How to upgrade a Cisco stack

One of the task of a good Network engineer is to update the Cisco IOS to avoid bugs and to have new features; but what is the correct procedure to upgrade a Cisco stack, for instance two 2960 switches in stack?
There are two main methods to upgrade the IOS:

  • TAR image
  • BIN image

TAR image

The .tar file is an archive file from which both the IOS image and the CMS files are extracted during the upgrade process. If you want to manage switches or clusters of switches through a web interface (HTML), this is the only file you need to download.

To upgrade follow these steps:

1. Download the tar image from the cisco.com website.

2. Issue the dir flash: command to verify the amount of free memory that you have for the upgrade.

3. Use the “archive download-sw” command:

Ciscozine#archive download-sw ?
  /destination-system  specify destination system to receive software
  /directory           Specify a directory for images
  /force-reload        Unconditionally reload system after successful sw upgrade
  /force-ucode-reload  Upgrade UCODE after successful sw upgrade and before an unconditional
                       reload
  /imageonly           Load only the IOS image(s)
  /leave-old-sw        Leave old sw installed after successful sw upgrade
  /no-set-boot         Don't set BOOT -- leave existing boot config alone
  /no-version-check    skip version check that prevents incompatible image install
  /only-system-type    specify individual system type to be updated
  /overwrite           OK to overwrite an existing image
  /reload              Reload system (if no unsaved config changes) after successful sw upgrade
  /safe                Always load before deleting old version
  /upgrade-ucode       Upgrade UCODE after successful sw upgrade (no reload)
  flash1:              Image file
  flash2:              Image file
  flash:               Image file
  ftp:                 Image file
  http:                Image file
  https:               Image file
  rcp:                 Image file
  scp:                 Image file
  tftp:                Image file

Ciscozine#

As you can see, there are several option; in my case, I want upgrade the IOS via ftp, using the tar image maintaining the previous IOS software.

First of all, define the username/password of the FTP server (required for downloading the tar file from the ftp server):

ip ftp username ciscozine
ip ftp password c1sc0z1n3

Execute the command “archive download-sw /leave-old-sw ftp://192.168.1.123/Ciscozine/c2960s-universalk9-mz.150-2.SE5.tar”:

Ciscozine#archive download-sw /leave-old-sw ftp://192.168.1.123/Ciscozine/c2960s-universalk9-mz.150-2.SE5.tar
Loading Ciscozine/c2960s-universalk9-tar.150-2.SE5.tar !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 19046400/4096 bytes]

Loading Ciscozine/c2960s-universalk9-tar.150-2.SE5.tar !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
examining image...
extracting info (110 bytes)
extracting c2960s-universalk9-mz.150-2.SE5/info (635 bytes)
extracting info (110 bytes)

Stacking Version Number: 1.49

System Type:             0x00000000
  Ios Image File Size:   0x00DE3200
  Total Image File Size: 0x0122A200
  Minimum Dram required: 0x08000000
  Image Suffix:          universalk9-150-2.SE5
  Image Directory:       c2960s-universalk9-mz.150-2.SE5
  Image Name:            c2960s-universalk9-mz.150-2.SE5.bin
  Image Feature:         IP|LAYER_2|SSH|3DES|MIN_DRAM_MEG=128

Old image for switch 1: flash1:/c2960s-universalk9-mz.122-55.SE3
  Old image will be left alone
Old image for switch 2: flash:/c2960s-universalk9-mz.122-55.SE3
  Old image will be left alone


c2960s-universalk9-mz.150-2.SE5/ (directory)
extracting c2960s-universalk9-mz.150-2.SE5/info (635 bytes)
c2960s-universalk9-mz.150-2.SE5/html/ (directory)
c2960s-universalk9-mz.150-2.SE5/html/zh/ (directory)
extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_xsetup.js (12993 bytes)
extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_smartports.js (3803 bytes)
extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_dashboard.js (2591 bytes)
.... /output omitted/ ....
extracting c2960s-universalk9-mz.150-2.SE5/dc_default_profiles.txt (63880 bytes)
extracting info (110 bytes)

c2960s-universalk9-mz.150-2.SE5/ (directory)
extracting c2960s-universalk9-mz.150-2.SE5/info (635 bytes)
c2960s-universalk9-mz.150-2.SE5/html/ (directory)
c2960s-universalk9-mz.150-2.SE5/html/zh/ (directory)
extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_xsetup.js (12993 bytes)
extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_smartports.js (3803 bytes)
extracting c2960s-universalk9-mz.150-2.SE5/html/zh/re_dashboard.js (2591 bytes)
.... /output omitted/ ....
extracting c2960s-universalk9-mz.150-2.SE5/dc_default_profiles.txt (63880 bytes)
extracting info (110 bytes)
Installing (renaming): `flash1:/update/c2960s-universalk9-mz.150-2.SE5' ->
                                       `flash1:/c2960s-universalk9-mz.150-2.SE5'
New software image installed in flash1:/c2960s-universalk9-mz.150-2.SE5

