Cisco Crosswork Hierarchical Controller 5.1 Release Notes

Available Languages

Download Options

  • PDF
    (486.9 KB)
    View with Adobe Reader on a variety of devices
Updated:October 8, 2021

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF
    (486.9 KB)
    View with Adobe Reader on a variety of devices
Updated:October 8, 2021

Version Highlights

Cisco Crosswork Hierarchical Controller (formerly Sedona NetFusion) version 5.1 includes the following new functions and enhancements, as well as bug fixes.

    Network model and discovery

    Segment routing policies – discovery and provisioning

    Microwave – updated discovery model

    Physical inventory – support for planned cards

    OpenZR+ port – updated discovery model

    Device reachability and discovery status

    New method to report the status of device discovery and reachability


    Count objects by multiple attributes

    Query events table by time range

    High Availability

    Binding IPSec tunnel to specific vNIC

    Site management

    Manage site configuration in UI.

Network Model and Discovery

Segment Routing Policies and Configuration

The network model now supports Segment Routing (SR) policies and SR segments over IGP links. Crosswork Hierarchical Controller adapters can discover policies from network controllers with their SID list, color, preference, and candidate path attributes. They map all discovered policies to create SR segments as a layer between IGP links and SR policies. An SR segment is the path between two SIDs, shared by multiple SR policies (see more in the figure below).

In addition, SR Segment routing configuration is modelled for the device, card, and IGP interface.

Related image, diagram or screenshot

Figure 1.   

SR Segment Routing Configuration

Microwave Links

Microwave radio link modeling is enhanced in this release to include the L1 hierarchies as medium, channel, and aggregation ports and links. This allows deep inventory and capacity management, as well as service layer over radio links.

DiagramDescription automatically generated

Figure 2.   

Microwave Links

Planned Cards

Previously, physical cards were discovered only if they were plugged into the chassis. Now the model supports cards planned by NMS where they are not actually plugged in.

This helps to better assess the device capacity in growth scenarios.

ZR+ Ports and Link

Optical ZR+ ports and links are now part of the multi-layer model and are mapped to services in the higher layer and to the optical network in the lower layer.

DiagramDescription automatically generated with medium confidence

Figure 3.   

ZR+ Ports and Links

Device Reachability and Discovery

Previously, Cisco Crosswork Hierarchical Controller reported on device reachability as a device attribute that reflects whether adapters reach the device and discover it properly. However, device discovery can be done by multiple adapters that cover multiple information types, and a true reflection of the reachability and discovery was missing.

This release enhances this status and provides device discovery status per adapter and per information type. These new statuses are reported in the Device Manager application.

The following statuses are available per device in Device Manager:

Table 1.        Device Statuses


Information types

Possible values





All adapters collecting the specific information type successfully reached and discovered the device.


At least one adapter that collects the information type failed to reach or discover the device, that is, partial discovery is considered an Error.




The adapter that collects statistics failed to collect the statistics for some of the device ports


No status was reported by the adapters


In addition to the statuses at the device level, which are available in the Managed Devices table, there is an additional status reported per adapter. There is a devices table per adapter that reports on the above statuses per device, plus a reachability status of OK or Unreachable, that indicates whether the adapter is able to reach the device, or if there is any communication error.


Count Results by Multiple Attributes

SHQL can return query results as a list of objects (devices, links, services) but also as a total count of the objects. Previously, the count was per specific attribute (for example, total number of links per operStatus, which returns how many links are Down and how many are Up).

In this release, the count option was enhanced to return counts by multiple attributes. For example, to return a total count of links by layer and by operStatus. Such a query returns the total number of links per layer, and for each layer, the total count of links in operStatus Down and Up.

Use Relative Time to Query Event Table

A query of the Event table, which is supported as an SHQL query, now includes an option to return all events or specific events that occurred in the last X number of days or weeks. This allows for easy maintenance of a query that can run automatically and always returns the events for a time interval, for example, the last 7 days or last 2 weeks, without the need to edit the query to include the specific calendar dates.

High Availability

Cisco Crosswork Hierarchical Controller supports a three-node cluster to achieve full and automatic switchover to standby node in case of a failure.

The installation process was previously limited to a single vNIC for both access to Cisco Crosswork Hierarchical Controller and high-availability nodes sync. For better security, the installation now supports a dedicated vNIC for the IPSec tunnel between the nodes.

Site Management

Geographical sites are metadata, added to the network model manually by the user.

The Model Settings application, which appears under the Services menu, now includes a new tab for Site management. This new option allows for viewing the site hierarchy, adding new sites with their names and location using file import, exporting sites to a file, and creating new sites using a UI form.


The tagging feature now support ports. Ports in any layer can be tagged, and tags can be used to refer to ports in all applications.

Issues Resolved


    SDN-3287. Device reachability state is set to Unreachable instead of Never, when it was never reached.

    FRNT-1460. When selecting a router in the sidebar, its view includes the connections of the selected router. The filter of this connections list does not work properly.

    FRNT-1241. On some occasions, when sorting the users table, the rows in the table are duplicated. This is solved when refreshing the page.

    SDN-3815. Device Manager. Devices pending deletion are not deleted in cases where adapter cycles overlap.

3D Explorer

    FRNT-1494. Wrong display of utilization info for port in sidebar.

    FRNT-1487. Map tooltip is not available in Firefox.

    FRNT-1482. Time machine does not allow selecting month or year other than the current ones.

    FRNT-1460. The ‘Used by’ table for IGP links, which contains LSPs, cannot be filtered.

Known Limitations

Device Manager

    FRB-61. Currently, events supported in device manager are limited to device reachability events per adapter. Other events for user operations are not supported.

    SDN-3434. Modification of credentials parameter works as expected, but user gets no indication whether it was a successful or not.


    FRB-56. LSPs where some of the IGP links construct their path cannot be detected and are not added to the model.

    FRB-58. In cases where multiple paths with equal cost are discovered between VPN sites, only the first one is displayed as the underlay path.

    SDN-3244. For a device with multiple shelves, the device attributes displayed are those of the first shelf. Attributes of other shelves are not displayed.

    FRNT-3831. In case of wrong credentials provided for connection to Network Controller, the discovery will fail but the proper event is not displayed in the Events table on the Adapters tab in Device Manager.

Layer Relations

    FRB-57. Currently, only links on the main path of a selected prime object are displayed. The related objects used in protection path of the prime objects are not displayed (for example, when selecting to show all L3 links over OMS, the displayed L3 links are only those over the main path of the OMS).

3D Explorer

    FRNT-1215. The sidebar form displays the traffic utilization graph for a selected port when PM information is collected for the port. In cases of missing or illegal bins, the graph shows hiccups.

    FRNT-1330. The utilization graph displayed in sidebar for selected port may inaccurately show the Y axis in case of very low bit rate.

    FRNT-1286. The satellite view option in 3D map can work only when the client machine has internet connection. The satellite view button is still enabled even when no internet connection is detected.

    FRNT-1447. The list of tags in the filter of 3D explorer are currently not displayed in alphabetical order.

    SDN-3715. When getting the list of LSPs for specific router, either by looking at the connections tabs of the router in the 3D sidebar or when using SHQL query, the results do not contain LSPs that pass through the router, but only those terminating in it.

    FRNT-1525. Service ports appear under Ports in the sidebar for selected service may show inconsistent association with link. A link can sometimes be the service and other times the PW.

User Management

    SDN-3195. When changing a role of an actively connected user, its session remains open and it can access information and perform non-granted operations.

System Monitoring

    FRNT-1257. When opening the system monitoring page right after installation, the information on disk space is empty. The information appears after the configurable monitoring time (a sedo command, covered in the Administration Guide).


    FRNT-1245. Certain columns in tables in the Network Inventory do not allow the user to select and copy text. This happens mostly with object names (e.g., device name, link name).

    APP-448. Currently, read-only users (with role of viewer) cannot access the Network Inventory application.


    SDN-3440. When querying for inventory item, the children references is missing. Need to use the “downward” command as transformation to object/s children.

    FLD-101. When using timestamp in queries to offset the report time machine is in epoch format instead of human readable format.

    FRNT-1529. Usage events for 3D Explorer app appear with subtype as Frontier.

Network Inventory

    FLD-389. In a large, scaled network, user may face slowness in response when loading tables of links, connections and ports.

Model Settings

    FRNT-1519. Selecting a site on the map of Sites tab does not work properly in Firefox.

Operational Considerations

    FLD-214. System or user-driven events can be viewed using the SHQL command ‘event’ in SHQL app. The application is currently limited and cannot display more than a few thousand events in a single view. Hence it is recommended to filter the view by event type, sub type, or object guide.

    FLD-382. The sidebar window in the 3D explorer shows a visual view of aggregated links (LAG) and IP logical links. This view is disabled by default. To enable it, please contact your Cisco support team.

    SDN-3867. The View option in SHQL does not allow setting a column name with spaces.

    FRB-201. Certifications imported by a user for local connection purposes (e.g., LDAP) are not kept after software upgrade to Cisco Crosswork Hierarchical Controller. The user needs to manually copy them to the Cisco Crosswork Hierarchical Controller repository and run the CA certificate update command (update-ca-certificates).

    SDN-3855. Make sure not to restart Cisco Crosswork Hierarchical Controller when daily backup time is close (in minutes). This may cause the product to get stuck in Running mode.

Deployment Requirements

Software Requirements

Cisco Crosswork Hierarchical Controller release 5.1 can be installed on RedHat Enterprise server 7.6 (Maipo) or CentOS 7.6.1810 (Core), bare-metal or VM.


NetFusion 5.0 can be upgraded to Cisco Crosswork Hierarchical Controller V5.1

Hardware Requirements

Server Node

The following requirements are for active and standby or standalone instances of Cisco Crosswork Hierarchical Controller.

Table 2.        Server node requirements




10 Cores


96 GB

Storage – for lab

400GB SSD*

Storage – for production

(only for storage, not including OS needs)

3Tb disk. These partitions are recommended:

  OS partitions – 500 Gb
  Data partition for NetFusion – 2000 Gb
  For expansion – 500 Gb

At least data partitions must be using SSD

For more details on the calculated storage, see the Solution Dimensions chapter in the Administration Guide.



Witness node

Witness node is the third node in ‘three-node-cluster’ high availability solution of Cisco Crosswork Hierarchical Controller.

Table 3.        Witness node requirements




8 Cores


16 GB


256 GB SSD



Web Browser

It is recommended to use Chrome as a browser with version 75 and up.

Client machine

The PC or MAC used for web client with Google Chrome must be equipped with GPU. This is mandatory to run the 3D visualization map.

Network Adapters

Relevant network adapters to allow Cisco Crosswork Hierarchical Controller to connect to NMS/EMS or directly to devices are now part of the installation package.

Release Collaterals

The following documents are available for this release. Please contact your Cisco support representative for access to these documents.

    Cisco Crosswork Hierarchical Controller Product Description

    SHQL Application User Guide

    Cisco Crosswork Hierarchical Controller 3D Explorer User Guide

    Cisco Crosswork Hierarchical Controller Administration Guide

    NBI Reference Guide

    Cisco Crosswork Hierarchical Controller Security Architecture Guide

Legal Information

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

© 2021 Cisco Systems, Inc. All rights reserved.












Learn more