While we are sad to see some of the Cisco Small Business 300 series switches go End-of-Sale, we welcome the 350/550X series with open arms.
Cisco has expanded their offering of Small Business Switches to the SG350 or SG550X models. Strangely, some 300 series models have been given end-of-sale and end-of-support dates (see the official model list here) while others have not. So, while the decision to discontinue some- while not other 300’s is weird, we’re happy to see the SG350 and SG550X get some subtle updates like an actual RJ45 console port just like it’s Catalyst brothers. Any way you slice it, Cisco now gives more bang for your buck in these small / branch office inexpensive switch models.
While configuration examples are plenty on the official Cisco support page for these switches, there was only instructions for upgrading firmware via the GUI which is nice, but many of us are so used to managing everything via SSH this guide will walk you through it.
What happened to the firmware format?
You may notice that the firmware version (numbers, etc) are different from 300 series. We won’t get into the details about that here, but just know you can’t load 300 series switch firmware on 350’s or 550X’s
Some assumptions before we start:
- Have SSH or Console access configured to connect to the switch via the command line.
- Have a TFTP server configured on the same network as your switch so you can copy the firmware image.
- When writing a new firmware to a switch there is a chance that the process can wipe the configuration, so you will want to make a backup first or just be prepared to set it up from scratch again once the upgrade(s) are complete. Do remote upgrades with caution!
- We will use a SG350-10 for this guide, but the process is similar for all SG350 or SG550X systems.
Step 1: Check your current firmware version.
For this example we are going to upgrade to 2.4.5.71. The current version loaded on the switch is at 2.3.5.63, you can check this using the show version command.
Switch#show versionActive-image: flash://system/images/image1.bin Version: 2.3.5.63 MD5 Digest: 5881484e04bcdcc17c32872445e3ab8d Date: 20-Aug-2017 Time: 19:04:55Inactive-image: flash://system/images/_image1.bin Version: 2.3.5.63 MD5 Digest: 5881484e04bcdcc17c32872445e3ab8d Date: 20-Aug-2017 Time: 19:04:55Step 2: Backup the existing configuration just in case something goes sideways, we can restore the configuration if necessary.
Switch#copy run tftp://192.168.0.100/Switch04-Nov-2018 08:33:41 %COPY-I-FILECPY: Files Copy - source URL running-config destination URL tftp://192.168.0.100/Switch04-Nov-2018 08:33:43 %COPY-N-TRAP: The copy operation was completed successfullyCopy: 18586 bytes copied in 00:00:02 [hh:mm:ss]Step 3: Download the firmware from cisco.com (or another switch) and make it available via TFTP server. Copy the new image into flash on the switch.
xxxxxxxxxxSwitch#copy tftp://192.168.0.100/image_tesla_hybrid_2.4.5.71_release_cisco_signed.bin flash://image214-Sep-2017 08:37:59 %COPY-I-FILECPY: Files Copy - source URL tftp://192.168.0.100/image_tesla_hybrid_2.4.5.71_release_cisco_signed.bin destination URL flash://image214-Sep-2017 08:42:21 %COPY-N-TRAP: The copy operation was completed successfullyCopy: 43487307 bytes copied in 00:04:22 [hh:mm:ss]The new firmware file should be sitting on the root of the flash file system. To verify use the dir command.
xxxxxxxxxxSwitch#dirPermissions d-directory r-readable w-writable x-executable117732K of 224440K are freeDirectory of flash://Permission File Size Last Modified File Name---------- --------- -------------------- -------------------------------------- -rw- 43487307 20-Aug-2017 08:39:53 image2 dr-- 1168 20-Aug-2017 06:28:06 system“Boot System Image” doesn’t work anymore?
The boot system command still works, but it’s slightly different because you have to include the location of where you uploaded the firmware file.
Step 4: Tell the switch to extract the firmware to make it available for boot and set it as active on the next reload.
xxxxxxxxxxSwitch#boot system flash://image220-Aug-2017 08:40:27 %COPY-I-FILECPY: Files Copy - source URL flash://image2 destination URL flash://system/images/image2 20-Aug-2017 08:41:33 %COPY-N-TRAP: The copy operation was completed successfullyCopy: 43487307 bytes copied in 00:01:05 [hh:mm:ss]Verify that the new firmware is extracted and ready to go.
xxxxxxxxxxSwitch#show bootvarActive-image: flash://system/images/_image1.bin Version: 2.3.5.63 MD5 Digest: 5881484e04bcdcc17c32872445e3ab8d Date: 20-Aug-2017 Time: 19:04:55 Inactive after rebootInactive-image: flash://system/images/image2 Version: 2.4.5.71 MD5 Digest: 2dff89efdb2a0ec2f9a2c414ff7d401c Date: 04-Nov-2018 Time: 19:46:16 Active after rebootNotice that the Inactive-image is currently set to Active after reboot. If you’re having second thoughts about rebooting to the new version of firmware you can bailout by executing the command: boot system inactive-image. It sounds counter-intuitive but if the desired behavior is to keep 2.3.5.63 after reboot and not go to the updated version, this will make sure that happens. If you’re ready to go to the new version proceed to step 5!
Step 5: Reboot the switch using the reload command and be sure to save changes before doing so.
xxxxxxxxxxSwitch#copy run startOverwrite file [startup-config].... (Y/N)[N] ?Y20-Aug-2017 08:50:40 %COPY-I-FILECPY: Files Copy - source URL running-config destination URL flash://system/configuration/startup-config20-Aug-2017 08:50:42 %COPY-N-TRAP: The copy operation was completed successfullySwitch#reloadThis command will reset the whole system and disconnect your current session. Do you want to continue ? (Y/N)[N] YShutting down ...Step 6: Wait for the switch to reboot, then verify that the new image is being used.
xxxxxxxxxxSwitch#show versionActive-image: flash://system/images/image2 Version: 2.4.5.71 MD5 Digest: 2dff89efdb2a0ec2f9a2c414ff7d401c Date: 04-Nov-2018 Time: 19:46:16Inactive-image: flash://system/images/_image1.bin Version: 2.3.5.63 MD5 Digest: 5881484e04bcdcc17c32872445e3ab8d Date: 20-Aug-2017 Time: 19:04:55Pretty easy stuff, it’s just that some of the command syntax is a bit different than it was on the previous generation of Cisco Small Business switches. I hope this has been simple to follow and helps anyone new to the SG350 or SG550X switches with upgrading the firmware through the command line.
It is a bit weird to copy the firmware image to the flash, and then copy it again (boot system just does a copy) to an image location.
You can use “boot system” to directly retrieve the firmware image over TFTP (or SCP). You don’t need to have an intermediate copy.
Awesome, thanks Tom! That’s a nice time saving tip.