PDF(389.2 KB) View with Adobe Reader on a variety of devices
Updated:February 16, 2016
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Cisco Nexus 3000 Series NX-OS Software Upgrade and Downgrade Guide, Release 6.x
First Published: December 2013
Last Modified: October 2020
This document describes how to reboot Nexus 3000 and Nexus 3100 Series switches, and upgrade or downgrade the Cisco NX-OS software on Cisco Nexus 3000 and Nexus 3100 Series switches.
Cisco Nexus 3000 Series switches are shipped with the Cisco NX-OS software preinstalled on the switches. Before upgrading or downgrading from an existing image, you should read through the information in this document to understand the guidelines, prerequisites, and procedures for upgrading the software. For updated information about the Cisco NX-OS software for the Cisco Nexus 3000 Series switch, see the Cisco Nexus 3000 Series Release Notes.
The Cisco NX-OS software consists of the kickstart image and the system image. The system image includes the software for the Cisco Nexus 3000 and Nexus 3100 Series switches. The images contain a major release identifier, a minor release identifier, and a maintenance release identifier, and they can also contain a rebuild identifier, which may also be referred to as a support patch.
The platform designator is U for the Cisco Nexus 3000 and 3100 Series switches, A for the Cisco Nexus 3500 Series Switches, N for the Cisco Nexus 5000 and 6000 Series Switches, E for the Nexus 4000 Series Switches, and S for the Nexus 1000 Series Switches. Applicable features, functions, and fixes in the platform-independent code are present in the platform-dependent release.
Applicable fixes in the Cisco NX-OS Software Release 6.0(1a) are present in the 6.0(1a)U1(1a) release.
Supported Hardware
Cisco Nexus 3000 and Nexus 3100 Series switches are shipped with the Cisco NX-OS software preinstalled. Cisco NX-OS upgrades and downgrades are supported on the hardware listed in the following sections:
Cisco NX-OS Release 6.0(2)U2(1) introduces fast reboot. Currently, fast reboot is supported only with limited configurations and topologies on the following switches:
Cisco Nexus 3064-X
Cisco Nexus 3064-E
Cisco Nexus 3132Q
Cisco Nexus 3172PQ
Cisco Nexus 3132Q-X
During fast reboot, the system image that runs on the CPU reloads the new image and runs it without a CPU or firmware reset. Although there is a brief disruption in traffic during fast reboot, it enables a switch to reload faster than during cold reboot.
TCAM resizing requires a cold reboot.
Cisco NX-OS Release 6.0(2)U4(1) allows you to use fast reboot in a non-interruptive mode. In this mode, fast reboot begins the installation process without any prompts. In this release, fast reboot also supports BGP graceful restart (GR) for compatible peers. You can trigger a fast reboot with graceful restart by using the trigger-gr option.
Fast Reboot Timing Requirements
Fast reboot has the following timing requirements for the configurations that it supports:
Time taken to reset the ASIC and disrupt the data plane after control plane disruption—Less than 90 seconds. When the control plane is disrupted,
Time taken to resume forwarding traffic—Less than 25 seconds.
Fast Reboot Guidelines
Currently, fast reboot is supported only with limited configurations and topologies. Some of supported configurations and guidelines are listed in this section. When reloading system software by using the fast-reload command, use the supported follow these guidelines:
Configuration changes
You cannot enter configuration mode during a reload or an upgrade. You should save, commit, or discard any active configuration sessions before upgrading or downgrading the Cisco NX-OS software image. The active configuration session is deleted without a warning during a reload.
Use the show configuration session summary command to verify that there are no active configuration sessions.
switch# show configuration session summary
There are no active configuration sessions
Ensure that you check the compatibility of configurations before using the fast-reload command.
Note Do not use the fast-reload command for upgrades that may lead to kernel or BIOS changes.
For more information on configuration sessions, see the Cisco Nexus 3000 Series NX-OS System Management Configuration Guide.
Note CLI and SNMP configuration change requests are denied.
Topology—You should make topology changes such as Spanning Tree Protocol (STP) before you perform an upgrade. You should perform module installations or removals only before or after an upgrade. However, you should not make changes to the Layer 2 and routing topologies, and the default root bridge should not be configured.
Scheduling—You should upgrade when your network is stable and steady. Ensure that everyone who has access to the switch or the network is not configuring the switch or the network during this time. You cannot configure a switch during an upgrade.
Space—Verify that sufficient space is available in the location where you are copying the images. The internal bootflash requires approximately 200 MB of free space.
Hardware—Avoid power interruptions during an installation procedure. Power interruptions can corrupt the software image.
Connectivity to remote servers
Configure the IPv4 address or IPv6 address for the 10/100/1000 BASE-T Ethernet port connection (interface mgmt0). Ensure that the switch has a route to the remote server. The switch and the remote server must be in the same subnetwork if you do not have a router to route traffic between subnets.
Link Aggregation Control Protocol (LACP) fast timers—To allow fast-reload, ensure that LACP fast timers are not configured.
Software image—Ensure that the specified system and kickstart images are compatible with each other as follows:
– If the kickstart image is not specified, the switch uses the current running kickstart image.
– If you specify a different system image, ensure that it is compatible with the running kickstart image.
If you specify the kickstart and system images and do not specify the save-config option, the kickstart and system boot variables will not be saved. If this happens, the subsequent reload will be done with the old kickstart and system images as the boot variables.
Retrieve compatible images in one of two ways:
– Locally—Images are locally available on the switch.
– Remotely—Images are in a remote location and you specify the destination using the remote server parameters and the filename to be used locally.
Command—Use the following commands to prepare for and install the new software:
– Use the ping command to verify connectivity to the remote server.
– Use the dir command to verify the required space is available for the image files to be copied.
– Use the show install all impact command to identify the upgrade impact. This command also displays whether the upgrade is disruptive or the reason why the upgrade is disruptive, whether the switch needs to be rebooted, and the reason why it needs to be rebooted.
Note We recommended that you log in to the console port to begin the upgrade process.
Between control plane disruption and data plane disruption, the CPU stops responding.
Configuration—Fast reboot currently supports the following configuration:
– BGP v4 and v6
– 16-way ECMP
– 48 downlink L2 ports
– 4 SVIs
– Less than 10 VLANs
– 2000 v4 routes and 2000 v6 routes
– RACLs
– ARPs
– STP edge port configuration
Starting with Release 6.0(2)U6(1), ASCII configuration based fast-reload is also supported in addition to the PSS/binary configuration based fast-reload. The configuration is restored from the ASCII configuration file. The ASCII based configuration does not work with fast reload in the releases prior to Release 6.0(2)U6(1). It takes more time for the traffic convergence in the previous releases. The fast reload feature is also known as repaved fast reload.
The fast reload feature also supports the change in the configurations that earlier required a complete reload, for example, portmode profile, URPF enable/disable, and TCAM re-carving.
Fast reload does not upgrade the BIOS.
Downgrading or upgrading to and/or from a version that has reached EOL is not supported.
If you downgrade to a release lower than Cisco NXOS release 6.0(2)U2(1) using the install-all command, fast reload does not work.
Using the Fast-Reload Command
The fast-reload command reloads Cisco Nexus 3000 or Nexus 3100 Series switches faster than the reload command.
Starting with Release 6.0(2)U6(1), ASCII configuration based fast-reload is also supported in addition to the PSS/binary configuration based fast-reload. The Cisco Nexus 3000 Series switches do not go through a complete reset with fast reload. The boards of Cisco Nexus 3000 and 3100 Series switches have two reset domains. The reset domain 1 contains the CPU, the Platform Controller Hub (PCH), the Management Ethernet controller, the PCI bridge, the OBFL, the USB, and the Fan Controller. The reset domain 2 contains the ASIC, the PHY retimers, the SFP+ modules, and the QSFP modules. Fast reload resets only the reset domain 2 and there is no reset of CPU, reload of BIOS, and firmware. Only the kickstart and the system images are reloaded and/or upgraded with the images given during the fast reload.
After you run the fast-reload command, the following sequence of events take place:
1. The switch loads the kickstart and system images and upgrades the kernel. All applications undergo a stateless cold reboot and are restarted through startup config.
2. The control plane is disrupted. During control plane disruption, all control protocol communication stops. Control plane disruption is always less than 90 seconds.
3. After the control plane disruption, all control plane applications undergo a stateless cold reboot and do not retain their state. The new configuration is applied when the switch reloads.
4. The data plane is disrupted. Data plane disruption is always less than 25 seconds.
5. On the forwarding plane, all links become unavailable and the data plane does not retain its state after reload. Traffic forwarding is resumed within 25 seconds.
If a kickstart image or a system image is not specified, the image existing on the switch is reloaded. If the kickstart image or system image provided is a higher version than the existing version, an upgrade is triggered.
Note Ensure that you have a working image and that you analyze the impact of the fast reboot operation before using this command.
