站長新書 站長開講 首頁 最新文章 站長著作及審校 FreeBSD 筆記 Linux 筆記 Windows 筆記 虛擬化筆記 網管人雜誌 遊山玩水 關於本站
站長新書 VMware vSphere ICM 團購開跑了!!

Catalyst 2950-IOS 版本升級

前言

當 Switch 若有些小 Bug 而那些 Bug 又會影響到您的作業時就請更新至較新版本的 IOS,再更新 IOS 以前建議您先將目前 IOS 進行備份,以免升級失敗或其它因素造成運作失常時我們還有本來穩定的 IOS 版本可以恢復,而 IOS 來源 (Source) 或目的地 (Destination) 皆可為 RAM、NVRAM、Flash、TFTP 而它們彼此間又可將互相複製資料 (如下圖所示)

RAM、NVRAM、TFTF 可互相複製

實作環境

安裝及設定

透過電腦的 RS-232 Port 用原廠附的 Console 線與 Cisco Catalyst 2950 的 Console Port 對接,超級終端機設定值如下

Com Port 設定內容

步驟1.查詢目前 Switch 使用的 IOS

使用 show boot 指令查詢可知目前使用的 IOS 檔案為 c2950-i6q4l2-mz.121-19.EA1a.bin

 Switch#show boot
 BOOT path-list:       flash:c2950-i6q4l2-mz.121-19.EA1a.bin
 Config file:          flash:/config.text
 Private Config file:  flash:/private-config.text
 Enable Break:         no
 Manual Boot:          NO
 HELPER path-list:
 NVRAM/Config file
       buffer size:    32768

查看 flash 空間使用狀況

 Switch#show file systems | include flash:
 *    7741440     3240960     flash     rw   flash
      7741440     3240960   unknown     rw   zflash:

列出 flash 內檔案清單及使用狀況

 Switch#dir flash:
 Directory of flash:/
    2  -rwx         108   Mar 01 1993 00:03:15  info
    3  -rwx     2980487   Mar 01 1993 00:04:32  c2950-i6q4l2-mz.121-19.EA1a.bin
    4  drwx         640   Mar 01 1993 00:05:22  html
   15  -rwx         108   Mar 01 1993 00:05:22  info.ver
   17  -rwx         350   Jan 01 1970 00:01:25  env_vars
   18  -rwx         856   Mar 01 1993 00:00:18  vlan.dat
 7741440 bytes total (3240960 bytes free)

步驟2.設定 Switch 管理 IP

若您的 Switch 已設定管理 IP,則請忽略此步驟,下列為設定 Switch 管理 IP 至預設的 VLAN (VLAN1) 上

 Switch#conf t                                                   //進入 Configure 模式
 Switch(config)#int vlan 1                                       //進入 VLAN 1
 Switch(config-if)#ip address 192.168.1.1 255.255.255.0          //指定 IP Address
 Switch(config-if)#no shutdown                                   //啟用 VLAN 1
 Switch(config-if)#exit
 Switch(config)#exit
 Switch#sh interfaces vlan 1                                     //顯示 VLAN1 資訊
 Vlan1 is up, line protocol is down
   Hardware is CPU Interface, address is 000c.8504.9d80 (bia 000c.8504.9d80)
   Internet address is 192.168.1.1/24                            //VLAN 1 的 IP 設定成功
 ...略...

Switch 設定 IP Address 完成後,確定 Switch 跟 TFTP Server 的主機能互相 Ping 得到

 C:\>netstat -na | find ":69"                                    //確定 TFTP Service 有啟動
  UDP    0.0.0.0:69             *:*
 C:\>ping 192.168.1.1                                            //確定與 Switch 能溝通
 Ping 192.168.1.1 (使用 32 位元組的資料): 
 回覆自 192.168.1.1: 位元組=32 時間=4ms TTL=255 
 回覆自 192.168.1.1: 位元組=32 時間=1ms TTL=255
 回覆自 192.168.1.1: 位元組=32 時間=1ms TTL=255
 回覆自 192.168.1.1: 位元組=32 時間=1ms TTL=255
 192.168.1.1 的 Ping 統計資料:
     封包: 已傳送 = 4,已收到 = 4, 已遺失 = 0 (0% 遺失),
 大約的來回時間 (毫秒):
     最小值 = 1ms,最大值 = 4ms,平均 = 1ms
 Switch#ping 192.168.1.2                                         //確定 Switch 能與 TFTP Server 溝通
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
 !!!!!
 Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms

步驟3.備份繼有的 IOS

在升級 IOS 前建議先備份繼有的 IOS,如此一來當升級後的 IOS 若有問題的話可以很快的使 Switch 恢復為原來的狀態

 Switch#copy flash:c2950-i6q4l2-mz.121-19.EA1a.bin tftp          //將目前 IOS 上傳至 TFTP Server 上
 Address or name of remote host []? 192.168.1.2                  //指定 TFTP Server IP Address
 Destination filename [c2950-i6q4l2-mz.121-19.EA1a.bin]?         //目前 IOS 上傳至 TFTP Server 後的檔案名稱
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 2980487 bytes copied in 19.124 secs (131084 bytes/sec)          //上傳目前 IOS 至 TFTP Server 成功 

步驟4.下載新版本 IOS

此步驟分別二部份即從 TFTP Server 下載 .bin 或 .tar,差別在於 .bin 為更新 CLI 部份,而 .tar 為連 Web 管理介面一起更新所以步驟 4-1 及 4-2 請依個人環境擇一即可,在從 TFTP Server 下載新版 IOS 以前請先確定 flash 空間足夠,若不夠的話請將目前的 IOS 檔案刪除

 Switch#delete flash:c2950-i6q4l2-mz.121-19.EA1a.bin             //刪除繼有的 IOS 檔案
 Delete filename [c2950-i6q4l2-mz.121-19.EA1a.bin]?              //刪除 IOS 檔案名稱
 Delete flash:c2950-i6q4l2-mz.121-19.EA1a.bin? [confirm]         //確定刪除
 Switch#dir flash:
 Directory of flash:/
    2  -rwx         108   Mar 01 1993 00:03:15  info
    4  drwx         640   Mar 01 1993 00:05:22  html
   15  -rwx         108   Mar 01 1993 00:05:22  info.ver
   18  -rwx         856   Mar 01 1993 00:00:19  vlan.dat
   20  -rwx         352   Mar 01 1993 01:11:42  env_vars
 7741440 bytes total (6068224 bytes free)

步驟4-1.下載新版本 IOS (.bin)

此步驟為 Switch 從 TFTP Server 上下載新版的 IOS (.bin) 也就是只有更新 CLI 部份

 Switch#copy tftp flash                                          //從 TFTP Server 上下載新版的 IOS
 Address or name of remote host []? 192.168.1.2                  //指定 TFTP Server IP Address
 Source filename []? c2950-i6k2l2q4-mz.121-22.EA13.bin           //TFTP Server 上新版 IOS 的檔案名稱
 Destination filename [c2950-i6k2l2q4-mz.121-22.EA13.bin]?       //下載至 Switch 後的 IOS 檔案名稱
 Accessing tftp://192.168.1.2c2950-i6k2l2q4-mz.121-22.EA13.bin...
 Loading c2950-i6k2l2q4-mz.121-22.EA13.bin from 192.168.1.2 (via Vlan1):  
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 [OK - 3721946 bytes]
 3721946 bytes copied in 108.180 secs (34405 bytes/sec)          //下載 IOS 成功

Switch 下載新版 IOS 成功後,檢查一下 Switch 是否有看到該檔案

 Switch#dir flash:
 Directory of flash:/
    2  -rwx         108   Mar 01 1993 00:03:15  info
    3  -rwx     3721946   Mar 01 1993 03:33:19  c2950-i6k2l2q4-mz.121-22.EA13.bin
    4  drwx         640   Mar 01 1993 00:05:22  html
   15  -rwx         108   Mar 01 1993 00:05:22  info.ver
   18  -rwx         856   Mar 01 1993 00:00:19  vlan.dat
   20  -rwx         352   Mar 01 1993 01:11:42  env_vars
 7741440 bytes total (2345472 bytes free)

在更新以前驗證 IOS 檔案 (確保此 IOS 沒被加料)

 Switch#verify flash:c2950-i6k2l2q4-mz.121-22.EA13.bin
 Verified flash:c2950-i6k2l2q4-mz.121-22.EA13.bin

步驟4-2.下載新版本 IOS (.tar)

