Solved: Re: USB Flash boot - Page 2

blackladyJR · ‎04-03-2009

Hi, I have 1841, 2800 and 3800 routers and need to do IOS upgrade to all of them. Existing routers do not have enough flash to hold 2 IOS images.

Question: if the router has 12.4.13r ROM IOS, will I be able to boot the ISR router via Cisco brand USB? That means in case something goes wrong while I am uploading new IOS to the router via WAN and something wrong, now router in ROMMON mode. If a local site person has a Cisco USB with an IOS in it, can he just stick it to the router and reboot the router and router will go out of rommon and go into normal mode? After it is working, then I can put the running IOS onto the exisitng CF card so now I can remove the USB and the CF card has a good IOS and reboot the router again.

I am just trying to find a safe way to upgrade the site when they don't have big enough flash to hold 2 IOS at the same time. The local person is not technical so asking him to setup tftp server and put the IOS in the computer and so I can do tftpdnld while in rommon mode to grab the IOS from his tftp will be difficult to have the local person to set it up.

If ISR can boot off of the IOS in USB only, then I assume the requiremetn is the ROM IOS needs to be 12.4.13r. Then what is a safe way to upgrade the ROM IOS to this then? I never upgrade ROM IOS before so don't know what kind of problem I may run into and whether it's higher risk to upgrade this than upgrading the regular ios? If it is, then all my routers won't have this ROM IOS version, so that means I can't use USB to boot then? Will that means I am down to tftp server option? ( I heard xmodem won't work as it will time out before the ios can load via the slow dialup link into the router to rescue it from rommon mode).

thanks.

blackladyJR · ‎04-09-2009

Hi Joe again,

Based on your comment #3 above, so will that mean even copying IOS from pc to USB directly is still bad? (i.e. not just pc to CF). In that case in Plan B Step 2 is bad too then. I know I had tried in the past to format USB from pc directly(FAT16) and then copy IOS from pc to USB. After that I plugged that (non-cisco USB) back to router and router recognize the IOS on it and I can copy it from USB to CF. I didn't need to do tftp from the router to grab the IOS into USB nor CF at that time. But then I think doing your way is better and it's guaranteed by doing tftp.

In Plan B Step 4, is there any chance that we can screw up this rommon upgrade and then now my router is really dead and need hardware replacement? I mean we will do Step 3 to verify and check the md5 to make sure the downloaded IOS is good. But do I still have any risk doing Step 4 when I perform that remotely in the remote office to upgrade their rommon? Is there any minimum IOS or rommon IOS verson requirement in order we can "upgrade" the rommon IOS?

In Plan B Step 5 if somehow it didn't work to boot from USB after upgrading rommon, then what can possibly be wrong or need to do?

For #8 above, I guess I can copy the IOS via the WAN to the old CF if needed, like you said, I only have one slot. But at that time doing it over the WAN is fine because I have the new CF that has been tested and booted from remote router and know it worked, so now copy the new IOS to the old CF (just so this old CF can now ship to next remote office to use) now has no risk even power outage as I have the other CF to swap out when needed.

As for stick with Plan B. The problem is there are many of my 40 routers has 12.1, 12.2 and 12.3 today, so I think there is a minimum IOS prerequisite for router to recognize USB, I think it's something like 12.3.14T. So for those routers that do not have 12.3.14T or above, then I don't have a choice but to go with Plan A since it won't recognize USB. And yes, there is no need to replace CF in any of those sites.

You have been super great and giving me lots of good tips and insight. It has been really helpful. Very appreciate Joe.

Leo Laohoo · ‎04-09-2009

Hi Joyce,

"so will that mean even copying IOS from pc to USB directly is still bad?" < --- Files written by a PC can't be read by Cisco appliance because Cisco is using Unix OS.

However I have read about the FAT32 format but I have yet to try it. If you have tried it and it worked, then go ahead with it. :)

"In Plan B Step 4, is there any chance that we can screw up this rommon upgrade and then now my router is really dead and need hardware replacement?"

If the ROMmon file is invalid, the router will reject the upgrade. This is also one reason why I'm reluctant to try the FAT32-format option because I don't want to have a dead piece of brick in my hands. :)

"But do I still have any risk doing Step 4 when I perform that remotely in the remote office to upgrade their rommon?"

