One of the most important steps in troubleshooting a Catalyst switch is to determine the software that it is running. The software version provides a wealth of information in many troubleshooting cases:
Check whether the switch code is General Deployment (GD). GD code is preferred because it provides greater stability. Only bug fixes are integrated in GD codes; no new features are added, which translates to fewer bugs introduced. Typically, customers run non-GD code when they require a new feature that is not available on the GD code.
Check how old the software is. It is not unusual to see an enterprise customer running a 5-year-old code. This is not acceptable because of bug fixes and possible security holes in some of these codes. After a code goes End of Engineering (EOE), no new changes can be made to the code, and the customer is forced to upgrade. Therefore, it is best to be proactive and ensure the network switches are running reasonably up-to-date codes.
Network security holes found in the code can make the device or network vulnerable to attack. It is vital to ensure that the code does not have any security holes. For instance, a couple of years ago, a telnet buffer leak vulnerability would eventually cause a switch to crash because the switch would run out of memory. In a Denial of Service (DoS) attack, this vulnerability could affect the whole network. It is, therefore, important to know what code the switch is running and examine all security vulnerabilities published by Cisco against the code.
Software also provides information about the capability of the feature. Say for the example the feature in question is UniDirectional Link Detection (UDLD). Normal UDLD was first introduced in Catalyst OS 5.1(1). However, UDLD Aggressive mode was introduced in Catalyst OS 5.4(3). Having this knowledge can help direct the decision process on what code level the switch needs to be in.
Examining the software version provides information about potential or relevant bugs associated with the feature or hardware. Take the UDLD example again. There might be more UDLD bugs in Catalyst OS 5.5(1) than Catalyst OS 5.5(4) because UDLD was first introduced in Catalyst OS 5.5(1). Software might also have some bugs that affect the hardware, such as causing the hardware to reset or crash. Knowing what those bugs are can help the customer move away from those affected codes.
Use either the show module or show version command to display the current code level for the Catalyst switch. The output in Example 12-1 is from a Catalyst 6506 with Supervisor 1A, which is currently running Catalyst OS 7.6(3a) on the Supervisor and IOS 12.1(8b)e15 on the Multilayer Switch Feature Card (MSFC). The output also shows information on the uptime and the memory capacity on the switch.
Switch2 (enable) show version WS-C6506 Software, Version NmpSW: 7.6(3a) Copyright (c) 1995-2003 by Cisco Systems NMP S/W compiled on Sep 24 2003, 18:13:40 System Bootstrap Version: 5.3(1) System Boot Image File is 'bootflash:cat6000-supk8.7-6-3a.bin' System Configuration register is 0x2102 Hardware Version: 2.0 Model: WS-C6506 Serial #: TBA04081025 PS1 Module: WS-CAC-1000W Serial #: SON03500044 Mod Port Model Serial # Versions --- ---- ------------------- ----------- -------------------------------------- 1 2 WS-X6K-SUP1A-2GE SAD04310JC3 Hw : 3.4 Fw : 5.3(1) Fw1: 5.4(2) Sw : 7.6(3a) Sw1: 7.6(3a) WS-X6K-SUP1A-2GE SAD04310JC3 Hw : 3.4 Sw : 3 48 WS-X6248-RJ-45 SAD03408164 Hw : 1.1 Fw : 4.2(0.24)VAI78 Sw : 7.6(3a) 15 1 WS-F6K-MSFC SAD04281ARM Hw : 2.1 Fw : 12.1(8b)E15 Sw : 12.1(8b)E15 DRAM FLASH NVRAM Module Total Used Free Total Used Free Total Used Free ------ ------- ------- ------- ------- ------- ------- ----- ----- ----- 1 65408K 47749K 17659K 16384K 10877K 5507K 512K 282K 230K Uptime is 19 days, 17 hours, 15 minutes
To ensure that the Switch2 is not hitting any major bugs or security vulnerabilities, as shown in Example 12-1, the engineer needs to search the Catalyst OS and MSFC IOS code release notes on the Cisco website. This process can seem tedious, but it is crucial. The release notes also provide information such as feature additions and enhancements.