Each device is shipped with the Cisco NX-OS software. The Cisco NX-OS software consists of one NXOS software image (for example, n9000-dk9.6.1.2.I2.1.bin). Only this image is required to load the Cisco NX-OS operating system. This image runs on all Cisco Nexus 9000 Series switches and the Cisco Nexus 3164Q switch starting with Cisco NX-OS Release 6.1(2)I2(2a).

Note

Another type of binary file is the software maintenance upgrade (SMU) package file. SMUs contain fixes for specific defects. They are created to respond to immediate issues and do not include new features. SMU package files are available for download from Cisco.com and generally include the ID number of the resolved defect in the filename (for example, n9000-dk9.6.1.2.I2.1.CSCab00001.gbin). For more information on SMUs, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide.

Note

Cisco also provides electronic programmable logic device (EPLD) image upgrades to enhance hardware functionality or to resolve known hardware issues. The EPLD image upgrades are independent from the Cisco NX-OS software upgrades. For more information on EPLD images and the upgrade process, see the Cisco Nexus 9000 Series FPGA/EPLD Upgrade Release Notes.

Upgrading the Cisco NX-OS software has the following prerequisites:

• For ISSU compatibility for all releases, see the Cisco NX-OS ISSU Support Matrix.

• Ensure that everyone who has access to the device or the network is not configuring the device or the network during this time. You cannot configure a device during an upgrade. Use the show configuration session summary command to verify that you have no active configuration sessions.

• Save, commit, or discard any active configuration sessions before upgrading or downgrading the Cisco NX-OS software image on your device. On a device with dual supervisors, the active supervisor module cannot switch over to the standby supervisor module during the Cisco NX-OS software upgrade if you have an active configuration session.

• To transfer NX-OS software images to the Nexus switch through a file transfer protocol (such as TFTP, FTP, SFTP, SCP, etc.), verify that the Nexus switch can connect to the remote file server where the NX-OS software images are stored. If you do not have a router to route traffic between subnets, ensure that the Nexus switch and the remote file server are on the same subnetwork. To verify connectivity to the remote server, transfer a test file using a file transfer protocol of your choice or use the ping command if the remote file server is configured to respond to ICMP Echo Request packets. An example of using the ping command to verify connectivity to a remote file server 192.0.2.100 is shown below:

  switch# ping 192.0.2.100 vrf management
  PING 192.0.2.100 (192.0.2.100): 56 data bytes
  64 bytes from 192.0.2.100: icmp_seq=0 ttl=239 time=106.647 ms
  64 bytes from 192.0.2.100: icmp_seq=1 ttl=239 time=76.807 ms
  64 bytes from 192.0.2.100: icmp_seq=2 ttl=239 time=76.593 ms
  64 bytes from 192.0.2.100: icmp_seq=3 ttl=239 time=81.679 ms
  64 bytes from 192.0.2.100: icmp_seq=4 ttl=239 time=76.5 ms
  
  --- 192.0.2.100 ping statistics ---
  5 packets transmitted, 5 packets received, 0.00% packet loss
  round-trip min/avg/max = 76.5/83.645/106.647 ms
  
  

For more information on configuration sessions, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide specific to your release.

Downgrading the Cisco NX-OS software has the following prerequisites:

• Before you downgrade from a Cisco NX-OS release that supports the Control Plane Policing (CoPP) feature to an earlier Cisco NX-OS release that does not support the CoPP feature, you should verify compatibility using the show incompatibility nxos bootflash:filename command. If an incompatibility exists, disable any features that are incompatible with the downgrade image before downgrading the software.

Before attempting to upgrade to any software image, follow these guidelines:

• Schedule the upgrade when your network is stable and steady.

• Avoid any power interruption, which could corrupt the software image, during the installation procedure.

• On devices with dual supervisor modules, both supervisor modules must have connections on the console ports to maintain connectivity when switchovers occur during a software upgrade. See the Hardware Installation Guide for your specific chassis.

• Perform the installation on the active supervisor module, not the standby supervisor module.

• The compressed image of Cisco Nexus 3000-series is hardware dependent and can only be used on the same device that it got compressed or downloaded from CCO. Do not use the Nexus 3000-series compressed image on Nexus 9000-series

• When performing a PoAP upgrade from Cisco NX-OS Release 6.0(2)A8(11) to Cisco NX-OS Release 7.0(3)I7(8), the provisioning fails if the software image is not compacted. The PoAP script does not support SCP compact in 6.0(2)A8(11), so a non-compacted image is copied instead, and this causes a bios upgrade failure.

  To address this issue, use a pre-compacted image for PoAP from 6.0(2)A8(11). Perform a copy scp: urlbootflash: destination-file-system compact to the switch, then copy it back to the PoAP server. Start the provisioning. PoAP should pick-up the already compacted image and the provisioning should be successful.

• When redistributing static routes, Cisco NX-OS requires the default-information originate command to successfully redistribute the default static route starting in 7.0(3)I7(6).

• Detect a bad software image before performing an ISSU upgrade from an old release to a new release by checking the md5sum after downloading the new image (with seg6).

• If you upgrade from a Cisco NX-OS release that supports the CoPP feature to a Cisco NX-OS release that supports the CoPP feature with additional classes for new protocols, you must either run the setup utility using the setup command or use the copp profile command for the new CoPP classes to be available. For more information on these commands, see the "Configuring Control Plane Policing" chapter in the Cisco Nexus 9000 Series NX-OS Security Configuration Guide.

Before attempting to downgrade to an earlier software release, follow these guidelines:

• The only supported method of downgrading a Cisco Nexus 9000 Series switch is to utilize the install all command. Changing the boot variables, saving the configuration, and reloading the switch is not a supported method to downgrade the switch.

• Disable the Guest Shell if you need to downgrade from Cisco NX-OS Release 7.0(3)I7(7) to an earlier release.

• Software downgrades should be performed using the install all command. Changing the boot variables, saving the configuration, and reloading the switch is not a supported method to downgrade the switch.

• On devices with dual supervisor modules, both supervisor modules must have connections on the console ports to maintain connectivity when switchovers occur during a software downgrade. See the Hardware Installation Guide for your specific chassis.

• Cisco NX-OS automatically installs and enables the guest shell by default. However, if the device is reloaded with a Cisco NX-OS image that does not provide guest shell support, the existing guest shell is automatically removed and a %VMAN-2-INVALID_PACKAGE message is issued. As a best practice, remove the guest shell with the guestshell destroy command before downgrading to an earlier Cisco NX-OS image.