Friday, May 3, 2019

Network Switch Firmware Upgrade Best Practices


Network Switch Firmware Upgrade Best Practices.


Hello Everyone, In this session i would like to brief about some best practices to be followed while upgrade your network switch firmware version.

Firmware is software that is embedded into a hardware device. Firmware controls how your device behaves. New firmware often fixes bugs, contains new features, and protects you from security vulnerabilities.

Some times switch firmware upgrade end up with a disaster and a pain if it is a Core switch😟 
 
The below steps would give you some inputs into your implementation plans for a switch firmware upgrade even though it is only a brief note.

Always consider your Network infrastructure and merge these practices with your plan which may help you to perform smooth upgrade.

Pre-requisites

      1)  Check the current firmware version on primary and secondary flash.

            Ex : 5406-CORE Chassis: 5406zl J8697A!
             Serial Number: XXXXXXX
             Primary Image: 14151077 03/08/11 K.15.04.0003
             Secondary Image: 9782454 07/07/09 K.14.34
             Current ROM version: K.15.12
             Switch Modules: J9309A, J8702A, J9308A, J9308A, J9309A

2)  Verify core switch architecture (Standalone or VRRP/HSRP/VSF)

3)  Check for firmware upgrade path (If firmware is too old get help from vendor to get a correct upgrade path)

4)  If firmware is too old vendors recommend for staged upgrade.

5)  Select the firmware upgrade path, read the release notes carefully and ensure that all firmware versions in the path are compatible with the Hardware, Rom version, Modules (including management module) and commands of the Switch.

6)   Release notes of respective firmware versions can be downloaded from the vendor’s website.

7)  Download the required firmware versions from vendor’s website.

8)  Ensure the availability of spare serial console cable, laptop, internet connection and necessary software’s (Putty, Teradem, Xmodem) to connect and configure the core switch in case of any failure.

9)   Ensure that the availability of uninterrupted power supply to avoid damage to your equipment, during the software update.

10)  Take a valid recent running and start-up configuration backup of switch before the upgrade.

11)  If the switch have 2 flashes,  primary flash and configuration should be copied to secondary flash before the upgrade, So in case of any issues, switch can be boot from secondary flash, which is having current version of the firmware and configuration. 


      The below steps are for your reference
       

      HP modular 5406zl core switch upgrade


1)   Start a portable TFTP server.

2)  Save your current configuration (Config1) to a backup configuration file (Config2).

       Switch# show version
 Switch1# copy config config1 config config2
 Switch1# show config files 

3) Take a backup of configurations (Start-up and Running) after saving the running configuration

 Switch# copy running-configtftp
 Switch# Write memory
 Switch# copy startup-configtftp 

4)  Backup your current running image (Primary) to the secondary image.

Switch1# copy flash flash secondary
Switch1# show flash 

5)  Set your secondary image to boot with Config2. 

Switch1# startup-default secondary config config2
Switch1# show config files

6) Verify that your images and configuration are set correctly

Show flash
Show config files
Show version

7) Rename the downloaded firmware to K.15.10.0019m.swi and copy it to the tftp root folder
 
8) Copy the new flash from tftp server to the switch Command line

Switch# copy tftp flash K.15.10.0019m.swi Primary

Give yes to the prompt appeared The Primary OS image will be deleted. Continue [y/n]? Y

Note: When the switch finishes downloading the software file from the server, it displays the progress message Validating and Writing System Software to FLASH...

9) When the CLI prompt re-appears, the switch is ready to reboot to activate the downloaded software Type the command Show flash to verify that the new software version is in the expected flash area (primary or secondary)

10) Reboot the switch from the flash area that holds the new software (primary or secondary), using the following command: 

Switch# boot system flash primary
If this do not work try from (config)#

11) Leave the secondary image untouched, this can be update later. The rollback plan is to boot switch from secondary flash and its configuration in case of  any issues while running from primary image.

12) Take a backup of switch configurations and upload it to a secure location.

13)  If you have HSP/VRRP/VSF redundant switch architecture, repeat the steps 7-9 & 11 for firmware upgrade on other peer switches.

14)   Repeat all the above steps for continuing the firmware upgrade as mentioned in the upgrade path. (In case your firmware version is too old)

Ex: Current Firmware version: K.15.04.0003
Upgrade path:  K.15.10.0019m ----> K.15.15.0014 ----> K.15.18.0018 ---> K.16.02.0022m.

Post Upgrade Checks



1) Login to the switch via Putty

2) Check the firmware versions by issuing the following command

Switch# Show flash
Switch# Show Version
Switch# Show config files

3) Verify the event logs for any critical alerts

Switch# show logging –r

4) Verify the running configuration

Switch# Show running-configuration

5) Compare the new and old configuration files

Rollback Plan


1) Boot from the secondary image by issuing the command

 switch# boot system flash secondary

2) In case of network connectivity issues, use the serial cable to connect to the switch and boot the switch from Secondary flash.
3) Restore the configuration from backup if identified any issues with the start-up or running configurations.

Using SSH Connection

Switch# copy tftp startup-config .

If network connection is available use serial console and Xmodem via Hyperterminal to access the switch

 a) Switch#copy startup-configxmodem pc

b) Then hit the enter key, there will be a warning device require a reboot, then select Y

c) Click on the Transfer menu and then select Send File

d) Browse and navigate to the file that will be used for restoring

e) On the protocol, select xmodem and then click Send.

f) The switch then will restart automatically.

g) To see the new configuration in the switch, login again, and type: show run then hit Enter key.



Hope it is informative for you, in the coming session we will see how to automate the switch firmware upgrade using windows power-shell and SSH.

Cheers
Sijo John







   
Posted by at
Labels: , , ,

1 comment:

  1. itinnovationincSeptember 19, 2023 at 3:02 AM

    The "best network switch" is an essential IT component for seamless data flow. It optimizes network performance, supports various data rates, and ensures reliability. Features like VLAN support, PoE, and scalability make it stand out. Choosing the right switch is crucial for efficient data management and connectivity in any network setup.

    ReplyDelete

Subscribe to: Post Comments (Atom)