To perform fast reboot on Cisco Nexus 3000 and 3100 Series switches, use the following command:
fast-reload [trigger-gr] [kickstart kickstart_url| save-config | system system_url ]
switch# fast-reload kickstart bootflash:///846.k system bootflash:///885.s
...
Notifying services about fast-reload.
fast-reload can proceed!!
Do you want to continue with the installation (y/n)? [n] y
Time Stamp: Tue Aug 26 13:51:54 2014
Install is in progress, please wait.
.......
Time Stamp: Tue Aug 26 13:52:13 2014
Rebooting the switch to proceed with the upgrade.
All telnet and ssh connections will now be temporarily terminated.
[ 2669.654212] writing reset reason 133, <NULL>
2014 Aug 26 13:52:18 switch %$ VDC-1 %$ %USER-0-SYSTEM_MSG: Fastboot Begin - bcm_usd
[ 2671.705711] Starting new kernel
[ 2671.743203] Moving to new kernel
[ 0.000000] Fastboot Memory at 0c100000 of size 201326592
ÿUsage: init 0123POST INIT Starts at Tue Aug 26 13:52:26 UTC 2014
Loading System Software Tue Aug 26 13:52:41 UTC 2014
System Software(/isan-upgrade/isan.bin) Loaded Tue Aug 26 13:52:53 UTC 2014
ethernet switching mode
INIT: Entering runlevel: 3
Mounting other filesystems: [
Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config
Added VLAN with VID == 4042 to IF -:muxif:-
2014 Aug 26 13:53:02 switch %$ VDC-1 %$ %BCM_USD-2-BCM_USD_NOTIFICATION_IMP: FAST REBOOT ENABLED
2014 Aug 26 13:53:02 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files begin - clis
2014 Aug 26 13:53:11 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files end - clis
2014 Aug 26 13:53:11 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: init begin - clis
2014 Aug 26 13:53:32 switch %$ VDC-1 %$ %USER-0-SYSTEM_MSG: Before ASIC reset - bcm_usd
2014 Aug 26 13:53:42 switch %$ VDC-1 %$ %BCM_USD-2-ASIC_DONE:
2014 Aug 26 13:53:44 switch %$ VDC-1 %$ %VDC_MGR-2-VDC_ONLINE: vdc 1 has come online
Starting with Release 6.0(2)U6(1), ASCII configuration based fast-reload is also supported in addition to the PSS/binary configuration based fast-reload.
Note The copy file startup and fast reload are supported only for specific configurations, namely layer 3 ports with port channels, eBGP, and a few physical l2 ports having SVI only towards the hosts.
To use ASCII-file based fast reload, use the following command:
The <config_file> is an ASCII file that contains the system configurations that fast reload uses on upgrade or fast reload. It can be copied from the remote location also. If a kickstart or system image is not specified, the image existing on the switch is reloaded. If the kickstart image or the system image provided is a higher version than the existing version, an upgrade is triggered.
Note To ensure that subsequent fast reboot operations use the new kickstart and system images as the boot variables, specify the save-config option while running the fast-reload command. If the save-config option is not specified, the fast-reload command does not save the boot variables and subsequent fast reboot operations use the old kickstart and system images as boot variables.
Using the Fast-Reload Non-Interruptive Command
Cisco NX-OS Release 6.0(2)U4(1) supports the use of non-interruptive fast reboot. You can now use the fast-reload non-interruptive command to run fast-reload without any prompts.
Note Ensure that you use this command only when fast reboot is already validated to work because this command skips all the error and sanity checks.
To perform a non-interruptive fast reboot on Cisco Nexus 3000 and 3100 Series switches, use the following command:
fast-reload [kickstart kickstart_url| save-config | system system_url] non-interruptive
switch# fast-reload kickstart bootflash:///846.k system bootflash:///885.s non-interruptive
...
Notifying services about fast-reload.
fast-reload can proceed!!
Time Stamp: Tue Aug 26 13:59:59 2014
Install is in progress, please wait.
.......
Time Stamp: Tue Aug 26 14:00:19 2014
Rebooting the switch to proceed with the upgrade.
All telnet and ssh connections will now be temporarily terminated.
