Cisco CSR 1000v Series Cloud Services Routers Overview


Explore the Content Hub, the all new portal that offers an enhanced product documentation experience.

  • Use faceted search to locate content that is most relevant to you.

  • Create customized PDFs for ready reference.

  • Benefit from context-based recommendations.

Get started with the Content Hub at to craft a personalized documentation experience.

Do provide feedback about your experience with the Content Hub.

Virtual Router

The Cisco Cloud Services Router 1000V (CSR 1000V) is a cloud-based virtual router that is intended for deployment in cloud and virtual data centers. This router is optimized to serve as a single-tenant or a multitenant WAN gateway.

When you deploy a CSR 1000V instance on a VM, the Cisco IOS XE software functions as if it were deployed on a traditional Cisco hardware platform. You can configure different features depending on the Cisco IOS XE software image.

Secure Connectivity

CSR 1000V provides secure connectivity from an enterprise network such as a branch office or a data center, to a public or a private cloud.

System Requirements

Software Images and Licenses

The following sections describe the licensing and software images for CSR 1000V.

Cisco CSR 1000v Evaluation Licenses

Evaluation license availability depends on the software version:

The following evaluation licenses are available:

  • IPBASE technology package license with 10 Gbps maximum throughput

  • SEC technology package license with 5 Gbps maximum throughput

  • APPX technology package license with 5 Gbps maximum throughput

  • AX technology package license with 2.5 Gbps maximum throughput

If you need an evaluation license for the Security technology package, or for an AX technology package with higher throughput, contact your Cisco service representative.

For instructions on obtaining and installing evaluation licenses, see the “Installing CSL Evaluation Licenses for Cisco IOS XE 3.13S and Later” section of the Cisco CSR 1000v Software Configuration Guide .

Cisco CSR 1000v Software Licenses

Cisco CSR 1000v software licenses are divided into feature set licenses. The supported feature licenses depend on the release.

Current License Types

The following are the license types that are supported (Cisco IOS XE Everest 16.4.1 or later):

  • IPBase: Basic Networking Routing (Routing, HSRP, NAT, ACL, VRF, GRE, QoS)

  • Security: IPBase package + Security features (IP Security VPN, Firewall, MPLS, Multicast)

  • AX: IPBase package + Security features + Advanced Networking features (AppNav, AVC, OTV and LISP)

  • APPX Package: IPBase package + Advanced Networking features - Security features (IP security features not supported)

Legacy License Types

The three legacy technology packages - Standard, Advanced, and Premium - were replaced in the Cisco IOS XE Release 3.13 with the IPBase, Security, and AX technology packages.

Features Supported by License Packages

For more information about the Cisco IOS XE technologies supported in the feature set packages, see the overview chapter of the Cisco CSR 1000v Series Cloud Services Router Software Configuration Guide.


The Cisco CSR 1000v router provides both perpetual licenses and term subscription licenses that support the feature set packages for the following maximum throughput levels:

  • 10 Mbps

  • 50 Mbps

  • 100 Mbps

  • 250 Mbps

  • 500 Mbps

  • 1 Gbps

  • 2.5 Gbps

  • 5 Gbps

  • 10 Gbps

The throughput levels are supported for different feature set packages in each version. For more information about how the maximum throughput levels are regulated on the router, see the Cisco CSR 1000v Cloud Services Router Software Configuration Guide.

Memory Upgrade

A memory upgrade license is available to add memory to the Cisco CSR 1000v router (Cisco IOS XE 3.11S or later). This license is available only for selected technology packages.

Additional Information about Licenses and Activation

For more information about each software license, including part numbers, see the Cisco CSR 1000v Router Datasheet. For more information about the standard Cisco IOS XE software activation procedure, see the Software Activation Configuration Guide, Cisco IOS XE Release 3S.

Software Image Nomenclature for OVA, ISO, and QCOW2 Installation Files

The Cisco CSR 1000v installation file nomenclature indicates properties supported by the router in a given release.

For example, these are filename examples for the Cisco IOS XE Everest 16.4.1 release:

  • csr1000v-universalk9.16.04.01.ova

  • csr1000v-universalk9.16.04.01.iso

  • csr1000v-universalk9.16.04.01.qcow2

The filename attributes are listed below, along with the release properties.

Table 1. OVA Installation Filename Attributes

Filename Attribute



Installed image package.


Indicates that the software image is for the Cisco IOS XE 3.9.0aS release image (mapped to the Cisco IOS 15.3(2) release).

std or ext

Standard release or extended maintenance support release.

Features and Notes: Cisco IOS XE Gibraltar 16.10.x

Features - Cisco IOS XE Fuji 16.10.1a

The following new software features are supported on the Cisco CSR 1000v for Cisco IOS XE Fuji 16.10.1a.


