02-18-2008 09:28 AM - edited 03-05-2019 09:13 PM
Everyone,
First, here is the setup:
2 6500's with dual Sup 720's connected together with dual Gigabit etherchannel 802.1Q trunks. Redundancy mode is SSO/NSF and they run in native mode
Each router runs HSRP for the VLANS shared between them. One is active for all the VLANS, the other standby for all the VLANS. Rapid spanning-tree is used to decrease spanning-tree topology change times.
Most hosts connected to theses routers are single-connected to one or the other.
NSF is enable on EIGRP which is the site routing protocol
Distribution-layer switches are dual-connected to both routers
My basic question is what is the best way to upgrade the IOS on the switches to eliminate or minimize loss of network connectivity? On 4500's, I can use ISSU to do 0 downtime updates, but the only reference to ISSU in the 6500's I can find always mentions modular IOS patches. I am not opposed to moving to modular IOS if that is required, but I am unsure if Modular IOS can do a 0 downtime IOS upgrade.
Thanks for any responses
Nathan Spitzer
02-18-2008 09:49 AM
Nathan,
Cat6500 supports partial ISSU on 6500 with modular IOS. Why do you want to upgrade the IOS ?
1. Are you facing some software issues with the present IOS?
2. Is there any new hardware support that you are looking for ?
3. Are you looking for some new features support on the new IOS?
What is the current code that you are running and the one you want to upgrade?
I would suggest you not to upgrade the IOS untill and unless it is a critical business requirement.
The best way for you to upgrade the IOS is to have the standby chassis upgraded first and once it is completely done shift the traffic to this chassis. Upgrade the other chassis afterwards the same way as was done on the other chassis.
HTH,
-amit singh
02-18-2008 10:09 AM
This was a "forward-looking" question but there are 2 new features out that we need. Currently we run 12.2(18)SXF11. The reasons we need to upgrade are:
1) LLDP support. Supporting LLDP greatly simplifies our Nortel VOIP phone system by removing the requirement that the phones get their voice VLAN from a data (native) vlan dhcp server
2) 802.1x MDA, which allows a voip phone and an attached data device to be independently authenticated on a port-by-port bases. Note: This is not released yet on the 6500's, but our sales engineer indicates it will be released late 1'st quarter which means August or later we would upgrade
3) Contractual requirements: We have a contract with a goverment agency which specifies all equipment thier data runs over will be free of known security vulnerabilities, even where our configuration means we are not vulnerable. If a vulnerability is found we have 30 days to update to a fixed version so any day now I could have a fire-drill requiring an update.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide