|
Home | Reviews | Speed Test | Tools | News | Forums | Info | About | Join |
20.2 IOS Image Management
Do you need to have TFTP/FTP server? You need to install the software first. Here are few links on how to get it and install it for * FREE * 1. TFTP Server Windows: SolarWinds TFTP http://tftpd32.jounin.net/ Serva 32/64 Mac OS X: Setting up the tftpd server, Diskless NetBSD HOW-TO Linux: http://linux.softpedia.com/get/Internet/FTP/TFTP-Server-10570.shtml Make sure that your computer specification (the would-be-TFTP-server) such as the computer operating system, CPU, and memory size meets the TFTP software requirements. Don't worry, usually TFTP software does not require high-end or specialized computer or server. Even Pentium Pro running Windows 95 can be a rock-solid TFTP server. Note: In case you cannot find or use PC or computer as TFTP server, you could utilize a router as TFTP router by configuring the router with tftp-server command. Check out the following link for more info. tftp-server command description 2. FTP There are situations which mandate using FTP such as * FTP is TCP-based protocol while TFTP is UDP-based protocol. By leveraging connection-oriented nature TCP has, FTP service has higher reliability over slow, congested, or unreliable connection * Certain hardware do not support TFTP (such as Juniper products running JUNOS) Windows Baby FTP Server Filezilla FTP 3. SFTP Secure FTP or SFTP is basically FTP with encryption, tunneled through SSH (TCP port 22). Modern appliances now days either support or mandate the use of SFTP Windows Solarwinds SFTP Thanks to aryoba and Phraxos for submitting the links above. by Covenant edited by aryoba Traditional IOS Please note: 1. If your equipment is Cisco 801-805 Router that uses Tiny ROM, then please use the following guide instead. Cisco IOS Software Upgrade Procedure for Cisco 801, 802, 803, 804, and 805 Series Routers 2. This FAQ assumes that your router is able to boot up normally. When your router is unable to boot up normally, please scroll down to the bottom of the page for suggestions. Tips * Under any circumstances, DO NOT delete working IOS image off the flash memory unless the image has been backed up to server (TFTP or FTP server) or you have working IOS image stored in the server. Later description will show you how to back up the image * There is a chance that a router loses power or loses connection during the IOS image transfer (copy from or to server) which may cause the router to have no working IOS image to boot up from. When such incident happens, you will be glad that you first back up the IOS image to server before deleting working IOS image off the flash memory. Quick Guide Need to make backup image? Or need to download image? Try the following * Backup image to TFTP server * Download image from TFTP server For those routers or switches that have USB port, you can use USB Flash drive to backup or to download IOS images as follows * Backup image to USB Flash drive * Download image from USB Flash drive Once you have both old and new IOS images in USB Flash drive, you can either save copies to your computer or to some storage such as DVD, tape backups, or some FTP servers. A Walkthrough Upgrade or Download Router IOS image to Flash Memory Step 1 To transfer an IOS from PC to ROUTER, the following conditions must meet * The new IOS image file is in working condition since corrupted IOS image won't do any good * The new IOS image file is inline with the router DRAM and flash memory size. Keep in mind that maximize router DRAM and flash memory size before IOS image upgrade is always a good idea to make sure the router can fit the IOS image file and can run any IOS image version. Check out the following FAQ to find memory specification »Cisco Forum FAQ »Cisco equipment memory chip specification * When the router is still running the older IOS image version, backup the older IOS image to TFTP or FTP server (the next steps explain this further). This backup should take place before any IOS image upgrade process start. In case of unsuccessful IOS image upgrade (due to too-small DRAM size, corrupted IOS image, etc.) it is always a good to know that you are able to reverse the change by putting back the older IOS image (the one that you backup earlier) to the router Step 2 In order to transfer an IOS image typically you need to run a TFTP program on your computer. Your computer will then become TFTP server during the IOS image transfer. A simple FREE one can be found here »Cisco Forum FAQ »How to prepare TFTP/FTP server Note that when the router is running newer IOS image, IOS image transfer using FTP server is also supported. Using TFTP server instead of using FTP server is more common however for image transfer. The rest of this FAQ shows the use of TFTP transfer however. Step 3 It is recommended that the PC (the TFTP server) is on the same subnet as your router. Easiest way is to assign a static IP to your machine [x.x.x.100 255.255.255.0]. If there is a switch between the PC (the TFTP server) and the router, then also make sure both PC and router are within the same VLAN or the same broadcast domain. When your network is using hub instead of switch, there might be some collision that severely degrade the TFTP traffic flow; hence screwing up the download or upload process. In this case, it is highly suggested to use either a switch or simply back-to-back connection using crossover cable between the router and the PC. Step 4 Next go to the privilege exec prompt and type r1#copy tftp flash The command will ask you of four things. 1. The IP address of your server. Enter whatever PC IP address is. 2. The name of the IOS source file. Enter the exact name of the IOS file you are trying to install (including the sub-directory name and path if the file is not in the root or current directory). If you enter incorrect name or if the file is not in the right directory, the transfer will fail. 3. It may ask you for the destination filename as well. This indicates where you like the new IOS file stored and whether you like to keep the same IOS filename. Typically you choose to keep the same IOS filename and store the IOS file in current router's flash directory. Should you decide to store the file in different directory, you need to specify the exact directory path and name. You also need to specify the new IOS filename should you decide to have different filename. 4. It will also ask you if you wish you to erase your flash before copy. Read This Before Proceeding: This erase means that you will erase the entire contents of memory flash by formatting the flash. Keep in mind that you cannot recover any of those contents (including the current IOS image) once the flash is erased or formatted. You may want to erase the flash when at least one of following meets. * Memory flash size is too small to hold both the current and the new IOS images * You need to use the entire flash memory space that is currently partitioned to fit the new IOS image (note: to remove the partition, check out this FAQ »Cisco Forum FAQ »How do I remove a flash partition?) * There was partition in the flash that was just been removed, and you need to start fresh by reformat the flash * There was bad sector in the flash that you want to remove by reformat the flash * The flash memory is brand new and/or has never been used/formatted If none of the above fits your situation, then you might not need to format the flash. Holding both current and new IOS images in the same flash is recommended whenever possible. By having both images, it would be easier to flip back to the old image when there is boot problem with the new image since by default, the router boots up using the first valid IOS image the router can find. Should you erase the flash, make sure that you already backup all flash contents to server; especially the current IOS image. When everything works and you say yes when you are asked to erase the flash, then the display will look something like this. r1#copy tftp flash Step 5 After the IOS transfers you will need to reboot the router to active the new IOS image. The router then may ask if you want to save the router configuration. Depending on whether you changed your IP address to a new scheme or just used the same address you may or may not want to save your config. Backup Router IOS image to TFTP Server In order to backup an IOS from ROUTER to PC, use the similar steps. However on Step 4, you need to enter a different command. This is where you want to make sure the TFTP server can send and receive. r1#copy flash tftp The rest of steps are applicable still. Troubleshooting With anything, sometimes things don't work as expected. In a case of the copy command does not work, one of following could be the culprit. * Incorrect IOS image file name to use * Incorrect TFTP software installation * Incorrect TFTP software setting * IOS image file is stored in different directory or folder of the TFTP server * Cable or routing issue between router and TFTP server * If the router and the TFTP server is not connected directly (i.e. there is a patch panel, switch or router in between), verify the intermediate device/connection * Incorrect IP address or subnet mask of either router or TFTP server * Buggy TFTP software Assuming no firewall or nothing blocks ICMP echo, you could try to ping both ways from router to TFTP server and from TFTP server to router. If you could ping both ways, then at least routing between router and TFTP server is good. Should it be the case; then the problem could not be either cable or routing (not TCP/IP Layer-1, 2, or 3 issues), hence you should consider something higher up in the TCP/IP Layer such as file- or directory- related issue. There is also a possibility of a firewall issue that disallow TFTP traffic flow. First thing to confirm is to make sure you know where the active firewall is. This firewall can be a dedicated appliance (such as Cisco ASA firewall) or simply some software firewall installed on your TFTP server. If your TFTP server is some Windows machine, make sure all Windows Firewall is turned off. Note that some antivirus software may also block TFTP traffic, hence turning off the software at least temporarily is suggested. If for some reason you cannot deactivate the firewall, then make sure the firewall allow TFTP traffic flow between the router and the TFTP server. When there is NAT/PAT in place on the firewall, verify you use proper IP address that the firewall understand. Notes 1. Should there be two IOS images on the router's flash where one is new and another is old image, you need to specify which IOS image the router should use as primary boot file. The command is following. boot system flash:[ENTER NEW IOS IMAGE FILENAME HERE] Example: boot system flash:c2600-i-mz.121-14.bin where the c2600-i-mz.121-14.bin is the new IOS image full filename You also have to make sure that there is only one boot command in the router configuration, which is the one you just put in. When there are other boot command in place, you need to remove them. Please save the router configuration afterwards before proceeding to router reload to commit the configuration change. 2. Should you decide to use FTP instead of TFTP to transfer IOS image, the copy command is similar which is the following. copy ftp flash copy flash ftp You may need to specify or configure the FTP username and password on your router, in addition to FTP server IP address and necessary sub directories. 3. In some older router with older ROMMON firmware or older IOS image, transferring IOS image across multiple routing hops is not behaving as expected. The routing path may be correct, however for some reason the IOS image transfer is unsuccessful. Using a hub instead of switch to put between router and server may also create unsuccessful IOS image file transfer. Therefore it is preferable to have the TFTP server directly connects to the router or at least you use a reliable switch to connect the TFTP server and the router in addition to have the TFTP server and the router to be in the same broadcast domain. Discussion »Backing Up Cisco 2800 What would I be doing wrong »Loading New IOS image to c1841 When The Router Does Not Boot Note that this tip is applicable when the router is currently able to bootup normally. When the router does not boot normally or does not boot at all, check out the next tip. »Cisco Forum FAQ »Deleted/Corrupted/Wrong Type/No IOS image and router won't boot Newer Platform »Cisco Forum FAQ »Upgrade IOS images on newer platform Feedback received on this FAQ entry:
by dpocoroba edited by aryoba Preface As network administrator, you may encounter issue of a Cisco router won't boot up normally. As you console in to the router, you do not see IOS prompt at all; instead it is either looping or there is this ROMMON prompt. This FAQ has been brought to help those that are unfamiliar around Cisco image troubleshooting process. Although this FAQ has been written mostly for Cisco routers, the concept applies to other Cisco devices such as switches and firewalls. This FAQ assumes some knowledge of running basic IOS commands, setting up TFTP servers, some IP network understanding, and physical/hardware troubleshooting. Following are typical cases in regards of router inability to boot up normally. Case #1 Deleted/Corrupted/Wrong Type/No IOS image and Router goes to ROMMON mode When you notice your router won't boot normally and goes to ROMMON mode (showing the rommon prompt), it means that basically the router can't find a valid IOS image to boot from. The cause could be either one of the following * Valid IOS image file has gone missing, deleted, or corrupted (common case) * Router has been configured to boot from media that does not exist (less common case) * Router tries to boot up IOS image that is too big to fit into its DRAM (not that typical case) * Router crashes suddenly out of the blue (rare case) * Router has been configured not to boot up normally at all (one-in-the-million case) A router entering ROMMON mode is considered simple situation to remedy since it means of stable router configuration and of simple procedure to revive. The next case shows worse situation. Case #2 Router Crashes and/or Boot Loops When you have installed the wrong IOS (or one that is too big to fit into the router memory), the router may crash or boot to the ROMMON (ROM Monitor) prompt. In some cases, the router crashes after being up for years and left untouched. Once the router crashes, it may not enter ROMMON mode, keeps trying to boot up normally to no avail, and constantly loops. To revive a Cisco router that is unable to boot up normally, the router has to be in stable condition such as in ROMMON mode as first step. When the router seems unable to enter ROMMON mode by itself, you have to power cycle the router and issue the break sequence within few seconds the router restarts. Note that the break sequence to enter ROMMON mode varies, depending on your Terminal Emulator software you are using and Operating System your PC is running. Check out the following link to find out proper break sequence. »Cisco Forum FAQ »Password Recovery Procedures - proper BREAK key sending Next Step After The Router Enters ROMMON Mode Once the router is stable and in ROMMON mode, you have several choices to revive. When you have a working-condition equivalent router, the options are following. * Borrow other router flash memory chip * Borrow other router platform functionality * Use USB Flash Drive stick, PCMCIA card or CompactFlash card If there is no compatible router, then the choices are the following * Use USB Flash Drive stick, PCMCIA card or CompactFlash card * Use tftpdnld command on the ROMMON mode * Use dnld or xmodem command on the ROMMON mode when tftpdnld command is not available due to old version of ROMMON chip Following is further description. Use USB Flash Drive stick, PCMCIA card, or CompactFlash card Some router models come with PCMCIA slot. For those newer router and switch models, CompactFlash slot and/or USB flash drive slot are in place instead. When you have USB Flash Drive stick, PCMCIA card or CompactFlash card, you can use either one of them to store IOS images and to revive a router, switch, or ASA Firewall. From router, switch, and ASA Firewall perspective; the card is just another media beside integrated flash memory chip to store any files including IOS image files. By default the equipment (either router, switch, or ASA Firewall) will find the first boot-able image to use for loading and running. If there is no boot-able image in the first media (usually the integrated flash memory chip), then the equipment will try to find boot-able image in alternate media (such as the PCMCIA or CompactFlash card). You as network administrator have option to specify the equipment to load specific image stored in specific media (either integrated flash memory chip, USB stick, CompactFlash card, or else). This approach helps in case you want the equipment to load up file stored in PCMCIA/CompactFlash card as first preference instead of the one in the integrated flash memory chip. Use tftpdnld command on the ROMMON mode In a case that the equipment you are working on (i.e. router or switch) does not have such USB, PCMCIA, or CompactFlash slot, different avenue you could pick is to use the tftpdlnd command where you utilize TFTP to download IOS image. With TFTP, you need to have a TFTP server that store the suitable IOS image and have your equipment set as TFTP client. When you don't have yet TFTP server, you can prepare one for free. Free TFTP software can be found here »Cisco Forum FAQ »How to prepare TFTP/FTP server. From protocol perspective, please note that TFTP is completely different to FTP and the two are not interchangeable. The variables you need to enter directly at the ROMMON prompt to download IOS image from TFTP server to the router as TFTP client are the following: In a situation where there is no established network, the router and the TFTP server should be in the same subnet and should share the same default gateway. Either way, ensure there is basic connectivity between the router as TFTP client and the TFTP server that has no TFTP block or firewall in between. Following is an illustration. Let us say that the TFTP server setting are the following. IP address: 10.0.0.25 Subnet Mask: 255.255.255.0 Default Gateway: 10.0.0.1 There is a c1700-k9o3sy7-mz.124-5a.bin file at the TFTP server default directory to copy to the router. The router in this case is Cisco 1721 model which uses c1700 type IOS image file. To match the above setting, here are ROMMON setting. You can check that everything is set up correctly by entering set on its own. Once all IP settings and IOS file name looks correct, enter tftpdnld at the ROMMON prompt and your IOS image will be installed from your TFTP server. N.B. This step will format and erase the flash so any other files stored there will be lost. If you want to boot from the image on the TFTP server without writing it to flash then use the command tftpdnld -r. This will load the IOS on the TFTP server into router memory and boot the router from it but the flash will remain unchanged. ROMMON mode is case sensitive so make sure you enter commands and variables in upper or lower case as detailed here. For more troubleshooting info using tftpdnld command, please check out the following FAQ: »Cisco Forum FAQ »Corrupt image & router boots into rommon mode Borrow other router flash memory chip The key is to keep various router platforms that share the same flash memory chip hardware specification. When you have two routers that share the same flash memory hardware specification, then you can always swap out flash memory between the two routers. In case that you have one router in working condition and another router in non-working condition, you can always swap out flash memory to revive the non-working routers as following illustration. You may note that 2500, 2600, 3600, and 4000/4500/4700 series routers share the same flash memory chip hardware specification. The 4000/4500/4700 series routers run older ROMMON chips that has no tftpdnld command available on their ROMMON mode. Fortunately for 2500 series router, Cisco offers newer version ROMMON chips that has tftpdnld command available on their ROMMON mode. With 2600 and 3600 series routers, they come from factory carrying the newer version ROMMON mode already. Let's say you have to revive a 4500 router. You can pick up a working 2600 router to revive. Download the proper 4500 IOS image into the 2600 router flash memory chip. Note that the 2600 router might complain that IOS image you download is unsuitable for the 2600 router. You can safely ignore the message since you then