[ 482.921684] writing reset reason 133, <NULL>
2014 Aug 26 14:00:23 switch %$ VDC-1 %$ %USER-0-SYSTEM_MSG: Fastboot Begin - bcm_usd
[ 484.796602] Starting new kernel
[ 484.834098] Moving to new kernel
[ 0.000000] Fastboot Memory at 0c100000 of size 201326592
ÿUsage: init 0123POST INIT Starts at Tue Aug 26 14:00:32 UTC 2014
Loading System Software Tue Aug 26 14:00:47 UTC 2014
System Software(/isan-upgrade/isan.bin) Loaded Tue Aug 26 14:00:59 UTC 2014
ethernet switching mode
INIT: Entering runlevel: 3
Mounting other filesystems: [
Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config
Added VLAN with VID == 4042 to IF -:muxif:-
2014 Aug 26 14:01:08 switch %$ VDC-1 %$ %BCM_USD-2-BCM_USD_NOTIFICATION_IMP: FAST REBOOT ENABLED
2014 Aug 26 14:01:08 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files begin - clis
2014 Aug 26 14:01:17 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files end - clis
2014 Aug 26 14:01:17 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: init begin - clis
2014 Aug 26 14:01:38 switch %$ VDC-1 %$ %USER-0-SYSTEM_MSG: Before ASIC reset - bcm_usd
2014 Aug 26 14:01:48 switch %$ VDC-1 %$ %BCM_USD-2-ASIC_DONE:
2014 Aug 26 14:01:50 switch %$ VDC-1 %$ %VDC_MGR-2-VDC_ONLINE: vdc 1 has come online
Enabling BGP Graceful Restart with Fast Reboot
Cisco NX-OS Release 6.0(2)U4(1) allows you to enable BGP graceful restarts (GR) with fast reboot. You can now use the fast-reload trigger-gr command to enable BGP GR. Use this command only when all BGP peers are GR-capable.
To enable BGP GR with fast reboot on Cisco Nexus 3000 and 3100 Series switches, use the following command:
fast-reload trigger-gr [kickstart kickstart_url| save-config | system system_url] [non-interruptive]
switch# fast-reload trigger-gr kickstart bootflash:///846.k system bootflash:///885.s non-interruptive
...
Notifying services about fast-reload.
fast-reload can proceed!!
Time Stamp: Tue Aug 26 14:21:10 2014
Install is in progress, please wait.
.......
Time Stamp: Tue Aug 26 14:21:29 2014
Rebooting the switch to proceed with the upgrade.
All telnet and ssh connections will now be temporarily terminated.
[ 734.744176] writing reset reason 133, <NULL>
2014 Aug 26 14:21:34 switch %$ VDC-1 %$ %USER-0-SYSTEM_MSG: Fastboot Begin - bcm_usd
[ 736.705384] Starting new kernel
[ 736.742862] Moving to new kernel
[ 0.000000] Fastboot Memory at 0c100000 of size 201326592
ÿUsage: init 0123POST INIT Starts at Tue Aug 26 14:21:42 UTC 2014
Loading System Software Tue Aug 26 14:21:57 UTC 2014
System Software(/isan-upgrade/isan.bin) Loaded Tue Aug 26 14:22:08 UTC 2014
ethernet switching mode
INIT: Entering runlevel: 3
Mounting other filesystems: [
Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config
Added VLAN with VID == 4042 to IF -:muxif:-
2014 Aug 26 14:22:17 switch %$ VDC-1 %$ %BCM_USD-2-BCM_USD_NOTIFICATION_IMP: FAST REBOOT ENABLED
2014 Aug 26 14:22:18 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files begin - clis
2014 Aug 26 14:22:27 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: loading cmd files end - clis
2014 Aug 26 14:22:27 switch %$ VDC-1 %$ %USER-2-SYSTEM_MSG: CLIS: init begin - clis
2014 Aug 26 14:22:48 switch %$ VDC-1 %$ %USER-0-SYSTEM_MSG: Before ASIC reset - bcm_usd
2014 Aug 26 14:22:58 switch %$ VDC-1 %$ %BCM_USD-2-ASIC_DONE:
2014 Aug 26 14:23:00 switch %$ VDC-1 %$ %VDC_MGR-2-VDC_ONLINE: vdc 1 has come online
Upgrading and Downgrading using Fast Reboot
Upgrading
You can upgrade the software on a switch by using fast reboot. To upgrade, you must specify either the kickstart image or the system image.
Note BIOS upgrade is not supported by fast reboot. Fast reboot does not work with BIOS versions that are not compatible.
Before you begin
Ensure that the version of the kickstart image or the system image specified in the fast-reload command is higher than the version of the image currently existing on the switch.
Ensure that the specified system and kickstart images are compatible with each other.
switch# fast-reload kickstart bootflash:///ei479.k system bootflash:///ei488.s
...
Notifying services about fast-reload.
fast-reload can proceed!!
Do you want to continue with the installation (y/n)? [n] y
[ 481.099432] writing reset reason 133, <NULL>
2010 Nov 18 07:56:55 switch %$ VDC-1 %$ Nov 18 07:56:55 %KERN-0-SYSTEM_MSG: [ 4
Downgrading the system software by using fast reboot is not supported. To downgrade the system software, use the install all command instead of fast reboot.
Using the Install All Command
The install all command triggers a disruptive software install on Cisco Nexus 3000 and Nexus 3100 Series switches. The following images are upgraded during the installation:
Kickstart image
System image
System BIOS
Power sequencers on the system
The install all command provides the following benefits:
You can upgrade the Cisco Nexus 3000 Series switches by using just one command.
You can receive descriptive information about the intended changes to your system before you continue with the installation. For example, it identifies potential disruptive upgrades.
You can continue or cancel the upgrade when you see this question (the default is no):
Do you want to continue (y/n) [n] : y
You can also use the install all non-interruptive command to install a new image without any prompts.
The command automatically checks the image integrity, which includes the running kickstart and system images. The command sets the kickstart and system boot variables.
The command performs a platform validity check to verify that a wrong image is not used.
Pressing Ctrl +C gracefully ends the install all command. The command sequence completes the update step in progress and returns to the EXEC prompt.
After entering the install all command, if any step in the sequence fails, the upgrade ends.
The following message appears to warn you about the impact of upgrading the power sequencer:
Warning: please do not remove or power off the module at this time.
Note: Power-seq upgrade needs a power-cycle to take into effect.
Note After a successful power sequence upgrade, you must switch off the power to the system and then power it up.
Using the Install All Non-Interruptive Command
Cisco NX-OS Release 6.0(2)U4(1) supports the use of non-interruptive install all. You can now use the install all non-interruptive command to install a new image without any prompts.
To perform a non-interruptive install all on Cisco Nexus 3000 and 3100 Series switches, use the following command:
install all [kickstart kickstart_url| save-config | system system_url] non-interruptive
switch# install all kickstart pcco.k system pcco.s non-interruptive
Installer is forced disruptive
Verifying image bootflash:/EI-853.k for boot variable "kickstart".
Finishing the upgrade, switch will reboot in 10 seconds.
……
……
Upgrading the BIOS and Power Sequencer Images
Changes to BIOS and power sequencers are rare; however, when they occur, they are included in the Cisco NX-OS system image, and the BIOS and power sequencer are upgraded. The summary displayed by the installer during the installation process indicates the current version of the BIOS and power sequencer and the target version.
Note After a successful power sequence upgrade, you must switch off the power to the system and then power it up.
Software Upgrades
Upgrade Guidelines
Upgrading Cisco NX-OS Software by changing the boot-variables and performing a reload is not supported. This may result in unexpected behavior.
Ensure that you use the install all command to upgrade the switch software from one Cisco NX-OS release to another.
If you upgrade to Cisco NX-OS Release 6.0(2)U4(1), run the copy r s command to ensure that VRF information is not missing in the startup configuration.
Cisco Nexus 3000 Series switches that use software versions older than Cisco NX-OS Release 5.0(3)U5(1) need to be updated to Cisco NX-OS Release 5.0(3)U5(1) before they are upgraded to Cisco NX-OS Release 6.0(2).
Cisco Nexus N3K-C3048TP-1GE-SUP Series switches that use software versions older than Cisco NX-OS Release 6.0(2)U6(2) need to be updated to Cisco NX-OS Release 6.0(2)U6(2a) before they are upgraded to Cisco NX-OS Release 6.0(2)U6(3) or later releases
For the N3K-C3048TP-1GE-SUP platform, if you are using software versions older than Cisco NX-OS Release 5.0(3)U5(1), upgrade to Cisco NX-OS Release 5.0(3)U5(1) first, then upgrade to Cisco NX-OS Release 6.0(2)U6(2a), and finally upgrade to 6.0(2)U6(7) or a latest release.
Cisco NX-OS Release 5.0(3)U3(1) does not support a software upgrade from Cisco NX-OS Release 5.0(3)U2(2c). If you want to upgrade through this path, see CSCty75328 for details about how to work around this issue.
In Cisco NX-OS Release 5.0(3)U3(1), support for IPv6 was added in Control Plane Policing (CoPP). To enable redirection of IPv6 control packets to the CPU, you must configure IPv6 CoPP on the system. Running the write erase command on a device that runs Release 5.0(3)U3(1) automatically applies CoPP on the device and ensures that all IPv4 and IPv6-related CoPP configuration is set up correctly.
