01-17-2019 02:45 AM - edited 03-05-2019 11:11 AM
Hi everyone,
The latest ROMMON for ISR 4k is 16.9(1r). The only tidbit of information I've gathered regarding this version is from
Cisco 4000 Series ISRs Software Configuration Guide :
"The ROMMON Protection provides an advance level of security by preventing corruption of the ROMMON and adds a secure upgrade method that ensures that only a genuine Cisco ROMMON image is loaded on the platform. With this latest ROMMON image, the ROMMON can withstand low-level attacks from hackers. This feature is supported only on 16.9(1r) or later ROMMON releases."
Unlike the ASR's, I can't find release notes nor a compatibility matrix for ISR 4k ROMMON.
How am I to know which ROMMON version is supported for a certain IOS-XE version, or why upgrade to the latest ROMMON?
01-17-2019 03:15 AM
@Nadav wrote:
How am I to know which ROMMON version is supported for a certain IOS-XE version, or why upgrade to the latest ROMMON?
Find the latest ROMmon and install it.
01-17-2019 03:23 AM
Once upgraded to 16.9 I can't downgrade (it's stated explicitly in the documentation). How am I to know which versions of IOS-XE it supports?
01-17-2019 03:27 AM
@Nadav wrote:
Once upgraded to 16.9 I can't downgrade (it's stated explicitly in the documentation). How am I to know which versions of IOS-XE it supports?
Once you upgrade the ROMmon, you can't downgrade the ROMmon. However, you can upgrade or downgrade IOS-XE.
01-17-2019 03:31 AM
01-17-2019 11:39 AM
Hi,
That's for ASR 1000. Different platform entirely, different rommons entirely.
What's curious is why Cisco documented rommon requirements for ASR's but not for ISR 4k.
01-17-2019 09:47 PM
@Nadav wrote:
That's for ASR 1000. Different platform entirely, different rommons entirely.
That's not entirely true.
ASR and ISR are different physical hardware but the underlying OS are the same.
This way when there is a bug discovered in, say 3850, it can be corrected across the board.
01-18-2019 01:02 AM - edited 01-18-2019 01:04 AM
That's a generalization and doesn't ensure anything regarding IOS-XE version compatability with ROMMON between different platforms.
Here is the latest ASR-1001 ROMMON:
ASR 1001-X ROMMON 16.9(4r) [6.31MB]
Here is the latest 4331 ROMMON:
ISR 4331 ROMMON 16.9(1r) [4.78MB]
ROMMON filenames are different across platforms, and the version numbering is different across platforms.
Even if they were the same numbering and exact same file, this doesn't absolve Cisco of maintaining a compatablity matrix for all platforms. The fact that one exists for ASR 1000 routers doesn't necessarily mean anything for ISR. There should be a matrix and release notes (regarding ROMMON) for each platform.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide