Solved: DisclaimerThe Author of this

John Apricena · ‎04-22-2015

Hello Support,

I have two 4500x switches that need the IOS upgraded. Can this be done with zero impact or will there be impact with the Failover? This is of course to say if everything cabled into both of these is redundant. Thanks in advance guys.

Reza Sharifi · ‎04-22-2015

John,

There are 2 ways to do the upgrade. You can use below link and utilize ISSU to upgrade, or you can simply load the image you want into the flash of the primary and stand-by switch, change the boot variable, save the config and reboot both chassis. The 4500x takes about 10 minutes to reboot.

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/15-1-2/XE_340/configuration/guide/config/vss.html#wp1320146

HTH

View solution in original post

Reza Sharifi · ‎04-22-2015

John,

There are 2 ways to do the upgrade. You can use below link and utilize ISSU to upgrade, or you can simply load the image you want into the flash of the primary and stand-by switch, change the boot variable, save the config and reboot both chassis. The 4500x takes about 10 minutes to reboot.

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/15-1-2/XE_340/configuration/guide/config/vss.html#wp1320146

HTH

Joseph W. Doherty · ‎04-22-2015

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

With two 4500Xs, if you go the non-ISSU way, you'll want to first push transit traffic away from the switch to be rebooted. Otherwise some traffic might be impacted as traffic fails over to the other 4500X. (NB: this might be difficult to impossible to do with something like a VSS pair, but then failover should be very fast for VSS.)

Logan Kampsnider · ‎05-31-2022

So don't listen to Cisco or anyone telling you to do a "redundancy reload shelf" and take a 5-10 minute outage as both switches reload, there's a way to do a 4500X VSS non-ISSU upgrade with less than 40 seconds of downtime for the links. I've done this multiple times with success. This is assuming you have all your MECs distributed between both 4Ks and aren't single-homed for any connections.

Steps

Pre-step: Set new bootvar on primary and standby 4K and save config.

1. While on the primary, shut all non-VSL ports that are part of the secondary 4K switch. This will effectively force all traffic that are part of a MEC in the VSS to travel through the primary 4K. This step results in maybe a 1 ping loss for some flows.

2. While on the primary, shut down the VSL ports of the secondary 4K switch. This will sever the VSL link and make both 4Ks think they are active. However, per step #1, the secondary 4K has its ports shut down and can't interfere and cause traffic split-brain scenarios.

3. Now, while on the secondary 4K, you can now run commands as it no longer think its a standby. Ensure your bootvars are set correctly for the new image to load, then do a "copy run start". This is important so that when the 4K comes back up it doesn't try to rejoin the VSL and pass traffic. Reload the switch now.

4. Once the secondary switch has finished reloading, validate the new version loaded fine. You will try to do these next two things simultaneously, as much as you can: a. On the secondary switch that just came back online, unshut all of the non-VSL MEC ports you shut in step #1. b. On the primary, shut all of the non-VSL MEC ports. This will force traffic to converge through the secondary 4K. Here is your biggest chance of an outage, possibly 30-40 seconds, possibly a few pings depending on the flow and convergence times.

5. Once traffic has converged, confirm your primary 4K has the correct bootvars set, then reload. Do NOT save the config prior to reloading, as we want the primary 4K to restart with all of the ports unshut that you just shut in step #4.

6. While the primary 4K is rebooting, unshut the VSL ports on the secondary 4K. This will allow the VSL to re-establish once the primary 4K comes up and traffic to converge across both 4Ks.

7. Once the primary 4K finishes rebooting check that the version is correct. Check VSL health (show vslp platform, show vslp lmp status). At this time, after VSL health has been confirmed, the secondary 4K will be active for the VSS. Do a write mem on the secondary.

8. Failover the active back to the primary by doing a "redundancy force-switchover" from the secondary 4K. This will force the active back to the primary and result in the secondary 4K rebooting. You may see a ping or two drop here as well.

9. Once the secondary 4K comes back up, you should have your VSS back in its original state! Check VSL health again and do a final "copy run start" to save the config. Viola, minimal downtime.

TommyDK · ‎02-26-2024

#Logan Kampsnider

I'm considering using your guide, but I have a question:

In step 3, how do you connect to the standby 4K when the VSL link is severed?

Michael Harrell · ‎03-05-2024

I did this by having a Console Server connected to both 4ks.

4500x VSS Upgrade IOS