Solved: Stacked Catalyst 9200 upgrade to 16.12.04

MichaelBorg91237 · ‎04-01-2021

Hi Everyone,

I am driving myself a little bit mad on this one. I am planning an IOS 16.12.04 upgrade (from 16.12.02) on two stacked Catalyst 9200 switches. These switches are located in Germany (I am located in England) so I need to make sure nothing goes wrong. The upgrade deadline is approaching and I am not sure if I am am planning this correctly. I found the document below which looked good but I realised this doesn't mention a stack anywhere apart form the boot flash stage "If your switches are configured with auto boot, then the stack will automatically boot up with the new image. If not, you can manually boot flash:packages.conf".

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9200/software/release/16-12/release_notes/ol-16-12-9200.html

My senior colleague said that I need to make sure I upload and set the secondary switch to use the new version as well but as far as I can see this is not mentioned in the above document. Can I use the above document instructions and only install the new IOS on the master switch after which it replicates the new image to the slave switch when that is rebooted?

Kind Regards,

Michael Borg

Leo Laohoo · ‎04-08-2021

@MichaelBorg91237 wrote:

I'll run the install remove inactive command at the start of the install to free up space for 16.12.5

There are two ways about this.

First, download the old BIN file from the Cisco website and clean up the flash. If you need to roll-back, then re-run the install command on the old version.

If you cannot download from the Cisco website, do not clean up the flash.

View solution in original post

MichaelBorg91237 · ‎04-08-2021

Hi Leo,

Understood. I have to clean up the flash at the start of the install as there isn't quite enough free space to extract the new image. I have downloaded the old .bin file to a local server and will ftp that over to the switch in the case of a rollback.

Many thanks for all your advise on this. I'm confident in the upgrade now and will schedule it for next week. Have a nice evening and stay safe.

Kind Regards,

Michael Borg

View solution in original post

Leo Laohoo · ‎04-10-2021

@MichaelBorg91237 wrote:

What are the kind of issues you've faced with this version?

Where do I start?

PoE/SNMP will stop after a few weeks uptime (CSCvv28324). SMU update does not work. Several TAC Cases.
High CPU (and eventually crashes the standby switch). Multiple TAC cases not resolved.
Memory leak. Multiple TAC Cases not resolved.
Continuous Dot1X ports flapping will eventually cause the standby switch to crash.

Take a pick.

View solution in original post

Reza Sharifi · ‎04-01-2021

Hi,

You should not need to upload it to the second switch.

--- Starting Add ---
Performing Add on all members
  [1] Add package(s) on switch 1
  [1] Finished Add on switch 1
Checking status of Add on [1]
Add: Passed on [1]
Finished Add

[1] Finished Add on switch 1

you should see it doing the cleanup and add package on switches 1 and 2. This is if you follow the section called "

Upgrading in Install Mode"

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9200/software/release/16-12/release_notes/ol-16-12-9200.html#task_gl2_gcq_k3b

Since you are doing this remotely, I recommend having someone there with a console cable in case something goes wrong.

I also recommend you open a ticket with Cisco and have them on the call just in case something unexpected happens. They can also do an overall check before and after the upgrade.

HTH

manuelosorio · ‎04-01-2021

Hello Michael,

The process of copying to the other switches is done automatically when you execute the command install add file flash, you should not have situations but make sure that you are downloading the correct image of the correct model of switch 9200.

I would recommend leaving the previous image in the flash in case you need to rollback.

Good Luck

Leo Laohoo · ‎04-03-2021

Make sure to download the correct file for the appropriate platform. The firmware for the 9200/9200L is "unique": The file can only be used on this specific platform and not on other models (9300/9400/9500/9600) and vice versa.

After running the command:

install add file flash:cat9k_lite_iosxe.16.12.04.SPA.bin activate commit

Make sure to verify this by checking the contents of the "packages.conf" using the command "more flash-1:packages.conf" and see if the packages match the version you want to go to. Run the same command on every switch member.

MichaelBorg91237 · ‎04-05-2021

Thank you very much for the replies everyone!

I have made sure I have the correct image.

I was hoping I could leave the old image there to boot up from in case something goes wrong but there isn't quite enough space for me to extract 16.12.04 so I'll have to delete the 16.12.02 .bin file. I have downloaded the old .bin file (16.12.02) which I'll ftp over so I can roll back.

Ment thanks again for your replyies.

paul driver · ‎04-05-2021

Hello
What mode are the switches running in at present?

