Re: Updating boot image path without writing to the start up config

Comm4nd0 · ‎02-15-2018

Cisco Catalyst 3850, IOS-XE

Hi, so I'm utilizing the ZTP feature, pulling down a Python file that runs inside the guestshell to provide configuration for our 3850's.

However, my problem is this. The factory OS that comes on the 3850s has a bug where the 40Gb SFPs are 'error disabled'. So i can console onto each one and download the firmware needed(cat3k_caa-universalk9.16.06.02.SPA.bin) and the do the command, boot system switch all flash:cat3k_caa-universalk9.16.06.02.SPA.bin. but now the problem is that i has written to the startup config. so if i do a write erase and reload, it tries to revert back to booting from packages.conf.

Is there a way i can change the boot bath without affecting the start up config. I need no startup config because i need ZTP to happen of course.

many thanks

Seb Rupik · ‎02-15-2018

Hi there,

If you are having to go through the steps of consoling onto the switch to upload the new image, why don't you go a step further an upgrade the switch:

request platform software package clean switch all file flash:
delete flash:packages.conf
request platform software package expand switch all file flash:cat3k_caa-universalk9.16.06.02.SPA.bin auto-copy
conf t
!
no boot system
boot system flash:packages.conf
!
end
wr mem
reload

When the switch reloads, wr erase and allow ZTP to take over after the reload.

cheers,

Seb.

Comm4nd0 · ‎02-15-2018

Hey, thanks for the reply.

Ok so from factory new. would this be the procedure?

enable
request platform software package clean switch all file flash:
delete flash:*.pkg
delete flash:*.conf
delete flash:*.bin
copy http://192.168.0.128/cat3k_caa-universalk9.16.06.02.SPA.bin flash:
request platform software package expand switch all file flash:cat3k_caa-universalk9.16.06.02.SPA.bin auto-copy
configure terminal
!
no boot system
boot system flash:packages.conf
!
end
write memory
reload

The problem i can see with that is you're writing to memory at the end. Will that not cause the boot sequence to think there is a start up config?

Seb Rupik · ‎02-15-2018

Good point. Maybe don't issue the boot system or wr mem commands. From the pnp solution guide the following commands should put the switch in the correct state:

config terminal
no pnp profile pnp-zero-touch
no crypto pki certificate pool
config-register 0x2102 
end
delete /force vlan.dat
delete /force nvram:*.cer
delete /force stby-nvram:*.cer
write erase
reload

When it reloads the switch searches the boot flash for either a .bin or packages.conf file and attempts to load that.

cheers,

Seb.

Comm4nd0 · ‎02-15-2018

didn't work :(

I now have this at the terminal:

Booting...(use DDR clock 667 MHz)
Interface GE 0 link down***ERROR: PHY link is down
flash:packages.conf: no such file or directory
Cannot open file flash:packages.conf

The system is unable to boot automatically. The
BOOT environment variable needs to be set to a
bootable image.

switch:

Seb Rupik · ‎02-15-2018

...but you didn't boot the packages.conf file from flash did you?? That wasn't part of the plan.

Do you have a .bin image on flash you can boot?

Comm4nd0 · ‎02-15-2018

yes there is a .bin in the flash that i have booted from. so from factory default it boots from the packages.conf file.

on first boot, i want ZTP to pull a script this does something like this...

do delete /force flash:*.pkg
do delete /force flash:*.bin
do delete /force flash:*.conf
do copy /force http://192.168.0.128/cat3k_caa-universalk9.16.06.02.SPA.bi$
boot system switch all flash:cat3k_caa-universalk9.16.06.02.SPA.bin
hostname netdevice
ip domain-name MYDOMAIN
crypto key generate rsa modulus 2048
aaa new-model
aaa authentication login default local
aaa authorization console
aaa authorization exec default local
user-name cisco
secret cisco
privilege 15
ip ssh version 2
ip ssh time-out 90
ip scp server enable
line vty 0 15
do write memory
do reload

johnlloyd_13 · ‎02-15-2018

hi,

denali version 16 changed the upgrade procedure.

replace the script:

FROM

boot system switch all flash:cat3k_caa-universalk9.16.06.02.SPA.bin

TO:
request platform software package install switch 1 file flash:cat3k_caa-universalk9.16.06.02.SPA.bin new

for the switch: prompt you've encountered, i suggest have a compatible USB drive and boot from there. once recovered you re-do the upgrade process again.

refer to helpful link:

http://wannabelab.blogspot.com/2018/02/upgrading-cisco-3850-denali-switch-via.html

Comm4nd0 · ‎02-15-2018

Seems to be requesting a provisioning.sh file??

Switch#$ switch 1 file flash:cat3k_caa-universalk9.16.06.02.SPA.bin new
--- Starting install local lock acquisition on switch 1 ---
Finished install local lock acquisition on switch 1

FAILED: switch local is not booted with provisioning file

*Feb 15 15:05:00.003: %IOSXE-5-PLATFORM: Switch 1 R0/0: Feb 15 15:05:00 provision.sh: %INSTALL-5-OPERATION_START_INFO: Started install package flash:cat3k_caa-universalk9.16.06.02.SPA.bin
*Feb 15 15:05:00.308: %IOSXE-3-PLATFORM: Switch 1 R0/0: Feb 15 15:05:00 provision.sh: %INSTALL-3-OPERATION_ERROR_MESSAGE: Failed to install package flash:cat3k_caa-universalk9.16.06.02.SPA.bin, Error: switch local is not booted with provisioning file

johnlloyd_13 · ‎02-15-2018

hi,

did you just recovered from switch: prompt?

did you also issue the software expand file command to do a local copy and install the package files?

Comm4nd0 · ‎02-15-2018

I didn't recover the switch, it's fine though. I've moved to another 3850, we have... many!

So looking into this, the version of the firmware the 3850s ship with does not allow for http downloading within the ZTP process.

i'm also at a loss as to what commands i'm meant to by using to upgrade to everest. nothing seems to work.

Predrag Jovic · ‎02-15-2018

You can do it without boot system command - use install mode

software install file flash:cat3k_caa-universalk9.16.06.02.SPA.bin

You can find more details in article.

Jeff Horton · ‎02-06-2019

Doesn't the "software install" commands only work in 03.07.** and below.. I think with Denali and up you have to use the "request platform software package install file flash:*******.bin"?

Jeff Horton · ‎02-06-2019

Doesn't the "software install" commands only work in 03.07.** and below.. I think with Denali and up you have to use the "request platform software package install file flash:filename"?