will move the flash memory chip into the 4500 router to revive the router. Borrow other router platform functionality Let's consider similar illustration. You still need to use the 2600 series router to revive the 4500 series router. This time you temporarily remove the 2600 series router flash memory chip and place the 4500 series router flash memory chip into the 2600 series router. Using tftpdlnd command available on the 2600 series router ROMMON mode, download proper 4500 series router IOS image into the flash memory chip. You then move back the 4500 series router flash memory chip to the 4500 series router. You now should be able to boot up the 4500 series router without problem. Don't forget to place back the original 2600 series router flash memory chip to the 2600 series router. The previous illustration shows that you need to utilize the tftpdnld command available on the 2600 ROMMON mode. This means that the 2600 series router has to boot up or enter into ROMMON mode which is generally unwanted. The preferable is to revive via CLI mode instead. When you use a router that has PCMCIA memory slot like 3600 series router, you can revive via CLI mode. Here is how to do it. Verify that the PCMCIA memory card has a working 3600 series router IOS image. Also verify that the 3600 series router is configured to boot up from PCMCIA memory card in case no valid IOS image is found on the flash memory chip. As previous illustration, you temporarily remove the 3600 series router flash memory chip and place the 4500 series router flash memory chip into the 3600 series router. Note that the 3600 series router will boot up using IOS image found on the PCMCIA memory card. In other words, the 3600 series router boots up into CLI mode as normal. You then download proper 4500 series router IOS image into the flash memory chip from CLI mode using copy tftp flash command. You then move back the 4500 series router flash memory chip to the 4500 series router. You now should be able to boot up the 4500 series router without problem. Don't forget to place back the original 3600 series router flash memory chip to the 3600 series router. For more info regarding router models that share the same DRAM/Flash memory chip hardware specification, check out the following FAQ. »Cisco Forum FAQ »Cisco equipment memory chip specification Use dnld or xmodem command on the ROMMON mode Some routers that have older version of ROMMON chip don't have tftpdlnd command available. In this case, you could use the dnld or xmodem command which is serving similar functionality as the tftpdnld command. Using dnld or xmodem command, you will be downloading working IOS image through RS-232 serial port (i.e. CONSOLE or AUX ports). For a file transfer (such as IOS image download) through CONSOLE or AUX ports, you may want to set the baud speed to maximum value of 115200 bps for faster result. Check out the following link for info on how to use xmodem command Xmodem Console Download Procedure Using ROMmon More info of using ROM Monitor commands including dnld can be found here Note: You may notice that Cisco illustration uses HyperTerminal emulator software to push file transfer through the CONSOLE port. Should there be no such software available, an alternate such as TeraTerm or ExtraPutty can be used The largest issue to use those serial ports is that the transfer rate is slow compared to the Ethernet-based tftpdnld command transfer rate (10M/100M/1G/10G bps) even though you set the rate to 115200 bps (the "fastest possible" RS-232 serial port transfer rate). Therefore you might want to use this way of reviving as last resort when earlier ways are unavailable. Comparing Alternatives To Revive Routers 1. Use USB Flash drive, CompactFlash drive, or PCMCIA flash drive Advantages * Such flash drive is available at most local computer and electronic stores * At certain situation, booting router directly using IOS image on this kind of drive is possible * The router you need to revive may not need to go into ROMMON mode Disadvantages * Only works with newer router model or those routers with updated ROM firmware * The maximum memory size of this kind of drive might be 1 GB, depending on router ROM firmware version 2. Swap Out or Borrow Other Router's flash memory Advantages * At certain situation, booting router directly using IOS image on this flash memory is possible * The router you need to revive may not need to go into ROMMON mode Disadvantages * Only works with routers that share the same flash memory hardware specification * Different routers may have different maximum memory size, depending on router ROM firmware version and router platform types 3. Use tftpdnld command Advantages * The command is available at most router models nowdays * Setting TFTP server is minimal effort since you can have any machines to be one server * Most applicable method to revive router at most situations Disadvantages * The command is unavailable at old router models * You need Internet access and administrative right to download and install TFTP server software on machines, which may be a challenge when at the moment there is no Internet access and you have no administrative right on your