Purely optional. Besides, the file verification process won't take 5 minutes to complete.

"For #8 above, I guess I can copy the IOS via the WAN to the old CF if needed, like you said, I only have one slot."

You may have only one CF slot but the 2800/3800 ISR have 2 USB slots.

"The problem is there are many of my 40 routers has 12.1, 12.2 and 12.3 today" < --- How's that possible??? ISR's don't have 12.1 or maybe 12.2 IOS available.

Leo Laohoo · ‎04-09-2009

Joyce,

Thanks for the rating.

Before I upgraded the IOS (and ROMmon) from my router, I actually "broke" a number of routers, mostly because the IOS were corrupted or I did something wrong. This was easily fixed by moving CF from one router to another and, thanks to Cisco, a ROMmon command called "tftpdnld".

Anyway, back to my scenario, I set up a testlab and I hammered together a step-by-step proceedure of what I should be doing. One of which was "REMOVE the USB before formating the CF. This is to prevent wiping out your USB due to a type-o." (Hey, accidents do happen!)

After a few gos, I was able to get the procedures correctly and made some minor revisions during the early implementation stages and now I can do the same process without looking at my cheat sheet. :)

Have a Happy Easter!

Leo Laohoo · ‎04-09-2009

I've created a small procedure for you. The procedure presumes the following:

a. You have a CF and a USB which is less than 2Gb which contains IOS and ROMmon file for the specific model of router.

b. The router is running on an IOS which does NOT support USB or even USB boot.

Procedure:

1. Remove the old CF and insert the new 2Gb CF.

2. Command: dir flash: < --- Make sure the correct filename is present. You can also OPTIONALLY run the command "verify flash:" just to make sure.

3. Go to enable mode and remove the old boot variables (if necessary).

4. Still in configuration mode, type the command "boot system flash:"

5. Exit and save config.

NOTE: If you want to upgrade the ROMmon, go to Step #6 otherwise, reload/reboot the appliance and proceed to Step #8.

6. Upgrade the ROMmon using the command "upgrade rom-monitor file flash:"

7. The router will auto-reload.

8. When the router comes up, you can perform the necessary checks to your system. You can also verify that you are running the correct IOS.

9. Remove 2Gb CF and replace with old CF.

10. Command: erase flash:

-or -

You can also do "format flash:". Before entering this command, make sure the USB is NOT inserted and the 2Gb CF is NOT in the slot.

11. Insert the USB into slot 0 (aka usbflash0:).

12. Command: sh logs. You want to verify in the logs that the router has seen the USB.

13. Copy the new IOS from the USB to the CF. Command: copy usbflash0: flash:

14. Change the boot variable in configuration mode.

Commands:no boot system usbflash0:

Commands:boot system flash:

15. Exit and save config.

16. Remove USB and 2Gb CF and send back to you.

17. You can also OPTIONALLY run the command "verify flash:" just to make sure.

Let us know how it goes.

blackladyJR · ‎04-10-2009

Thanks Leo. This procedure clearly is the best with an USB and CF shipped to the site to use. At the end the USB and swapped out CF can ship to the next site to repeat the procedure. I just hope I will have a big enough (256M) USB so it can hold 3 new IOS for 1841, 2801, 2811/21/51 (64M each for 12.4.15T8 that I plan to put in). And another 256M USB to hold 3825/3845 12.4.15T8.

So two master copy USB with all my possible versions I need for these 7 types of ISR in my client's network.

I will test out the procedure including the procedure to prep the USB and CF as well in lab routers.

Customer probably don't have many CF to ship out or take too long to wait for one site finish to ship the CF to next site for 40 sites worldwide.

Since they have half a dozen Cisco USB, most likely they will just ship all the USB to multiple sites at the same time.

Without CF , just with USB (for those sites that can recognize USB), it probably will be okay but will need to upgrade rommon first so to enable the USB boot feature before copying the new IOS from USB to CF to avoid the risk of something goes wrong during the transfer. As if that do happen, the router is fine since it can just boot off from USB without CF at that point so we have no risk. So I guess the only risk is upgrade rommon. You've mentioned the router rommon won't upgrade if the rommon IOS is corrupted? So you mean the router won't do anything if the new rommon ios is not good?

