This document will explain the steps and best practices for upgrading Cisco SD-WAN.
Using the link below, use the compatibility matrix embedded in the release notes to verify the version of the controllers (vManage, vBond, vSmart, and WAN Edges) or you can go to the SDWAN compatibility matrix webpage.
Upgrade the software from the vManage NMS GUI rather than from the CLI
The Upgrade task pushes new software to the SD-WAN device and installs it on the file system. It does not change the code or impact the device. This task can be done ahead of the software activation maintenance window to optimize change control time.
For a special vManage cluster configuration where tunnel-interface is not configured on VPN 0 and the vManage isn’t managing any WAN Edges, then you must perform the upgrade of all vManages through CLI instead of through GUI. This type of configuration is used when vManage nodes in a cluster have some dedicated services running. Refer to “Upgrading the cluster" section in the following document for upgrading these type of cluster deployments: https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/sd-wan/white-paper-c11-741440.pdf
When upgrading the software image on a remote vManage NMS, the overlay network must be operational
If the new software images are in the image repository on the vManage NMS, ensure that the WAN in which the vManage NMS is located has sufficient capacity for concurrent file transfers.
If the new software images are located on an external FTP server, ensure the FTP server can handle concurrent file transfers
You cannot include the vManage NMS in a group software upgrade operation. You must upgrade and reboot the vManage server individually in the vManage Software Upgrade tab.
vSmart and vBond controllers must be upgraded separately in the Controllers tab in the vManage Software Upgrade tab.
Be sure to activate a software image before setting it to the default software image.
Steps for Upgrading SD-WAN
To upgrade all devices in the overlay network, perform the upgrade in the following order:
Add new software to the image repository of vManage or external FTP server if applicable
Upgrade the vManage NMS(s). Then activate the new code on vManage NMS
Upgrade one-half the vBond orchestrators. Then activate the new code on one-half the vBond orchestrators and validate vBond function on new code.
Upgrade the remainder of the vBond orchestrators.
Upgrade one-half of the vSmart controllers. Then activate the new code on one-half the vSmart Controllers and validate vSmart function on new code.
Upgrade the remainder of the vSmart controllers.
Upgrade 10% of the WAN Edge routers. For multi-router sites, it’s recommended to limit upgrades to one router per site. A recommended plan of action would be to upgrade Production test device(s), low risk sites, medium risk sites, then high risk sites.
Validate WAN Edge function of the network services after code upgrade.
Upgrade the remainder of WAN Edge routers.
Frequently Asked Questions (FAQs)
Q: How often should I upgrade?
A: With each new version of code comes multiple bug fixes that improve product quality. The release notes contain all bug fixes that came in with that release. Release code versions 18.3 and older are now End-of-Sale and End-of-Life per the following notice:
A: No, you will need to upgrade the suite of controllers in the following manner: 1) vManage 2) vBond 3) vSmart. This is documented in the following link in the section entitled Best Practices for Software Upgrades:
Q: Will I run into issues when upgrading from certain versions?
A: Yes! It is important to consider the upgrade path based upon your current controller version along with which version you will be upgrading to. The reason for this is because of schema changes in the database when upgrading to a version that is a major code release. Refer to the following upgrade path below:
17.1.x -18.3.8 -18.4.4
Note: This process is for vManage
5. Q: Should I consider my Edge device version compared to my controller version?
A: Yes, you should always follow the Compatibility Matrix provided in the release notes for each version. You never want your Edge device version to be higher than the controller version in your environment. For example, in the Compatibility Matrix section of the release notes below, you’ll see the following:
hi there When creating vxlan between some switches for bridging a vlan over my wan, I have some questions. 1.is the local vtep (nve interface) also the default gateway for the clients? Or is that only used for bridging to the remote vteps and yo...
Hello Cisco,I am new to networking and VLANs, and I have a project now that I am stuck with.I have a router-on-a-stick connected to 4 huge networks. the topology is like the below image.Topology I know it may be my VLANs that are messed up. the HQ ro...
One of our Cisco 3650 switches rebooted unexpectedly. However, before rebooted the switch we could not log in to the switch. After rebooting it will show the Last reload reason: Critical software exception, check crashinfo:crashinfo_RP_00_00_20201128...
[ The Discussion forum will be published on December 1st ]
Take the opportunity to reach out to our expert and discuss best practices regarding on how to troubleshoot a live network and identify the root cause easily. Learn more about Serviceability and h...
Hi all , I am facing some issueMy access switch shown cpu usage history sometime cpu up to 70% butt avg still normal (see attached file) Could you please suggest how to troubleshoot it , spanning tree was on , all switches