Cisco 3750/2950 IOS Upgrade (using NCM tftp server) NCM Template

This template is used to upgrade the IOS on 3750s using a .tar file.  It will delete the old IOS file (.tar or .bin) if there is not enough space in flash.  It will set the boot statements and reload the device after a successful upgrade.  You will be able to view the status in Script Results when it is complete.  It will only perform the upgrade if it is a 3750 (or 2950, if altered).  If it is not the correct device type, it will skip the device.  This uses the tftp server on your SolarWinds server.  If  you want to use an alternate TFTP server, use this one:  3750 IOS Upgrade Using Alternate tftp server.  You will need to set this up first.  I also am mapping to a folder on the server (\Cisco\3750\).  You can modify the script for your environment.  It's good for multiple devices.  It will work for 2900 switches too.  You just need to change all references in the script from 3750 to 2950.  It's been working for me.  Saves a lot of time.  You MUST use a .tar file for your new IOS.  If the old IOS was upgraded from a .tar file, there is no need to put the old IOS file name in the field for it.  You can put a space in that field.  This upgrade will look for and cleanup the directory structure for the .tar file upgrade.  It will delete the .bin file (in flash:   Not in the subdirectory) that is put into the OLD File name field.

If you download this, please rate it or comment on this, so I know what is needed and how this is working for you.

  • We use config change templates to make it easy for anyone to do it.  It keeps them from inputting the wrong IP or syntax.  It cuts out a lot of operator error.  You don't have to know the syntax each time you do an upgrade.  Just go select the template that already has everything there.  It also does a check to see if the device is the correct device.  If it not a 3750 (or 2950 or 2960) that is selected, the script will not be pushed to the device.  There is also not reason to need to know the SolarWinds server IP address as this will prepopulate it for you.  We also have the same security issue with html files so we do the imageonly option that is in this template.  With that option, there is no need to do a clean-up script afterwards and no extra space is wasted.  After the execution of the template, you also get the "Script Results" output.  This will show if it was successful or where if failed without having to dig into a job's output file on the SolarWinds server.  I actually have a few dir commands at the end of my template to validate that the actual directory and file are actually there.  We also use SCP and don't use tftp as it is not secure.  I am surprised that you would be using TFTP if you have issues with security.  NCM comes with a SFTP/SCP server and all Cisco devices now support SCP transfers and auto-upgrades.  I am not saying either way is better.  To each his own.  This is just the method that works best for us given the tools we have and the environment that we are in.  Since I had to create this, I shared for all to use.

  • When would you prefer your script over a simple CLI command job?

    For example, if I'm upgrading a stack of 2960S's via NCM, I select within NCM all the switches I want to upgrade, then right-click on one and choose the option to run a command script.

    I record the IP address of my TFTP server as "x.x.x.x" below, and in the command script window I enter in:

    archive download-sw /overwrite /reload tftp://x.x.x.x/c2960s-universalk9-tar.150-2.SE8.tar 

    It takes care of making room on the switch automatically, it distributes the code out to all the switches in the stack, it reboots the stack, everything runs without supervision or complexity.  I can run it as a Scheduled Job or as a one-time command script.

    I save my one-line script as a Config Snippet in NCM, and call it up whenever a switch upgrade is needed.  I make sure the tftp server is running and that it has the new .tar file I want to use, and I modify the Snippet to reflect any changes in the .tar file's name based on what switch type or .tar file I want pushed out.

    If I want to keep the switch as clean as possible, I can also run a follow-up script later on to remove the html GUI files that a .tar uncompresses in the switch.  We don't use the GUI due to security concerns, therefore the space all those html files takes up is wasted.

    That command is:

    delete /force /recursive flash:<dir name>

    I like your script and the thought that went into it.  Can you help me see where it does a better job than a simple one-line script?

  • I was hoping solarwinds has some kind of script that was aware of how many devices were in a stack. We made due with a script that covered all possibilities and ignored the errors for stacks with fewer then 6 members.


  • Yes you can.  Just do it on the master.  Use:

    delete /f /r flash:/c3560-ipservicesk9-mz.122-52.SE.bin

    delete /f /r flash0:/c3560-ipservicesk9-mz.122-52.SE.bin

    delete /f /r flash1:/c3560-ipservicesk9-mz.122-52.SE.bin

    dir flash:

    dir flash0:

    dir flash1:

    dir flash2: