In the previous post regarding the Ruckus ICX Switches, I detailed the configuration and some best practices to allow further configuration/management of a Ruckus ICX switch via SSH. This post will cover the next important step in setting up your ICX switching environment: Upgrading the firmware.
Before starting with any configurations, it is a good idea to make sure you know which firmware your switch has loaded on it and what licenses you currently have. From the command prompt of your switch:
ICX7150-C12 Switch>show version Copyright (c) 1996-2017 Brocade Communications Systems, Inc. All rights reserved. UNIT 1: compiled on Feb 17 2017 at 16:03:13 labeled as SPS08060 (23946048 bytes) from Primary SPS08060.bin SW: Version 08.0.60T211 Compressed Boot-Monitor Image size = ######, Version:10.1.09T225 (######) Compiled on Sat Feb 18 00:15:43 2017 HW: Stackable ICX7150-C12-POE ========================================================================== UNIT 1: SL 1: ICX7150-C12-2X10GR POE 12-port Management Module Serial #:########### Current License: 2X10GR P-ASIC 0: type B160, rev 11 Chip BCM56160_B0 ========================================================================== UNIT 1: SL 2: ICX7150-2X1GC 2-port 2G Module ========================================================================== UNIT 1: SL 3: ICX7150-2X10GF 2-port 20G Module ========================================================================== 1000 MHz ARM processor ARMv7 88 MHz bus 8192 KB boot flash memory 2048 MB code flash memory 1024 MB DRAM STACKID 1 system uptime is 1 day(s) 3 hour(s) 14 minute(s) 25 second(s) The system started at 00:01:37 GMT+00 Sat Jan 01 2000 The system : started=cold start ICX7150-C12 Switch>
Layer 2 vs Layer 3 Firmware
Ruckus ICX switches can ship with two different software images, a Layer 2 “switch” firmware version and a Layer 3 capable “router” firmware version. You can choose which image to load onto the device depending on your needs. You should be able to load either firmware type onto the 7150 switch. The switch in my example is currently running the Layer 2 firmware, version 08.0.60. You will see the firmware version that is currently loaded on the switch, in the output of the show version command. I have highlighted it in red on the second and third lines, it should read SPS08060.bin for the layer 2 firmware or SPR08060.bin for the layer 3 firmware.
You can also verify the code version installed on the switch by running the show flash command:
ICX7150-C12 Switch> show flash Stack unit 1: Compressed Pri Code size = 23946048, Version:08.0.60T211 (SPS08060.bin) Compressed Sec Code size = 23946048, Version:08.0.60T211 (SPS08060.bin) Compressed Boot-Monitor Image size = 786944, Version:10.1.09T225 Code Flash Free Space = 1307029504 ICX7150-C12 Switch>
Some ICX switch features are controlled by licenses, the best thing to do here is consult the software licensing guide for the specific firmware release and switch model you intend to use. At the present moment, you will typically require a software license for Dynamic Routing Protocols, Multicast, MacSec, and a “Ports on Demand” license for enabling 10Gb/s functionality on the interfaces of some switch models. Useful commands for checking up on the installed licenses include:
- show version – example above.
- show pod – shows the status of the Ports on Demand license.
- show license – shows the current licenses on the device. This is a standard command in the command line reference guide, but seems to be missing from my 7150 running version 08.0.60. So I used the show version command to view the license information instead.
Speaking specifically about the ICX7150-C12P, there are only two license levels available, 2x1G and 2x10GR. You will see that the current license loaded onto my 7150 is the 2x10GR license. This allows me to use the 10Gb/s SFP+ ports for uplinks and/or stacking and it also allows me to use the more advanced layer 3 features of the switch.
Choosing the Right Firmware Release
Layer 2 or Layer 3?
The first decision you need to make is whether you are going to use the Layer 2 or Layer 3 firmware version. I guess everyone will have their own arguments for placing a certain version of code on the switch. Whatever your reasoning, be aware that using the Layer 3 firmware will typically mean that some limitations may be introduced to the switch to accommodate additional functionality and features. For example, in the Ruckus ICX7750 core switch, running the Layer 3 firmware reduces the maximum amount of MAC addresses stored in the CAM table from 96,000 to 32,000. Make sure you read the switch Data Sheet and check that using the Layer 3 firmware doesn’t somehow invalidate your design.
Now that you have cogitated over your network design and which firmware goes where and why, you need to choose a specific release.
Ruckus ICX Release Numbering Scheme
Quickly here, Ruckus ICX switching firmware releases that end with a “0” are feature releases. For example version 08.0.60 is a feature release with major feature additions. Version 08.0.61 by comparison, is a maintenance release, and may contain some minor feature additions and enhancements along with a large number of bug fixes (>100). Finally, if your firmware release has a letter appended to the end, like 08.0.30n that designates it as a patch release, containing no feature enhancements and a small number of bug fixes (<50).
Target Path Releases
If stability/reliability is a critical factor in your network design, head on over to the Ruckus support site and read the Target Path Selection Guide which will give you guidance on selecting a stable firmware version for your switches. Target Path releases are are specifically designed for stability and reliability and are extensively tested in a sufficiently large number of deployments over a period of time to ensure that there are no known critical issues or defects. In my view, the Target Path Release should really be the oldest version of code you run on your system, unless your hardware is too old to support it.
If the target path release does not contain the necessary features you require, then you will need to start reading the release notes of later releases to see when the feature you require was implemented. I would advise using the minimum release (above the target path release) that supports your feature, with the highest maintenance and patch level. That strategy should more often than not, give you the features you need with the best possible stability. Make sure to read the release notes and known issues. It’s a pain, but worth it in the long run!
Upgrading in Anger
Now that we have done all our homework, let’s actually upgrade the switch! I am using the Ruckus ICX7150-C12P and currently the best firmware for my needs is the 08.0.61 maintenance release. Upgrading an ICX switch follows the process below:
- Download the firmware you require from the Ruckus Support Site.
- Erase the primary and secondary flash images on the switch
- Copy the new boot code to the switch
- Copy the new flash code to the switch
- Verify the flash code version
- Reboot the device
Upgrade via TFTP
Upgrade via SCP
I have dowloaded the zip file containing all the switch firmware images and unzipped it into the Downloads directory on my MacBook Air. I am going to install the Layer 3 firmware on the switch. Let’s get started:
Erase Flash Images:
SSH@RobLab_7150_C12P_1#erase flash primary Erase flash Done. SSH@RobLab_7150_C12P_1#erase flash secondary Erase flash Done. SSH@RobLab_7150_C12P_1#
Copy Boot Code
MacBook-Air:~ user$ cd Downloads/08061/ICX7150/Boot MacBook-Air:Boot user$ ls mnz10110.bin MacBook-Air:Boot user$ scp mnz10110.bin <user>@172.31.0.1:flash:bootrom Password: mnz10110.bin 100% 769KB 95.6KB/s 00:08 Connection to 172.31.0.1 closed by remote host. MacBook-Air:Boot user$
Copy Flash Code
MacBook-Air:~ user$ cd Downloads/08061/ICX7150/Images MacBook-Air:Images user$ ls SPR08061.bin SPS08061.bin MacBook-Air:Images user$ scp SPR08061.bin <user>@172.31.0.1:flash:primary Password: SPR08061.bin 100% 27MB 484.1KB/s 00:57 Connection to 172.31.0.1 closed by remote host. MacBook-Air:Images user$ scp SPR08061.bin firstname.lastname@example.org:flash:secondary Password: SPR08061.bin 100% 27MB 484.3KB/s 00:57 Connection to 172.31.0.1 closed by remote host. MacBook-Air:Images user$
Verify the Flash Code
SSH@RobLab_7150_C12P_1#show flash Stack unit 1: Compressed Pri Code size = 28313480, Version:08.0.61T213 (primary) Compressed Sec Code size = 28313480, Version:08.0.61T213 (secondary) Compressed Boot-Monitor Image size = 786432, Version:10.1.10T225 Code Flash Free Space = 1307041792 SSH@RobLab_7150_C12P_1#
Reboot the Switch
SSH@RobLab_7150_C12P_1#reload Are you sure? (enter 'y' or 'n'): Connection to 172.31.0.1 closed by remote host. Connection to 172.31.0.1 closed
Post Upgrade Check
What happened to SSH?
If you like me, loaded the Layer 3 firmware onto the switch, you will notice that you can no longer SSH to the device. Remember that IP addresses will be assigned per interface on Layer 3 devices. Loading the Layer 3 firmware wipes out the global IP address settings held by the Layer 2 device. We will fix that later!
Thats all for now!