machine 4. Use dnlnd or xmodem command Advantages * The command is available at most router models, including old router models Disadvantages * Since the method uses slow serial port, the IOS image file transfer is very slow Procedure To Revive Router When There Is Other Router You Can Borrow Its Functionality From When you have at least another router that is in working condition, you can use the router to borrow its functionality from to revive the non-working router. The functionality you can borrow from the compatibility of either flash chip, USB Flash drive, CompactFlash drive, or PCMCIA Flash drive. You can refer one of the earlier discussion to temporarily revive the non-working router and make the solution permanent by either installing the suitable IOS image, installing proper flash chip or drive, or configuring the non-working router to boot using specific IOS image on specific drive location or directory. To ensure that the router you are reviving is starting fresh without prior saved configuration in the way, type in confreg 0x2142 and reset on ROMMON prompt as the first step and then set the configuration registration value back to default which is 0x2102 once the router has booted up normally by doing the following on IOS enable mode. config-register 0x2102 write memory (or copy running-config startup-config) reload Procedure To Revive Router When There Is No Other Router You Can Borrow Its Functionality From In a case of no routers that you can borrow its functionality from, following is what you do. Step 1 * Type in confreg 0x2142 and reset on ROMMON prompt to make sure the boot process you are about to do in order to activate the IOS image the router is going to use is starting fresh, bypassing any possible saved/prior configuration Step 2 Choose one of the following choices Choice #1 - Use USB Flash Drive, CompactFlash, or PCMCIA Flash drive * Prepare a USB Flash drive * Download suitable IOS image from your PC to the USB Flash drive * Stick the USB Flash drive to the router USB port * On the ROMMON prompt, use boot command to boot the router using the IOS image stored in the USB Flash drive. You can use dev command to get the USB Flash drive ID code and and dir command to get the IOS image name when you need to specify those during the boot command usage. You can also use ? at any time on ROMMON mode to help you using any ROMMON mode commands Example: rommon 1>boot usbflash0:[ENTER THE IOS IMAGE NAME HERE] * Once the router is up normally, you can simply use the copy command to format and copy IOS image from USB Flash drive to Compact Flash. You can type ? after the copy to see available choices of drive code specially the USB Flash drive ID code. Example: Router#copy usbflash0:[ENTER THE IOS IMAGE NAME HERE] flash: Choice #2 - Use tftpdnld command on ROMMON mode * Prepare TFTP server * Store suitable IOS image in one of the TFTP server directory (or folder if you use Windows machine) * On the ROMMON prompt, use tftpdnld command to format and copy the IOS image from the TFTP server to the Compact Flash * Boot the router using the IOS image in the Compact Flash using boot ROMMON command Example: rommon 1>boot flash:[ENTER THE IOS IMAGE NAME HERE] Choice #3 - Use dnld or xmodem command on ROMMON mode * Follow link above on dnld or xmodem command to use Step 3 * Once the router is up normally, set the configuration registration value back to default which is 0x2102 by doing the following on IOS enable mode. config-register 0x2102 write memory (or copy running-config startup-config) reload Suggestions You should have a way to keep working IOS image accessible at all times. From the above illustrations, here are some suggestions. * Keep identical routers (i.e. the same router model, the same DRAM and flash memory size, the same ROMMON chip, the same IOS image) around to backup each other * Keep several flash memory chips that contain working IOS image for each router platform you have * Keep various router platform that share the same flash memory chip hardware specification * Prefer to use routers that has PCMCIA, CompactFlash, or USB memory slot to revive routers * Store backup IOS images safely on other media such as CD-ROM, DVD, USB keys, or tape backup And of course, keep having TFTP server available and maintain your Smartnet contract so you can keep downloading IOS image from Cisco website. Discussions »Cisco 7200 VXR Boot issues »[HELP] TFTPDNLD -r from ROMMON on 1801 won't succeed »[CCNA] Cisco 2811 not detecting usbflashdrive »1841 routers without flash memory »Instructions for formatting compact flash cards »Firmware Recovery on 877W with 'no service password-recovery »[H/W] Cisco 871-SEC-K9, reboot loop Feedback received on this FAQ entry:
by Phraxos edited by aryoba This is a known issue and there is a Cisco document that details what you have to do: Image Does Not Fit Onto Default 16MB Flash Card For 2610/2611/2612/2613/2620/2621 Routers Please note that after performing the squeeze operation, when you copy the image to flash, you will be asked if you want to erase the flash - make sure you answer "no" or you will wipe out the effects of what you have already done. by Phraxos edited by aryoba |