cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
319
Views
10
Helpful
20
Replies
Hall of Fame Community Legend

Re: Catalyst 3560X BootLoader upgrade?

Let me just say that I don't work for Cisco (and never had).
Different hardware versions because the internals change over time (different parts, different suppliers, etc).
Different hardware versions load different bootloader and discard when not required.
For more definite answer, raise a TAC Case.
Highlighted
VIP Collaborator

Re: Catalyst 3560X BootLoader upgrade?

 

>Different hardware versions load different bootloader and discard when not required.

           Thumbs up!

 M.

Highlighted
VIP Expert

Re: Catalyst 3560X BootLoader upgrade?

If Cisco doesn't provide a boot image, and a way to install it, then likely trying to upgrade it, independently of an IOS upgrade, isn't likely normally provided by Cisco. (There might be a way that TAC might provide a way to do it if they saw a need for it.)

BTW, if you had upgraded the IOS, did you watch all the results with a console connection? Reason I ask, at the last company I worked at, almost all devices were remote and we did upgrades in-band, i.e. without seeing console output. I came across a case of a 3750 that has been upgraded but not its boot firmware. Doing the upgrade again, with a console connection, I noticed the boot firmware upgrade failed due to insufficient flash space to expand the upgrade module software into.

As to why different hardware platforms have different boot firmware, most likely (as Leo touched on) it's due to different installed hardware (likely logically functionally alike, but perhaps not taking the same "programming" commands). Newer hardware might be different enough that it requires different software to initialize it, operate it and/or for some POST tests. I.e. if you do manage to upgrade boot software on older hardware, there shouldn't be any real operational benefit (actually there might be some lost benefit to doing such an upgrade when really not needed, such as perhaps taking longer to boot, and you risk encountering some added bug within the revision) although if you're looking to obtain some report showing all your 3750s have the same IOS and firmware versions, there's that "benefit".
Highlighted
Rising star

Re: Catalyst 3560X BootLoader upgrade?

OK, so I managed to get hold of another 3560X running 12.2(55)SE software with bootloader 12.2(53r)SE1.  This is an even older hardware version (Version ID: V01).  I upgraded it to 15.0(2)SE1 and the bootloader didn't upgrade.  The output on the console during boot simply says:

...done Initializing flashfs.
Checking for Bootloader upgrade..
Boot Loader upgrade not required (Stage 2)

However if you add a fips authorization key and reload it the bootloader does get upgraded:

Checking for Bootloader upgrade..New version = Version 15.0(2.1.15)SE1 Fri Ja,

Current version = Version 12.2(53r)SE1, RELEASE

Upgrading Boot Loader...
 Completed processing ucode0
 Completed processing bstage:
 Completed processing brom:
 Completed processing bsdcs:
 writing boot sectors..
Boot Upgrade image auto-rebooting ... Burning parameters into flash parameter block:
    MAC address: C4:71:00:00:00:00
    Motherboard assembly number: 73-12557-04
    Motherboard serial number: FDXXXXXXXXX
    Model revision number: A0
    Motherboard revision number: A0
    Model number: WS-C3560X-48P-L
    System serial number: FDXXXXXXXXX
    Daughterboard assembly number: 800-32786-01
    Daughterboard serial number: FDXXXXXXXXX
    Top assembly part number: 800-31328-01
    Top assembly revision number: A0
    Version ID: V01
    CLEI Code Number: COMJP00ARA
    Board configuration revision number: 0
Reading parameter block...done.
Editing copy...done.
Writing parameter block...done.
Parameters burned into parameter block.

done.
The system will now restart

So the bootloader is now version 15.0(2.1.15)SE1.  I then proceeded to upgrade to some later versions to see whether the bootloader would get upgraded to something later (I am aiming for 15.2(3r)E or later).  So far it hasn't.  I tried 15.2(1)E1, 15.2(3)E3 and I have just upgraded to the latest 15.2(4)E9.  The same message is displayed on the console saying the bootloader doesn't need upgrading.

...done Initializing flashfs.
Checking for Bootloader upgrade..New version = Version 15.0(2.1.15)SE1 Mon Se,

Current version = Version 15.0(2.1.15)SE1, TEST

Boot Loader upgrade not needed(v)

Still somewhat confused over this tbh...

Highlighted
VIP Expert

Re: Catalyst 3560X BootLoader upgrade?

Well, reading up a bit on FIPS mode, an overview notes FIPS does power-up self-tests, so once the mode is enabled, I can see why the boot software might need updating for that, but once it has been updated, later IOSs probably are "safe" with that version too.
Highlighted
Rising star

Re: Catalyst 3560X BootLoader upgrade?

Just added the 'fips authorization-key xxxxx' to the original 3560X I was playing with that is running 15.2(4)E9 but with the 12.2(53r)SE1 bootloader.  The bootloader gets upgraded but only to 15.0(2.1.15)SE1:

Checking for Bootloader upgrade..New version = Version 15.0(2.1.15)SE1 Fri Ja,

Current version = Version 12.2(53r)SE1, RELEASE

Upgrading Boot Loader...

So I think older hardware versions never originally supported FIPS so when this came about Cisco had to provide an update to the bootloader that verified the IOS image as part of the FIPS accreditation.  Newer hardware versions I suspect already have this functionality built-in to the bootloader (anything after 15.0 I guess?).

If I come across any other 3560x or 3750x's that are newer hardware versions I might see what happens when you add the fips command.

 

I think...

 

CreatePlease to create content
Content for Community-Ad