The following section includes important notes about the Cisco CSR 1000v for Cisco IOS XE Fuji 16.10.x


Cisco IOS software images are subject to deferral. We recommend that you view the deferral notices at the following location to determine whether your software release is affected:

Field Notices

Limitations and Restrictions

There are no new limitations and restrictions in this release.

Resolved and Open Bugs for Cisco IOS XE 16.x


Caveats, or bugs describe unexpected behavior. Severity 1 caveats are the most serious, severity 2 caveats are less serious, and severity 3 caveats are moderate caveats. This section includes severity 1, severity 2, and selected severity 3 caveats.


The Dictionary of Internetworking Terms and Acronyms contains definitions of acronyms that are not defined in this document:

Bug Search Tool

If you have an account on, you can also use the Bug Search Tool (BST) to find select caveats of any severity. To reach the Bug Search Tool, log into and go to

If a defect that you have requested is not displayed, it is possible that the defect number does not exist or the defect does not have a description available.

You can use the Bug Search Tool to view new and updated caveats. To search for bugs, go to .

For Best Bug Search Tool Results

For best results when using the Bug Search Tool:

  • In the Product field, enter Cloud Services Router.

  • In the Releases field, enter one or more Cisco IOS XE releases of interest. The search results include caveats related to any of the releases that you enter in this field.

The tool provides autofill while you type in these fields to assist in entering valid values. For example, a search using release number 16.6 should find the caveats for Cisco IOS XE Everest 16.6.1.

Caveats: Cisco IOS XE Fuji 16.10.x

Resolved Caveats—Cisco IOS XE Gibraltar 16.10.2

Caveat ID Number



HOLE is not created when 'acl default passthrough configured.


Crash with show service-insertion service-context command in AppNav cluster.


CTS policies download fails with Missing/Incomplete ACEs error.


Device is getting crashed on the "cts role-based enforcement".


Radius attr 32 NAS-IDENTIFIIER not sending the FQDN.


PKI "revocation check crl none" does not fallback if CRL not reachable.


Crash due to chunk corruption in ISIS code.


Crash on an LNS router in process ACCT periodic procecss.


PKI incorrect fingerprint calulation during CA authentication.


Crash at the VRF configuration.


Cisco Cloud Services Router 1000V Series router crash due to file descriptor leak.

Resolved Caveats—Cisco IOS XE Gibraltar 16.10.1b

Caveat ID Number



CSR1Kv: Throughput and bandwidth level is not set correctly when upgrade to 16.10.1 .bin image with AWS/Azure PAYG

Open Caveats—Cisco IOS XE Fuji 16.10.1a

Caveat ID Number



qfp-bqs-internal ucode still crashes with fix in CSCvc35307


Small clock changes or time drifts can cause GETVPN TBAR drops (GDOI/IPSEC-PI)


"clear crypto sa vrf MyVrf" triggers crash after updating pre-shared-keys


A control plane 'delete' command to flush the queue is not being drained out of the command queue


Crash in CENT-MC-0 process after Doubly-linked list corruption


Azure CSR1000v 16.9 - show bootflash: is empty


MPLSoVPN: Change behavior of default route in NHRP. Must insert instead of /32


IPSec background crash while sending SNMP trap


Traceroute not working when sourced from NAT Inside interface


Router crash with reload reason: LocalSoftADR and core file generated "cpp-mcplo-ucode"


Performance Monitor not working when "collect transport round-trip-time" is configured


FlexVPN MPLS - label in CEF not added when shortcut to hub is created (by glitch)


IOS-PKI: grant auto trustpoint <tp_name> does not work with IOS Sub CA




Out of Band DTMF Events Not Passing to CUCM via SCCP When Using IOS MTP


cpp_cp_svr memory leak in module: IPHC Svr Info_st


Input errors when reloading CSR


Software crash due to watchdog after entered switchport command.


Crash after removing a service-policy while the BQS is stuck


Crash after comparing tunnel FIB entries


CSR1Kv:Throughput/BW level not set correctly when upgrade to 16.10.1 .bin image with AWS/Azure PAYG.


Create_node should not allow user to create / update same node and throw exception that it exists

Resolved Caveats—Cisco IOS XE Fuji 16.10.1a

Caveat ID Number



Cisco IOS XE Software for Cisco ISRv Router Static Credential Vulnerability


CSRs fail to scale up to desired NAT64 stateful Dynamic translations


CSR1000v: crash at mempool_add_region when adding memory


CSCvj79145 fix exposed a latent DPDK issue leading to a crash with MPLS IPv6 per vrf prefix


Azure CSR1000v HAv1 VXE_CLOUD_HA-4-NOTCFGD, flags=0x7F0000 error