Upgrading the Controller Software
When you upgrade the controller software, the software on the access points associated with the controller is also automatically upgraded. When an access point is loading software, each of its LEDs blinks in succession.
Caution |
Do not power down the controller or any access point during this process; otherwise, you might corrupt the software image. Upgrading a controller with a large number of access points can take as long as 30 minutes, depending on the size of your network. However, with the increased number of concurrent access point upgrades supported in the controller software release, the upgrade time should be significantly reduced. The access points must remain powered, and the controller must not be reset during this time. |
Considerations for Upgrading Controller Software
The following are some of the general restrictions that are applicable when upgrading the controller software. For any release-specific restrictions, see the relevant release notes.
For correct interoperability among Cisco Wireless infrastructure, including but not limited to mobility among controllers, AP compatibility, we recommend that you consult the Cisco Wireless Solutions Software Compatibility Matrix at:
https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html-
For every software upgrade, we recommend that you consult the corresponding release notes for any caveats, considerations, or possible interim upgrades required to upgrade your controller(s) to the desired release of software.
-
We recommend that you have a backup of your configuration in an external repository prior to any software upgrade activity.
-
The upgrade of the controller software, with a fast connection to your TFTP, SFTP, or FTP file server, can take approximately 15 to 25 minutes or less from the start of the software transfer to reboot of controller (might take longer if the upgrade also includes a Field Upgrade Software installation during the same maintenance window). The time required for the upgrade of the associated APs might vary from one network to another, due to a variety of deployment-specific factors, such as number of APs associated with controller, speed of network connectivity between a given AP and the controller, and so on.
-
We recommend that, during the upgrade process, you do not power off controller or any AP associated with the controller.
-
Controllers support standard SNMP Management Information Base (MIB) files. MIBs can be downloaded from the Download Software area in Cisco.com.
-
The objects under the SNMP table bsnAPIfDot11CountersEntry like bsnAPIfDot11RetryCount, bsnAPIfDot11TransmittedFrameCount, and so on, per SNMP MIB description, are defined to use the index as 802.3 (Ethernet) MAC address of the AP. However, the controller sends the AP radio MAC address in snmpget, getnext, and getbulk. This is because the snmpwalk returns index using base radio MAC address instead of the AP Ethernet MAC address.
-
You can reduce the network downtime using the following options:
-
You can predownload the AP image.
For more information about predownloading the AP image, see the "Predownloading an Image to an Access Point" section.
-
For FlexConnect access points, use the FlexConnect Efficient AP upgrade feature to reduce traffic between the controller and the AP (main site and the branch).
For more information about configuring FlexConnect AP upgrades, see the "Configuring FlexConnect AP Upgrades for FlexConnect APs" chapter.
-
Upgrading Controller Software (GUI)
Before you begin
Procedure
Step 1 |
Upload your controller configuration files to a server to back them up.
|
||||
Step 2 |
Get the controller software image by following these steps: |
||||
Step 3 |
Copy the controller software image (filename.aes) to the default directory on your TFTP or FTP server.
|
||||
Step 4 |
(Optional) Disable the 802.11 networks.
|
||||
Step 5 |
Choose Commands > Download File to open the Download File to Controller page. |
||||
Step 6 |
From the File Type drop-down list, choose Code. |
||||
Step 7 |
From the Transfer Mode drop-down list, choose from the following options:
|
||||
Step 8 |
In the IP Address text box, enter the IP address of the server. |
||||
Step 9 |
(Optional) If you are using a TFTP server, the default values of 10 retries for the Maximum Retries text field, and 6 seconds for the Timeout text field should work correctly without any adjustment. However, you can change these values if desired. To do so, enter the maximum number of times that the TFTP server attempts to download the software in the Maximum Retries text box and the amount of time (in seconds) that the TFTP server attempts to download the software in the Timeout text box. |
||||
Step 10 |
In the File Path text box, enter the directory path of the software. |
||||
Step 11 |
In the File Name text box, enter the name of the controller software file (filename.aes). |
||||
Step 12 |
If you are using an FTP server, follow these steps:
|
||||
Step 13 |
Click Download to download the software to the controller. A message appears indicating the status of the download.
|
||||
Step 14 |
(Optional) After the download is complete, you can choose to predownload the image to your access points. For more information, see the "Predownloading an Image to an Access Point" section. |
||||
Step 15 |
Click Reboot to reboot the controller. |
||||
Step 16 |
If prompted to save your changes, click Save and Reboot. |
||||
Step 17 |
Click OK to confirm. |
||||
Step 18 |
After the controller reboots, repeat step 6 to step 16 to install the remaining file. |
||||
Step 19 |
For Cisco WiSM2, reenable the controller port channel on the Catalyst switch. |
||||
Step 20 |
If you have disabled the 802.11 networks, reenable them. |
||||
Step 21 |
To verify the controller software version, choose Monitor on the controller GUI and see Software Version in the Controller Summary area. |
Upgrading Controller Software (CLI)
Before you begin
Procedure
Step 1 |
Upload your controller configuration files to a server to back them up.
|
||||||
Step 2 |
Get the controller software image by following these steps: |
||||||
Step 3 |
Copy the controller software image (filename.aes) to the default directory on your TFTP or FTP server.
|
||||||
Step 4 |
Log onto the controller CLI. |
||||||
Step 5 |
On the controller CLI over Telnet or SSH, enter the ping server-ip-address command to verify that the controller can contact the TFTP or FTP server. |
||||||
Step 6 |
(Optional) Disable the 802.11 networks by entering this command:
|
||||||
Step 7 |
View current download settings by entering the transfer download start command. Press n at the prompt to view the current download settings. |
||||||
Step 8 |
Change the download settings, if necessary by entering these commands:
(Optional) If you are using a TFTP server, also enter these commands:
If you are using an FTP server, also enter these commands:
|
||||||
Step 9 |
View the current updated settings by entering the transfer download start command. Press y at the prompt to confirm the current download settings and start the software download. |
||||||
Step 10 |
(Optional) After the download is complete, you can choose to predownload the image to your access points. For more information, see the "Predownloading an Image to an Access Point" section. |
||||||
Step 11 |
Save the code update to nonvolatile NVRAM and reboot the controller by entering this command: The controller completes the bootup process. |
||||||
Step 12 |
After the controller reboots, repeat Steps 7 through 11 to install the remaining file. |
||||||
Step 13 |
For Cisco WiSM2, re-enable the controller port channel on the Catalyst switch. |
||||||
Step 14 |
If you have disabled the 802.11 networks in Step 6, renable them by entering this command: |
||||||
Step 15 |
To verify the controller software that is installed, enter the show sysinfo command and see Product Version. |
||||||
Step 16 |
(Optional) To verify the Cisco Unified Wireless Network Controller Boot Software file that is installed on the controller, enter the show sysinfo command on the controller CLI and see Recovery Image Version or Emergency Image Version.
|
Predownloading an Image to an Access Point
To minimize network outages, you can download an upgrade image to the access point from the controller without resetting the access point or losing network connectivity. Previously, you would download an upgrade image to the controller and reset it, which causes the access point to go into discovery mode. After the access point discovers the controller with the new image, the access point downloads the new image, resets, goes into discovery mode, and rejoins the controller.
You can now download the upgrade image to the controller and then download the image to the access point while the network is still operational. You can also schedule a reboot of the controller and access points, either after a specified amount of time or at a specific date and time. When both devices are up, the access point discovers and rejoins the controller.
Concurrent Controller to AP Image Upgrade
This table lists the controllers and their maximum concurrent AP image download support.
Controller |
Maximum Number of Concurrent AP Image Download Supported |
---|---|
Cisco 2504 WLC |
75 |
Cisco 5508 WLC |
500 |
Cisco 5520 WLC |
1000 |
Cisco Flex 7510 WLC |
1000 |
Cisco 8510 WLC |
1000 |
Cisco 8540 WLC |
1000 |
Cisco WiSM2 |
500 |
Cisco vWLC |
1000 |
Flash Memory Requirements on Access Points
This table lists the Cisco AP models and the minimum amount of free flash memory required for the predownload process to work:
Cisco AP |
Minimum Free Flash Memory Required |
---|---|
3700(I/E) |
16 MB |
3600(I/E) |
14 MB |
3502(I/E) |
14 MB |
2700(I/E) |
16 MB |
2602(I/E) |
14 MB |
1700(I/E) |
16 MB |
1602(I/E) |
12 MB |
1262 |
14 MB |
1142 |
12 MB |
Note |
|
Access Point Predownload Process
The access point predownload feature works as follows:
-
The controller image is downloaded.
-
(Optional) The primary image becomes the backup image of the controller and the downloaded image becomes the new primary image. Change the current boot image as the backup image by using the config boot backup command to ensure that if a system failure occurs, the controller boots with the last working image of the controller.
-
Start the AP image predownload procedure for all joined APs or a specific AP, by entering the config ap image predownload primary {all | ap-name} command.
-
The upgrade image is downloaded as the backup image on the APs. You can verify this by using the show ap image all command.
-
Change the boot image to primary image manually using the config boot primary command and reboot the controller for the upgrade image to be activated.
or
-
You issue a scheduled reboot with the swap keyword. The swap keyword has the following importance: The swapping occurs to the primary and backup images on the access point and the currently active image on controller with the backup image.
-
When the controller reboots, the access points are disassociated and eventually come up with an upgraded image. Once the controller responds to the discovery request sent by an access point with its discovery response packet, the access point sends a join request.
-
-
The actual upgrade of the images occur. The following sequence of actions occur:
-
During boot time, the access point sends a join request.
-
The controller responds with the join response with the image version that the controller is running.
-
The access point compares its running image with the running image on the controller. If the versions match, the access point joins the controller.
-
If the versions do not match, the access point compares the version of the backup image and if they match, the access point swaps the primary and backup images and reloads and subsequently joins the controller.
-
If the primary image of the access point is the same as the controller image, the access point reloads and joins the controller.
-
If none of the above conditions are true, the access point sends an image data request to the controller, downloads the latest image, reloads, and joins the controller.
-
Note |
Normally, when upgrading the image of an AP, you can use the preimage download feature to reduce the amount of time the AP is unavailable to serve clients. However, it also increases the downtime because the AP cannot serve clients during an upgrade. The preimage download feature can be used to reduce this downtime. However, in the case of a branch office set up, the upgrade images are still downloaded to each AP over the WAN link, which has a higher latency. A more efficient way is to use the FlexConnect AP Image Upgrade feature. When this feature is enabled, one AP of each model in the local network first downloads the upgrade image over the WAN link. For more information about FlexConnect AP upgrades, see the "FlexConnect AP Image Upgrades" chapter. |
Guidelines and Restrictions for Predownloading an Image to an Access Point
-
The 2600, 3500, and 3600 AP models can store only a single image in the flash. When you reboot the AP (without rebooting the controller after a pre-download), it will download the current image from the controller as the current image will be overwritten by the pre-downloaded image in the flash.
-
The maximum number of concurrent predownloads is limited to half the number of concurrent normal image downloads. This limitation allows new access points to join the controller during image downloading.
-
If you reach the predownload limit, then the access points that cannot get an image sleep for a time between 180 to 600 seconds and then reattempt the predownload.
-
Before you predownload, you should change the active controller boot image to the backup image to ensure that if the controller reboots for some reason, it comes back up with the earlier running image, not the partially downloaded upgrade image.
-
This predownload feature is not supported on 1242 and 1131 Cisco AP models.
-
When the system time is changed by using the config time command, the time set for a scheduled reset is not valid and the scheduled system reset is canceled. You are given an option either to cancel the scheduled reset before configuring the time or retain the scheduled reset and not configure the time.
-
All the primary, secondary, and tertiary controllers should run the same images as the primary and backup images. That is, the primary image of all three controllers should be X and the secondary image of all three controllers should be Y or the feature is not effective.
Having different versions of the controller software running on primary, secondary, and tertiary controllers adds unnecessary and protracted delays to APs failing over and joining the other available controllers in an N+1 setup. This is due to the APs being forced to download different image versions when failing over to a secondary or tertiary controller, and joining back to their primary controller when it is available.
-
At the time of the reset, if any AP is downloading the controller image, the scheduled reset is canceled. The following message appears with the reason why the scheduled reset was canceled: %OSAPI-3-RESETSYSTEM_FAILED: osapi_task.c:4458 System will not reset as software is being upgraded.
-
Predownloading a 7.2 or later version of image on a Cisco Aironet 1240 access point is not supported when upgrading from a previous controller release. If predownloading is attempted to the Cisco Aironet 1240 access point, the AP gets disconnected.
-
There are two images for the1550 Mesh AP - 1550 with 64 MB memory and 1550 with 128 MB memory. During the controller upgrade to 7.6 and higher versions, the AP images are downloaded and there are two reboots.
-
If you upgrade from a release that is prior to Release 7.5 directly to Release 7.6.X or a later release, the predownload process on Cisco AP2600 and AP3600 fails. After the controller is upgraded to Release 7.6.X or a later release, the new image is loaded on Cisco AP2600 and AP3600. After the upgrade to a Release 7.6.X image, the predownload functionality works as expected. The predownload failure is only a one-time failure.
-
If you upgrade from 8.2 to 8.4 release, the predownload process on Cisco AP1700, AP2700, or AP3700 fails with the following error message:
Not enough free space to download.After the controller is reloaded with 8.4, the backup image version still shows up as 3.0.
-
If an AP is in the process of downloading a software image, the status of the download is not shown on the controller CLI. During the image download process, any configuration performed on the AP via the controller CLI is not applied. Therefore, we recommend that you do not perform any configuration on the AP via the controller CLI if an image download on the AP is in progress.
Predownloading an Image to Access Points—Global Configuration (GUI)
Procedure
Step 1 |
To configure the predownloading of access point images globally, choose Wireless > Access Points > Global Configuration to open the Global Configuration page. |
Step 2 |
In the AP Image Pre-download section, perform one of the following:
|
Step 3 |
Click OK. |
Step 4 |
Click Apply. |
Predownloading an Image to Access Points (CLI)
Procedure
Step 1 |
Specify APs that will receive the predownload image by entering one of these commands:
The output lists APs that are specified for predownloading and provides for each AP, primary and secondary image versions, the version of the predownload image, the predownload retry time (if necessary), and the number of predownload attempts. The output also includes the predownload status for each device. The status of the APs is as follows:
|
||||||
Step 2 |
Set a reboot time for the controller and the APs. Use one of these commands to schedule a reboot of the controller and APs:
Use the show reset command to display scheduled resets. Information similar to the following appears:
|