CCIE Pursuit Blog

June 30, 2007

Early Morning Hieroglyphics and 3750s

Filed under: IOS,Switching,Work — cciepursuit @ 8:34 am

I stumbled into work this morning and started checking my email before I began to ingest my daily dose of caffeine.  I received the following email from a co-worker (switch names have been changed to protect the innocent – and to make sure I don’t get fired):

Subject: Nac change for 6 am
need a reload and the config change for NAC IOS code is there need reload
productionswitch01
productionswitch02

need to be reloaded
productionswitch03
productionswitch04

The guy who sent me the email is a great guy and English IS his native tongue, but typing is a chore for him.  I couldn’t even begin to parse that first sentence, so I decided to do the easy stuff first and just reload the last two switches.

Before I reload a switch I do a check to make sure that the configuration is written, all of the uplinks are up/up, that I have out-of-band (dial in) access (if available), and that the new IOS version is loaded and set to be booted.  The last bit was throwing me for a loop when I looked at the 3750s this morning:

productionswitch03#sh ver
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 12.2(25)SEE1,
 RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Mon 22-May-06 08:51 by yenanh
Image text-base: 0x00003000, data-base: 0x01210B18

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.1(14r)EA1a, RELEASE SOFTWA
RE (fc1)

productionswitch03 uptime is 23 weeks, 3 days, 8 hours, 52 minutes
System returned to ROM by power-on
System restarted at 20:22:40 cst Tue Jan 16 2007
System image file is “flash:c3750-ipservicesk9-mz.122-25.SEE1.bin

Weird.  Generally I expect to see the new IOS version int the “System image file is” section.  Let’s make sure that there is a newer IOS version in flash:

The newer version is in flash (12.2(35)SE2)
productionswitch03#sh flash
Directory of flash:/
    2  drwx         128  Jan 16 2007 14:19:41 -06:00  c3750-ipservices-mz.122-25.SEB2
  360  -rwx         109  Feb 28 1993 19:49:49 -06:00  info
  361  -rwx        1216  Feb 28 1993 18:01:08 -06:00  vlan.dat
    3  -rwx       14093  Feb 28 1993 18:01:37 -06:00  config.text
    5  -rwx        4917  Feb 28 1993 18:01:38 -06:00  private-config.text
  362  drwx         192  Jun 29 2007 21:02:20 -05:00  c3750-ipservicesk9-mz.122-35.SE2
    6  -rwx        3096  Feb 28 1993 18:01:38 -06:00  multiple-fs

Is there something in the configuration pointing to the newer IOS?

productionswitch03#sh run | i boot
productionswitch03#

Nothing.  Hmmm….let’s check the “bootvar”…well, it’s just “boot” on the 3750:

productionswitch03#sh boot
BOOT path-list      : flash:c3750-ipservicesk9-mz.122-35.SE2/c3750-ipservicesk9-
mz.122-35.SE2.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
HELPER path-list    :
Auto upgrade        : yes

Sweet.  So the newer IOS image is in flash and the switch will boot to that image.  But we did not configure it to choose that image, so why would it boot to the newer image versus the older one?  Here’s what the 3750 Configuration Guide has to say about that:

“By default, the switch attempts to automatically boot the system using information in the BOOT environment variable. If this variable is not set, the switch attempts to load and execute the first executable image it can by performing a recursive, depth-first search throughout the flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory. However, you can specify a specific image to boot.”

The 3750 IOS Command Guide says the following about the “BOOT path-list”:

“Displays a semicolon separated list of executable files to try to load and execute when automatically booting.”

That explains why both IOS versions are listed after that variable.  I am still interested in how the switch chose to boot to the newer image first.  Does the switch choose the most recently added image if “boot system” is not configured?  Or did we just get lucky in that the switch found the newer IOS first in its “recursive, depth-first search throughout the flash file system”?

I should have mentioned this before, but the switch that I am looking at is a single switch (not a member of a stack).

Maybe the answer lies in the “archive download-sw” command used to add the new IOS version to flash.  Here are the configuration options for that command:

archive download-sw {/force-reload | /imageonly | /leave-old-sw | /no-set-boot | /no-version-check | /destination-system stack-member-number | /only-system-type system-type | /overwrite | /reload | /safe} source-url

I’m not sure what variables my co-worker used when downloading the IOS from the TFTP server.  I generally use “/overwrite”.  It doesn’t look like he used that option as both images were still in flash.

Ah!  Here’s the answer:

Defaults
The current software image is not overwritten with the downloaded image.
Both the software image and HTML files are downloaded.
The new image is downloaded to the flash: file system.
The BOOT environment variable is changed to point to the new software image on the flash: file system.
Image names are case sensitive; the image file is provided in tar format.
Compatibility of the stack protocol version on the image to be downloaded is checked with the version on the switch stack.

That explains why the switch booted to the new image.  It doesn’t seem that the IOS explicitly configures the “boot system” variable (in the running/startup config), but it does update the BOOT path-list to choose the IOS that was most recently added to flash as the first IOS version to boot.

Let’s reload this sucker and see what IOS version it boots:

After reload:
Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version 12.2(35)SE2,
RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Tue 06-Feb-07 05:07 by antonino
Image text-base: 0x00003000, data-base: 0x0138517C

ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.1(14r)EA1a, RELEASE SOFTWARE (fc1)

productionswitch03 uptime is 3 minutes
System returned to ROM by power-on
System restarted at 06:31:22 CDT Sat Jun 30 2007
System image file is “flash:c3750-ipservicesk9-mz.122-35.SE2/c3750-ipservicesk9-mz.122-35.SE2.bin

productionswitch03#sh boot
BOOT path-list      : flash:c3750-ipservicesk9-mz.122-35.SE2/c3750-ipservicesk9-mz.122-35.SE2.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
HELPER path-list    :
Auto upgrade        : yes
Auto upgrade path   :
productionswitch03#sh flash

Directory of flash:/

    2  drwx         128  Jan 16 2007 14:19:41 -06:00  c3750-ipservices-mz.122-25.SEB2
  360  -rwx         109  Feb 28 1993 19:49:49 -06:00  info
  361  -rwx        1216  Feb 28 1993 18:01:08 -06:00  vlan.dat
    3  -rwx       14093  Feb 28 1993 18:01:37 -06:00  config.text
    5  -rwx        4917  Feb 28 1993 18:01:38 -06:00  private-config.text
  362  drwx         192  Jun 29 2007 21:02:20 -05:00  c3750-ipservicesk9-mz.122-35.SE2
    6  -rwx        3096  Feb 28 1993 18:01:38 -06:00  multiple-fs

15998976 bytes total (4133376 bytes free)

Mystery solved!  Not really a CCIE issue, but good to know anyways.  Now to figure out what the fuck “need a reload and the config change for NAC IOS code is there need reload” means.  🙂

Cisco Documentation:

Catalyst 3750 Switch Command Reference
Cisco IOS Release 12.2(25)SEE

Catalyst 3750 Switch SoftwareConfiguration Guide
Cisco IOS Release 12.2(25)SEE

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: