Software Upgrades
Throughout the book I have given many references to assist you with upgrading your Cisco software images. You may do this to run a new feature not available in the release you have, to fix a current bug, to improve performance or security issues such as Simple Network Management Protocol (SNMP) vulnerabilities, or to meet your own in-house standards. Ultimately, consistency makes troubleshooting easier, and software versions are no exception to the rule.
Chapter 4, “Shooting Trouble with Novell IPX,” should perhaps have been called “Shooting Trouble with Novell IPX and More,” because IPX was just not available using the software image installed on the routers in my lab. I used different methods to upgrade, including PC-based TFTP (PumpKin, 3CDaemon, Cisco) and FTP (3CDaemon) programs as well as setting up a router as a TFTP server to serve the image. I gave you examples with Flash load helper where the configuration register stuff is kind of in the background. It is important to be familiar with different methods because many times you must work with the tools at hand. Most people can make use of a TFTP server, for example; if your images are larger than 16 MB, however, typically you need to look at alternative methods such as FTP. If you skipped Chapter 4 because it had IPX in the title, perhaps you should go back and review it now, for I had you experiment first hand.
Follow along with the general procedures for upgrading your image software using a router as a TFTP, using third-party TFTP software, and using third-party FTP software.
For specific software installation and upgrade procedures, go to Cisco.com. The following URLs are great starting points:
If you need assistance with downloading the file from Cisco.com, see www.cisco.com/public/sw-center/sw_download_guide/sw_download_guide.shtml. However, you need the appropriate maintenance contract, partner agreement, or special file access to download. A CCO account is a very valuable resource.
Serving an Image from a Router Configured as a TFTP Server
The software installation and upgrade procedures for Run From Flash devices such as 1600, 2000, 2500, 3000, AS5100, and AS5200 are as follows:
1. | Set up a TFTP server and specify the directory where files are stored. Examples include PumpKin, 3CDaemon, and Cisco TFTP servers. Alternatively, you can serve the IOS image from a router configured as a TFTP server as follows: r1(config)#tftp-server flash:c2500-js-l.120-21a.bin r1(config)#interface ethernet 1 r1(config-if)#ip address 192.168.5.33 255.255.255.240 r1(config-if)#no shut r1(config-if)#end r1#copy running-config startup-config |
2. | Verify RAM, Flash memory, and feature set requirements. Copy the appropriate IOS image to the TFTP server. |
3. | Establish a console (preferred) or telnet session to the router using the following settings:
|
4. | Use show version to check the configuration register setting. Typically it is 0x2102, but you should document the current value. |
5. | Add the appropriate IP information, such as IP address, subnet mask, and default gateway if needed, and verify connectivity to the TFTP server through a simple ping. It is a good practice to copy your existing configuration files to the TFTP using copy running-config tftp. NOTE You may need to partition Flash memory if the file is larger than one partition. If the file is 10 MB, for example, and you have two 8-MB Flash modules; you can issue the partition flash 1 command to partition the Flash. |
6. | Change the router to RxBoot (bootflash) mode by setting the configuration register to the value 0x2101 as follows: Router(config)#config-register 0x2101 Router(config)#end Router#copy running-config startup-config Router#reload NOTE Setting the configuration register to 0x2101 puts the router in RxBoot (bootflash) mode after the reload with the following prompt: Router(boot)# To avoid overwriting your configuration, do not save any commands while in this mode. If you are connected through a telnet session, it is lost after the reload. You need to wait a few minutes and try again. If, when connected to the router through the console port, you get a > or rommon> prompt, your router is in ROMMON mode. If this happens, consult Cisco.com's boot failure recovery procedures for Xmodem. However, you will put that to practice if you follow along. |
7. | Restore the configuration register back to the original setting, or 0x2102 if you are not sure what to use. r1(boot)(config)#config-register 0x2102
|
8. | Copy the new Cisco IOS Software image from the TFTP server to the router, as follows: Router(boot)#copy tftp flash
NOTE When prompted, enter the IP address of the TFTP server, the source IOS filename, and the destination IOS filename. It is recommended to keep the IOS filename as is when you download it so that you can always look up the feature set information. Depending on the amount of space, you may need to erase Flash memory before writing the new image. Each exclamation point (!) indicates that UDP segments have been successfully transferred. A checksum verification of the image occurs after the image is written to Flash, and the router reloads itself with the new image when the software upgrade is complete. |
9. | Verify the IOS upgrade and reload if necessary without saving the configuration. A good indication of needing to reload is if you issue a show version and it says “router will be 0x2102 at next reload.” Make sure that you are back to the normal router mode with a prompt of hostname> upon a reload. |
Example B-5 displays a sample 2514 upgrade output.
