Cisco Nexus 3600 Platform FPGA/EPLD Upgrade Release Notes, Release 10.5(3)
This document lists the current and past versions of EPLD images and describes how to update them for use with the Cisco Nexus 3636C-R, and 36180YC-R switches.
The table lists the changes to this document.
Date |
Description |
April 24, 2025 |
Introduction
Deciding When to Upgrade EPLDs
Switch Requirements
EPLD Upgrades Available for NX-OS Mode Release 10.5(3)
Determining Whether to Upgrade EPLD Images
Downloading the EPLD Images
Verifying the EPLD Upgrades
Displaying the Status of EPLD Upgrades
Cisco Secure Boot Hardware Tampering Vulnerability and Remediation Steps
Related Documentation
Legal Information
The Cisco Nexus 9000 Series NX-OS mode switches contain several programmable logic devices (PLDs) that provide hardware functionalities in all modules. Cisco provides electronic programmable logic device (EPLD) image upgrades to enhance hardware functionality or to resolve known issues. PLDs include EPLDs, field programmable gate arrays (FPGAs), and complex programmable logic devices (CPLDs), but they do not include ASICs. In this document, the term EPLD is used for FPGA and CPLDs.
The advantage of having EPLDs for some module functions is that when you need to upgrade those functions, you just upgrade their software images instead of replacing their hardware.
Note: EPLD image upgrades for a line card disrupt the traffic going through the module because the module must power down briefly during the upgrade. The system performs EPLD upgrades on one module at a time, so at any one time the upgrade disrupts only the traffic going through one module.
Cisco provides the latest EPLD images with each release. Typically, these images are the same as provided in earlier releases but occasionally some of these images are updated. These EPLD image updates are not mandatory unless otherwise specified. The EPLD image upgrades are independent from the Cisco In Service Software Upgrade (ISSU) process, which upgrades the system and kickstart images with no impact on the network environment.
Note: Beginning with Release 10.5(3), Cisco provides a single image for NXOS and EPLD images. There will no longer be separate images. Instead, the EPLD image is bundled with all NXOS images and so the image sizes are correspondingly larger.
Here’s the link to Cisco Nexus 3600 Series NX-OS Software Upgrade and Downgrade Guide, Release 10.5(x).
Starting with release 10.5(3), Cisco Nexus 3600 series top of rack (TOR) -R switches will use the 64-bit Cisco NXOS image file name with nxos64-msll as the prefix (for example, nxos64-msll.10.5.3.F.bin) for EPLD upgrades.
When Cisco makes an EPLD image upgrade available, these release notes announce their availability, and you can download them from here Software Download page.
When new EPLD images are available, the upgrades are always recommended if your network environment allows for a maintenance period in which some level of traffic disruption is acceptable. If such a disruption is not acceptable at this time, then you might consider postponing the upgrade until a better time.
Note: The EPLD upgrade operation is a disruptive operation. You should execute this operation only at a programmed maintenance time. The system ISSU upgrade is a nondisruptive upgrade.
Note: The EPLD upgrade will cause the 3600 TOR switch to reload.
· The Cisco Nexus 3600-R switches must be running the Cisco NX-OS operating system.
· You must be able to access the switch through a console, SSH, or Telnet (required for setting up a switch running in NX-OS mode but not required for a switch running in ACI-mode).
· You must have administrator privileges to work with the Cisco Nexus 9000 Series switch.
Each EPLD image that you can download from Software Download page, is a bundle of EPLD upgrades. To see the updated EPLD versions for the Cisco Nexus 3600 platform switches, see the table.
