traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Netgrimoire/Periphery/Work/Cisco/ESS_3300_Upgrade.md
Administrator affb3c468d docs: create Periphery/Work/Cisco/ESS_3300_Upgrade
2026-04-27 15:18:38 +00:00

260 lines
No EOL
7.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: IOS-XE Upgrade Guide
description: ESS-3300 Upgrade
published: true
date: 2026-04-23T13:29:31.037Z
tags:
editor: markdown
dateCreated: 2026-04-23T13:29:31.037Z
---
# Cisco ESS3300 — IOS XE Software Upgrade Guide
---
## Platform Overview
The Cisco Embedded Services 3300 (ESS3300) is a ruggedized, embedded-form-factor switch running **Cisco IOS XE**. Software images are stored on the system board flash device (`flash:`). The ESS3300 supports two boot modes:
- **Install Mode** *(recommended)* — software is expanded into discrete package files; supports rollback
- **Bundle Mode** — the switch boots directly from a monolithic `.bin` file
> **Note:** All procedures in this guide use Install Mode. Cisco recommends Install Mode for all IOS XE upgrades. Verify your current boot mode before proceeding.
---
## 1. Pre-Upgrade Checks
### Verify Current Software Version and Boot Mode
```
show version
show boot
```
Confirm the `BOOT variable` points to `flash:packages.conf` (Install Mode). If it shows a `.bin` file, you are in Bundle Mode — see the Bundle Mode section at the end of this document before proceeding.
### Check Switch Health
```
show module
show environment all
show logging last 100
```
Resolve any hardware faults, fan alarms, or recurring log errors before proceeding.
### Verify Flash Space
IOS XE images typically require **11.5 GB** of free flash space. Check available space and clean up inactive packages if necessary:
```
dir flash:
install remove inactive
```
Confirm the space is sufficient before copying the new image.
### Backup the Running Configuration
```
copy running-config startup-config
copy running-config flash:backup-config.txt
```
---
## 2. Obtain the IOS XE Image
1. Navigate to [https://software.cisco.com](https://software.cisco.com) and log in. A valid Cisco service contract is required.
2. Go to **Downloads → Switches → Industrial Ethernet Switches → Embedded Services 3300 Series**.
3. Select the target IOS XE release. Download the appropriate `.bin` image for the ESS3300 platform.
4. Record the **MD5 checksum** from the download page for later verification.
> **Upgrade Path:** Verify that your current release and target release form a supported direct upgrade path. Some versions require an intermediate "stepping stone" release. Refer to the release notes for the target version before proceeding.
---
## 3. Transfer the Image to the Switch
### Option A — SCP from Windows PC (OpenSSH)
Verify the OpenSSH Server service is running on your PC:
```
net start sshd
```
From the switch CLI, pull the image from the Windows PC:
```
copy scp://YourUsername@<PC-IP>/C:/path/to/<image>.bin flash: vrf management
```
> **Tip:** Place the image in a short path with no spaces, such as `C:\ios\`, to avoid syntax issues.
#### Accelerating SCP Transfers (IOS XE 17.2(1) and later)
By default, SCP transfers on IOS XE are processed through the user-space management stack, which is subject to control-plane rate limiting and can result in severely throttled throughput on large image files. Enabling SSH bulk mode moves the transfer into the kernel network stack, bypassing this restriction:
```
configure terminal
ip ssh bulk-mode
end
```
This can be left enabled permanently. Transfers typically run 45x faster than the default. To disable after the upgrade:
```
configure terminal
no ip ssh bulk-mode
end
```
### Option B — TFTP
From the switch CLI:
```
copy tftp://<TFTP-Server-IP>/<image>.bin flash: vrf management
```
### Option C — USB Drive
Format the USB drive as FAT32 and copy the image to the root of the drive. Insert the drive into the switch USB port, then from the CLI:
```
copy usbflash0:<image>.bin flash:
```
---
## 4. Verify the Image Integrity
Confirm the image copied successfully:
```
dir flash:
```
Verify the MD5 checksum matches the value from the Cisco download page:
```
verify /md5 flash:<image>.bin
```
Do not proceed if the checksum does not match — re-transfer the image.
---
## 5. Set the Boot Variable (Install Mode)
Ensure the boot variable is correctly set to `packages.conf` before installing:
```
configure terminal
no boot system
boot system flash:packages.conf
end
write memory
```
Verify:
```
show boot
```
The `BOOT variable` line should read `flash:packages.conf`.
---
## 6. Install and Activate the New Image
Run the install command to stage, activate, and commit the new image in a single operation. The switch will reload automatically when prompted — respond `y` to confirm:
```
install add file flash:<image>.bin activate commit
```
The process will:
1. Expand the `.bin` into package files on flash
2. Activate the new packages
3. Prompt for a reload
4. Commit the new version as the running baseline on first boot
> **Important:** Do not interrupt the process or remove power during installation or reload.
---
## 7. Post-Upgrade Verification
After the switch reloads, verify the upgrade was successful:
```
show version
show boot
show module
show environment all
show interface status
```
Confirm that:
- The IOS XE version matches the target release
- `BOOT variable` still shows `flash:packages.conf`
- All modules and interfaces are in the expected state
- No new errors appear in the system log (`show logging last 50`)
---
## 8. Clean Up Old Installation Files
Once the upgrade is confirmed stable, remove inactive packages to reclaim flash space:
```
install remove inactive
```
Confirm when prompted.
---
## Bundle Mode Upgrade (Alternative)
If the switch is running in Bundle Mode (boots from a `.bin` file), use the following procedure instead of the Install Mode steps above:
```
configure terminal
no boot system
boot system flash:<new-image>.bin
end
write memory
reload
```
After reloading, verify with `show version`. Note that Bundle Mode does not support rollback. Cisco recommends converting to Install Mode going forward.
---
## Emergency Recovery
If the switch is stuck at the `switch:` ROMMON prompt or is in a boot loop, use the emergency recovery procedure:
1. Connect a terminal to the console port (RJ-45 or USB-mini, 9600 baud / 8N1).
2. Connect port **Gi1/3** to a PC running a TFTP server with a valid IOS XE image at the TFTP root.
3. If in a boot loop, hold the front-panel button for approximately 5 seconds to break the cycle and stop at the `switch:` prompt.
4. From the `switch:` prompt, boot the emergency install image:
```
switch: boot emgy0:<image>.SPA.bin
```
---
## Key Reminders
- Schedule upgrades during a **maintenance window**. The ESS3300 has no redundant supervisor — traffic will be interrupted during the reload.
- In a stacked or redundant deployment, upgrade the secondary/standby unit first, then the primary.
- The boot loader (ROMMON) may be automatically upgraded on the first boot of a new IOS XE release. This is expected behavior and does not indicate a failure.
- Smart Licensing requires registration after upgrading to a release that introduces Smart Licensing Using Policy (SLUP). Existing licenses remain in evaluation mode until registered.
- Starting with IOS XE 17.10, certain legacy SSH key exchange and MAC algorithms were removed from the default list. Review the target release notes if SSH access is affected post-upgrade.
Reference in a new issue View git blame Copy permalink