If you upgrade from a Cisco NX-OS release that does not support the CoPP feature to a release that does support the CoPP feature, you must run the setup utility after the upgrade to enable CoPP on the device.
If you upgrade from Cisco NX-OS Release 5.0(3)U2(2), which supports the CoPP feature, to Cisco NX-OS Release 5.0(3)U3(1), which adds CoPP classes for IPv6 support, you must run the setup script to enable the IPv6 CoPP feature on the device.
In Cisco NX-OS Release 6.0(2)U2(2), the default interface name in LLDP MIB is in short form. To make it long form, you must set lldp portid-subtype to 1. In Cisco NX-OS Release 6.0(2)U2(3), this behavior was reversed. The default interface name in LLDP MIB is now in long form. To make it short form, you must set lldp portid-subtype to 0.
If you have set lldp port-subtype to 1 and you are upgrading to Cisco NX-OS Release 6.0(2)U2(4), ensure that you set lldp port-subtype to 0.
Upgrade Prerequisites
Ensure that the network is stable and no changes are made while an upgrade is in progress.
Ensure that you check for feature compatibility between the current running release and the target release.
Management Services After an Upgrade
Before the switch is reset for an upgrade, inband and management ports are brought down and are brought back up after the upgrade completes. Services that depend on the inband and management ports are impacted during this time.
Table 1-1 Inband and Management Ports Services Impacted During Upgrade Reset
Service
Description
Telnet/SSH
When an upgrade resets the system to load the target Cisco NX-OS version, all Telnet/SSH sessions are disconnected and need to be reestablished after the upgrade completes.
AAA/RADIUS
Applications that leverage the AAA Service (such as login) are disabled during an upgrade, because all Network Management services are disabled during this time, this behavior is consistent.
HTTP
HTTP sessions to the switch are disconnected during an upgrade reboot. After the reboot, the HTTP is restarted and the switch will accept an HTTP sessions.
NTP
NTP sessions to and from the switch are disrupted during an upgrade reboot. After the reboot, NTP session are reestablished based on the saved startup configuration.
Layer-2 Protocols Impact
The following table lists the upgrade impacts to Layer 2 protocols.
Table 1-2 Upgrade Impact to Layer 2 Protocols
Protocol
Description
LACP
IEEE 802.3ad provides for the default slow aging timers to be transmitted once every 30 seconds in steady state and to expire after 90 seconds. Upgrade should not impact peers that rely on LACP because the recovery time is less than 90 seconds.
IGMP
IGMP does not disrupt existing flows of multicast traffic that are already present, but new flows are not learned (and are dropped) until an upgrade completes. New router ports or changes to router ports are not detected during this time.
DCBX and LLDP
DCBX uses LLDP to exchange parameters between peer devices. Because DCBX is a link-local protocol, when the switch undergoes an upgrade, the age time is increased on all ports on the switches that are being upgraded.
Manual configurations are ignored during this time.
CDP
During an upgrade, the time-to-live value is increased (180 seconds) if it is less than the recommended timeout value. The configuration is ignored if manually specified.
L2MP IS-IS
Before a switch reboots for an upgrade, the switch transmits L2 IS-IS hellos on all interfaces to prevent neighbor switches from marking routes to the upgrade switch as down. Any topology changes during this time are also not acted upon until the upgrade completes.
Ethernet Interfaces on the Switch
To avoid link down to link up transitions during the control plane outage time, the laser is turned off for administratively up ports that are operationally down. This situation occurs during the upgrade reboot starting state. After the upgrade reboot and a stateful restart, the laser is turned back on. This action prevents the link state from transitioning from down to up during an upgrade.
PreInstallation Checks
You should do certain sanity checks to ensure that the system is ready for an upgrade and to understand the impact of the upgrade:
Enter the show incompatibility command to verify that the target image is feature-wise compatible with the current image.
Enter the show logging level command to ensure that the severity level for all processes is set to 5 or below.
Enter the show install all impact command to identify the upgrade impact.
Enter the install all command to update to the latest Cisco NX-OS software.
Review the installer impact analysis and choose to continue.
Note The switch might reload at this time and cause a traffic disruption.
Monitor the installation progress.
Verify the upgrade.
Enter the show install all status command to verify the status of the installation
The following table lists the show commands that identify the impact or potential problems that may occur when performing an upgrade.
Table 1-3 Upgrade show Commands
Command
Definition
show incompatibility system
Displays incompatible configurations on the current system that will impact the upgrade version.
show logging level
Displays the facility logging severity level configuration.
Logging levels for all processes must be set at 5 or below when performing an upgrade. Processes with a logging level greater than 5 are not displayed when you enter the show install all impact command.
show install all impact
Displays information that describes the impact of the upgrade. This command also displays if the upgrade is disruptive or not and if the switch needs to be rebooted and the reason why.
You can also perform the following tasks to identify potential problems before they occur:
Ensure that you have enough space to store the images on bootflash:
Display incompatible configurations on the current system that will impact the upgrade version.
switch# show incompatibility system pcco.s
No incompatible configurations
Verify the impact of the upgrade.
switch# show install all impact kickstart pcco.k system pcco.s
Installer is forced disruptive
Verifying image bootflash:/pcco.k for boot variable "kickstart".
[####################] 100% -- SUCCESS
Verifying image bootflash:/pcco.s for boot variable "system".
[####################] 100% -- SUCCESS
Verifying image type.
[####################] 100% -- SUCCESS
Extracting "system" version from image bootflash:/pcco.s.
[####################] 100% -- SUCCESS
Extracting "kickstart" version from image bootflash:/pcco.k.
[####################] 100% -- SUCCESS
Extracting "bios" version from image bootflash:/pcco.s.
The upgrade process is triggered when you enter the install all command. This section describes the sequence of events that occur when you upgrade a single Cisco Nexus 3000 Series switch.
Note Cisco Nexus 3000 Series switches that use software versions older than Release 5.0(3)U5(1) need to be updated to Release 5.0(3)U5(1) before they are upgraded to Release 6.0(2).
The following table shows an overview of the upgrade process.
Table 1-4 Upgrade Process At-A-Glance
Upgrade Preparation
1. Log in to the first Cisco Nexus 3000 Series switch. We recommend that you log in to the console port. In vPC topologies, the first upgrade can be performed on either the primary or secondary switch in the topology.
2. Log in to Cisco.com to access the Software Download Center. To log in to Cisco.com, go to http://www.cisco.com/ and click Log In at the top of the page. Enter your Cisco username and password.
3. Choose and download the kickstart and system software files to the server.
4. Verify that the required space is available in the bootflash: directory for the image file(s) to be copied.
5. If you need more space in the bootflash: directory, delete unnecessary files to make space available.
6. Copy the Cisco NX-OS kickstart and system images to the bootflash using a transfer protocol such as ftp:, http:, tftp:, scp:, or sftp.
7. Compare the file sizes of the images that were transferred using the dir bootflash command. The file sizes of the images obtained from Cisco.com and the image sizes of the transferred files should be the same.
8. Complete the above Step 1 through Step 7 for each Cisco Nexus 3000 Series switch in the topology.
Pre-upgrade Checks
1. Enter the show incompatibility command to verify that the target image is feature-wise compatible with the current image.
2. Enter the show install all impact command to identify the upgrade impact.
Upgrade Begins
1. Enter the install all command to update to the latest Cisco NX-OS software.
2. Peruse the installer impact analysis and accept to proceed.
3. Installer on Nexus 3000 upgrades the software – the switch will now run new version of the software.
Upgrade Verification
1. Enter the show install all status command to verify the status of the installation.
Copying the Running Configuration from an External Flash Memory Device
You can copy configuration files from an external flash memory device.
Note This procedure applies to the Cisco Nexus 3000 Platform running Cisco NX-OS Release 6.0.2 and later releases.
Before You Begin
Insert the external flash memory device into the active supervisor module.
Command or Action
Purpose
Step 1
dir { usb1 : | usb2 :}[ directory/ ]
Example:
switch# dir usb1:
(Optional) Displays the files on the external flash memory device.
(Optional) You can copy the running configuration from an external flash memory device to the bootflash.
Step 5
show running-config
Example:
switch# show running-config
(Optional) Displays the running configuration.
Step 6
copy running-config startup-config
Example:
switch# copy running-config startup-config
(Optional) Copies the running configuration to the startup configuration.
Step 7
show startup-config
Example:
switch# show startup-config
(Optional) Displays the startup configuration.
Copying the Startup Configuration from an External Flash Memory Device
You can recover the startup configuration on your Cisco NX-OS device by downloading a new startup configuration file saved on an external flash memory device.
Note This procedure applies to the Cisco Nexus 3000 Platform running Cisco NX-OS Release 6.0.2 and later releases.
Before You Begin
Insert the external flash memory device into the active supervisor module.
Command or Action
Purpose
Step 1
dir { usb1 : | usb2 :}[ directory/ ]
Example:
switch# dir usb1:
(Optional) Displays the files on the external flash memory device.
Last reset at 134 usecs after Sun Nov 3 07:27:54 2013
Reason: Reset due to fast-reload
System version: 6.0(2)U2(1Z)
Service:
plugin
Core Plugin, Ethernet Plugin
Upgrade Process for a vPC Topology on the Primary Switch
The following list summarizes the upgrade process on a switch in a vPC topology that holds either the Primary or Operational Primary vPC roles. Steps that differ from a switch upgrade in a non-vPC topology are in bold.
Note In vPC topologies, the two peer switches must be upgraded individually. An upgrade on one peer switch does not automatically update the vPC peer switch.
1. The install all command issued on the vPC primary switch triggers the installation upgrade.
2. The compatibility checks display the impact of the upgrade.
3. The installation proceeds or not based on the upgrade impact.
4. The configuration is locked on both vPC peer switches.
5. The current state is saved.
6. The system unloads and runs the new image.
7. The stateful restart of the system software and application occurs.
8. The installer resumes with the new image.
9. The installation is complete.
When the installation is complete, the vPC primary switch is upgraded.
Note The vPC primary switch is running the upgraded version and the vPC secondary switch is running the original software version.
Upgrade Process for a vPC Topology on the Secondary Switch
The following list summarizes the upgrade process on a switch in a vPC topology that holds either the Secondary or Operational Secondary vPC roles. Steps that differ from a switch upgrade in a non-vPC topology are in bold.
1. The install all command issued on the vPC secondary switch triggers the installation upgrade.
2. The compatibility checks display the impact of the upgrade.
3. The installation proceeds or not based on the upgrade impact.
4. The current state is saved.
5. The system unloads and runs the new image.
6. The stateful restart of the system software and application occurs.
7. The installer resumes with the new image.
8. The configuration is unlocked on the primary and secondary switches.
9. The installation is complete.
Monitoring the Upgrade Status
Table 1-5 lists the show commands that are used to monitor installation upgrades.
Table 1-5 Monitoring the Upgrade Process
Command
Definition
show install all failure-reason
Displays the applications that failed during an installation and why the installation failed.
show install all status
Displays a high-level log of the installation.
show system internal log install details
Displays detailed logs of the last installation-related command.
show system internal log install history
Displays detailed logs of the last five installation-related commands, from the oldest to the newest logs.
show tech-support
Displays the system and configuration information that you can provide to the Cisco Technical Assistance Center when reporting a problem.
Downgrading from a Higher Release
The procedure for entering the install all command to downgrade the switch is identical to using the install all command for a switch upgrade, except that the image files to be loaded are for an earlier release than the image that is currently running on the switch. You can use the show incompatibility system command to ensure that there are no feature incompatibilities between the current release and the target release. Note that downgrades are disruptive.
Cisco NX-OS Release 6.0(2)U2(1) allows you to define an MTU value for each class in a policy map. However, in Cisco NX-OS Release 5.0(3), all classes in a policy map must have the same MTU value. Therefore, before you downgrade from Cisco NX-OS Release 6.0(2)U2(1) to Cisco NX-OS Release 5.0(3), ensure that you configure a single MTU value for all the classes in a policy map.
Note Before you downgrade to a specific release, check the release notes for the current release installed on the switch, to ensure that your hardware is compatible with the specific release. See the Cisco Nexus 3000 Series Switch Release Notes for details.
Troubleshooting Installations
Some common causes for upgrade failure are as follows:
bootflash: does not have enough space to accept the updated image.
Specified system and kickstart are not compatible.
Hardware is installed or removed while the upgrade is in process.
Any power disruption while an upgrade is in progress.
The entire path for the remote server location is not specified accurately.
Password Recovery
If you are power cycling the switch for password recovery and if Ctrl+C is used to break into the loader prompt, the contents of the boot flash are not displayed from the switch prompt and the system image can not be loaded. Only the usage for bootflash is displayed, for example:
switch(boot)# dir bootflash:
Usage for bootflash: filesystem
102490112 bytes used
316940288 bytes free
419430400 bytes total
As a workaround, reload the switch again and use Ctrl+] to break the boot sequence.
To provide technical feedback on this document, or to report an error or omission, please send your comments to nexus3k-docfeedback@cisco.com. We appreciate your feedback.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)