Solucionado: Re: Doubt with Cisco Catalyst 9400 upgrade - Página 2

Julian Ortiz · ‎06-21-2024

Hi community,

I have a doubt about upgrading a switch Cisco Catalyst 9400. Beside to the software image upgrade, the Release Notes say “ROMMON and CPLD version upgrade process must be completed after upgrading the software image.”. Is this true? If so, where can I find the ROMMON and CPLD images/files? I searched in the Software Download page and there are only software images.

This is the link with the information:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9400/software/release/17-9/release_notes/ol-17-9-9400/upgrading_the_switch_software.html#task_b1z_hwr_43b

It seems CPLD must be upgrade:

CPLD version upgrade process must be completed after upgrading the software image.

For the ROMMON, I am a little confused:

You can upgrade the ROMMON before, or, after upgrading the software version. If a new ROMMON version is available for the software version you are upgrading to, proceed as follows:

Upgrading the ROMMON in the primary SPI flash device
This ROMMON is upgraded automatically. When you upgrade from an existing release on your switch to a later or newer release for the first time, and there is a new ROMMON version in the new release, the system automatically upgrades the ROMMON in the primary SPI flash device, based on the hardware version of the switch.
Upgrading the ROMMON in the golden SPI flash device
You must manually upgrade this ROMMON. Enter the upgrade rom-monitor capsule golden switch command in privileged EXEC mode.

Maybe someone with experience with this type of upgrades can shed some light here.

Thanks in advance,

Julián

Leo Laohoo · ‎06-25-2024

CPLD, FPGA are different components of switch, router, WLC, AP.

@Georg Pauwen wrote:
the ROMMON ... is upgraded automatically

Not all the time.

For example, a router upgrading from 17.3.X (and earlier) to 17.9.X will involve an automatic ROMMON upgrade, ROMMON version 17.7(1r). However, a router upgrading from 17.3.X (and earlier) to 17.12.X will fail (boot-crash-loop) because ~~Cisco has deliberately hidden the information that~~ routers need to upgrade to an intermediate version first, like 17.9.X, before making a jump to 17.12.X. This behaviour is either a bug or a feature, i. e. That 17.12.X does not have ROMMON version 17.7(1r) rolled in.

The information about an intermediate version is not found in any 17.11.X or 17.12.X Release Notes. I spent about 45 minutes trawling different 17.12.X Release Notes and could not find any information about an "upgrade matrix" or any mention about "17.9.X", 17.7(1r) or 17.7.1r.

Julian Ortiz · ‎06-25-2024

Wow, Cisco makes things very complicated.

I have found other post:

https://community.cisco.com/t5/switching/difference-between-cpld-fpga-and-rommon/td-p/5001395

It says "Now, and only now, can you upgrade the ROMMON to the golden/back up flash", but you say in the other post:

I am very confused.

Regards,

Julián

Leo Laohoo · ‎06-25-2024

My opinion have not changed about "golden capsule upgrade" and I would never recommend anyone perform a golden capsule upgrade because the risk of bricking the switch is high since Cisco developers do not test their code.

Most important matter is this: ROMMON, CPLD, FPGA, microcode upgrade is mandatory, however, upgrading the golden capsule is optional.

Julian Ortiz · ‎06-26-2024

Hi Leo,

Do you say that upgrading the golden capsule could damage the entire switch? I thought that could damage only the golden capsule, and nothing happens because the switch normally boots from the primary flash.

Regards,

Julián

Leo Laohoo · ‎06-26-2024

@Julian Ortiz wrote:
Do you say that upgrading the golden capsule could damage the entire switch?

If the golden capsule is coded incorrectly, it can-and-will brick the switch.

Julian Ortiz · ‎06-26-2024

Hi community,

Looking at the official documentation, for upgrading the switch there is no need to jump to intermediate versions if I want to upgrade from for example IOS-XE 17.3.x to 17.9.x, the document say nothing about intermediate versions:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9400/software/release/17-9/release_notes/ol-17-9-9400/upgrading_the_switch_software.html#task_shs_zpd_kmb

For the downgrade, the document says the following:

From 17.9.x to 17.8.x. What if I want to downgrade from 17.9.x to 17.3.x? Can I do it directly? If not, do I need to downgrade from 17.9.x to 17.8.x, then from 17.8.x to 17.7.x, and so on until from 17.4.x to 17.3.x?

Regards,

Julián

marce1000 · ‎06-26-2024

- Why do you want to downgrade such a way back ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Julian Ortiz · ‎06-26-2024

Really that doesn't solve my question.

Regards,

Julián

Leo Laohoo · ‎06-26-2024

Catalyst 9k switches will support direct upgrade from 17.3.X to 17.9.X and 17.12.X and there is no need to go an intermediate version.

Julian Ortiz · ‎06-26-2024

Hi Leo,

That's for the upgrade. But the downgrade can be done directly or going through intermediate versions?

Regards,

Julián

Leo Laohoo · ‎06-26-2024

Direct downgrade is supported.

Julian Ortiz · ‎06-26-2024

Thank you very much Leo.

Regards,

Julián

Leo Laohoo · ‎06-26-2024

If still unsure, get the company who's providing the TAC support to conduct a firmware upgrade.