ICND2 200-105

ICND2 200-105

Managing Cisco IOS Image Files

Loading Cisco IOS image files

Here is a flowchart that visually represents everything we just discussed. Router boots up. What's our default configuration register value? If it hasn't been changed, it's 2102, but that has to be examined. And when the router examines it, if it's 0, what does that mean? Load to the ROM monitor, or ROMMON, mode. If it's 2, look at NVRAM and examine the boot system commands sequentially. But if it's 1, immediately look in Flash and find the very first IOS image in Flash and load it.

Router Boot-up Process Flow

So let's say we went through that first step, load that first file in Flash, great. But what happens in the absence of an operating system we can find on the local chassis? We're going to do that function of booting on a TFTP server. I'm not a fan of this feature, but you could use this as a backup. We will not teach you how to set that up. There are plenty of white papers on Cisco, I'm sure they've got it pretty well documented. And then chances are, it's going to go to ROM monitor mode, okay. The way that I think about it is, we jump from, "Hey, I can't find an operating system locally and I haven't prepared a TFTP server for it." Then we boot to ROM monitor mode. So we could have told the device to boot to the ROM monitor mode by setting the boot field to 0. But my conclusion, normally, when I see a device where I'm consoled in, I find myself in the ROMMON mode, my conclusion is, I wasn't able to load an operating system. Maybe the operating system was erased, became corrupted, maybe it never existed in the first place, or maybe it can't load it for some reason.

We're going to find ourselves there and then we're going to think to ourselves oh, okay, I got to copy my config. And if you're a modem person, if you ever did BBSing, Bulletin Board Systems, back in the day, you can X modem through the rollover cable, through the terminal program in the ROM monitor mode. You can also prepare things like a rudimentary IP address, subnet mask, default gateway to do a copy command. But now there's the slow way, transferring via X modem and there's the fast way, copying via an IP address. And I actually prefer the X modem because it's a little bit simpler to do. But it's going to take you like 16 hours, I'm not even joking, like 16 hours overnight to transfer that operating system.

Our operating system is, typically, a compressed binary file. So once it's located in Flash, we'll have to decompress it, that's what we're showing here.

System Bootstrap, Version 15.0(1r)M15, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2011 by cisco Systems, Inc.

Total memory size = 512 MB - On-board - 512 MB, DIMM0 - 0 MB
CISCO2901/K9 platform with 524288 Kbytes of main memory
Main memory is configured to 72/-1(On-board/DIMM0) bit mode with ECC enabled

Readonly ROMMON initialized
program load complete, entry point 0x80803000, size: 0x1b340
program load complete, entry point 0x80803000, size: 0x1b340

IOS Image Load Test

_________________
Digitally Signed Release Software
program load complete, entry point: 0x81000000, size: 0x5d433c0

Self decompressing the image:
#######################################################################################
#######################################################################################
#######################################################################################
#######################################################################################
#######################################################################################
#######################################################################################
###########################[OK]
<output omitted>

Self decompresses that image, that's what all those number signs are notifying us that it is doing the decompression process. And then where do we put the decompressed IOS?

We load it into RAM. So we do not run the operating system from the binary file directly, we do not run it from Flash directly, we're trying to get it running in RAM. So we gave you a new thing that runs and is inside of RAM. We told you things like the running-config, the routing table, OSPF topology table, but also now we have the extract, we have the expression of the operating system inside of RAM.

Where can we verify our configuration register value? Do you remember? Typing in show version, it's right at the bottom. But what else can we gather from the output of show version?

Router#show version
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(4)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Thu 26-Jul-12 20:54 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M15, RELEASE SOFTWARE (fc1)

Router uptime is 42 minutes

System returned to ROM by reload at 11:39:24 UTC Sun Mar 1 2014
System image file is "flash0:c2900-universalk9-mz.SPA.152-4.M1.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command
<output omitted>

Cisco CISCO2901/K9 (revision 1.0) with 483328K/40960K bytes of memory.
Processor board ID FCZ1642C5XJ
2 Gigabit Ethernet interfaces
1 Serial(sync/async) interface
1 terminal line
DRAM configuration is 64 bits wide with parity enabled.
255K bytes of non-volatile configuration memory.
250880K bytes of ATA System CompactFlash 0 (Read/Write)
<output omitted>

