Happy New Year!!!
A little news that was missed in the pre-holiday change freeze was that Cisco released a new version of their SD-WAN software.
Version 18.4 for the vManage/vBond/vSmart & vEdge devices and the corresponding IOS-XE SD-WAN version 16.10 was released on December 20th, 2018. This is a “short-term” support release that greatly expands the SD-WAN support on Cisco ISR & ASR hardware, along with a bunch of new security features.
Up until this point, if you wanted to run the SD-WAN IOS image on your existing/new ISR & ASRs you were limited to:
- ASR 1001-X & HX
- ASR 1002-X & HX
- ISR 1111-8P and the LTE EA & LA variants
- ISR 1117-4P LTE EA & LA variants
- ISR 4221, 4321, 4331, 4351
- ENCS 5412 running ISRv
Highlights in 18.4/16.10
Now with 18.4/16.10 IOS-XE support expands to:
- CSR 1000v (Yay!)
- Nearly all of the rest of the ISR 1100s (BTW, do we really need all of these different SKUs???)
- 1111-4P and the LTE EA & LA variants
- 1116-4P and the LTE EA variant
- 1117-4PM & 1117-4P MLTE EA
- 1111-8PWx with integrated WiFi
- 1111-8PLTEEAWx with integrated WiFi and LTE
- ENCS 5104, 5406, 5408
Addtional Software features
The most exciting feature for me is that this release also adds some of the road-mapped security features that Cisco announced at Networking Field Day 19 (#NFD19 YouTube recording) including firewall, IPS, and OpenDNS Umbrella support.
Second, it also adds additional IPv6/Dual-Stack support on the service side of the SD-WAN. Previously, IPv6 support was limited to the WAN side of the platform. Unfortunately, this only applies to the IOS-XE platforms, not the Viptela vEdges. I reached out to Viptela vTAC to see if full IPv6 support was slated for the vEdges but was informed that it is NOT currently road-mapped to be ported over. (I have an upcoming rant on that one.)
As always, there are a bunch of other features in this release, but hit up the release notes for more details.
My personal warning is that 18.4 is a short-term support release only & you cannot downgrade your vSmart/vBond/vManage back to a previous release if it is unstable.
I’m currently weighing out the positives & negatives of upgrading to this release.
I do have a couple of spare ISR 1111-8PWBs on my desk…
I could also spin up some CSR 1000v instances for testing…
I wonder if my Cisco/Viptela SEs can float me some temporary licenses…