Example B-5. Upgrading the IOS on a 2514 (Run from Flash Device)
r1(config)#config-register 0x2101 r1(config)#end ... r1#reload Proceed with reload? [confirm] 00:18:07: %SYS-5-RELOAD: Reload requested ... r1(boot)#copy tftp flash System flash directory: File Length Name/status 1 5726508 c2500-i-l.120-9 [5726572 bytes used, 11050644 available, 16777216 total] Address or name of remote host [255.255.255.255]? 192.168.5.18 Source file name? c2500-js-l.120-21a.bin Destination file name [c2500-js-l.120-21a.bin]? Accessing file 'c2500-js-l.120-21a.bin' on 192.168.5.18... Loading c2500-js-l.120-21a.bin from 192.168.5.18 (via Ethernet0): ! [OK] Erase flash device before writing? [confirm] Flash contains files. Are you sure you want to erase? [confirm] Copy 'c2500-js-l.120-21a.bin' from server as 'c2500-js-l.120-21a.bin' into Flash WITH erase? [yes/no]y Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee eeee ...erased Loading c2500-js-l.120-21a.bin from 192.168.5.18 (via Ethernet0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ... [OK - 10253564/16777216 bytes] Verifying checksum... OK (0xFA32) Flash copy took 0:05:55 [hh:mm:ss] r1(boot)#show flash System flash directory: File Length Name/status 1 10253564 c2500-js-l.120-21a.bin [10253628 bytes used, 6523588 available, 16777216 total] 16384K bytes of processor board System flash (Read/Write) r1(boot)#configure terminal r1(boot)(config)#config-register 0x2102 r1(boot)(config)#end r1(boot)#reload System configuration has been modified. Save? [yes/no]:n Proceed with reload? [confirm] |
Upgrading Software Images with TFTP Programs and Flash Cards, Including an Xmodem Recovery
Follow the same concepts as in the preceding section to upgrade software images using a PC-based TFTP program rather than a router set up as a TFTP server. Learn the specifics of the application you choose to use, such as PumpKin, 3CDaemon, Cisco, or another program. Then copy the file from Cisco.com to the right directory location and make sure the TFTP application is up and running. Verify that your IP parameters (address, mask, gateway) are set up properly on your TFTP server and the router/switch device. Perform the upgrade as in the following examples.
Example B-6 uses a PC Card (PCMCIA) in slot 1 to perform this upgrade. Some devices have extra slots to ease this operation. However, you must make sure that the Flash memory on the card is partitioned and formatted for the appropriate device. This exercise is also intended to show you how to recover when you accidentally upgrade to an IOS that your physical RAM does not support.
Example B-6. Viewing the Flash on the 3620
r4#show slot1: PCMCIA Slot1 flash directory: File Length Name/status 1 13459880 c3620-is-mz.122-8.T.bin 2 893 startup-config [deleted] 3 6945008 c3620-io3-mz.122-8.T4.bin [20405976 bytes used, 565544 available, 20971520 total] 20480K bytes of processor board PCMCIA Slot1 flash (Read/Write) r4#show flash System flash directory: File Length Name/status 1 3971288 c3620-d-mz.113-9.T [3971352 bytes used, 12805864 available, 16777216 total] 16384K bytes of processor board System flash (Read/Write) |
Slot1: is among the many different types of Flash available. Others include slot0:, flash:, bootflash:, sup-bootflash:, slavesup-bootflash:, and so on. Use the show flash [all] command to determine the type and status for your particular device. Alternatively, think of slot0: and slot1: as hard drives and issue the dir slot0: or dir slot1: commands to check their contents. If the Flash is read-only, you can't write to it from the current mode. This is the reason that on a run-from-Flash device such as the 2500 series routers, you must drop back to RxBoot mode by setting the configuration register to 0x2101. Other routers that don't have RxBoot mode as a boot helper may have a bootflash: mode instead. If not, you can still perform the upgrade procedures from ROMMON mode, but they are much more time-consuming.
NOTE
There are many variances with equipment and flash types. For example, the flash card may have existing files and rather than format the entire card you can erase a file using the delete command. However, in many cases you must then issue the squeeze command to actually delete the space taken up by the deleted file. Research your specific requirements using your CCO account on Cisco.com.
I have physical connectivity (via a crossover cable) between my PC (hosta) that I am using as a TFTP server and the router that needs the upgrade. Alternatively, you must configure your IP settings, including the default gateway, to ensure IP communications before you can upgrade. This is one of the big advantages of using PC Cards for slot0: or slot1: because you can easily transfer the image to the internal Flash without all the IP configuration. However, you need to first get the image to the PC Card, in which a TFTP/FTP server and IP can be quite helpful. Other features that are of assistance when upgrading Cisco images include the boot system commands. For example, you can test an image by booting to an image on a PC Card or a TFTP server prior to the actual upgrade. These boot system commands are read first with the configuration register set to the default of 0x2102 because they are part of your startup configuration (NVRAM). An example of a boot system command is as follows:
boot system flash slot1:c3620-is-mz.122-8.T.bin
NOTE
Always analyze your existing configuration for existing boot system commands. Without them, the first file in flash is read. However, you can use boot system commands to load a more up-to-date larger operating system from either a tftp server or a flash card if you do not have the internal flash memory available. If there are multiple boot system commands they are read in order. You can type no boot system to erase them all or you can type no in front of each one to delete them individually. Remember to save your running-config to the startup-config after any changes to the boot system commands.
I configured my e0 interface as 10.1.1.1 255.255.255.0 and hosta (the TFTP server) as 10.1.1.2 255.255.255.0 to simplify the IP configuration. I then brought up the 3CDaemon TFTP server on hosta. As a precaution, I copied my existing configuration and the Flash image to the TFTP server as in Example B-7.
Example B-7. Backing Up the Configuration and Software Image
r4#copy run tftp Remote host []? 10.1.1.2 Name of configuration file to write [r4-confg]? Write file r4-confg on host 10.1.1.2? [confirm] Building configuration... Writing r4-confg .!! [OK] r4#copy flash tftp System flash directory: File Length Name/status 1 3971288 c3620-d-mz.113-9.T [3971352 bytes used, 12805864 available, 16777216 total] Address or name of remote host [255.255.255.255]? 10.1.1.2 Source file name? c3620-d-mz.113-9.T Destination file name [c3620-d-mz.113-9.T]? Verifying checksum for 'c3620-d-mz.113-9.T' (file # 1)... OK Copy 'c3620-d-mz.113-9.T' from Flash to server as 'c3620-d-mz.113-9.T'? [yes/no]y !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! |
Now review the files that were previously copied to the Flash card and upgrade the internal Flash to 12.2-8T as in Example B-8. This is a good place to copy and paste the filename rather than type it.
