How to Perform an MDS 9000 Series Switch Non-Disruptive Upgrade

Available Languages

Download Options

  • PDF     (50.8 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (96.4 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (113.2 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:September 1, 2021
Document ID:118952

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes how to upgrade the firmware on a Cisco MDS 9000 Series Multilayer Director Switch (MDS).

    Background Information

    Tip: For more detailed information about the procedure that is described in this document, refer to the appropriate Cisco MDS 9000 NX-OS and SAN-OS Software Install and Upgrade Guide.

    Non-Disruptive Upgrades Overview

    All MDS switches support non-disruptive upgrades and downgrades subject to limitations listed in the MDS release notes.

    On 97xx Series MDS with dual supervisors, during the firmware upgrade, the new code is loaded on the standby supervisor. A switchover then occurs in order to make the standby supervisor that runs the new code active. The code is then loaded on the previously active supervisor, and it becomes the new standby supervisor. The data plane continues to pass fiber channel traffic. The modules then non-disruptively start the upgrade process at the lowest numbered module and proceed to the highest.

    On a 91xx, 92xx, or 93xx Series MDS, which has only one supervisor, the supervisor (control plane) is reloaded non-disruptively after the upgrade is completed. The data plane continues to pass fiber channel traffic.

    If you intend to upgrade via Telnet, Secure Shell (SSH), or Simple Network Management Protocol (SNMP) (Fabric Manager/Device Manager), ensure that you have an Ethernet connection to both of the supervisors. When the supervisor non-disruptively restarts, your terminal session is lost.  You must reconnect to the switch. You connect to the previous standby supervisor now.

    Note: Cisco recommends that firmware upgrades be completed from the local console.

    Upgrade Firmware

    Complete these steps in order to upgrade the firmware:

    1. Read the MDS Release Notes for the version to which you intend to upgrade. Optionally, review the Release Notes between the old and new firmware levels so that you can learn about the changes. There is a table in the Release Notes that provides the non-disruptive upgrade path. Be sure to read the caveats and notifications in the Release Notes.
    2. Copy the running configuration and the startup configuration so that you have a backup in the event that you have made a change that you did not save:

      MDS9148V# copy running-config startup-config
    3. Enter this command in order to copy the running configuration to the bootflash, which ensures that there is a copy that can be used for backup and in order to check that the bootflash is not read-only (This is rare, but an error against the flash can cause this.):

      MDS9148V# copy running-config bootflash:$(SWITCHNAME)-$(TIMESTAMP).bkup

      Here is an example of the output on the bootflash:

      MDS9148V-2023-03-23-04.27.00.bkup
    4. Save a copy of a Show Tech-Support Detail. This contains the current switch configuration, log files, and state of all interfaces. If there was an issue during or after an upgrade, having the state of the switch prior to the upgrade helps in troubleshooting, and reduces the time to diagnose an issue.

      MDS9148V# term redirect zip
      M      DS9148V# show tech-support details > $(SWITCHNAME)-$(TIMESTAMP)-sh_ts_det-log.gz

      Tip: For more information about collecting show tech-support details, you can refer to whitepaper.

    5. Copy the configuration that you just saved to your TFTP server. This accomplishes three things: it verifies that you have an operational TFTP server, it verifies that you can reach the server over the IP network, and it places a copy of the configuration in a location that is external to the switch so that you have a backup in the event of a switch failure.

      Tip: There are many free TFTP servers available on the Internet. FTP, SFTP, and SCP can also be used. You can push or pull files from the switch if using the local admin user and enable switch features sftp-server or scp-server.


      Enter the copy bootflash: tftp:command in order to copy the configuration to the TFTP server. Here is an example:

      MDS9148V# copy bootflash: tftp:
      <prompts for file name> MDS9148V-2023-03-23-04.27.00.bkup
      <prompt for tftp server name or ip address> 192.168.1.1
    6. Copy the show tech-support detail to your TFTP server. Here is an example:

      MDS9148V# copy bootflash: tftp:
      <prompts for file name> MDS9148V-2023-03-23-04.27.59-sh_ts_det-log.gz
      <prompt for tftp server name or ip address> 192.168.1.1
    7. Verify that you have a copy of the current firmware on your TFTP server so that you have a backup in the event that you must return to the original version. If you do not, copy it from the switch to the TFTP server at this time.
      Here are some examples:

      MDS9148V# copy bootflash: tftp:
      <prompts for file name> m9148v-s8ek9-kickstart-mz.9.3.2a.bin
      <prompt for tftp server name or ip address> 192.168.1.1

      MDS9148V# copy bootflash: tftp:
      <prompts for file name> m9148v-s8ek9-mz.9.3.2a.bin
      <prompt for tftp server name or ip address> 192.168.1.1

      Note: For the prompts for file name entries, use your actual current version.

    8. Download the new NX-OS version from the Cisco Download Software page. You need both a kickstart and a system image. Place them on the TFTP server in the default TFTP directory.

      You can use this table in order to choose your switch series, and then you can choose the switch model:

      Cisco MDS Series Switch Type Naming Convention

      MDS 9132T Series

      File name begins with m9100-s6ek9

      MDS 9148S Series

      File name begins with m9100-s5ek9

      MDS 9148T Series

      File name begins with m9148-s6ek9

      MDS 9148V Series

      File name begins with m9148v-s8ek9

      MDS 9220i Series

      File name begins with m9220-s7ek9

      MDS 9250i Series

      File name begins with m9250-s5ek9

      MDS 9396S Series

      FIle name begins with m9300-s1ek9

      MDS 9396T Series

      FIle name begins with m9300-s2ek9

      MDS 9710, 9706, and 9718 Series

      Supervisor Module-3

      File name begins with m9700-sf3ek9

      MDS 9710, 9706, and 9718 Series

      Supervisor Module-4

      File name begins with m9700-sf4ek9

      Here is an example that uses the MDS 9148V Series firmware kickstart and system software Version 9.3(2a):

      m9148v-s8ek9-kickstart-mz.9.3.2a.bin
      m9148v-s8ek9-mz.9.3.2a.bin

      Note: On the Cisco download page, hover the filename in order to get the Message Digest5 (MD5).

      Release Notes for 9.3(2a)
    9. Verify that there is enough free space on the bootflash in order for the new images to be added. If not, you must erase at least the system image file. Keep the kickstart image so that in the event of a malfunction, you can get the switch to a point where you can load TFTP a new image. Once you have upgraded, you can delete the old version.

      Enter this command in order to check the bootflash free space:

      MDS9148V# dir bootflash:

      Additionally, if you run a dual-supervisor switch, enter this command in order to check that there is enough free space on the standby supervisor as well:

      MDS9148V# dir bootflash://sup-standby/
    10. Download the new images to the bootflash on the switch:

      MDS9148V# copy tftp: bootflash:
      <prompts for file name> m9148v-s8ek9-kickstart-mz.9.3.2a.bin
      <prompt for tftp server name or ip address> 192.168.1.1

      M      DS9148V# copy tftp: bootflash:
      <prompts for file name> m9148v-s8ek9-mz.9.3.2a.bin
      <prompt for tftp server name or ip address> 192.168.1.1

      Enter this command into the CLI in order to verify the checksum and the MD5 checksum:
      Valid MD5 checksum example:

      MDS9148V# show version image m9148v-s8ek9-mz.9.3.2a.bin
      MD5 Verification Passed
        image name: m9148v-s8ek9-mz.9.3.2a.bin
        bios: v1.05.0(05/14/2022)
        system: version 9.3(2a)
        compiled: 4/25/2023 12:00:00 [05/12/2023 18:58:57]

      Example of MD5 checksum that is invalid, and must be re-downloaded.

      MDS9148V# show version image m9148v-s8ek9-mz.9.3.2a.bin
      MD5 Verification Failed
      Image integrity check failed
    11. Enter this command into the CLI in order to view the impact of this new code installation, check the images, and ensure that they are compatible with the switch:

      MDS9148V# show install all impact kickstart bootflash:m9148v-s8ek9-kickstart-mz.9.3.2a.bin
       system bootflash:m9148v-s8ek9-mz.9.3.2a.bin

      Tip: This command must be entered as a single line, not two separate lines. This command is <u> not </u> used for installation, but it can be used in order to verify the installation process and provide a report showing the versions it comes from and goes to. It also displays if this upgrade is disruptive or non-disruptive when the time comes to execute the upgrade.

      Note: All file transfer sessions (like SFTP/SCP) to the switch must be closed before beginning the upgrade/downgrade process. Any open file transfer sessions can cause the switch to disruptively reload at the time of ISSU/D. See CSCvo22269 and CSCvu52058 for more information. Clients have complained that MobaXterm opens an SFTP session when opening an SSH session, and can prevent the upgrade from occurring.

    12. As an optional step, you can enter the show incompatibility system bootflash:m9148v-s8ek9-mz.9.3.2a.bin command into the CLI. Here is an example:

      MDS9148V# show incompatibility system bootflash:m9148v-s8ek9-mz.9.3.2a.bin

      Cisco Fabric Services (CFS)

      The following configurations on active are incompatible with the system image:
      1) Service : cfs , Capability : CAP_FEATURE_CFS_ENABLED_DEVICE_ALIAS
      Description : CFS - Distribution is enabled for DEVICE-ALIAS
      Capability requirement : STRICT
      Disable command : no device-alias distribute
    13. Enter this command into the CLI in order to install the firmware:

      MDS9148V# install all kickstart bootflash:m9148v-s8ek9-kickstart-mz.9.3.2a.bin
       system bootflash:m9148v-s8ek9-mz.9.3.2a.bin

      Tip: This command must be entered on a single command line. Ensure that you monitor the impact table closely.

    14. If having to upgrade through multiple hops to get to your target firmware version, repeat the whole process from Step 1. It is important to always read the Release Notes, save backups of the running configuration, and collect show tech-support details between reaching the MDS release when making multiple hops.

    Revision History

    Revision Publish Date Comments
    1.0
    01-Sep-2021
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Jim Hicks
      Cisco TAC Engineer

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products