SWIM uses a concept called Golden images. A golden image is a standard software version that the network team selects and tags in the Cisco Catalyst Center image repository for network devices. When you upgrade a device through DNAC, it gets upgraded to this golden image version.

If the new version causes problems and you need to go back to a previous version, follow these steps:

1. Re-tag the previous image: Go to the Catalyst Center image repository and tag the old version as the golden image.

2. Perform a SWIM upgrade: Use SWIM to upgrade the device to this re-tagged golden image version. This will take your device back to old version.

Note that Catalyst center does not have a direct rollback feature. You have to manually tag the previous version as the golden image and then upgrade to it.

When performing SWIM on a device, Catalyst Center performs initial readiness checks using a built-in script. However, users have the option to include additional custom checks if needed. On the software update page, you can click to add a new custom check.

This action will prompt you to input the commands for the check, specify the device type, and choose when during operations the check should occur. You have the flexibility to apply the check to both distribution and activation tasks, either before or after each operation.

For instance, suppose a user defines a custom check for a 9300 switch, scheduled both before and after distribution and activation tasks during an image update. If the pre-distribution or post-distribution check fails, Catalyst Center will halt all subsequent SWIM workflows and abort them. Although the image may have been transferred to the switch's flash, the entire workflow stops after copying the image, preventing the activation task from proceeding.

Alternatively, if a custom check is defined specifically for post-activation operations and it fails, Catalyst Center will not abort the task since the device has already upgraded and is operational with the new image. However, image update task will be marked as successful but the post check failure will be recorded under the checks tab in Image update status.

During the import process, the system determines image integrity by comparing the software and hardware platform checksum value of the image that you are importing to the checksum value identified for the platform in the Known Good Values (KVG) file to ensure that the two values match.

If you encounter the message "unable to verify" when importing an image to the Image repository, it indicates that the Catalyst Center cannot verify the image's integrity. To check if the KGV file is present on the Catalyst Center, navigate to System > Settings > Integrity Verification.

If the file is not present, it can be manually uploaded to the Catalyst Center or fetched from the Cisco Trust center.  By default, the Catalyst Center attempts to fetch this file automatically every day.

As of now on Catalyst center, you can initiate image update task on upto 100 devices simultaneously. There are no limitations as such on triggering such bulk task. Catalyst center would be able to handle the job without any deterioration of performance. 

Currently, DNAC does not support CPLD or golden capsule upgrades. While ROMMON upgrades are supported, this capability is limited to specific devices listed below.

For routers, starting 17.1.x, the standard ROMMON image version is set to 16.12(2r). This ROMMON image is same for all the releases till date. Hence, there are no limitation from platform side to perform direct upgrades which support same ROMMON version. 

Therefore, Catalyst center would be able to perform SWIM on the router without any issues for your given scenario. 

Say the device is running a ROMMON version which is not compatible with the targetted SWIM version, the task is going to fail as the device would not boot with the new image due to non compatibility of image version. Catalyst center would not learn this limitation in the process. 

---

@SaurabhKhillare wrote:
Say the device is running a ROMMON version which is not compatible with the targetted SWIM version, the task is going to fail as the device would not boot with the new image due to non compatibility of image version. Catalyst center would not learn this limitation in the process. 

---

That will be bad for routers which, for example, cannot upgrade from 17.3.X (and earlier) to 17.12.X (and later) and guaranteed to fail because Cisco has not disclosed about the 17.9.X intermediate firmware.  17.9.X has 17.7(1r) (aka  ROMMON version 17.7.1r) and is a prerequisite to 17.12.X.  

Does anyone understand the repercussion to this?  No?  Let me explain:  The routers, attempting to boot 17.12.X with ROMMON version earlier than 17.7.1r will go into a boot-crash-loop.  Any customer who is in this situation will need to pay a lot of money to get this fixed.  

If the ROMMON version is not compatible, SWIM should stop unpacking the packages.

From any 17.x version, it is possible to upgrade to 17.12.x directly. The version which you are referring is a factory installed ROMMON version which comes with the newly manufactured boxes. No upgrade or downgrade of this ROMMON version is generally available(GA). 

As long as it is having 16.12(2r) ROMMON image for ISR4k and 17.3(1r) for ISR1k along with the current version present in its flash, the device would not end up in boot failure. Because even if the unsupported upgrade fails, device would look to boot with an ios or bin file present in its flash.