feature set (IPv4+IPv6
> > routing, OSPFv2/v3+BGP, limited MPLS for L2 VPNS) and small routing
> > tables.  Our configurations tend to be rather static, and we mostly use
> > old-style management protocols (SNMP/SSH/CLI).
>
> Are IOS XR upgrades still such a pain today?  (We never moved to XR64,
> and all I know is ASR9001, where the fastest way to do major upgrades
> still is "turbo boot" with 2+ hours of downtime...)
>
> This is one of the nice bits about IOS, IOS XE, EOS, etc. - "upload one
> image onto the box, reload, upgrade done" (and on EOS, the flash is
> actually fast enough to make the "upload" really use available bandwidth
> to the box...)
>
> gert
>
> --
> "If was one thing all people took for granted, was conviction that if you
>  feed honest figures into a computer, honest figures come out. Never
> doubted
>  it myself till I met a computer with a sense of humor."
>                              Robert A. Heinlein, The Moon is a Harsh
> Mistress
>
> Gert Doering - Munich, Germany
> gert at greenie.muc.de
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list