Note: All updates to an image are shown in boldface
Available EPLD Images for the Cisco Nexus 3600 Platform Switches
Component |
EPLD |
Release |
Release 9.3(1) |
Release 9.3(3) |
Release 9.3(4) |
Release 9.3(5) |
Release 10.5(3) |
Cisco Nexus 36180YC-R |
MIFPGA |
0x4 (0.004) |
0x4 (0.004) |
0x4 (0.004) |
0x4 (0.004) |
0x4 (0.004) |
0x4 (0.004) |
IOFPGA |
0x6 (0.006) |
0x7 (0.007) |
0x8 (0.008) |
0x8 (0.008) |
0x8 (0.008) |
0x11 (0.011) |
|
CPU IOFPGA |
0x6 (0.006) |
0x8 (0.008) |
0x9 (0.009) |
0x9 (0.009) |
0x9 (0.009) |
0x9 (0.009) |
|
Cisco Nexus 3636C-R |
MIFPGA |
0x1 (0.001) |
0x1 (0.001) |
0x1 (0.001) |
0x1 (0.001) |
0x1 (0.001) |
0x1 (0.001) |
IOFPGA |
0x5 (0.005) |
0x6 (0.006) |
0x7 (0.007) |
0x7 (0.007) |
0x7 (0.007) |
0x7 (0.007) |
|
|
CPU IOFPGA |
0x6 (0.006) |
0x8 (0.008) |
0x9 (0.009) |
0x9 (0.009) |
0x9 (0.009) |
0x9 (0.009) |
To determine which devices need upgraded EPLDs, use the show install impact epld bootflash: command for a device and indicate the latest NXOS image file (nxos64-msll.10.5.3.F.bin). The output for this command indicates the current EPLD images, new EPLD images, and whether the upgrades would be disruptive to switch operations. If the currently installed EPLD version number is greater than the new EPLD image number, you can skip the upgrade.
■ To determine the EPLD upgrades needed for a Cisco Nexus 3600 series TOR -R switches, use the show install impact epld bootflash: command on that switch and indicate the nxos64-msll.10.5.3.F.bin. In the following example, the IOFPGA and CPU IOFPGA EPLD images can be upgraded for the switch. These upgrades are disruptive.
Before you can prepare the EPLD images for installation, you must download them to the FTP or management server.
Note: Starting with release 10.5(3), Cisco Nexus 3600 series top of rack (TOR) -R switches will use the 64-bit Cisco NXOS image file name with nxos64-msll as the prefix (for example, nxos64-msll.10.5.3.F.bin) for EPLD upgrades.
1 |
· From a browser, go to Software Download page. · The browser will display the Cisco website. |
2 |
· From the Products & Services tab, choose Switches. · The Switches page opens. |
3 |
· In the Switches page, click Data Center Switches. · The page lists the Data Center products. |
4 |
· Click Nexus 3000 Series Switches. · The Cisco Nexus 3000 Series Switches page opens. |
5 |
· Choose a Cisco Nexus 3600 platform switch from the list under Data Center Switches > Cisco Nexus 3000 Series Switches. · The Downloads page opens and lists the software types. |
6 |
· From the software types, choose NX-OS System Software. · A new page opens with different NX-OS releases and images. |
7 |
· Choose the latest release: 10.5(3)F. |
8 |
· Log In as follows: ■ If you are an existing user, enter your username and password. ■ If you are a new user, click Register Now and provide the required information before returning to the Log In page and logging in with your new username and password. |
9 |
· Click Download. · The Supporting Documents page opens to display the rules for downloading the software. |
10 |
· Read the rules and click Agree. · A File Download dialog box opens to ask if you want to open or save the images file. |
11 |
· Click Save. · The Save As dialog box appears. |
12 |
· Indicate where to save the Tar file and click Save. · Please navigate through the download page to choose. The Tar file saves to the location that you specified. |
To install the EPLD upgrades needed for a Cisco Nexus 9000 Series switch running 10.5(3) software, use the install epld bootflash:<image-name> module all command on that switch. Where the image-name given is nxos64-msll.10.5.3.F.bin. First, copy this file to the bootflash to proceed. In this example, the IOFPGA EPLD image need to be upgraded.
Note: The CLI content in this document is only an example. The CLI output might change depending on the hardware/software.
switch# install epld bootflash: nxos64-msll.10.5.3.F.bin module all
Compatibility check:
Module Type Upgradable Impact Reason
------ ---- --------- ------ -------
1 SUP Yes disruptive Module Upgradable
Retrieving EPLD versions.... Please wait.
Images will be upgraded according to the following table:
Module Type EPLD Running-Version New-Version Upg-Required
1 SUP MI FPGA 0x04 0x04 No
1 SUP IO FPGA 0x10 0x11 Yes
1 SUP CPU IOFPGA 0x09 0x09 No
The above modules require upgrade. EPLD Upgrade may result in multiple modules going offline. The switch will be reloaded at the end of the upgrade.
