Hi Balaji,

Thanks for your reply. I've just checked out the Core switches and with a "sh version" I confirmed we have ROMMON 15.0(1r)SG11, so there should be no problem to migrate to that version.

I understand that several previous steps have to be taken before the maintenance window, so, according to what we've read in another posts, we have designed this workplan:

1. Take the configuration out of the box and make a backup (like you said, and this was done yesterday)

2. Copy the new IOS image (3.11.0 crypto) into both switches (active and standby, i.e. bootflash:/ and slavebootflash:/)

3. Rename the current IOS image (3.6.4 non-crypto) so that it can't be taken as a boot image (in order to not modify the config-register)

4. Set boot variable to the new IOS image.

5. Reload both VSS during maintenance window (about 15-20 min).

Is there something else I should consider or the mentioned steps are OK?

Also, capture all the information Pre and post 

• Show inventory
• Show version
• Show environment
• dir bootflash:
• dir slavebootflash:
• show bootvar
• show switch virtual
• show redundancy
• show switch virtual slot-map
• show module
• show log

1. make sure config-reg 0x2102

2. make sure after you copy check with md5 checksum.

3.  after your step 4, write the config. 

• redundancy reload peer

4. Once switch come back online check all working as expected

5., reload master unit

• redundancy force-switchover

Note: Always connect Console cable and capture all the boot Logs, in case anything go wrong you have evidence to review and fix

Ok, according to what you mentioned, this is what I have:

1. make sure config-reg 0x2102

I checked it out with "show bootvar" and effectively, it's already configured as 0x2102.

2. make sure after you copy check with md5 checksum.

Yesterday with customer we performed md5 checksums after copying the new IOS and it's all OK.

3.  after your step 4, write the config. 

We did it yesterday too, and prior to maintenance window we're gonna save configs again.

• redundancy reload peer

4. Once switch come back online check all working as expected

5. reload master unit

• redundancy force-switchover

I have some doubts with these commands. What we planned to do is reload both switches right away (15-20 min downtime) and I understand the command "redundancy reload shelf" performs complete reboot. I also understand that with commands "redundancy reload peer" and "redundancy force-switchover" one switch is reloaded at the time (slave and then master); I'm afraid to do this, as I see this implies there will be a mismatch when the standby switch reloads and thus the VSS will fail until the primary switch is upgraded.

Am I correct on my guess? Please explain me a bit about this reboot procedure (redundancy peer) and which procedure is less risky.

Thanks again. 

Yes, you can do either depends on the requirement, i have suggested the best method if dual connected devices to VSS, still stay up and forwarding the traffic while secondary reboot, and you reboot primary.

this not necessary to follow on your case, if you got a full down maintenance window, you can do what best suitable for you.

Make sure to connect console both the device console cable and capture logs.

hope you have the right Licenses also.