CRS Secure Domain Router
Table of Contents


SDR is supported on multi-chassis systems, where components can be divided into separate routers.


  • Supported with Cisco 12000 and CRS platform. ASR 9K, only supports that owner SDR since it's a single chassis platform.
  • Main idea is to partition a system into logical secure routers.
  • Owner SDR is on by default and can't be deleted.
  • Named SDR are user defined.
  • Creating a new SDR can only be done from the admin mode of the owner SDR with root preveliges.
  • There are some shared resources that all SDRs access, these include:
    • Power supplies
    • Fan trays
    • Fan controllers
    • Fabric cards
    • Environmental resources
  • Each SDR has a Designated Secure Domain Router System Controller (DSDRSC). The ower SDR uses the active RP as the DSDRSC, while user SDRs use Distributed Router Processors (DRP). These are used or administrative and control functions.
  • Hardware resources individual to SDR:
    • RP -
    • DRP
    • Line cards
  • Hardware resources shared amoung SDR:
    • System Power
    • Fan and fan controller
    • Fabric Cards
  • Software resources individual to SDR:
    • Exec-level config
    • RIB
    • FIB
    • Admin-level config
    • Process Instances
  • Software resources shared among SDR:
    • Exec-level config on the owner SDR can affect all SDRs
    • Admin-level on the owner SDR can affect all SDRs
    • Few system wide processes like LRd (SDR Deamon)


rating: 0+x
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License