IOS Upgrade, General Consensus

Unanswered Question
Apr 9th, 2008

I was just wondering about IOS upgrades in general.

What are most peoples thoughts on this.

Security people are saying routers should be upgraded the the latest image available.

I have two core 6509 switches that have a new IOS to upgrade to but Cisco has told me more than once that if there is no specific reason to upgrade, you should not.

What do most people do?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
wbenton-0 Wed, 05/07/2008 - 01:23

My reply is a bit late, but it seems that nobody else has replied yet.

Unless there is a pending security issue on your network which requires that upgrade to prevent a possible threat, or unless there is a special new feature or bug fix which causes you an impending problem that requires fixing, then there is no need to upgrade just because a later version is available.

The above reasons would be a few of the "specific reasons" which Cisco mentioned.

Walt

stephenshaw Wed, 05/07/2008 - 04:51

Hi, I agree with Walt assessment. Many security concerns are for features that you may not be using, so why upgrade?

Steve

Richard Burts Wed, 05/07/2008 - 07:27

Richard

While I acknowledge the validity of the position suggested by Walt and Steve, I believe that there is another aspect to be considered in making the decision about whether to upgrade. In addition to new features (and bug fixes) newer releases frequently include enhancements to performance. This is particularly true of newer releases of the same version in main line code (new features get introduced in the T trains, etc). So upgradeing versions may get you better performance.

It may also be something to consider that keeping a router on the same version of code for a long time may complicate efforts to get support and to troubleshoot if some problem does come up.

So I would advocate a balanced approach to the decision about upgrading code.

HTH

Rick

wbenton-0 Wed, 05/07/2008 - 15:50

Likewise, with new features and new tweaking to get better performance, sometimes, those "NEW" things bring with them new bugs.

That said, most network system managers prefer stability. Upgrading means bringing at least part of the network down to upgrade and uptime is the major stability measure.

Thus even though a new upgrade is available, just like with any new or upgraded software, firmware or hardware, it's a good idea to have it field tested by those who can afford the possible downtime first.

Then, once the new upgrade has proven to be stable in the field, then upgrade.

Sure performance issues are a concern for many, but for most, stability is usually rated/ranked more important.

So if the performance increase is only a minor one, then it may not be worthwhile for some large networks. Major performance increases on networks where the slowdowns have affected stability, then an upgrade would be well worth while.

But if you have 600 to over 2000 systems to upgrade, then the cost of manpower and downtime calculated could run into weeks or months before all systems are upgraded. Thus that cost must be calculated into whether it's worth the increase in performance or not.

Most systems which are really bogged down in performance are just plain overloaded to begin with and thus adding an additional device or two to breakup the congested networks or getting a more powerful device is often the better way to go as even with a performance increase, overloaded means overloaded... regardless of the performance increase.

For those without the capital to lay down for a better infrastructure, then upgrading may be the 2nd best thing, but stability is usually the first concern for many!

Walt

Actions

This Discussion