Installing (renaming): `flash:update/c2960s-universalk9-mz.150-2.SE5' ->
                                       `flash:/c2960s-universalk9-mz.150-2.SE5'
New software image installed in flash:/c2960s-universalk9-mz.150-2.SE5


All software images installed.
Ciscozine#

The “archive download-sw” performs the TAR installation two times, one for each switch!
Note: if you have a stack made by 4 switches, you will see four TAR image installations.

Issue the “show boot” command in order to verify that the new image is now the image in the BOOT path-list that will load at the next switch reload.

Ciscozine#show boot 
BOOT path-list      : flash:/c2960s-universalk9-mz.150-2.SE5/c2960s-universalk9-mz.150-2.SE5.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
Allow Dev Key         : yes
HELPER path-list    : 
Auto upgrade        : yes
Auto upgrade path   : 
NVRAM/Config file
      buffer size:   524288
Timeout for Config
          Download:    0 seconds
Config Download 
       via DHCP:       disabled (next boot: disabled)
-------------------
Switch 2
-------------------
BOOT path-list      : flash:/c2960s-universalk9-mz.150-2.SE5/c2960s-universalk9-mz.150-2.SE5.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
Allow Dev Key         : yes
HELPER path-list    : 
Auto upgrade        : no
Ciscozine#

4. Issue the reload command at the prompt and confirm in order to proceed with the reload. The new code revision should come up and start to run as expected on all the switches in the stack.

Remember: The commands “archive download-sw” is applicable only for .tar image files and do not apply to .bin image files.

BIN image

The .bin file is the Cisco IOS Software image. If you want to use only the CLI to manage the switch, this is the only file you need to download.

To upgrade follow this steps:

1. Download the bin image from the cisco.com website.

2. Issue the dir flash: command to verify the amount of free memory that you have for the upgrade.

3. Copy the bin image to the flash of each switch. In this case, two are the switches so the commands are:

copy ftp: flash1:
copy ftp: flash2:

4. Configure the boot variable to boot the switch with the newly copied IOS:

boot system switch all flash:/c2960s-universalk9-mz.150-2.SE5.bin

5. Save and reload the device.

Remember: If you don’t upgrade the IOS on every switch, you will have a version mismatch! To resolve this problem, use the command “archive copy-sw /force-reload /overwrite /dest 2 1” as suggested by the local log!

Ciscozine#show switch 
Switch/Stack Mac Address : 2c36.f828.3680
                                           H/W   Current
Switch#  Role   Mac Address     Priority Version  State 
----------------------------------------------------------
 1       Member a456.30d1.0180     1      1       Version Mismatch    
*2       Master 2c36.f828.3680     1      1       Ready               



Ciscozine#
Ciscozine#show log | i IMAGEMGR
May 22 03:50:01: %IMAGEMGR-6-AUTO_COPY_SW_INITIATED: Auto-copy-software process initiated for switch number(s) 1
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW: 
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW: Searching for stack member to act
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW: as software donor...
May 22 03:50:55: %IMAGEMGR-6-AUTO_COPY_SW: Software was not copied
May 22 03:50:55: %IMAGEMGR-6-AUTO_ADVISE_SW_INITIATED: Auto-advise-software process initiated for switch number(s) 1
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: 
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: 
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: Systems with incompatible software
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: have been added to the stack.  The
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: software running on all of the stack
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: members has been scanned, and it has
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: been determined that the stack can be
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: repaired by issuing the following
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: command(s):
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: 
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW:     archive copy-sw /force-reload /overwrite /dest 2 1
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: 
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: Note that this operation
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: will temporarily interrupt
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: network operation.
May 22 03:50:58: %IMAGEMGR-6-AUTO_ADVISE_SW: 

To verify that all switches are ready, use the “show switch” command:

Ciscozine#show switch
Switch/Stack Mac Address : a456.30d1.0180
                                           H/W   Current
Switch#  Role   Mac Address     Priority Version  State 
----------------------------------------------------------
*1       Master a456.30d1.0180     10     1       Ready               
 2       Member 2c36.f828.3680     1      1       Ready               



Ciscozine#

References:

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.