From affb3c468dd09f2674389668928c2a64781e72e1 Mon Sep 17 00:00:00 2001 From: Administrator Date: Thu, 23 Apr 2026 13:29:42 +0000 Subject: [PATCH] docs: create Periphery/Work/Cisco/ESS_3300_Upgrade --- Periphery/Work/Cisco/ESS_3300_Upgrade.md | 260 +++++++++++++++++++++++ 1 file changed, 260 insertions(+) create mode 100644 Periphery/Work/Cisco/ESS_3300_Upgrade.md diff --git a/Periphery/Work/Cisco/ESS_3300_Upgrade.md b/Periphery/Work/Cisco/ESS_3300_Upgrade.md new file mode 100644 index 0000000..e8ebdc6 --- /dev/null +++ b/Periphery/Work/Cisco/ESS_3300_Upgrade.md @@ -0,0 +1,260 @@ +--- +title: IOS-XE Upgrade Guide +description: ESS-3300 Upgrade +published: true +date: 2026-04-23T13:29:31.037Z +tags: +editor: markdown +dateCreated: 2026-04-23T13:29:31.037Z +--- + +# Cisco ESS3300 — IOS XE Software Upgrade Guide + +--- + +## Platform Overview + +The Cisco Embedded Services 3300 (ESS3300) is a ruggedized, embedded-form-factor switch running **Cisco IOS XE**. Software images are stored on the system board flash device (`flash:`). The ESS3300 supports two boot modes: + +- **Install Mode** *(recommended)* — software is expanded into discrete package files; supports rollback +- **Bundle Mode** — the switch boots directly from a monolithic `.bin` file + +> **Note:** All procedures in this guide use Install Mode. Cisco recommends Install Mode for all IOS XE upgrades. Verify your current boot mode before proceeding. + +--- + +## 1. Pre-Upgrade Checks + +### Verify Current Software Version and Boot Mode + +``` +show version +show boot +``` + +Confirm the `BOOT variable` points to `flash:packages.conf` (Install Mode). If it shows a `.bin` file, you are in Bundle Mode — see the Bundle Mode section at the end of this document before proceeding. + +### Check Switch Health + +``` +show module +show environment all +show logging last 100 +``` + +Resolve any hardware faults, fan alarms, or recurring log errors before proceeding. + +### Verify Flash Space + +IOS XE images typically require **1–1.5 GB** of free flash space. Check available space and clean up inactive packages if necessary: + +``` +dir flash: +install remove inactive +``` + +Confirm the space is sufficient before copying the new image. + +### Backup the Running Configuration + +``` +copy running-config startup-config +copy running-config flash:backup-config.txt +``` + +--- + +## 2. Obtain the IOS XE Image + +1. Navigate to [https://software.cisco.com](https://software.cisco.com) and log in. A valid Cisco service contract is required. +2. Go to **Downloads → Switches → Industrial Ethernet Switches → Embedded Services 3300 Series**. +3. Select the target IOS XE release. Download the appropriate `.bin` image for the ESS3300 platform. +4. Record the **MD5 checksum** from the download page for later verification. + +> **Upgrade Path:** Verify that your current release and target release form a supported direct upgrade path. Some versions require an intermediate "stepping stone" release. Refer to the release notes for the target version before proceeding. + +--- + +## 3. Transfer the Image to the Switch + +### Option A — SCP from Windows PC (OpenSSH) + +Verify the OpenSSH Server service is running on your PC: + +``` +net start sshd +``` + +From the switch CLI, pull the image from the Windows PC: + +``` +copy scp://YourUsername@/C:/path/to/.bin flash: vrf management +``` + +> **Tip:** Place the image in a short path with no spaces, such as `C:\ios\`, to avoid syntax issues. + +#### Accelerating SCP Transfers (IOS XE 17.2(1) and later) + +By default, SCP transfers on IOS XE are processed through the user-space management stack, which is subject to control-plane rate limiting and can result in severely throttled throughput on large image files. Enabling SSH bulk mode moves the transfer into the kernel network stack, bypassing this restriction: + +``` +configure terminal + ip ssh bulk-mode +end +``` + +This can be left enabled permanently. Transfers typically run 4–5x faster than the default. To disable after the upgrade: + +``` +configure