Hw-module Slot Reload

Upgrading a 6500 is pretty straight forward, provided the necessary is done in the right order. I’ve listed the steps I would typically take to fully upgrade a single Cisco-6509-E (single Route-Processor) with a IPSEC VPN SPA blade.

The hw-module slot stop command in EXEC mode automatically stops traffic on the interfaces and deactivates them along with the SPA in preparation for OIR. In similar fashion, you do not need to independently restart any interfaces on a SPA after OIR of a SPA or SIP. Enter the show facility-alarm status command. Hw Module Slot R0 Reload During Hw Module Slot R0 Reload free spins, you can also benefit from extra multipliers. In some titles, you can only land high-paying symbols during free spins, which is fantastic. All Hw Module Slot R0 Reload these perks make free spins a brilliant opportunity to make some amazing profits! Real Money First Hw Module Slot R1 Reload – Super High stakes. This is one of my favourite strategies that I implement every time I play on an online casino where you play with your real money Hw Module Slot R1 Reload first when claiming a bonus. The following example illustrates how to reset a module in slot 3: Sup# hw-module rmodule 3 reset hw-module shutdown. To shut down the module, use the hw-module shutdown command in privileged EXEC mode. Hw-module module slotnumber shutdown. Syntax Description.

Please lab this if possible BEFORE trying it in a production network. I have illustrated the steps to be taken if some of the known funnies occur during an upgrade. Feel free to use this as a guideline.

Firstly download the IOS and image versions, you need. Obviously do a little homework and check the specific IOS for known bugs using the Bug Toolkit. Don’t just pick any IOS. Make sure all the required features are relatively bug free.

Copy the downloaded files to the following locations:

Hw-module
  • ROMMON firmware to sup-bootflash
  • BOOTLDR to bootflash
  • IOS to flash disk

I always use FTP if possible, due to the higher transfer rates. 10.3.29.239 is connected to the switch and is running a FTP server, expecting a username:password of cisco:pass.


I would recommend verifying the IOS images after copying. It’s relatively easy for the image to get corrupted during copying. No need to waste time with corrupt images, when it can be avoided.

Hw-module Slot Reloading Bullets

It is generally safe practise to backup the working running-config to a file on flash disk0:

1- Lets start, first upgrade the Rom-Monitor:

Confirm the current boot variables:

2- Specify the new BootLDR to load during boot:

3- Specify the order of the booting images. Firstly the new IOS image, secondly the previous working IOS image. Refer to a previous post, why to do this HERE.

4- Reload the box.

5- If during startup, you encounters config related errors like the ones below, make a note of each command the new IOS didn’t apply:

Do not save the config at any time before reloading using “write mem” or “copy run start”.
Else you will overwrite a working config with the above commands missing.

6- Rename the new IOS file on flash to force the next boot to use the second IOS file listed in boot command along with the working config:

7- If the box has a VPN-SPA blade for offloading IPSEC encryption/decryption, it might be necessary to upgrade the SPA FPD (Field Programmable Devices) code.
Before reloading confirm if the SPA FPD code matches the new IOS version.

The following command will show the current/required version:


8- If the min. required version is higher than the current version, the FPD code must be upgraded. Download the supporting .pkg from from Cisco and copy it to the flash disk:

9- Then upgrade the SIP and the IPSEC SPA

10- Reload the box again. This time the old IOS will be used to boot since the new IOS file is not available. The list of error commands (Point 5) needs to be corrected, either manually or by using notepad. I would suggest using notepad)

Hw-module Slot Reloading

Hw-module Slot Reload

11- Copy the running config to your laptop:

12- Edit the config file in notepad. Ensure all the commands are corrected for the new IOS. Here is a list of commands I needed to change with this upgrade:

13- Rename the config-file to something else, and copy the new config-file back to disk0. Confirm there are now two config-files (original and new):

14-Load the changed config to the startup configuration:

15-Rename the NEW-IOS file back to the original name as listed in the boot command:

16-Reload the box the last time. If all was done correctly, everything should be working.

17-Proceed with testing STP, IGP’s, LDP, BGP and VPN’s and Crypto’s.

For a good overall look at what the 6500 is doing, use the following command :

I learned something interesting about the cisco ASA 5558-X chassis & that I thought was interesting;
Please reference this image from cisco website of a typical 5558-X chassis.
Hw-module Slot Reloadhttp://www.cisco.com/c/en/us/td/docs/security/asa/hw/maintenance/5585guide/5585Xhw/overview.html#pgfId-1100238
The hw-module slot1 which encompass the IPS also carries the GIGE interfaces gi 1/0-7 and the 10GIGE interfaces as well 1/8-9.
Shutting down the hw-module slot1 will 'DROP' all interfaces in slot1 and not just the IPS modules.
Take a look at these show outputs;

And the available hardware module commands

1: So the meer issuing of a hw-module #1 shutdown, actually shutdown the whole slot1 and NOT just the IPS


2: A issuing of a hw-module #1 reload, will not disturb any GIGE interfaces on slot#1
I found this interesting while diagnostic and debugging a buggy IPS module. I have a case open with TAC over these issues. They are looking into it a trying to determine if this is normal behavior.
Hw-moduleI found it funny cisco won't let you shutdown slot#0, but they allow slot#1 , and it will bring all interfaces on that slot down including the IPS module that I was trying to trouble shoot.
http://socpuppet.blogspot.com/2015/01/asa-ips-modules-reloads-732-e4.html
Ken Felix
Freelance Network/Security Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( # # )=

Hw-module Slot Reloading Equipment


@
/

Hw-module Slot Reloaded