One of the task of a good Network engineer is update the Cisco IOS to avoid bugs and to have new features; but what is the correct procedure to upgrade a Cisco stack, for instance two 2960 switches in stack?
There are two main methods to upgrade the IOS:
- TAR image
- BIN image
TAR image
The .tar file is an archive file from which both the IOS image and the CMS files are extracted during the upgrade process. If you want to manage switches or clusters of switches through a web interface (HTML), this is the only file you need to download.
To upgrade follow these steps:
1. Download the tar image from the cisco.com website.
2. Issue the dir flash: command to verify the amount of free memory that you have for the upgrade.
3. Use the “archive download-sw” command:
cisco-optusnet#archive download-sw ? /destination-system specify destination system to receive software /directory Specify a directory for images /force-reload Unconditionally reload system after successful sw upgrade /force-ucode-reload Upgrade UCODE after successful sw upgrade and before an unconditional reload /imageonly Load only the IOS image(s) /leave-old-sw Leave old sw installed after successful sw upgrade /no-set-boot Don't set BOOT -- leave existing boot config alone /no-version-check skip version check that prevents incompatible image install /only-system-type specify individual system type to be updated /overwrite OK to overwrite an existing image /reload Reload system (if no unsaved config changes) after successful sw upgrade /safe Always load before deleting old version /upgrade-ucode Upgrade UCODE after successful sw upgrade (no reload) flash1: Image file flash2: Image file flash: Image file ftp: Image file http: Image file https: Image file rcp: Image file scp: Image file tftp: Image file
As you can see, there are several option; in my case, I want upgrade the IOS via ftp, using the tar image maintaining the previous IOS software.
First of all, define the username/password of the FTP server (required for downloading the tar file from the ftp server):
ip ftp username cisco-optusnet ip ftp password c1sc0
Execute the command “archive download-sw /leave-old-sw ftp://192.168.1.123/cisco-optusnet/c2960s-universalk9-mz.150-2.SE5.tar”:
cisco-optusnet#archive download-sw /leave-old-sw ftp://192.168.1.123/cisco-optusnet/c2960s-universalk9-mz.150-2.SE5.tar Loading cisco-optusnet/c2960s-universalk9-tar.150-2.SE5.tar !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 19046400/4096 bytes] Loading cisco-optusnet/c2960s-universalk9-tar.150-2.SE5.tar !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! examining image... extracting info (110 bytes) extracting c2960s-universalk9-mz.150-2.SE5/info (635 bytes) extracting info (110 bytes) Stacking Version Number: 1.49 System Type: 0x00000000 Ios Image File Size: 0x00DE3200 Total Image File Size: 0x0122A200 Minimum Dram required: 0x08000000 Image Suffix: universalk9-150-2.SE5 Image Directory: c2960s-universalk9-mz.150-2.SE5 Image Name: c2960s-universalk9-mz.150-2.SE5.bin Image Feature: IP|LAYER_2|SSH|3DES|MIN_DRAM_MEG=128 Old image for switch 1: flash1:/c2960s-universalk9-mz.122-55.SE3 Old image will be left alone Old image for switch 2: flash:/c2960s-universalk9-mz.122-55.SE3 Old image will be left alone c2960s-universalk9-mz.150-2.SE5/ (directory) extracting c2960s-universalk9-mz.150-2.SE5/info (635 bytes) c2960s-universalk9-mz.150-2.SE5/html/ (directory) c2960s-universalk9-mz.150-2.SE5/html/zh/ (directory) extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_xsetup.js (12993 bytes) extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_smartports.js (3803 bytes) extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_dashboard.js (2591 bytes) .... /output omitted/ .... extracting c2960s-universalk9-mz.150-2.SE5/dc_default_profiles.txt (63880 bytes) extracting info (110 bytes) c2960s-universalk9-mz.150-2.SE5/ (directory) extracting c2960s-universalk9-mz.150-2.SE5/info (635 bytes) c2960s-universalk9-mz.150-2.SE5/html/ (directory) c2960s-universalk9-mz.150-2.SE5/html/zh/ (directory) extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_xsetup.js (12993 bytes) extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_smartports.js (3803 bytes) extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_dashboard.js (2591 bytes) .... /output omitted/ .... extracting c2960s-universalk9-mz.150-2.SE5/dc_default_profiles.txt (63880 bytes) extracting info (110 bytes) Installing (renaming): `flash1:/update/c2960s-universalk9-mz.150-2.SE5' -> `flash1:/c2960s-universalk9-mz.150-2.SE5' New software image installed in flash1:/c2960s-universalk9-mz.150-2.SE5 Installing (renaming): `flash:update/c2960s-universalk9-mz.150-2.SE5' -> `flash:/c2960s-universalk9-mz.150-2.SE5' New software image installed in flash:/c2960s-universalk9-mz.150-2.SE5 All software images installed.
