System Administration

Upgrading Cisco 9800 Controller in HA

Upgrading Cisco 9800 Controller in HA

My two 9800-40’s run in HA. They have been running 16.10.1e for some time now, and I wanted to upgrade to the new suggested 16.11.1c or directly to 16.12.1 to test it out, as long as we are still in the summer holidays and there isn’t that much going on. A newer release is definitely needed in a few weeks, when my first Wi-Fi 6 (or 802.11ax, depending on marketing flavour) APs arrive to go online.

The official Cisco documentation (found here) for upgrading an HA pair is a little lacking:

Official HA upgrade documentation

Yes, this is it. The whole section. Not only is there not much detail, but it is in “old IOS style” upgrade (now called “bundle mode”), setting the .bin file in the boot variable. With this, it does not get copied automatically to the standby-box, there is no rollback, and, if I read correctly, you can’t AP image predownload that way.

NOTE: Documentation has been improved vastly since then. This shows how early I was with the C9800 - I was told one of the first in Europe and the first in Austria.

IOS XE “new style” (officially called “install mode”) works just as the release notes state, and, even if it does not say, it does everything on your standby-box too.

I downloaded the new .bin file from the Cisco download section and copied it to the bootflash on my primary box. Then you use the “install add file” command:

Making sense of Cisco WLC access point firmware pre-download

Making sense of Cisco WLC access point firmware pre-download

Firmware pre-download on the Cisco WLC wireless LAN controllers is a beautiful thing.

“In the old days"™ the update went like this:

  1. Upload firmware to controller
  2. Reboot controller
  3. Accesspoints want to rejoin controller, see non matching firmware, start updating, 10 at a time … 1 hour later …
  4. Most of your APs updated, some are still updating…

In large wireless LANs, this was not really an ideal solution, as the Wi-Fi was down for a long time if you had many APs on the controller. So Cisco introduced the pre-download feature with version 6.0, many years ago. It is documented in the official config guides, for example here.

The issue I have with this, that it was not really clear to me, which primary/backup command does what, because you have primary and backup images on WLC and AP.

So here a little guide, with the example of a usual upgrade path: