ICX 7750 Recommended Firmware

  • 1
  • Question
  • Updated 2 months ago
We have a pair of (Brocade) ICX 7750s working as our core routers (we are using MCT, BGP, OSPF, VRRPe). We are currently running firmware version 08.0.30h. We noticed that according to the support site, 08.0.30r is the recommended firmware version although 08.0.30sa is out and 08.0.80b says it supports this model. Is there a reason the recommended version is 30r? Is there any reason not to upgrade to 80b?

We think we might be affected by DEFECT000567305 which is fixed in 60a, so would it be better to just move to that version?

Separately, is there a reason the Release Notes for 08.0.40 are only available to Pro Support users?
Photo of CS Staffworld

CS Staffworld

  • 1 Post
  • 0 Reply Likes
  • totally confused

Posted 2 months ago

  • 1
Photo of NETWizz

NETWizz

  • 56 Posts
  • 18 Reply Likes
We have been running 08.0.80c, and it has been perfectly fine.

For ANY ICX 7000 series switches, I would get off 08.0.30.  I leave that codebase for the older ICX 6000 series devices at this point.

That said, I am NOT 100% sure what happens if you do such a massive upgrade all at once... I do not know if the pre-parsing scripts convert everything from all the way down to 08.0.30 codebase or not.

What we did was upgrade years ago to 08.0.61a a long time ago.

What changed was the Access-Lists, which were converted to use sequence numbers.

Before they looked like this:

access-list 1 deny host 10.157.22.26 log
access-list 1 deny 10.157.29.12 log
access-list 1 deny host 10.1.2.3 log 
access-list 1 permit any

I do not have one in front of me, but later it was something more like

ip access-list standard 1
sequence 10 deny host 10.157.22.26 log
sequence 20 deny 10.157.29.12 log
sequence 30 deny host 10.1.2.3 log 
sequence 40 permit any


It also updated the LAG configurations such that they now show up with actual lag interfaces, which are software virtual interfaces similar to a Cisco Port-Channel.  You no longer use the keyword "deploy" and they depreciated the "primary-port"

*************

Personally, I would avoid the 08.0.60 code and jump to the latest 08.0.61 for your first upgrade, because I know it will work.  After it's working, I would do a "wr mem" to copy the new running configuration to the startup configuration.  My reason for avoiding 08.0.60 code is that on several of the switch models it did not support stacking, and they did not even have a layer-3 build of it for quite a while.   That said, if I recall sometimes 08.0.61a would not sync NTP to my Cisco core.  It gave some strange Straatum error.  Regardless, this was never any issue in 08.0.70 or later builds.  More likely than not it was fixed in later builds of 08.0.61 as well.

*************

08.0.70 builds turns on inline-power by default, and it even upgrades the PoE firmware automatically on supporting hardware.

08.0.80 builds depreciate dual-mode, which is how you set a native-vlan on an interface.

The same rules apply that any give Ethernet_II frame can belong to only one VLAN, but now, you can take an interface "tagged" in as many 802.1q VLANs as you like (i.e. trunk port with allowed VLANS), and you can untag it to one (1) VLAN of your choosing to specify what happens when an untagged Ethernet_II frame comes into that Interface as well as transmit frames without the 802.1q frame on that interface for that VLAN.

Simply put, the configuration on 08.0.80 is streamlined.  Have no fear though, it will pre-parse and convert the configuration without failure.



Photo of Alexandre ALLAIRE

Alexandre ALLAIRE

  • 11 Posts
  • 1 Reply Like
Hello,

The behavior around POE firmware is not clear to me, the documentation even last 8.0.80ca still advise to upgrade POE manually after manifest.

"PoE firmware must be upgraded manually after the manifest upgrade."

Do you have any feedback from real cases about that ?

Thanks.

Alexandre
Photo of NETWizz

NETWizz

  • 56 Posts
  • 18 Reply Likes
The only new behavior is that PoE is on by default in 08.0.80.  Ruckus released 08.0.80ca yesterday; hence, it appears they recalled 08.0.80c, so please if upgrading keep that in mind even though it is unrelated.


Regardless, when you upgrade to any of the 08.0.80 series, you upgrade the boot-monitor first.

Generally something like:
copy tftp flash 10.1.2.3 mnz10113.bin bootrom


Regardless, once you send over 08.0.80ca (or whatever build) and you reboot the device, it automatically upgrades the PoE firmware.

You can do a "show inline power detail" and validate if the new PoE firmware was installed.  The new one is 2.1.0 Build 002.  If you are logging on right after a reboot, it may still be in the middle of an upgrade.  You can do a "sh logging" to look at missed messages.

If you are currently in an SSH or similar session, you can do a "Term Mon" to see the messages as they come across the console.

At any rate it appears to be automatic.

Photo of Alexandre ALLAIRE

Alexandre ALLAIRE

  • 11 Posts
  • 1 Reply Like
We also detect automatic POE firmware upgrade with last release, but the "fastiron-08080-upgradeguide" mislead me.

Thanks for confirmation.