Ixne
join:2004-03-23
Dearborn, MI
| IOS upgrade issue
Heyo,
I'm trying to upgrade a Catalyst 3750 IOS, but after copying the new IOS to flash and setting the system boot to the new IOS image, it still boots to the old IOS.
Original IOS / location:
"flash:/c3750-ipbase-mz.122-25.SEE2/c3750-ipbase-mz.122-25.SEE2.bin"
Results of Show Boot :
BOOT path-list : c3750-advipservicesk9-mz.122-40.SE.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : no
Manual Boot : no
HELPER path-list :
Auto upgrade : no
Why isn't this working? Thanks! |
|
aryoba
Premium,MVM
join:2002-08-22 | You need to specify which image to load when the switch boots by issuing boot system command. Verify your work with show bootvar command. |
|
Ixne
join:2004-03-23
Dearborn, MI
| Already done; this is how I got the Show Boot information to appear as it does.
issued:
boot system switch all flash:c3750-advipservicesk9-mz.122-40.SE.bin
Thus, it claims it will boot that updated image, but it still boots the old one. |
|
aryoba
Premium,MVM
join:2002-08-22 | Is the c3750-advipservicesk9-mz.122-40.SE.bin also on the flash:/ directory and not under sub-directory? |
|
Ixne
join:2004-03-23
Dearborn, MI | Correct, it is in the root of flash:, whereas the original image is in a subdirectory. |
|
aryoba
Premium,MVM
join:2002-08-22
| reply to Ixne
said by Ixne  :issued: boot system switch all flash:c3750-advipservicesk9-mz.122-40.SE.bin Shouldn't the command be the following?
boot system flash:c3750-advipservicesk9-mz.122-40.SE.bin |
|
Ixne
join:2004-03-23
Dearborn, MI
| That yields the same entry in the show boot command:
BOOT path-list : flash:c3750-advipservicesk9-mz.122-40.SE.bin
Config file : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break : no
Manual Boot : no
HELPER path-list :
Auto upgrade : no
|
|
aryoba
Premium,MVM
join:2002-08-22 | Did you save the configuration prior reload? |
|
Da Geek Kid
join:2003-10-11
Mclean, VA
edit:
May 21st, @05:50PM
| reply to Ixne
simple...
conf t
no boot sys
end
wr
reload
The CAT 2900/3500/3700s do not need a boot sys to boot unless you have 2 separate versions... since this is a very tough issue due to a small storage space for bin files...
oh... please verify the file... your file seems corrupt. |
|
Ixne
join:2004-03-23
Dearborn, MI
edit:
May 22nd, @07:02AM
| Why would I not need a boot sys, since I do have two config files?
Also, I have over 12MB available in flash with both images in there, so space isn't an issue.
Why do you think the file is corrupt?
One thing I did notice after doing as Aryoba suggests:
BOOT path-list : flash:c3750-advipservicesk9-mz.122-40.SE.bin
the flash specification wasn't there before. When I get a chance I'll reboot the switch and see if it works now. |
|
Da Geek Kid
join:2003-10-11
Mclean, VA
| first of all since all your eggs are in one basket, two ios files won't make much difference since files do not tend to go bad while in production... also, when you do upgrade to a new version of software, you would not need to change any configurations, all you would need is a reboot. |
|
Ixne
join:2004-03-23
Dearborn, MI | Based on your comment, how do you explain my results? Cisco's own support suggests using the boot system command.
How many 3750 switches have you upgraded, if I might ask, and under what conditions? |
|
Da Geek Kid
join:2003-10-11
Mclean, VA | donno by numbers but I can say over 1000... and that is a conservative number... I also work with over 600 Cat6500 switches... |
|
MrTwister
join:2003-09-27
Hilliard, OH
|  reply to Ixne
I myself have upgraded well over 1500+ of the c3750
switches, and all flavors, TS-S, TS-E, PS-S, PS-E,
up to (2) 10G models, hardware revs from '04 models
ser CAT08xxxxxxx to '07/08 ser CAT11xxxxx/CAT12XXXXX
and I've seen some strange things.
The majority of the time, I use the tarball version
of IOS, which is what's on the switch when you get
it from the factory, where you'll see in the flash
a directory with with the name of the IOS and
inside that directory you'll see the IOS.bin file
that has the same name, as in the case of your
switch. Also as you might have noticed
upgrading a single switch as opposed to
upgrading a switch in a stack there's a big
difference in what can happen. If the switch
is in a stack already and in production,
Using the tarball method is the best, since
the stack master will upgrade the rest of
the switches in the stack and update their
"boot config" info.