What about if the rommon ios is good and while the few mins that it is upgrading, then power outage at the exact moment, will the router has half the rommon ios and now "dead" really? I mean i know I cannot equate "upgrading rommon ios" with "transferring regular ios to CF".

I mean if we have a blank CF and we transfer IOS to CF, it has a window of few mins to transfer. And so if power outage during those few mins, now CF has not received the entire IOS or if the IOS is corrupted. So after reboot or boot up from power outage, router will be in rommon mode and at that point we need "tftpdnld" to rescue the router.

What about "upgrade rommon ios" scenario? Now that we have the new rommon ios in CF let's say. Now we issue "upgrade rom-monitor file ", now I assume this will take a min or two for it to complete. So during this minute, if there is a power outage, will the router be dead, i mean real dead, corrupted eeprom? hardware replacement? Or will the router won't have any problem and just back to existing rommon ios as if nothing has happened? I am trying to see what risk do I have to upgrade rommon IOS. I dont' really want to simulate the power outage in my lab router as if it will really go real dead, then I will be in trouble to replace the lab router.

thanks again,

Joyce

Leo Laohoo · ‎04-10-2009

"You've mentioned the router rommon won't upgrade if the rommon IOS is corrupted?" < --- If you try to load the wrong ROMmon file, the router will reject it after the reboot.

"So after reboot or boot up from power outage, router will be in rommon mode and at that point we need "tftpdnld" to rescue the router." <--- That's why you have the USB, remember? :)

"I assume this will take a min or two for it to complete." < --- It would take around 10 seconds for the ROMmon file to be loaded and the "upgrade" will start after the router does a complete reload. I have never experienced a power outage in the midst of a ROMmon outage. But I would presume that in the span of 10 seconds, anything can go wrong. And if the ROMmon image wasn't loaded properly the router will just load the old image it got.

Happy Easter.

blackladyJR · ‎04-11-2009

Happy Easter to you too Leo.

So it sounds like there is no "risk" to upgrade rommon ios then as if we load something bad, the router will reject and the old image is not "replaced" so it can still boot from old image. So in that case, I will upgrade rommon ios then.

You mean if i am in rommon mode with bad IOS or power outage during ios transfer, I don't need local user to setup tftp server in his pc and plug to router for me to do "set" with ip address, DG, tftp server ip address, file? I can use different command (while in rommon mode) to download the IOS from USB into router? If so what command? That means we don't need to rely on IOS being 12.3.14T or above to "recognize" USB at all while in rommon mode? so while in rommon mode, what is the minimum requiremdent for it to recognize USB?

I will be getting a cisco usb coming thursday so I can test everything out with lab router on friday before deployment to client's network.

thanks,

Joyce

Leo Laohoo · ‎04-12-2009

"You mean if i am in rommon mode with bad IOS or power outage during ios transfer, I don't need local user to setup tftp server in his pc and plug to router for me to do "set" with ip address, DG, tftp server ip address, file? " < --- If during the IOS file transfer from USB to the old CF fails, then eject the OLD CF and insert the 2Gb CF and boot from this.

"If so what command?" < --- copy usbflash0: flash:

"so while in rommon mode, what is the minimum requiremdent for it to recognize USB?" < --- Minimum IOS (not ROMmon) is 12.4(4). ROMmon IOS v12.4(13r)T is described as "adds boot from USB flash drive capability".

blackladyJR · ‎04-13-2009

For the second question above, so IOS will need to be 12.4.4 in order to recognize USB while router in rommon mode, is that correct? I mean if I have bad main IOS, router reboot, now i am in rommon mode. That means i don't have any main IOS anymore in this router. So how does 12.4.4 matter to the router then if router now is in rommon mode with no main IOS? So that's makes me wonder what is the requirement at that time for router to recognize USB? In this situation, will it be rommon IOS needs to be certain level to recognize USB (not boot, just recognize)?

Back to my first question above, if I don't have new CF, just USB at remote site with old CF let's say and power outage during transfer so now old CF has bad/no IOS on it, router reboot and in rommon mode. Assume router do not have 12.4.3rT rommon ios either so router cannot boot from USB. In this situation, (based on the answer of the second question of minimum requirement for router to recognize usb during rommon mode), then 2 scenarios:

1. Router recognize usb during rommon mode: what is the command to now copy new ios from USB to old CF while in rommon mode? I don't see "copy" command available in rommon mode. What command to use?

2. Router do not recognize usb during rommon mode: then i guess set up tftp server at remote user pc is the only choice to rescue at that time, do you agree?

thanks again,

Joyce

Leo Laohoo · ‎04-13-2009

"For the second question above, so IOS will need to be 12.4.4 in order to recognize USB while router in rommon mode, is that correct? " < --- IOS 12.4(4), I believe, is the IOS where USB support started. This is where you can start getting the command "dir usbflash0:" and stuff. Not in ROMmon.

"I mean if I have bad main IOS, router reboot, now i am in rommon mode. That means i don't have any main IOS anymore in this router. " < --- That's why you have a USB or a CF. If the OLD CF has a corrupted IOS, then insert the 2-Gb CF and boot from it. Remember that the USB and 2-Gb CF is there for a reason other than to transfer files.

ROMmon and IOS are two separate OS. I can't explain it but ROMmon has it's own firmware and IOS is another. Just because the IOS recognize USB does not mean that ROMmon will too. It's not reciprocal.

1. If the router does not have ROMmon 12.4.3rT, then in ROMmon mode, the router will not be able to detect that you have a USB.

2. Correct. "tftpdnld" is your ownly way out. And this requires someone to be type in the command.

I avoided this scenario by shipping both a CF with all the IOS/ROMmon in it and a USB with all the IOS/ROMmon in it. Never had I once asked someone to plug his/her laptop to the console port.

Leo Laohoo · ‎04-21-2009

Hi Joyce,

Did it work?

blackladyJR · ‎04-22-2009

Hi Leo,

I ordered a Cisco USB online and I end receiving a 3rd party USB and didn't work. It's a 128M and they said they have tested it in their lab and worked. But I tried it on a 2811 and didn't work for me. When I pull out the CF card and just plug the USB with the same IOS that I copied from the CF to USB. The router recognize the USB and can copy file back and forth but when I reboot, it goes to rommon mode and the "light" is off on USB.

here is the lab router details below, do you know I still need to upgrade the rommon ios and try again?

sat-ce-r21-2811>sh ver

Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(21), RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Compiled Thu 10-Jul-08 02:21 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

sat-ce-r21-2811 uptime is 22 hours, 18 minutes

System returned to ROM by power-on

System image file is "flash:c2800nm-adventerprisek9-mz.124-21.bin"

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

Cisco 2811 (revision 53.51) with 772096K/14336K bytes of memory.

Processor board ID

6 FastEthernet interfaces

2 Serial(sync/async) interfaces

1 Virtual Private Network (VPN) Module

DRAM configuration is 64 bits wide with parity enabled.

239K bytes of non-volatile configuration memory.

255488K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102

thanks,

Joyce

Leo Laohoo · ‎04-22-2009

Hi Joyce,

You're running the correct ROMmon v12.4(13r)T for USB support. The router, on bootup. is looking at the CF for the IOS. Can you try changing the boot statement and point it to the USB? Take note that "boot system usbflash0:", particularly the "usbflash0:" bit is, ahem, hidden.

Hope this helps.

blackladyJR · ‎04-22-2009

Hi Leo,

Yes i have added the boot system as the first choice to use usbflash0: with boot system flash as the second line. And i plug in USB with CF in it. and I put a different IOS in the USB. so that when I reboot, I hope I will see the show version to show the new IOS being running but to my disappointment, it shows the CF version of IOS running. So that prompt me to just remove the CF and see, then I am in rommon mode.

So i guess it's just a non-compliance USB. they already sent me a 2nd one, and they said they have tested the 2nd one and they said it worked. I just don't know why it didn't work for me. Well, I guess I need to pay the big buck to buy the cisco genuine USB then.

Leo Laohoo · ‎04-22-2009

Hi Joyce,

Before you put files into the USB, did you format the USB (from the router)?

If the USB is inserted, what do you see when you do a "dir usbflash0:"?

When you insert the USB, do you see anything in the router's logs confirming that a USB has been inserted?