Adding an updated IOS switch to a stack

DHGmem · ‎07-14-2021

I needed to add a switch to a stack that was running out of available ports, and as one would expect it came from the factory with a newer version of IOS than the current running switch stack.

i don't want to update the current switch stack, is it best to downgrade the new switch manually, or when i add it to the stack and there is a v-mismatch will i have the option to downgrade it from the master switch?

Thanks.

Reza Sharifi · ‎07-14-2021

I needed to add a switch to a stack that was running out of available ports, and as one would expect it came from the factory with a newer version of IOS than the current running switch stack.

The best practice is to upgrade the switch to match the IOS on the stack and then add it to the stack.

HTT

balaji.bandi · ‎07-14-2021

You need to match exactly the same version that running, if that is old, Cisco always shipped with a stable version, so always use a stable version.

If you get a maintenance window, upgrade the whole stack to the current stable version and add a new switch to the stack.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Alex Pfeil · ‎07-14-2021

If the switch IOS is old, you can downgrade the new switch before adding it to the stack. That is not the recommended best practice as stated above.

Joseph W. Doherty · ‎07-14-2021

You didn't mention what stackable switch series. I know the 3750 series, at least the originals and G models, could run with different IOS versions (and/or feature sets) installed on their member switches, but there were various "rules" for doing this and how the stack would perform in some situations. Generally, even with such switches, the best approach was to insure all member switches were running with exactly the same IOS image.

The forgoing, though, often required you to downgrade a newly obtained switch. Unless Cisco has changed licensing, I recall (?) you could always (legally) run any IOS version and/or feature set up to the one that came licensed on the switch. I.e. downgrades were permitted. The converse, though, moving the whole stack to a newer IOS version and/or "better" feature set would require a maintenance contract on all the other switch members or purchase of a new license for all those switch members.

Even if you have an active maintenance contract, there can be valid reasons for not moving up.

Again, the really important item, is generally, you want the new switch member to have the same exactly IOS installed on it as on the rest of your stack members.

Leo Laohoo · ‎07-14-2021

@Joseph W. Doherty wrote:

would require a maintenance contract

@Joseph W. Doherty, have a look at this Product Bulletin: Cisco Catalyst IOS Software Update Program for Cisco Catalyst 9200, 9300, 9400, 9500 and 9600 Series switches:

Free critical updates:

◦    Free critical updates are available to the original customer for up to 1 year after announced end-of-support. These critical updates maintain the compliance of the Software with published specifications, release notes and industry wide compliance.

◦    Free vulnerability and security updates are available to the original customer for up to 3 years after announced end-of-sale.

◦    No support contract is required to obtain these software updates.

Free major and minor releases:

◦    Free major and minor release updates are available to an original customer moving from one release to another within the same perpetual license level (i.e. Cisco Network Advantage or Cisco Network Essentials).

◦    No support contract is required to obtain these releases.

Joseph W. Doherty · ‎07-15-2021

Thanks Leo, wasn't aware of that for those Catalyst 9K switches.

Do you know, when the 3750s first came out, they too had perpetual licenses, i.e. free upgrades. Later, though, Cisco changed that so perpetual wasn't so perpetual.

Often Cisco has provided "critical" IOS upgrades, generally often addressing security flaws. for many of their platforms, even if the platform no longer had a support contract. Don't recall whether you also had to be the original buyer, of the hardware, but perhaps you might have had to show you did have a valid usage license for the platform.

Leo Laohoo · ‎07-15-2021

@Joseph W. Doherty wrote:

Do you know, when the 3750s first came out, they too had perpetual licenses, i.e. free upgrades. Later, though, Cisco changed that so perpetual wasn't so perpetual.

I did not know that. Too bad that 3750-series is about to sunset. The IOS for the 2960- and 3750-series are one of the most stable IOS ever to come out of Cisco. Sadly, I cannot same the same for the new IOS-XE.

@Joseph W. Doherty wrote:

Often Cisco has provided "critical" IOS upgrades, generally often addressing security flaws. for many of their platforms, even if the platform no longer had a support contract.

Not any more. I have observed the Customers Without Service Contract section has been removed from a number of Security Bulletin recently.

Leo Laohoo · ‎07-14-2021

@Joseph W. Doherty is right. Tell us what exact model of the switch and what is the exact firmware the current stack is running on.

The logic behind this is because not all switches can support older firmware and it does not matter if the switch is a 3750/G/E/X, 3650/3850 or the newer Catalyst 9k.

Joseph W. Doherty · ‎07-15-2021

Leo makes an excellent point! Conversely, some switches, in a series, do not support later IOS images. Usually, there's some version different generations within the same series can run, but this means you may have to downgrade some particular models and upgrade some particular models to obtain a common version they all can run in a stack.

balaji.bandi · ‎07-15-2021

Sure Agreed ..i come across sitaution where Cat 9300 shipped with IOX XE, i can not downgrade to lower level, instead i need to upgrade whole stack to meet the new requirement.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help