Find all the information you need about this release—new features, known behavior, resolved and open bugs, and related information.


Explore Content Hub, the all new portal that offers an enhanced product documentation experience. Content Hub offers the following features to personalize your content experience.

  • Faceted Search to help you find content that is most relevant

  • Customized PDFs

  • Contextual Recommendations

New and Enhanced Software Features for Cisco IOS XE Amsterdam 17.1.x


When you upgrade from one Polaris release to another, you may see %Invalid IPV6 address error in the console log file. To rectify this error, re-enter the missing IPv6 alias commands in global configuration mode and save the configuration. The commands will be persistent on subsequent reloads.

New and Enhanced Features for Cisco IOS XE Amsterdam 17.1.x

  • Syslog for Improper Card Seating—This feature helps you detect if the card is seated properly in the chassis. If the card is not inserted correctly, a message is displayed on the console prompting you to re-insert the card correctly again.

  • SMU Integrity Hash Verification against Known Good Value—This feature helps you to authenticate and maintain the integrity of Cisco IOS XE software SMU images and keep track of security changes in the software.

  • Stronger Network Time Protocol (NTP) Authentication—The authentication keys of NTP and Simple Network Time Protocol (SNTP) support enhanced cryptographic options such as CMAC, SHA-1, and SHA-256. These options enhance the security of the message exchange of NTP and SNTP.

  • MPLS over DMVPN Enhancement —In an MPLS over DMVPN configuration, spoke nodes can now be configured as Provider (P) nodes. This removes the limitation of previous releases in which spoke nodes had to be configured as Provider Edge (PE) nodes.

  • Select IPv6 DNS traffic for ALG Processing This is an enhancement to the existing ip nat service dns-v6 command. You can now use the keyword list with this command to select the IPv6 DNS traffic to be processed by ALG.

  • Accounting and Policing for VXLAN—This enhancement to the existing VXLAN static routing feature deploys the Cisco ASR 1000 router at the gateway of the core network and offers the following support:

    • Accounting: Helps charge for egress/ingress traffic that flows from any core network through the ASR 1000 network.

    • Policy: Helps track ingress traffic flowing into a specific VNET through the ASR 1000 network, to protect virtual machines deployed in the cloud.

  • New default credentials for WebUI—The login credentials for connecting to the device using WebUI at day 0 are updated.

  • RFC 8263 compliance for GDOI implementation—The Group Domain of Interpretation (GDOI) feature includes the ability of a Key Server (KS) to provide a set of current Group Member (GM) devices with additional security associations. RFC 8263 has added the ability for a KS to request that the GM devices return an acknowledgement of its rekey message and specify the acknowledgement method.

  • Configuring the Routing Information Protocol via Web User Interface—Supports an embedded GUI-based device-management tool that provides the ability to provision the router, simplifies device deployment and manageability, and enhances user experience.

  • Debug Messages for OSPF LSA MaxAge Events

    To display debug messages about OSPF LSA MaxAge events, use the following commands:

    • debug ip ospf lsa-maxage

    • debug ospfv3 lsa-maxage

  • Suppression of ESI Re-frame Errors During Upgrade or OIR—ESI re-frame errors are expected after an OIR or upgrade of a line card and need no troubleshooting. This feature supresses these expected ESI re-frame error messages so that you can skip investigating these messages.

  • Link Delay Measurement for SR-TE—With this feature, you can configure the measurement and advertisement of link delay metrics such as minimum link delay, maximum link delay, average link delay, and delay variation. You can use these metrics to evaluate the performance of your network and as input for traffic engineering to direct the flow of traffic through the network to conform to SLAs.


The last supported release for Cisco ASR 1000 Series 20-Gbps Embedded Services Processor (ASR1000-ESP20) is IOS XE release 16.12.x

Resolved and Open Bugs for Cisco IOS XE Amsterdam 17.1.x

About the Cisco Bug Search Tool

Use the Cisco Bug Search Tool to access open and resolved bugs for a release.

The tool allows you to search for a specific bug ID, or for all bugs specific to a product and a release.

You can filter the search results by last modified date, bug status (open, resolved), severity, rating, and support cases.

Resolved Bugs for Cisco IOS XE Amsterdam 17.1.x

All resolved bugs for this release are available in the Cisco Bug Search Tool through the Resolved Bug Search.

Caveat ID Number



ASR1000-RP2/ASR1000-RP3: OIR after clock set doesnt save the time in RTC


"sh macsec statistics int <>" and "sh macsec status interface <>" does not show output


ASR1K DSP MIB cdspTotalChannels not responding

Open Bugs for Cisco IOS XE Amsterdam 17.1.x

All open bugs for this release are available in the Cisco Bug Search Tool through the Open Bug Search.

Caveat ID Number



Multicast VRF Nat not working properly


APN password in clear text when configuring profile under cellular controller.


IPSEC install failed IPSEC_PAL_SA shows "unexpected number of parents"


ASR 1000 - SPA crashed with various watchdog timeout- Mem increase at "CPP CEF MPLS Gtrie "


Cat9400R-96U macsec encryption on the downlink loses IP address after port bounce


CFT crashed frequently


MKA session up but unable to pass data across link using AES-256-XPN cipher


CPP crash on router with PFR

Related Documentation