terminal + no ip ssh bulk-mode +end +``` + +### Option B — TFTP + +From the switch CLI: + +``` +copy tftp:///.bin flash: vrf management +``` + +### Option C — USB Drive + +Format the USB drive as FAT32 and copy the image to the root of the drive. Insert the drive into the switch USB port, then from the CLI: + +``` +copy usbflash0:.bin flash: +``` + +--- + +## 4. Verify the Image Integrity + +Confirm the image copied successfully: + +``` +dir flash: +``` + +Verify the MD5 checksum matches the value from the Cisco download page: + +``` +verify /md5 flash:.bin +``` + +Do not proceed if the checksum does not match — re-transfer the image. + +--- + +## 5. Set the Boot Variable (Install Mode) + +Ensure the boot variable is correctly set to `packages.conf` before installing: + +``` +configure terminal + no boot system + boot system flash:packages.conf +end +write memory +``` + +Verify: + +``` +show boot +``` + +The `BOOT variable` line should read `flash:packages.conf`. + +--- + +## 6. Install and Activate the New Image + +Run the install command to stage, activate, and commit the new image in a single operation. The switch will reload automatically when prompted — respond `y` to confirm: + +``` +install add file flash:.bin activate commit +``` + +The process will: +1. Expand the `.bin` into package files on flash +2. Activate the new packages +3. Prompt for a reload +4. Commit the new version as the running baseline on first boot + +> **Important:** Do not interrupt the process or remove power during installation or reload. + +--- + +## 7. Post-Upgrade Verification + +After the switch reloads, verify the upgrade was successful: + +``` +show version +show boot +show module +show environment all +show interface status +``` + +Confirm that: +- The IOS XE version matches the target release +- `BOOT variable` still shows `flash:packages.conf` +- All modules and interfaces are in the expected state +- No new errors appear in the system log (`show logging last 50`) + +--- + +## 8. Clean Up Old Installation Files + +Once the upgrade is confirmed stable, remove inactive packages to reclaim flash space: + +``` +install remove inactive +``` + +Confirm when prompted. + +--- + +## Bundle Mode Upgrade (Alternative) + +If the switch is running in Bundle Mode (boots from a `.bin` file), use the following procedure instead of the Install Mode steps above: + +``` +configure terminal + no boot system + boot system flash:.bin +end +write memory +reload +``` + +After reloading, verify with `show version`. Note that Bundle Mode does not support rollback. Cisco recommends converting to Install Mode going forward. + +--- + +## Emergency Recovery + +If the switch is stuck at the `switch:` ROMMON prompt or is in a boot loop, use the emergency recovery procedure: + +1. Connect a terminal to the console port (RJ-45 or USB-mini, 9600 baud / 8N1). +2. Connect port **Gi1/3** to a PC running a TFTP server with a valid IOS XE image at the TFTP root. +3. If in a boot loop, hold the front-panel button for approximately 5 seconds to break the cycle and stop at the `switch:` prompt. +4. From the `switch:` prompt, boot the emergency install image: + +``` +switch: boot emgy0:.SPA.bin +``` + +--- + +## Key Reminders + +- Schedule upgrades during a **maintenance window**. The ESS3300 has no redundant supervisor — traffic will be interrupted during the reload. +- In a stacked or redundant deployment, upgrade the secondary/standby unit first, then the primary. +- The boot loader (ROMMON) may be automatically upgraded on the first boot of a new IOS XE release. This is expected behavior and does not indicate a failure. +- Smart Licensing requires registration after upgrading to a release that introduces Smart Licensing Using Policy (SLUP). Existing licenses remain in evaluation mode until registered. +- Starting with IOS XE 17.10, certain legacy SSH key exchange and MAC algorithms were removed from the default list. Review the target release notes if SSH access is affected post-upgrade. \ No newline at end of file