Do you want to continue (y/n) ? [n] y
Proceeding to upgrade Modules.
Starting Module 1 EPLD Upgrade
Module 1 : IO FPGA [Programming] : 100.00% ( 64 of 64 sectors)
Module 1 EPLD upgrade is successful…
Module Type Upgrade-Result
------- ----- --------------
1 SUP Success
Module 1 EPLD upgrade is successful.
Reseting Active SUP (Module 1) FPGAs. Please wait...
Reload in 10 seconds......
switch#
Beginning with Release 10.5(3), the EPLD image can be upgraded along with the nxos image during install all. To upgrade your EPLD image using the install all command, use install all nxos <image-name>. This command will upgrade both NXOS and EPLD, if required.
switch# install all nxos nxos64-msll.10.5.3.F.bin
Installer will perform compatibility check first. Please wait.
Installer is forced disruptive
Verifying image bootflash:/nxos64-msll.10.5.3.F.bin for boot variable "nxos".
[####################] 100% -- SUCCESS
Verifying EPLD/FPGA image //bootflash/nxos64-msll.10.5.3.F.bin.
[####################] 100% -- SUCCESS
Verifying image type.
[####################] 100% -- SUCCESS
Preparing "nxos" version info using image bootflash:/nxos64-msll.10.5.3.F.bin.
[####################] 100% -- SUCCESS
Preparing "bios" version info using image bootflash:/nxos64-msll.10.5.3.F.bin.
[####################] 100% -- SUCCESS
Performing module support checks.
[####################] 100% -- SUCCESS
Notifying services about system upgrade.
[####################] 100% -- SUCCESS
Compatibility check is done:
Module bootable Impact Install-type Reason
------ ------- -------- ---------- ---------------------
1 yes disruptive reset default upgrade is not hitless
Images will be upgraded according to the following table:
Module Image Running-Version(pri:alt) New-Version Upg-Required
1 lnxos 10.5(3) 10.5(3) no
27 bios v01.08(12/05/2024):v01.07(08/18/2017) v01.08(12/05/2024) no
FPGA microcode will be upgraded according to the following table:
Module Type EPLD Running-Version New-Version Upg-Required
1 SUP MI FPGA 0x04 0x04 No
1 SUP IO FPGA 0x10 0x11 Yes
1 SUP CPU IOFPGA 0x09 0x09 No
EPLD Upgrade may result in multiple modules going offline.
Switch will be reloaded for disruptive upgrade.
Do you want to continue with the installation (y/n) ? [n] y
Install is in progress, please wait.
Performing runtime checks.
[####################] 100% -- SUCCESS
Setting boot variables.
[####################] 100% -- SUCCESS
Performing configuration copy.
[####################] 100% -- SUCCESS
Module 1: Refreshing compact flash and upgrading bios/loader/bootrom.
Warning: please do not remove or power off the module at this time.
[####################] 100% -- SUCCESS
EPLD/FPGA upgrade can take up to 4 minutes.
Performing EPLD/FPGA upgrade .
[####################] 100% -- SUCCESS
Finishing the upgrade, switch will reboot in 10 seconds.
Install has been successful.
switch#
NXOS system and EPLD upgrades are disruptive Cisco Nexus 3600 Series switches. If the switch does not need to be reloaded after EPLD upgrade, use the install all nxos <image- name> no-reload command. This command will program a new EPLD image. However, explicit power cycle or reload of the switch is required for the new EPLD image to take effect.
To upgrade only NXOS, you can use the skip-epld option. Use this command: install all nxos <image-name> skip-epld
For additional information about ISSU, please see the Cisco Nexus 9000 Series NX-OS Software Upgrade and Downgrade Guide.
To verify the EPLD upgrades for a switch or its modules, use the show version module slot_number epld command:
■ To verify updates for a module, indicate the chassis slot number for slot_number.
switch# show version module 1 epld
To display the status of EPLD upgrades on the switch, use the show install epld status command.
Secure Boot Hardware Tampering Vulnerability advisory: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot
The below link describes how to update the EPLD for Cisco Nexus 9000 Series switches and Cisco Nexus 3600 Series switches to address the Secure Boot Vulnerability.
The entire Cisco NX-OS 3000 Series documentation set.
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus9k-docfeedback@cisco.com.. We appreciate your feedback.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.