Example B-8. Upgrading the Internal Flash from Slot1:
r4#sh slot1: PCMCIA Slot1 flash directory: File Length Name/status 1 13459880 c3620-is-mz.122-8.T.bin 2 893 startup-config [deleted] 3 6945008 c3620-io3-mz.122-8.T4.bin [20405976 bytes used, 565544 available, 20971520 total] 20480K bytes of processor board PCMCIA Slot1 flash (Read/Write) r4#copy slot1:c3620-is-mz.122-8.T.bin flash: System flash directory: File Length Name/status 1 3971288 c3620-d-mz.113-9.T [3971352 bytes used, 12805864 available, 16777216 total] Destination file name [c3620-is-mz.122-8.T.bin]? Verifying checksum for 'c3620-is-mz.122-8.T.bin' (file # 1)... OK Erase flash device before writing? [confirm] Flash contains files. Are you sure you want to erase? [confirm] Copy 'c3620-is-mz.122-8.T.bin' from slot1: device as 'c3620-is-mz.122-8.T.bin' into flash: device WITH erase? [yes/no]y Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ... [OK - 13459880/16777216 bytes] Flash device copy took 00:02:16 [hh:mm:ss] Verifying checksum... OK (0x7A7B) r4#reload Proceed with reload? [confirm] System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) C3600 processor with 32768 Kbytes of main memory Main memory is configured to 32 bit mode with parity disabled program load complete, entry point: 0x80008000, size: 0xcd608c Error : memory requirements exceed available memory Memory required : 0x02193BAC *** System received a Software forced crash *** signal= 0x17, code= 0x4, context= 0x0 PC = 0x800080d4, Cause = 0x20, Status Reg = 0x3041f003 |
Although you followed the correct procedures for copying a file from slot1: to the internal Flash, you forgot some important prerequisites. You must always verify you have enough RAM and Flash memory available for the image in which you want to upgrade. That's all right, however, because now you can experience Xmodem first hand, because that is how to recover. First, go back to Cisco.com and download the appropriate image for the features you require and the RAM and Flash that you have. In my lab, IP and IPX are required, so I downloaded the appropriate image to hosta (a PC). Example B-9 starts after you break out of the repeating error message and end up in ROM monitor mode. Although not required, it will certainly speed things up if you increase the console speed using confreg on the router and the terminal settings on the terminal emulator program. If you see garbage, you know you have a speed mismatch.
Example B-9. Changing the Console Speed on the Router
confreg Configuration Summary enabled are: load rom after netboot fails console baud: 9600 boot: image specified by the boot system commands or default to: cisco2-C3600 do you wish to change the configuration? y/n [n]: y enable "diagnostic mode"? y/n [n]: n enable "use net in IP bcast address"? y/n [n]: n disable "load rom after netboot fails"? y/n [n]: n enable "use all zero broadcast"? y/n [n]: n enable "break/abort has effect"? y/n [n]: n enable "ignore system config info"? y/n [n]: n change console baud rate? y/n [n]: y enter rate: 0 = 9600, 1 = 4800, 2 = 1200, 3 = 2400 4 = 19200, 5 = 38400, 6 = 57600, 7 = 115200 [0]:7 change the boot characteristics? y/n [n]: n Configuration Summary enabled are: load rom after netboot fails console baud: 115200 boot: image specified by the boot system commands or default to: cisco2-C3600 do you wish to change the configuration? y/n [n]: n You must reset or power cycle for new config to take effect rommon 2 >reset |
Continue the Xmodem download in Example B-10.
Example B-10. Using Xmodem on the 3620 to Download an Image from the PC
rommon 13 > xmodem -c c3620-d-mz.121-18.bin Do not start the sending program yet... File size Checksum File name 10506692 bytes (0xa051c4) 0x2b5d c3620-js-mz.121-17 WARNING: All existing data in flash will be lost! Invoke this application only for disaster recovery. Do you wish to continue? y/n [n]: y Ready to receive file c3620-d-mz.121-18.bin ... |
Now that the Xmodem procedures are initialized on the router, do the same through the terminal emulator program on the PC. For this example, I used HyperTerm, as illustrated in Figure B-3.
Figure B-3. Starting Xmodem on HyperTerm
Select Transfer> Send from the HyperTerm menu. Specify the image name and location and start the transfer. You can expect to see console messages about erasing Flash at various memory locations, programming Flash at various memory locations. When successful you should see the following:
Download Complete! program load complete, entry point: 0x80008000, size: 0x587050 Self decompressing the image : ############################################################################################################ ##########################################################################################
The router should then boot up as normal. You can use the config-register command to set the register from 0x3922 back to 0x2102 (or what it was prior to the download). Reload and then test things as in Example B-11. Copy the new image from Flash to slot1: for the future. Although not illustrated here, also ensure your boot code is current. This may require a software upgrade similar to the preceding exercise or it may in fact require a new boot ROM chip itself.