Bundle mode:
- delete unnecessary flash files (if apllicable) - delete bootflash: xxxx
- copy the new .bin file to every switch in the stack and set the boot variable to point to the new bin file, save and reload whole stack
-no boot system
-boot system bootflash:xxxx.bin
-write

Install mode:
You can perform this in s single command if you wish as already stated (install add file bootflash:xxx.bin activate commit) or you can do this step by step so then you have more control pver the upgrade as such if you have any issues with the remote upgrade and you are unable to reconnect to the switch stack the upgrade will rollback if you dont manually commit after upgrade.

Perform a cleanup of any old install files before you upgrade
- install remove inactive

Make sure boot variable is pointing to packages.conf
-no boot system
-boot system bootflash:packages.conf
-write

Copy the new .bin file onto the switch
- copy tftp://x.x.x.//xxxxxxxxx.bin bootflash:

expand the .bin file to extract the .pkg files (used to boot new software)
- install add file bootflash:xxx.bin
- show install summary
- show install inactive
- more packages.conf

activate new software < stack will reload)
- install activate

one reloaded and your happy with the upgrade commit the changes
- show install uncommitted
- install commit

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MichaelBorg91237 · ‎04-05-2021

Hi Paul,

Many thanks for your reply. We are running the switch stack in Install mode.

I looked into how to perform a rollback in the case of any issues after the upgrade. I what I found weren't really applicable here. I.e. creating an archive file then setting a time to revert back and if all is good cancel the timer. I also found a way to point the packages.conf to the old .bin file to boot up with the old firmware but this file will be deleted from the cleanup right? Is there an 'install' command or something like that for an easy rollback? Apologies, I would have a look at this myself on the switch but I don;t have the company laptop at hand at the moment.

Thanks in advance.

Leo Laohoo · ‎04-05-2021

@MichaelBorg91237 wrote:

Is there an 'install' command or something like that for an easy rollback?

Yes and no.
Rollback is easy there are two (or more) packages.conf files in the bootflash.

If configured properly, the switch will read the "packages.conf" file. The old version will be renamed to "packages.conf.00-" (or something).

MichaelBorg91237 · ‎04-05-2021

Hi Leo,

Thanks for your reply that's good to know. Am I wrong in thinking that the packages.conf file boots up using the .bin file? When I do the cleanup using install remove inactive to free up space will the old .bin file be removed? If so I can't rollback.

Kind Regards,

Michael Borg

Leo Laohoo · ‎04-05-2021

@MichaelBorg91237 wrote:

When I do the cleanup using install remove inactive to free up space will the old .bin file be removed? If so I can't rollback.

Before I answer any more questions, can you elaborate WHY you want go to a "disaster" version that is 16.12.4?

MichaelBorg91237 · ‎04-06-2021

Hi Leo,

16.12.02 (the current firmware) has a known bug where it won't report the traffic going over it's interfaces. My senior colleague advised that I upgrade to 16.12.04 as this bug is fixed in this version. Is this not a stable or good version? I did some quick research and there was one person saying the switches rebooted whenever they did a save or write but everyone else said it was good.

Kind Regards,

Michael Borg

Leo Laohoo · ‎04-06-2021

@MichaelBorg91237 wrote:

Is this not a stable or good version?

I have more than 10 TAC cases and they all involve 16.12.4. That is all I am saying.

MichaelBorg91237 · ‎04-07-2021

Morning Leo.

(It's morning in the UK anyway). OK many thanks for letting me know. Would you recommend installing 16.12.5 or 16.12.5b?

Kind Regards,

Michael Borg

Leo Laohoo · ‎04-07-2021

If you do not use Dot1x, then 16.12.5.

If you have Dot1X, then 16.12.5b.

NOTE: I am still in the middle (six weeks into the12 weeks) of testing 16.12.5.

MichaelBorg91237 · ‎04-07-2021

Hi Leo,

OK thanks as usual. We don't run dot1x on the switch stack so I'll install 16.12.5.

Regarding the rollback question from a while ago, as far as I can see if I need to roll back to the current 16.12.2 version I need to ftp over the 16.12.2 package again to the witch (as I need to delete the 16.12.2.bin file to make space for the 16.12.5 installation) then install it the same as I will 16.12.5. Am I right in saying this?

I looked into a way to specify the 16.12.2 boot file but everywhere I read said I need the .bin file for that.

Kind Regards,

Michael Borg