Upgrading The IOS On A Switch (The Right Way)
Since I’ve made a couple of postings describing flash upgrade horror stories, I thought I’d include a description of how to do it the right way.
Selecting an image
First verify your hardware, either use the web interface or use show version at the CLI.
- Go to cisco.com and login with your CCO account.
- Click Support from the menu
- Click Download Software in the “select a task” window
- Choose Switches Software from the list
- Choose LAN Switches from the list
- Expand the Cisco Catalyst 2950 Series Switches group
- Choose the type of 2950 switch, in this example choose Cisco Catalyst 2950G 48 EI Switch
- Choose IOS Software from the list
- And select the software version you want
Some advice on choosing images:
- Generally speaking, I’d say take the latest image. If your hardware is relatively old, then the newest code is probably bugfixes only and will not be introducing new features (and their bugs). If this was newer hardware, I’d recommend you carefully read the release notes.
- Never load the deferred releases — these have serious bugs in stability or performance. If the code you’re running right now is deferred, or isn’t listed at all then I’d say an upgrade to newer code is very important.
- Choose an image that represents what flash resources you have — I like the image C2950 EI AND SI IOS CRYPTO AND WEB BASED DEVICE MANAGER because it supports ssh, and it has a web interface (SDM) built in. But the web SDM takes up flash space, so make sure you review your switch flash resources to make sure it can handle the larger file.
Prepare the TFTP server with images
You will need the tftp SERVER, not just the client. Check your documentation, but in Linux you usually have to modify /etc/default/tftpd to enable the tftpd service. Solarwinds makes a free win32 tftp server as well.
The tftpd root folder can be anywhere, but usually it is either /tftpboot or /var/lib/tftpboot; in Windows you can easily specify this folder to be wherever you want, but I’d recommend you create a tftpboot folder off the root of your drive. Put the tar files in the tftpd root folder.
It is a little easier to test these issues from a PC client; so you can save some troubleshooting time by testing if you can download the image from a PC tftp client, Windows ships with tftp so just login and download a file to test. If you’re running Linux then you might have to load the tftp client from your distribution repos.
Loading the new image
Connect to the CLI, and go into enable mode. You can tell you’re in enable mode when you see the # in the prompt.
User Access Verification
Password:
SW02>en
Password:
SW02#Verify the space in the flash with dir. Chances are pretty good there is only room for one image at a time, but if you’re lucky you can fit two images.
SW02#dir
Directory of flash:/
2 -rwx 3721946 Mar 07 1993 22:39:02 +00:00 c2950-i6k2l2q4-mz.121-22.EA13.bin
3 -rwx 2316 May 29 2008 20:32:10 +00:00 vlan.dat
4 -rwx 112 Mar 07 1993 22:36:10 +00:00 info
16 -rwx 2804 Mar 01 1993 00:08:25 +00:00 config.old
22 -rwx 333 Mar 07 1993 22:40:48 +00:00 env_vars
334 -rwx 24 Mar 01 1993 21:04:28 +00:00 private-config.text
6 drwx 4416 Mar 07 1993 22:40:04 +00:00 html
19 -rwx 112 Mar 07 1993 22:40:39 +00:00 info.ver
24 -rwx 2068 Mar 01 1993 21:04:28 +00:00 config.text
7741440 bytes total (2138624 bytes free)If by some happy chance you’ve got more than 16Mb flash you probably have room for two images. But I think this is not the case, so you will have to erase the flash. You can go file by file with delete, but you’re better off just recursively wiping it like this.
SW02#delete /recursive flash:Give yourself some peace of mind, and write the current running configuration to flash again to make sure it isn’t lost when you reboot. The startup config is written to an internal nvram flash, so this probably isn’t required, but I do it because it makes me feel better.
SW02#copy run startNow the switch is ready to load the images from your TFTP server. Remember that TFTP is a UDP protocol, and has no inherent error correction — so make sure the link between the TFTP server and the switch is not lossy (like wireless or over the internet), a server on the same IP subnet is a good solution.
You can load a binary IOS image by tftp like this: copy tftp flash and then just follow the prompts in the script. But the problem is that the binary IOS image doesn’t have the web interface files, and you (probably) don’t have the space to copy the archived binary+webfiles and then extract it locally. So Cisco has a script that can download the archived binary+webfiles and extract it on the fly.
SW02#archive tar /xtract tftp://192.168.2.11/c2950-i6k2l2q4-tar.121-22.EA13.tar flash:And now you watch the magic. Once the system is done downloading and extracting the images, you will reload and if all went well, you’ll be running on the new code.
NB: If you managed to squeeze two IOS binaries on one image, you will have to specify which one you want to boot from — this is not an issue if you erased the flash as described earlier.
- Figure out exactly which binary you want to boot from; use dir to list the files and look for those that end in “.bin”
- Make sure that there isn’t already a boot variable set;
sh run | i bootshould list any entries. If they’re in there, remove them. These boot parameters are processed in order, so you want to make sure your new image is first in the config — you can add the lines for any other images you’ve got on the flash after your new image. - Set the new boot image:
SW02#conf t
SW02(config)#boot system flash:/c2950-i6k2l2q4-mz.121-22.EA13.bin
SW02(config)#endFinally you write the new configuration and reload.
SW02#copy run start
SW02#reload
[...] And here is a link to the original article that you were looking for! http://wozney.ca/2009/05/07/upgrading-the-ios-on-a-switch-the-right-way/ [...]