Example B-11. Verifying the Xmodem Download
r4#dir flash: Directory of flash:/ 1 -rw- 5796204 <no date> c3620-d-mz.121-18.bin 16777216 bytes total (10980948 bytes free) r4#copy flash slot1: Source filename [c3620-d-mz.121-18.bin]? Destination filename [c3620-d-mz.121-18.bin]? Erase slot1: before copying? [confirm] Erasing the slot1 filesystem will remove all files! Continue? [confirm] Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased Erase of slot1: complete Copy in progress...CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC ... Verifying checksum... OK (0xF693) 5796204 bytes copied in 87.200 secs (66623 bytes/sec) r4#sh slot1: PCMCIA Slot0 flash directory: File Length Name/status 1 5796204 c3620-d-mz.121-18.bin [invalid checksum] 2 5796204 c3620-d-mz.121-18.bin [11592536 bytes used, 9378984 available, 20971520 total] 20480K bytes of processor board PCMCIA Slot0 flash (Read/Write) r4#copy run start |
NOTE
Refer to www.cisco.com/warp/public/130/xmodem_generic.html for detailed instructions on Xmodem and other recovery procedures.
Working with Modular Devices
Now that you are comfortable with upgrading the software on fixed devices, examine how to do the same for modular devices that contain such cards as a supervisor line card, router, and other modules.
Downloading Supervisor Engine Images Using TFTP
Downloading to a modular device—for example, a 6509 that includes a Supervisor, router, and other line cards—is not much different from downloading to a fixed device. The basics are the same, and the device should remain operational while the image downloads. Set up your TFTP/FTP server, console/telnet session, and IP parameters as mentioned previously. Verify RAM, Flash, and any special feature set requirements. Copy the appropriate image file to the TFTP/FTP server or Flash card. Enter the copy tftp flash command. Enter the IP address of the TFTP server, the name of the file to download, the Flash device to which to copy the file, and the destination filename when prompted. So that the new image boots when you issue the reset system command you need to modify the boot environment variable as follows:
set boot system flashdevice:filename prepend
In this example, flashdevice may be something like sup-bootflash: or slavesup-bootflash: and the filename the name of the software image. When you reset the switch, it is normal for your telnet session to disconnect. During the switch startup, however, the Supervisor Engine loads the new code into RAM. Verify this with show version when you reconnect via the console or telnet.
Because there are minor differences according to your hardware, research the specifics at Cisco.com before you start. With redundant Supervisors, for example, you can't download directly from the TFTP server to the standby Supervisor Flash. Instead, the standby automatically synchronizes with the new image on the active (primary) Supervisor card.
Downloading Switching Module Images Using TFTP
Set up your TFTP/FTP server, console/telnet session, and IP parameters as previously mentioned. Verify RAM, Flash, and any special feature set requirements. Copy the appropriate image file to the TFTP/FTP server or Flash card. Assuming that you want to copy the image to one module, or if there are multiple modules of the same type that you want to upgrade, enter the copy tftp flash command. On the other hand, if there are multiple modules of the same type, but you only want to upgrade a single one, enter the copy tftp module#/bootflash: command. You can use show modules to find the particular card before you begin. Next enter the IP address of the TFTP server, the name of the file to download, the Flash device to which to copy the file, and the destination filename when prompted. All modules should remain operational during the image download. Reset the appropriate modules using the reset module# command from the Supervisor prompt. Use the show version module# command to verify the new version of code.
You can find examples of upgrading the code and for password recovery on modular devices such as the 6509 at Cisco.com. For example, check out www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd/images.htm.
Upgrading Software Images with FTP Programs
An image may exceed the 16-MB limitation for TFTP; therefore, FTP is a workaround. Follow the TFTP procedures except for the username and password information for FTP. TFTP does not use username and passwords, but FTP does. You must follow how the FTP server is actually set up. Typically, FTP anonymous access enables you to log in with a username of anonymous with your e-mail address for the password. Example B-12 illustrates the FTP login and the command to copy the IOS or OS from an FTP server to Flash.
Example B-12. Copying from an FTP Server to Flash
r1(config)#ip ftp username anonymous r1(config)#ip ftp password [email protected] r1(config)#end r1#copy running-config startup-config r1#copy ftp flash !!!follow the previous tftp example for the rest of the copy |
These are not the only methods and procedures because there are differences according to platform. Go to Cisco.com for assistance and current details.