Out of the box from the vendor, I normally like
to upgrade the switches in a stand alone fashion,
since it's much faster than upgrading a stack.
The newer hardware rev switches, will take a
tarball from start to finish in just a few minutes
(less than 5 minutes in most cases).
When using the tarball file, and using the
that command not only upgrades the IOS, but also
updates the "boot config" for you.
What this does is use a directory called "update",
removes the old IOS and renames the "update" directory
to the directory labeled the IOS version.
There have been a few versions where I've been
upgrading a switch stack remotely and for some
weird reason, the IOS stays in the "update"
directory and changes the "boot config" to reflect
that.
Very weird.
Also something to note, if you're going to use
the "archive download-sw" and you're changing
the IOS version from IPBase to IPServices, or
downgrading from IPServices/AdvanceIPServices to
IPBase, you'll need to use the "/allow-feature-upgrade"
I've also used the single IOS.bin file technique you're
using both standard and via the console port (speed
increased to 115200 to speed up transfer) to recover
from a lost/corrupt IOS.
We've also got a few stacks that are hybrids that
can pose a issue during upgrading IOS. The stacks
are in a few of our campus locations, and have
stacks of (9) PoE switches with the top two switches
being enhanced and running the IPServices or
AdvancedIPServices so as to push layer three routing
down to the distribution layer along with QoS tagging
on the edge (I know advanced isn't needed for QoS).
If the switch isn't in producion and you want to
verify the "boot config" took, besides using the
"show boot" command, you can boot the switch up
in recovery mode, issue the "flash_init" and
"load_helper", then use the "set" command to see
what the switch has set.
You should see something like this
I'll admit that's way over kill, but it works.
Just type "boot" after you verify the settings,
and the switch should boot into your new IOS.
A little long winded I know, but after you've
done a few of these, you'll find some weird
things happening.
Wait til you run into the issue where the
NVRAM is full or corrupt from the factory,
we've had c3750's and 3845's come from the
factory with corrupt/full NVRAM. |
|
Da Geek Kid
join:2003-10-11
Mclean, VA | tar ball is used if the person would like to use the web features of the device... and since most of the devices we maintain the http/https is disabled. so there's no need to fill up the flash with things you do not use. |
|
MrTwister
join:2003-09-27
Hilliard, OH
| Very true, we usually have that off by default.
Some people get a warm and fuzzy feeling with
having it there.
I'd prefer just to use the IOS.bin file, but
you know how it is, in they government.
A few times (read in few hundred) switches
I rolled out like that, someone in the NOC
had nothing to do one day, and they noticed
that the ios.bin was on the switch and not
the tarball. That raised a stink.
Yeah this is the same NOC that is responsible
for making sure the IOS we've tested and approved
for production is being pushed out the
switches and routers, but they haven't done
the deployment. They then complain that there
are soo many versions of IOS on the network.
It's amazing at times some of the stuff you
hear from people that are supposed to be handling
the care and feeding of the network.
You want to do the logical thing, then someone
who has no clue about the equipment, aside from
what others who are uninformed themselves, who
have the ear of those in power, make all sorts
of illogical decrees and standards/defacto standards
that they tend not to follow themselves.
Sorta like when you design something with
redundancy/fault tolerance/high availability
and they seem to think its costing way too much
then they make you do the design on the cheap
so to speak.. oh and by the way this is running
enterprise wide, mission critical apps.
Then there's some catastrophic outage where you told
them it would fail and they pitch a fuss and said
that should have been taken into account.
bah... sorry I digressed way, way off track there..
I'd say you're preaching to the choir but, I can't
carry a tune in a bucket.. |
|
Da Geek Kid
join:2003-10-11
Mclean, VA | lol |
|
Ixne
join:2004-03-23
Dearborn, MI
| reply to MrTwister
I feel your pain, man, e.g. taking several months to design a multi-site SAN only to be told we need to "cut the costs down", then having it cut down to something that can't be used. Lovely use of time.
Anyway, to sum up, as DGK said, we don't really need (or want) to use the HTTP features on the switch, so the .bin is sufficient. This is a production switch, so even the 5 minutes (!) it takes to reboot the 3750 requires e-mail notifications, sign-offs, sacrificing small animals, etc.
Since the show boot now explicitly says it's booting from flash: (where it didn't before), I'm hoping it'll take this time. |
|
Ixne
join:2004-03-23
Dearborn, MI | Update: specifying flash: appears to have done it. Thanks all! |
|
