I have several posts regarding CISCO 8000 software installation shown below:

The most important is to understand how to use a local repository or remote repository.

This article also applies to other products using XR7, such as some NCS540.

SMU install (Use local repository)

Copy all SMU file to the local folder, in this case, i create a folder named “repo” under harddisk:

8000-7.3.15.CSCvw58830.tar  8000-7.3.15.CSCvy35867.tar
8000-7.3.15.CSCvx48017.tar  8000-7.3.15.CSCvy42027.tar
8000-7.3.15.CSCvx50864.tar  8000-7.3.15.CSCvy43997.tar
8000-7.3.15.CSCvx68887.tar  8000-7.3.15.CSCvy52710.tar
8000-7.3.15.CSCvx76463.tar  8000-7.3.15.CSCvy53516.tar
8000-7.3.15.CSCvx84404.tar  8000-7.3.15.CSCvy55726.tar
8000-7.3.15.CSCvx99992.tar  8000-7.3.15.CSCvy61939.tar
8000-7.3.15.CSCvy06576.tar  8000-7.3.15.CSCvy66996.tar
8000-7.3.15.CSCvy12145.tar  8000-7.3.15.CSCvy67283.tar
8000-7.3.15.CSCvy14896.tar  8000-7.3.15.CSCvy72415.tar
8000-7.3.15.CSCvy16526.tar  8000-7.3.15.CSCvy73299.tar
8000-7.3.15.CSCvy16725.tar  8000-7.3.15.CSCvy77182.tar
8000-7.3.15.CSCvy17864.tar  8000-7.3.15.CSCvz04661.tar
8000-7.3.15.CSCvy24941.tar  8000-7.3.15.CSCvz25325.tar
8000-7.3.15.CSCvy26732.tar  8000-7.3.15.CSCvz45349.tar
8000-7.3.15.CSCvy33251.tar  8000-7.3.15.CSCvz67583.tar

then try unzip all the smu file buy use two simple shell script:

[node0_RP0_CPU0:/harddisk:/repo]$for tar in *.tar; do tar -xvf $tar; done

[node0_RP0_CPU0:/harddisk:/repo]$for tar in *.tgz; do tar -xvf $tar; done

Config the local repository with the path “file:///harddisk:/repo/”

Thu Oct  7 06:36:45.111 UTC
RP/0/RP0/CPU0:8201-01(config-install)#no repository remo-repo
RP/0/RP0/CPU0:8201-01(config-install)#repository local-repo
RP/0/RP0/CPU0:8201-01(config-repository)#url file:///harddisk:/repo/
Thu Oct  7 06:38:04.997 UTC

We have two command to check the SMU in the local repository:

RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#show install available 
Thu Oct  7 06:38:10.721 UTC
Trying to access repositories...

Package                                              Architecture                         Version Repository                          Cached
---------------------------------------------------- ---------------- --------------------------- ----------------------------------- ------
xr-8000-bmc                                          x86_64                        7.3.15v1.0.1-1 local-repo                                
xr-8000-bmc                                          x86_64                        7.3.15v1.0.2-1 local-repo                                
xr-8000-bmc                                          x86_64                        7.3.15v1.0.3-1 local-repo                                
xr-8000-bmc                                          x86_64                        7.3.15v1.0.4-1 local-repo                                
xr-8000-core                                         x86_64                        7.3.15v1.0.1-1 local-repo                                

RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#show install fixes available                
Thu Oct  7 06:38:31.839 UTC
Trying to access repositories...

Available Fixes (count: 33):
Bug Id      Packages                                                    Repository                               Cached
----------- ----------------------------------------------------------- ---------------------------------------- ------
CSCvw58830  xr-rpl-7.3.15v1.0.1-1                                       local-repo                                     
CSCvx48017  xr-security-7.3.15v1.0.2-1                                  local-repo                                     
CSCvx50864  xr-bundles-7.3.15v1.0.1-1                                   local-repo                                     
CSCvx68887  xr-8000-core-7.3.15v1.0.3-1                                 local-repo                                     
            xr-8000-core-7.3.15v1.0.4-1                                 local-repo                                     
            xr-8000-core-7.3.15v1.0.5-1                                 local-repo                                     
            xr-spi-core-7.3.15v1.0.1-1                                  local-repo                                     
            xr-spi-core-7.3.15v1.0.2-1                                  local-repo                                     

We have there way to install the smu we want:

install package add cisco-CSCab12345install a special SMU
install package upgrade xr-coreinstall cups of smu to fix special component
install package upgradeinstall all the smu under your repository

Here is an example to install all the smu under repository:

RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#install package upgrade 
Thu Oct  7 06:38:50.536 UTC
Install upgrade operation 38.1.1 has started
Install operation will continue in the background
RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#show install request  
Thu Oct  7 06:39:01.467 UTC

User request: install package upgrade
Operation ID: 38.1.1
State:        In progress since 2021-10-07 06:38:50 UTC

Current activity:    Begin transaction
Next activity:       Begin atomic operation
Time started:        2021-10-07 06:38:54

No per-location information.

RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#show install request 
Thu Oct  7 06:41:43.859 UTC

User request: install package upgrade
Operation ID: 38.1.1
State:        In progress since 2021-10-07 06:38:50 UTC

Current activity:    Package add or other package operation
Next activity:       Await user input
Time started:        2021-10-07 06:40:45
Timeout in:          39m 0s
Locations responded: 0/1

Location          Packaging operation stage Notification Phase Clients responded
----------------- ------------------------- ------------------ -----------------
0/RP0/CPU0        Package operations        None in progress                 N/A
RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#show install request 
Thu Oct  7 06:43:07.645 UTC

User request: install package upgrade
Operation ID: 38.1.1
State:        Success since 2021-10-07 06:42:51 UTC

Current activity:    Await user input
Time started:        2021-10-07 06:42:52

The following actions are available:
    install package add
    install package remove
    install package upgrade
    install package downgrade
    install package replace
    install package rollback
    install package abort latest
    install package abort all-since-apply
    install apply reload                                    

SMU apply and commit

after install, use “install apply” to active the SMU , this action may need reload the router.

RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#install apply synchronous         ins
Thu Oct  7 06:46:54.637 UTC
Once the packaging dependencies have been determined, the install operation may have to reload the system.
If you want more control of the operation, then explicitly use 'install apply restart' or 'install apply reload' as reported by 'show install request'.
Continue? [yes/no]:[yes] yes
  install apply reload
Atomic change 38.1
Press Ctrl-C to return to the exec prompt. This will not cancel the install operation

Current activity: Initializing
Current activity: Apply by reloadRP/0/RP0/CPU0:Oct  7 06:47:01.971 UTC: instorch[154]: %INFRA-INSTALL-2-SYSTEM_RELOAD : As part of an install operation, a full system reload will take place in order to apply the installed software. 
Preparing system for backup. This may take a few minutes especially for large configurations.
        Status report: node0_RP0_CPU0: START TO BACKUP 
        Status report: node0_RP0_CPU0: BACKUP HAS COMPLETED SUCCESSFULLY 
......[13068.510009] do_IRQ: 0.196 No irq handler for vector

Don’t forgot “install commit” after router reload:

RP/0/RP0/CPU0:MXC.TAC.L.08-8201-01#install commit 
Thu Oct  7 06:55:51.414 UTC
Install commit operation 38 has started
Install operation will continue in the background


In 64-bit XR system, we have a easy way to monitor syslog and trigger a collection action. (EDCD + PAM EEM agent)

In 32-bit XR system, we may only can use the EEM script.

But the EEM script is hard for us to write. there are cups of articles that show some examples, we can reference and do some modify.


Read the rest of this entry »


  • The topology shows as above , the DUT ASR9000B has 3 sub-interface to ASR9000C
  • we has a route for was through port Ten0/0/2/1.30 next-hop
  • We will has ABF apply at ASR9000B and match DA and set next-hop to port Ten0/0/2/1.10
  • We also have a default route and destination to port Ten0/0/2/1.20
  • ASR9000B LC was tyohon base card and run at 6.2.3
Read the rest of this entry »


一个简单的CE双上连的VPN环境,客户路由8.8.8.8/32 将送到r1。

r1 配置maximum-path,使去往ce的流量可以在r2/r3 之间负载。

r2/r3 我们都配置了eibgp maximum-paths,那么r2/r3 都会存在两条路由负载(一条是从ibgp学了vpn路由, 一条是从vrf下的ebgp学来的路由)。

RP/0/0/CPU0:R2-AS56704#show route vrf 1

B [20/0] via (nexthop in vrf default), 00:21:10 
                [20/0] via, 00:21:10
Read the rest of this entry »

最近在AWS上弄了一个EC2主机用来放一些比较杂的东西,开放了某个端口,由于我并不想放开所有的IP的访问权限, 就写了一个脚本用来获取我本机的公网地址然后用AWS CLI获取,撤销、更新 AWS 安全组规则中的 IP 地址。

请确保你已经配置好 AWS CLI 并拥有适当的权限来执行相关操作。

获取当前允许访问端口 xx 的 IP 地址

#!/usr/bin/env fish

# 获取当前 IP
set current_cidr (aws ec2 describe-security-groups --group-ids sg-xxxxx --query "SecurityGroups[0].IpPermissions[?FromPort=='xx'].IpRanges[0].CidrIp" --output text)

echo "当前端口 xx 的 CIDR: $current_cidr"

撤销旧的 IP 权限

if [ -n "$current_cidr" ]
    aws ec2 revoke-security-group-ingress --group-id sg-xxxxx --protocol tcp --port xx --cidr "$current_cidr"
    echo "从端口 xx 撤销了 CIDR $current_cidr"
    echo "未找到端口 xx 的 CIDR"

获取本机的公共 IP 地址

set local_ip (curl -s
echo "本机公共 IP 地址: $local_ip"

添加新的 IP 权限

if [ -n "$local_ip" ]
    aws ec2 authorize-security-group-ingress --group-id sg-xxxxx --protocol tcp --port xx --cidr "$local_ip/32"
    echo "将新的 CIDR $local_ip/32 添加到端口 xx"
    echo "无法获取本机公共 IP 地址"

以上脚本中的 sg-xxxxx 需要替换为实际的安全组 ID。此脚本会按照上述步骤执行操作,以管理安全组规则

研究了下eXR的file system, 记录下权当了解下系统的内部情况。

本文的演示事例使用的硬件A9K-RSP5-SE 和 eXR 742作为案例,使用的硬件不同,升级方式不同,磁盘的大小和分区是略微存在出入的。


  • 正常install command 升级,升级完成后re-image 所有的板卡 (re-image的操作,类似于PXE安装)

eXR 系统简介

如上图,eXR是在硬件的基础上有一个host 系统, host 系统里再run 两个vm (XR VM和sysadmin VM)。
[host:~]$ virsh list --all
 Id    Name                           State
 2     sysadmin                       running
 3     default-sdr--1                 running


Read the rest of this entry »

comments by ‘zhihua’

对于ASR9000来说 :
“show interfaces” and “show policy-map interfaces” show L2 frame size.
“show interfaces” does not include FCS bytes, but “show policy-map interfaces” includes FCS bytes(SIP700是个例外)

L1 frame size 和 L2 frame size


  • Preamble: 前同步码 7 bytes
  • SFD: start frame delimiter 1 byte 帧开始定界符
  • Dst MAC: 6 bytes
  • Src MAC: 6 bytes
  • EtherType: 2 bytes
  • FCS(CRC): 4 bytes
Read the rest of this entry »
  • 2017.12-2019.05 ThinkPad X1 Carbon 4th Gen
  • 2019.05-2022.11 ThinkPad X1 Carbon 6th Gen
  • 2022.11-Now MacBook Pro 16 2019

工作5年了,公司给换了2次电脑,本来打算今年申请个M1的MBP,奈何不给审批,退而其次选择了2019款 intel芯片的,预计这款还得在手里用三年,也不知道能不能用这款3年前的设备再撑个3年。



Homebrew是 MacOS上的软件包管理工具,是setup一台新MAC首要需要设置的,安装方式也很简单,使用以下命令或者参考官网

/bin/bash -c "$(curl -fsSL <>)"

后续我们需要安装的软件绝大部分可以通过brew命令快速安装,而不需要访问app store或者软件官网下载。


~ ❯ brew install wget

~ ❯ brew -h                                                                                                                       
Example usage:
  brew search TEXT|/REGEX/
  brew info [FORMULA|CASK...]
  brew install FORMULA|CASK...
  brew update
  brew upgrade [FORMULA|CASK...]
  brew uninstall FORMULA|CASK...
  brew list [FORMULA|CASK...]

  brew config
  brew doctor
  brew install --verbose --debug FORMULA|CASK

  brew create URL [--no-fetch]
  brew edit [FORMULA|CASK...]

Further help:
  brew commands
  brew help [COMMAND]
  man brew

Read the rest of this entry »

« Older entries