Edit

IOSXE Upgrade

Update CPLD and ROMMON on IOS XE

Installation Steps

From ROMMON

  • Download Firmware

  • Boot to ROMMON

  • Boot to CPLD Firmware to upgrade

Directly without going to ROMMON

  • Download Firmware

  • Backup Config file

  • Set boot system to CPLD as first command

  • Set boot system to normal IOS as second commmand

  • Reboot to upgrade when CPLD firmware is loadded

  • Remove first boot system commmand

  • Reboot to normal firmware

Verification

  • show romvar | in BOOT

  • show platform

  • show hw-programmable all

Cisco 3850 IOS Upgrade

  • There are two modes: BUNDLE and INSTALL

    • INSTALL: packages are expanded to flash so boot time will be faster

    • BUNDLE: on boot, switch expand packages in .bin file before starting so it takes more time to boot

  • Check mode: show version, look for:

    • System image file is "flash:packages.conf": INSTALL, BUNDLE if file is .bin

    • Mode in the end of output

Clean up flash

  • install remove inactive: remove all inactive packages

  • request platform software package clean [switch $number]: remove inactive packages

Install software in bundle mode

  • request platform software package install switch all flash:$filename.bin auto-copy: expand and install software, auto-copy will copy to other member switches

Rollback version

  • This can be done in two ways:

  1. request platform software package install switch all rollback on-reboot

  2. Change config in flash:packages.conf

  • rename flash:packages.conf flash:packages.conf.bak

  • rename flash:packages.conf.00 flash:packages.conf

  • make sure the pkg files are present and ensure they are the some on all switches. Check all flashes such as flash-1: flash-2:

Verification

  • show version: check version and install/bundle mode, the member switch is listed in the end

  • show switch [details|stack-ports]: show stack status

  • show redundancy: show sso mode

    • if communications is not UP: check stack cable

  • dir flash-1: view flash in switch 1

  • dir flash-2: view flash in switch 2

  • more flash:packages.conf: view content of flash:packages.conf

Converting from INSTALL to BUNDLE mode

  • Copy ios.bin to flash.

  • Copy it to all other stack members: copy flash:$ios.bin flash-$number:$ios.bin. Without filename in destination, file wasn't saved per testing.

  • Verify it's copied to all members: show flash-1:, show flash-2: and so on

  • Change boot command:

  • Verify:

    • show boot

    • show boot system switch $number

  • Reload if everything is set correctly

Reference

  • Instructions for Addressing the Cisco Secure Boot Hardware Tampering Vulnerability on Cisco ISR 4000 Series Routers: https://www.cisco.com/c/en/us/td/docs/routers/access/4400/fpga-upgrade/isr4000_fpga-upgradev2.html#reference_d1d_gl5_4cb

  • Release Note IOS XE Release 17: https://www.cisco.com/c/en/us/support/ios-nx-os-software/ios-xe-17/products-release-notes-list.html

  • Catalyst 3850 Upgrade Process: https://learnduty.com/network-techs/catalyst-3850-upgrade-process-step-by-step/

  • Troubleshooting 3850 and 3650 switches: https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/BRKARC-3146.pdf

  • Catalyst 3850 Boot Mode Conversion: https://content.cisco.com/chapter.sjs?uri=%2Fsearchable%2Fchapter%2Fc%2Fen%2Fus%2Ftd%2Fdocs%2Fswitches%2Flan%2FDenali_16-1%2FConfigExamples_Technotes%2FConfig_Examples%2FMisc%2Fqos%2Fm_install_vs_bundle.html.xml&platform=Cisco%20Catalyst%203850%20Series%20Switches&release=IOS%20XE%20Denali%2016.1.x

  • Maintaining Catalyst 3850 Switch: https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3850-series-switches/117552-technote-cat3850-00.html#anc4

PreviousAAANextReference

Last updated