OcNOS 7.0 for Service Providers is now generally available. This release is purpose-built for the infrastructure challenge facing operators in 2026: legacy OTN and LDP-based networks need to be replaced, 5G backhaul demands deterministic SLA paths, and operational teams need automation tools that match the speed of modern networks — all without a forklift hardware upgrade.
OcNOS 7.0 delivers on all of these requirements on open, ONIE-enabled white-box hardware, giving service providers the flexibility to choose hardware from multiple ODMs while running a single, field-proven NOS across access, aggregation, core, and optical transport.
1. Advanced Transport and Migration Strategy
The most significant challenge for service providers today is not building new networks — it is modernizing the ones they already have. OcNOS 7.0 provides the tools to execute this transition without service disruption.
BGP-Free Core Architecture
A BGP-free core removes BGP from interior routers, using a clean SR-MPLS underlay to carry labeled traffic between edge nodes. This reduces control-plane complexity, lowers CPU load on core hardware, and makes the backbone significantly easier to operate and troubleshoot.
! OcNOS 7.0 -- BGP-Free Core: SR-MPLS underlay configuration
!
router isis CORE
net 49.0001.0000.0000.0001.00
is-type level-2-only
segment-routing mpls
!
address-family ipv4 unicast
segment-routing mpls
redistribute connected
exit-address-family
!
! Assign Node SID to loopback (Prefix Segment)
interface lo
ip address 10.0.0.1/32
ip router isis CORE
isis segment-routing prefix-sid index 1
!
! BGP retained only at edge PE nodes
router bgp 65001
neighbor 10.0.0.4 remote-as 65001
neighbor 10.0.0.4 update-source lo
!
address-family vpnv4
neighbor 10.0.0.4 activate
exit-address-familySR-TE: Replacing Legacy OTN with Scalable Packet Transport
Segment Routing Traffic Engineering (SR-TE) enables operators to define explicit, deterministic paths through the network — replicating the circuit-like SLA behavior of OTN in a scalable packet-switched architecture. SR-TE paths are computed at the head-end router and encoded as a segment list in the MPLS label stack. No RSVP signaling is required anywhere in the network.
! OcNOS 7.0 -- SR-TE Policy for low-latency 5G backhaul
!
segment-routing
traffic-eng
policy LOW-LATENCY-5G
color 100 end-point 10.0.0.4
candidate-paths
preference 100
explicit segment-list LOW-LAT-PATH
index 10 mpls label 16102
index 20 mpls label 16104
!
!
!
!
!
!Flex-Algo: Network Slicing on a Single Physical Infrastructure
Segment Routing Flexible Algorithm (Flex-Algo) allows operators to define multiple logical topologies over a single physical network. Each algorithm applies a different optimization criterion — minimizing link delay, avoiding congested paths, or isolating specific traffic classes — without additional hardware or overlay complexity.
! OcNOS 7.0 -- Flex-Algo: two algorithms on a single IS-IS domain
!
router isis CORE
flex-algo 128
metric-type delay ! Algorithm 128: optimize for link delay (5G)
advertise-definition
!
flex-algo 129
metric-type te-metric ! Algorithm 129: optimize for TE metric (bulk)
advertise-definition
!
address-family ipv4 unicast
segment-routing mpls
exit-address-family
!
! Assign per-algorithm SIDs to loopback
interface lo
ip address 10.0.0.1/32
ip router isis CORE
isis segment-routing prefix-sid index 1 ! Algo 0: default SPF
isis segment-routing prefix-sid algorithm 128 index 1001 ! Algo 128: delay
isis segment-routing prefix-sid algorithm 129 index 2001 ! Algo 129: capacity2. Security: RPKI Route Validation
BGP route leaks and prefix hijacks remain a persistent threat to internet routing integrity. OcNOS 7.0 introduces full RPKI (Resource Public Key Infrastructure) support, enabling operators to cryptographically validate route origins and automatically reject routes with an invalid RPKI state.
! OcNOS 7.0 -- RPKI configuration and route filtering
!
router bgp 65001
!
rpki
server 192.0.2.10 port 3323 preference 1
polling-period 300
!
neighbor 203.0.113.1 remote-as 65002
neighbor 203.0.113.1 route-map RPKI-INBOUND in
!
! Accept only RPKI-valid and RPKI-unknown routes
route-map RPKI-INBOUND permit 10
match rpki valid
!
route-map RPKI-INBOUND permit 20
match rpki not-found
!
! RPKI-invalid routes are implicitly rejected
!
! Verification commands:
! show bgp rpki prefix
! show bgp rpki server
! show bgp rpki table3. Container Lifecycle: The Router as an Application Platform
OcNOS 7.0 enables operators to run Docker containers and Kubernetes workloads directly on OcNOS-based routers. This transforms the network device into a dual-purpose platform — routing traffic while executing edge compute workloads in isolated environments. Practical applications include third-party monitoring exporters, security probes, or 5G MEC microservices running on the same hardware as the routing stack.
! OcNOS 7.0 -- Container lifecycle management
!
container manager
image monitoring-exporter latest
pull-from registry.example.com/prometheus-exporter:latest
!
container node-exporter
image monitoring-exporter
resource cpu 2 memory 512m
network-mode host
env COLLECTOR=10.1.1.100
env INTERVAL=30
restart-policy always
!
!
! Operational commands:
show container status
show container logs node-exporter4. On-Change gNMI Streaming Telemetry
Traditional SNMP polling introduces a fundamental visibility gap: the network state you see is always minutes old. OcNOS 7.0 replaces polling with event-driven, on-change gNMI streaming telemetry. When a link flaps, a queue fills, or an optical power level degrades, OcNOS pushes that event to your collector immediately.
! OcNOS 7.0 -- gNMI on-change telemetry subscription
!
telemetry
subscription LINK-STATE-EVENTS
protocol gNMI
encoding JSON_IETF
sensor-group INTERFACE-STATE
path /interfaces/interface/state
!
destination-group COLLECTOR
address 10.100.1.50 port 57400
!
sample-interval 0 ! 0 = on-change mode: push on any state change
suppress-redundant true
!
subscription QUEUE-METRICS
sensor-group QOS-QUEUES
path /qos/interfaces/interface/output/queues
!
destination-group COLLECTOR
sample-interval 10000 ! 10-second interval for periodic counters
!New Hardware Platforms — Service Provider
| Platform | Silicon | Ports | Primary Use Case |
|---|---|---|---|
| Edgecore AS5916-54XL | Broadcom QMX | 48×1G/10G SFP+ + 6×100G QSFP28 | Carrier-grade aggregation |
| UfiSpace S9502-12SM | Broadcom QUX | 4×1G/10G SFP+ + 8×100M/1G SFP | Fanless compact edge / CSR |
Summary
OcNOS 7.0 gives service providers a clear and executable migration path from legacy infrastructure to a modern, software-defined network. SR-TE and Flex-Algo replace OTN complexity with scalable packet transport. RPKI secures the peering edge. Container lifecycle management enables 5G MEC deployments on existing router hardware. And on-change telemetry means operational teams finally have real-time visibility into their networks.
All of this runs on open, ONIE-enabled white-box hardware — giving operators hardware choice, supply-chain flexibility, and a path to significantly lower TCO compared to proprietary alternatives.
- OcNOS 7.0 — Full Release Overview
- OcNOS 7.0 for Data Centers
- OcNOS Feature Matrix
- OcNOS-SP Product Page
- Contact IP Infusion
Rishi Narain is Vice President of Product Management at IP Infusion. Connect on LinkedIn.