此步驟為 Switch 從 TFTP Server 上下載新版的 IOS 及 CMS (.tar) 也就是更新 CLI 及 CMS(Cluster Management Suite) 部份,首先請刪除舊有 html 資料夾內檔案

 Switch#delete flash:html/*                                      //刪除繼有的 html 資料夾內所有檔案
 Delete filename [html/*]?
 Delete flash:html/homepage.htm? [confirm]
 ...略...
 Switch#dir flash:html/*                                         //確定 html 資料夾內容為空的
 Directory of flash:html/*
 No files in directory
 7741440 bytes total (7735808 bytes free)                        //flash 剩餘空間

從 TFTP Server 上下載新版的 IOS 及 CMS (.tar) 並解開至 flash 內

 Switch#archive tar /xtract tftp://192.168.1.2/c2950-i6k2l2q4-tar.121-22.EA13.tar flash:
 Loading c2950-i6k2l2q4-tar.121-22.EA13.tar from 192.168.1.2 (via Vlan1):
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 extracting info (112 bytes)
 extracting c2950-i6k2l2q4-mz.121-22.EA13.bin (3721946  bytes)
 ...略...
 extracting html/images/10gig_gray.gif (225 bytes)
 extracting html/images/toolbar_button_tile.gif (160 bytes)
 extracting html/images/92908.gif (3691 bytes)!
 extracting info.ver (112 bytes)!!
 [OK - 5744640 bytes]

順利將 .tar 解開至 Switch 內後檢查相關檔案是否正確存於 flash 中

 Switch#dir flash:
 Directory of flash:/
    2  -rwx         112  Mar 01 1993 00:37:38 +00:00  info
    3  -rwx     3721946  Mar 01 1993 00:40:24 +00:00  c2950-i6k2l2q4-mz.121-22.EA13.bin
    4  drwx        4416  Mar 01 1993 00:41:12 +00:00  html
   15  -rwx         112  Mar 01 1993 00:41:57 +00:00  info.ver
   16  -rwx        1517  Mar 01 1993 03:43:51 +00:00  config.text
   17  -rwx           5  Mar 01 1993 03:43:51 +00:00  private-config.text
   18  -rwx         856  Mar 01 1993 00:00:20 +00:00  vlan.dat
   20  -rwx         355  Mar 01 1993 03:40:35 +00:00  env_vars
 7741440 bytes total (2144256 bytes free)

在更新以前驗證 IOS 檔案 (確保此 IOS 沒被加料)

 Switch#verify flash:c2950-i6k2l2q4-mz.121-22.EA13.bin
 Verified flash:c2950-i6k2l2q4-mz.121-22.EA13.bin

步驟5.指定 Switch 載入新版 IOS

利用 boot system 指令來指定 Switch 使用新版的 IOS 來開機

 Switch#conf t
 Switch(config)#boot system flash:c2950-i6k2l2q4-mz.121-22.EA13.bin  //指定 Switch 使用新版的 IOS 來開機
 Switch(config)#exit
 Switch#sh boot
 BOOT path-list:       flash:c2950-i6k2l2q4-mz.121-22.EA13.bin       //確定是否使用新版的 IOS 來開機
 Config file:          flash:/config.text
 Private Config file:  flash:/private-config.text
 Enable Break:         no
 Manual Boot:          NO
 HELPER path-list:
 NVRAM/Config file
       buffer size:    32768

步驟6.套用設定並將 Switch 重新開機

確定 Switch 套用新版 IOS 後利用 wirte memory 指令來套用設定至 Running-Config 後將 Switch 重新開機

 Switch#write memory                                            //套用設定至 Running-Config
 Building configuration...
 [OK]
 Switch#reload                                                  //Switch 重新開機
 Proceed with reload? [confirm]                                 //確認重新開機

步驟7.開機後 IOS 版本確認

Switch 重新開機後使用 show version 指令來確認是否正確載入新版 IOS

 Switch#sh version
 Cisco Internetwork Operating System Software
 IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA13, RELEASE SOFTWARE (fc2)
 Technical Support: http://www.cisco.com/techsupport
 Copyright (c) 1986-2009 by cisco Systems, Inc.
 Compiled Fri 27-Feb-09 22:20 by amvarma
 Image text-base: 0x80010000, data-base: 0x80680000
 ROM: Bootstrap program is C2950 boot loader
 Switch uptime is 0 minutes
 System returned to ROM by power-on
 System image file is "flash:c2950-i6k2l2q4-mz.121-22.EA13.bin"

參考

[Upgrading Software Images on Catalyst 2950 and 2955 Series Switches Using the Command Line Interface - Cisco Systems]

[ Cisco Systems - Tools & Resources Download Software]

[Software Upgrade Procedure - Cisco Systems]

[TFTPD32 : a opensource TFTP server/service for windows : TFTP server]

[TFTP Server Selection and Use - Cisco Systems]

[Software Upgrade Procedure - Cisco Systems]

[Troubleshooting Essentials CiscoWorks Resource Manager Essentials - Cisco Systems]

[Use of the Configuration Register on All Cisco Routers - Cisco Systems]

Me FAQ

Q1.TFTP Server 與 Switch 無法互 Ping?

Error Meaage:

設定好 Switch IP 後發現 TFTP Server 與 Switch 無法互 Ping?

 Switch#ping 192.168.1.2                                        //Switch 無法 Ping 到 TFTP Server        
 Type escape sequence to abort.
 Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
 .....
 Success rate is 0 percent (0/5)
 C:\>ping 192.168.1.1                                           //TFTP Server 無法 Ping 到 Switch 
 Ping 192.168.1.1 (使用 32 位元組的資料): 
 回覆自 192.168.1.1: 位元組=32 時間=2ms TTL=255 
 回覆自 192.168.1.1: 位元組=32 時間=6ms TTL=255
 回覆自 192.168.1.1: 位元組=32 時間=2ms TTL=255
 回覆自 192.168.1.1: 位元組=32 時間=1ms TTL=255
 192.168.1.1 的 Ping 統計資料:
     封包: 已傳送 = 4,已收到 = 4, 已遺失 = 0 (0% 遺失),
 大約的來回時間 (毫秒):
     最小值 = 1ms,最大值 = 6ms,平均 = 2ms

Ans:

因為 Switch 預設會開啟 Spanning-tree 功能,而此次的測試環境為 TFTP Server 與 Switch 接到公司的下層 Switch 上,因為這樣接會造成 Loop 的問題所以 Spanning-tree 便會將該 Port 設為 Block.

 Switch#sh spanning-tree vlan 1
 VLAN0001
   Spanning tree enabled protocol ieee
   Root ID    Priority    32769
              Address     000c.8504.9d80
              This bridge is the root
              Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
   Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
              Address     000c.8504.9d80
              Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
              Aging Time 300
 Interface        Role Sts Cost      Prio.Nbr Type
 ---------------- ---- --- --------- -------- --------------------------------
 Fa0/8            Desg BKN*19        128.8    P2p *TYPE_Inc         //此 Port 為 Block

將 TFTP Server 與 Switch 直接對接可發現 Spanning-tree 變為 Forwarding 也使二方可以互相 Ping 到,若您不想改變接法的話就請把 Spanning-tree 功能關閉吧。

 Switch#conf t
 Switch(config)#no spanning-tree vlan 1

Q2.TFTP: error code 2 received - Access violation?

Error Meaage:

要從 Switch 備份 IOS 至 TFTP Server 時發生問題?

 Switch#copy flash:c2950-i6q4l2-mz.121-9.EA1.bin tftp
 Address or name of remote host []? 192.168.1.2
 Destination filename [c2950-i6q4l2-mz.121-9.EA1.bin]?
 TFTP: error code 2 received - Access violation

Ans:

造成此原因為權限問題,安裝的 Tftpd32 其預設路徑在 C:\Program Files\Tftpd32 下請調整相關權限,快一點的方法是在 C:\ 建立資料夾即可 (ex. C:\Cisco_IOS) 解決此一問題

 Switch#copy flash:c2950-i6q4l2-mz.121-19.EA1a.bin tftp            //將目前 IOS 上傳至 TFTP Server 上
 Address or name of remote host []? 192.168.1.2                    //指定 TFTP Server IP Address
 Destination filename [c2950-i6q4l2-mz.121-19.EA1a.bin]?           //目前 IOS 上傳至 TFTP Server 後的檔案名稱
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 2980487 bytes copied in 19.124 secs (131084 bytes/sec)            //上傳目前 IOS 至 TFTP Server 成功 
Go To Oddmuse OrgGo To FreeBSD OrgCreative Commons 2.5 Taiwansitestates.com