Configuration register is 0x2102

Well I can see my operating system version. So at the very top line, I can see the active operating system on this chassis and the things that I look for. Well what kind of chassis? I'm on a 2900, this is a router. I'm running IOS 15.2. We'll also be talking about things like the new structure for operating systems and the feature set that is enabled. Universal is something you're going to see on a lot of the things like the Integrated Service Router 2nd generation, or ISR2, which this is. It's kind of, like a generation of router chassis, 2811 would be a ISR1. Well so I'm running IOS 15.2, looks good. I'm also going to be looking at things like, oh, my bootstrap. If I'm dealing with some incompatibility, I might look there. I can see my operating system file, system image file. And don't manipulate the names of these operating systems folks. They have a name that is a pretty good amount of information about things, like exactly what revision of operating system this is. So don't go, "Hey, this is branch A's operating system." That's going to work against you in the long run and I encourage you not to do it.

Then some things that I don't really care about here, but then the amount of memory, that is useful, okay, that is useful. Getting a sense of how much RAM is running on the chassis can tell you what sorts of things you could do with it, and that's the place to come. show version is the place to come to see how many megabytes of RAM are on the chassis. We can also see the things like NVRAM, Flash, also useful, and thankfully, we don't get constrained nearly as much these days, but back when we started up, we were dealing with chassis that had like 8 MBs of RAM and 8 MBs of Flash. And I'll tell you that caused some heartache for us because you might have not been able to fit that operating system in either RAM or Flash. Now it's stored in Flash but you might not have enough RAM to support it. So this is a pretty useful output.

Loading Cisco IOS configuration files

So the IOS has been loaded, looking good so far. What about that configuration file? If it's a brand-new device, I'm not going to worry about that configuration file because there won't be any yet in NVRAM. But if it's a router or a switch that's in our production network, definitely, there should be some type of configuration file stored in NVRAM. So that's the first place our device looks. Is it in NVRAM? Yes load it, it's as simple as that. But if it's not, what can happen from there?

Well we've already told you. We can try to boot from or get the config from the TFTP server, okay. It's possible to do that, it's not a common configuration, and so what is more likely is, the answer to the second flowchart breakout is, no. We don't have an active link or we've tried it and we failed, then we do the initial config dialog, also called system config dialog. Switches will do this also and you do not want to get yourself into this series of questions. We've gotten you to a point where you shouldn't use it on a router and a switch. This is questionably useful on routers and switches, it's far more useful on other kinds of chassis.

So our device has found the configuration file in NVRAM. What does it do with it now? Do we run it from NVRAM? No not at all, we have to load it into RAM. Remember, RAM is where everything is happening right now on our device. NVRAM would be simply a backup of the running configuration at that point in time that we took the snapshot by typing in copy running-config startup-config. So we load it into RAM and it runs from there.

You can verify what's in RAM with what command? show running-config.

And we can verify what's in NVRAM by using what command? show startup-config.

Managing Cisco IOS images

Are we just going to stick with the same IOS image that came with our device for the life of our device? More than likely not. There are going to be issues with that IOS image, possibly bugs that need to be fixed. So at some point in time, we'll have to upgrade that IOS image.

But let's make sure we understand the right mindset here. We're not going to be doing the opposite, where we get into a situation where we're going to upgrade every single time Cisco comes up with a slightly new revision either, even jumping from IOS 15.0 to 15.1 to 15.2, which are major releases, right? Cisco might call them a minor release but it's a pretty big deal anytime we jump from 1 decimal point to another. It's a huge change when we jump from like 12 to 15, although we don't perceive most of that inside of the operating system. It's not like these are really different. But I don't want you to think we're in the same upgrade cycle like a desktop or even a server computer is, no.

If you're running 12.4 for instance and it's working perfectly for you, you're not going to go looking for upgrading to 15.2 just because it's out there. You need to have some trigger, some meaningful thing like what we mentioned - bugs, features, that's the emphasis to make us doing an upgrade, okay, because there's going to be an impact. And you have to copy this, you get it copied, reload the device, causing outages. You have to find a time to do that and you do not do that on a whim.

Deciphering Cisco IOS image filenames

So, we stated earlier, we'll find our IOS image in flash. So I do a show flash, and I'm looking though flash. And we also stated that it's a binary file, so it's going to have a .bin extension. So I find it and I'm looking at this really long and complicated filename now. I'm going to decode this for you.

c2900-universalk9-mz.SPA.15.2.M1.bin

They've got some of the information right here. It's for a Cisco 2900, this is a router. When I talk to you about the feature set, but the feature set here is universal. Other feature sets in earlier generations, like IOS 12.0, 12.1, 12.2, 12.3, 12.4, they would have things like advanced IP, enterprise IP, service provider, IP plus... Then we move on and I see k9, which has to do with some encryption. This is not a really important section. This page for instance, is not super important to your exam success, but I'm going to tell you, "Bite the bullet now." M runs in RAM, okay. Just like we told you M runs in RAM, you pretty much going to find that all the time. Z is compressed, great. Know those 2 letters, they're pretty important. Then to the right of it, the IOS version 15.2, and then you should expect a .bin extension.

Creating the Cisco IOS image backup

Why might we want to back up our Cisco IOS image? Is there really a need for that? Honestly, if something happens to that IOS image, am I not able to just go back to Cisco and grab another one, why back it up?

You would be able to do that, if assuming your credentials didn't change and things of that nature, but here's the deal. We want to have the highest availability possible in our network. Availability is all about uptime. And to maintain a high level of uptime, we need to minimize outages and when outages do occur, we need to solve them quickly. So what I would want you to understand is, part of getting that solution quickly is knowing exactly where to go, having the exactly the right operating system right up there, and then you get your IP connectivity in ROMMON, you copy that, and you're up and running in half an hour instead of 90 minutes. That's a big difference. And the reason why we care about this is you want to have the right operating system.

If you've got a tried and true operating system out there in the wild running in your production network, well you want to make sure that you can revert to that, instead of guesstimating from the sea of operating systems that Cisco might have out there. And then you accidentally download a different operating system and it's an early release and it doesn't work exactly right. You want the general deployment operating systems, get those, and then you want commonality. If you've got 30 routers of the same type, you only need one backup, right? If they're running the exact same operating system, maybe you put in a few locations for ease of access, but this a big deal. Fix the problem faster, improving the mean time to repair. So not only do you want to back up your configs, you want to back up your operating systems.

So let's make sure we have connectivity to the server that we're going to backup the operative system to. In this case, it's a TFTP server. How do we do that? Ping it, great. You have successful connectivity. Now we also need to make sure we have the right amount of disk space on that TFTP server to store our IOS image. So hopefully, we have that disk space. But we can verify the size of the IOS image in flash. show flash will tell us the size of that. And then, also double-check the TFTP server to make sure that you have that amount of space to store that. And then lastly, we use our copy command. Copy source to destination - that's how the copy command works every time; copy source to destination. So what is the source here? Well we want to create a backup image of our IOS, so our source is flash, that's where we'll find our IOS image. And the destination is going to be a TFTP server.

Router#copy flash0: tftp:
Source filename []? c2900-universalk9-mz.SPA.152-4.M1.bin
Address or name of remote host []? 172.16.1.100
Destination filename []? c2900-universalk9-mz.SPA.152-4.M1.bin
!!!!!!!!!!!!!!!!!!
<output omitted>
97794040 bytes copied in 363.468 secs (269058 bytes/sec)

So copy flash to tftp, and then it'll ask us what's the source file name? Copy and paste that from flash, put it right in there. What's the IP address of that TFTP server? Type it in and we're done. They're copied over for us.

Upgrading Cisco IOS images

So let's talk about the workflow of getting a new operating system on a chassis. This really also does apply to the Catalyst chassis as well, just so we're clear. We do the same thing even though we're talking about a router. So the first thing is you got to get the operating system from Cisco.com. So you're going to go up to the software center, you're going to need to log in, find the operating system of choice that you want to apply to your device. You're going to download that and it's going to allow you to download it to your local PC. And if your local PC is working as a TFTP server, great. If your TFTP server is elsewhere, you got to get it into the TFTP folder that is on that TFTP server. So it might be C:\TFTP root, for instance, okay. Get it over there somehow, someway. Then you're ready to start looking at getting it from that TFTP server externally to the chassis. So you need IP connectivity between the TFTP server and the chassis in question. So you could ping, and you could ping with IPv4, or if you happen to have IPv6 connectivity, I suppose you could use that also, okay. Then you want to make sure that your router has enough flash space.

So make sure you do have room with the show flash command. I'll be honest, I sometimes skip this step. It is going to tell us if I don't have enough room. The copy command will error out, but do the right thing. Do a show flash, then do the copy command. Now I want you thinking, "How do I get the IOS from there to here? What's the basic structure of that copy command?". I'm doing a copy, trying to pull from the TFTP server, place it in flash. What's the syntax I should be thinking about?

copy source destination. So what is the source? The source is the TFTP server. What's the destination? flash on our router.

Branch#copy tftp: flash0:
Address or name of remote host []? 2001:DB8:AC10:100::64
Source filename []? c2900-universalk9-mz.SPA.152-4.M1.bin
Destination filename []? c2900-universalk9-mz.SPA-152-4.M1.bin
Accessing tftp://2001:DB8:AC10:100::64/c2900-universalk9-mz.SPA.152-4.M1.bin...

Loading c2900-universalk9-mz.SPA.152-4.M1.bin from 2001:DB8:AC10:100::64
(via GigabitEthernet0/0): !!!!!!!!!!!!!!!!!!!!
<output omitted>
[OK - 97794040 bytes]

97794040 bytes copied in 368.128 secs (265652 bytes/sec)

Okay. So that is, in fact, is the syntax, copy tftp flash. Press Enter. We're going to have to put in some parameters, things like what's the IP address of the TFTP server. I've seen people try to put this in the copy command itself and I really would discourage you from trying that. Just let them ask you all those questions in this copy wizard. And if you get the parameters right for the IP address, you're also going to see things like, "Hey, what's the filename?" So I would probably try to copy and paste this if you can, okay, because it's not fun to type this out and don't rename it, right? So your source file name and your destination file name should be the same, you shouldn't be changing those, right? The destination file name is just with the name of it once it is copied into flash. And then you press Enter and you wait a moment. And then you start seeing those exclamation marks and that's such a comforting thing to see those exclamation marks. Walk away, get a beverage, come back, and your operating system transfer may be done. Now, I got it over to flash. Does that mean I'm running it right now? Am I running that operating system the moment it gets copied into flash?

When does our operating system load? Do you remember? It loads during the boot process, it gets decompressed, and then loaded into RAM. Is it in RAM right now? No. Was it decompressed? No. It's just sitting in flash along with other IOS images, possibly in flash. So what does that mean? Well we have to direct our device to boot that image at next reload. How can we do that? We can use the boot system command, we can do that. boot system specify the file. Then make sure we copy our running config to startup config or we could erase all the other IOS images, and what would that result in? Well this one being loaded next time. But is that such a great idea to erase all the other IOS images?

No. Because that's your fallback mechanism, okay. That is your fallback mechanism. And even if you've chosen to permanently boot to this new operating system, you don't even necessarily want to get rid of it because I have seen flash files get corrupted. And hey if that happens then we have something local to the chassis. It's much quicker to repoint to a different file in flash than getting a file in flash, okay. So I don't delete stuff if I can keep them.

So in the case where flash will not support 2 IOS images because there is just not enough room, what should we do in that case? We'll have to delete one before we add the new one in, correct? We really have no choice at that point. Today, flash is usually large enough to support multiple IOS images. But if you are using an older device and flash only has enough room for one IOS image, then you will have to erase before you copy over.

Just a word of note. Now you've got these Compactflash cards on a lot of the chassis, most router chassis have Compactflash card support. Well if you do need to take one out of an already booted device and put it in so you have a working operating system to boot from, that is also a possibility, okay. So just understand it's kind of scary, but you can press the eject button on that Compactflash card, on that router, once it's loaded, because it's running a RAM, and run that over to the other router. Press the power on switch, turn on that router, let it load, put that flash card back in the chassis. So you could do that to get a working operating system loaded. Because it's way easier, it's way easier to work with managing operating systems once the router has loaded the legitimate Cisco IOS. Working inside of the ROMMON mode is a lot harder.