The “archive download-sw” performs the TAR installation two times, one for each switch!
Note: if you have a stack made by 4 switches, you will see four TAR image installations.
Issue the “show boot” command in order to verify that the new image is now the image in the BOOT path-list that will load at the next switch reload.
cisco-optusnet#show boot BOOT path-list : flash:/c2960s-universalk9-mz.150-2.SE5/c2960s-universalk9-mz.150-2.SE5.bin Config file : flash:/config.text Private Config file : flash:/private-config.text Enable Break : no Manual Boot : no Allow Dev Key : yes HELPER path-list : Auto upgrade : yes Auto upgrade path : NVRAM/Config file buffer size: 524288 Timeout for Config Download: 0 seconds Config Download via DHCP: disabled (next boot: disabled) ------------------- Switch 2 ------------------- BOOT path-list : flash:/c2960s-universalk9-mz.150-2.SE5/c2960s-universalk9-mz.150-2.SE5.bin Config file : flash:/config.text Private Config file : flash:/private-config.text Enable Break : no Manual Boot : no Allow Dev Key : yes HELPER path-list : Auto upgrade : no
4. Issue the reload command at the prompt and confirm in order to proceed with the reload. The new code revision should come up and start to run as expected on all the switches in the stack.
Remember: The commands “archive download-sw” is applicable only for .tar image files and do not apply to .bin image files.
BIN image
The .bin file is the Cisco IOS Software image. If you want to use only the CLI to manage the switch, this is the only file you need to download.
To upgrade follow this steps:
1. Download the bin image from the cisco.com website.
2. Issue the dir flash: command to verify the amount of free memory that you have for the upgrade.
3. Copy the bin image to the flash of each switch. In this case, two are the switches so the commands are:
copy ftp: flash1: copy ftp: flash2:
4. Configure the boot variable to boot the switch with the newly copied IOS:
boot system switch all flash:/c2960s-universalk9-mz.150-2.SE5.bin
5. Save and reload the device.
Remember: If you don’t upgrade the IOS on every switch, you will have a version mismatch! To resolve this problem, use the command “archive copy-sw /force-reload /overwrite /dest 2 1” as suggested by the local log!
cisco-optusnet#show switch Switch/Stack Mac Address : 2c36.f828.3680 H/W Current Switch# Role Mac Address Priority Version State ---------------------------------------------------------- 1 Member a456.30d1.0180 1 1 Version Mismatch *2 Master 2c36.f828.3680 1 1 Ready
cisco-optusnet#show log | i IMAGEMGR
May 22 03:50:01: %IMAGEMGR-6-AUTO_COPY_SW_INITIATED: Auto-copy-software process initiated for switch number(s) 1
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW:
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW: Searching for stack member to act
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW: as software donor…
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW: Software was not copied
May 22 03:50:55: %IMAGEMGR-6-AUTO_ADVISE_SW_INITIATED: Auto-advise-software process initiated for switch number(s) 1
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW:
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW:
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: Systems with incompatible software
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: have been added to the stack. The
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: software running on all of the stack
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: members has been scanned, and it has
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: been determined that the stack can be
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: repaired by issuing the following
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: command(s):
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW:
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: archive copy-sw /force-reload /overwrite /dest 2 1
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW:
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: Note that this operation
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: will temporarily interrupt
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: network operation.
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW:
To verify that all switches are ready, use the “show switch” command:
cisco-optusnet#show switch Switch/Stack Mac Address : a456.30d1.0180 H/W Current Switch# Role Mac Address Priority Version State ---------------------------------------------------------- *1 Master a456.30d1.0180 10 1 Ready 2 Member 2c36.f828.3680 1 1 Ready