Cisco IOS-XR Basics

IOS-XR code is really new for me, so i will write a few posts about it. So i will start with the basics. You can see this Operating System on CRS generations, ASR 9000 and NCS Box’s.

Configure Username and Group

The root-system means priviledge 15 in normal IOS

RP/0/0/CPU0:XR-4(config)#username cocheno
RP/0/0/CPU0:XR-4(config-un)# group root-system
RP/0/0/CPU0:XR-4(config-un)# password cocheno

The predefined groups are as follows:

  • cisco-support: This group is used by the Cisco support team.
  • netadmin: Has the ability to control and monitor all system and network parameters.
  • operator: A demonstration group with basic privileges.
  • root-lr: Has the ability to control and monitor the specific secure domain router.
  • root-system: Has the ability to control and monitor the entire system.
  • sysadmin: Has the ability to control and monitor all system parameters but cannot configure network protocols.
  • serviceadmin: Service administration tasks, for example, Session Border Controller (SBC).

Configure Hostname

RP/0/0/CPU0:XR(config)#hostname XR-4
RP/0/0/CPU0:XR(config)#commit

Assigning IP Addresses

IOS-XR has some alias configured, it will interpret correctly if you not use ipv4 in this case

RP/0/0/CPU0:XR-4(config)#int gigabitEthernet 0/0/0/0.201
RP/0/0/CPU0:XR-4(config-subif)#encapsulation dot1q 201
RP/0/0/CPU0:XR-4(config-subif)#ip?
ipv4 ipv6
RP/0/0/CPU0:XR-4(config-subif)#ip add 10.202.201.40 255.255.255.0

Check where your are in config hierarchy

RP/0/0/CPU0:XR-4(config-subif)#pwdSun Mar 6 17:37:05.948 UTC
interface GigabitEthernet0/0/0/0.201
RP/0/0/CPU0:XR-5(config-subif)#

Save Config

Saving the Config is a 2 step, you work on a candidate config instead of running-config protecting you from misconfig.

Showing config before commit it in running-config

RP/0/0/CPU0:XR-4(config)#show configuration
Sun Mar 6 16:03:23.913 UTC
Building configuration…
!! IOS XR Configuration 5.2.2
interface GigabitEthernet0/0/0/0.201
ipv4 address 10.202.201.40 255.255.255.0
encapsulation dot1q 201
!
endRP/0/0/CPU0:XR-4(config)#commit
Sun Mar 6 16:05:19.315 UTC

we can also assign a label to the commit, and rollback based on it as well

RP/0/0/CPU0:XR-4(config)#commit label IPV4_v201

Rolling back change we did previously

RP/0/0/CPU0:XR-4#rollback configuration last 1
Sun Mar 6 16:10:35.003 UTC
Loading Rollback Changes.
Loaded Rollback Changes in 1 sec
Committing.
4 items committed in 1 sec (3)items/sec
Updating.
Updated Commit database in 1 sec
Configuration successfully rolled back 1 commits.

You can use a time based commit, you need to accept the commit in 120 seconds, or it will rollback the changes

RP/0/0/CPU0:XR-4(config)#commit confirmed 120

Check the last system commits

RP/0/0/CPU0:XR-4(config)#show config commit list detail
Sun Mar 6 16:21:30.499 UTC1) CommitId: 1000000004 Label: IPV4_v201
UserId: cisco Line: con0_0_CPU0
Client: CLI Time: Sun Mar 6 16:21:28 2016
Comment: NONE2) CommitId: 1000000003 Label: NONE
UserId: cisco Line: con0_0_CPU0
Client: Rollback Time: Sun Mar 6 16:10:36 2016
Comment: NONE

 

RP/0/0/CPU0:XR-4#show configuration rollback changes last 1
Sun Mar 6 16:24:50.435 UTC
Building configuration…
!! IOS XR Configuration 5.2.2
no interface GigabitEthernet0/0/0/0.201
end

Configure Telnet/SSH

RP/0/0/CPU0:XR-4(config)#telnet vrf default ipv4 server max-servers 5
RP/0/0/CPU0:XR-4#crypto key generate dsa
Sun Mar 6 17:52:29.135 UTC
The name for the keys will be: the_default
Choose the size of your DSA key modulus. Modulus size can be 512, 768, or 1024 bits. Choosing a key modulus
How many bits in the modulus [1024]:
Generating DSA keys …
Done w/ crypto generate keypair
[OK]RP/0/0/CPU0:XR-4#conf t
Sun Mar 6 17:52:44.114 UTC
RP/0/0/CPU0:XR-4(config)#domain name cocheno.com
RP/0/0/CPU0:XR-4(config)#ssh server v2
RP/0/0/CPU0:XR-4(config)#commit

Check SSH Sessions

RP/0/0/CPU0:XR-5#show ssh
Sun Mar 6 17:55:15.633 UTC
SSH version : Cisco-2.0id pty location state userid host ver authentication
—————————————————————————————————————
Incoming sessions
0 vty0 0/0/CPU0 SESSION_OPEN cisco 10.202.201.150 v2 password

Check commit failures

RP/0/0/CPU0:XR-4(config)#show configuration failed

After you change candidate config, you can abort without commit it

RP/0/0/CPU0:XR-4(config)#abort

Replace the entire config by the candidate, if your candidate is empty will you have factory default

RP/0/0/CPU0:XR-4(config)#commit replace
Sun Mar 6 16:47:46.101 UTCThis commit will replace or remove the entire running configuration. This
operation can be service affecting.
Do you wish to proceed? [no]:

Leave a Reply

Your email address will not be published. Required fields are marked *