Checking Software Versions

One of the most important steps in troubleshooting a Catalyst switch is to determine the software that it is running. The software version provides a wealth of information in many troubleshooting cases:

  • Check whether the switch code is General Deployment (GD). GD code is preferred because it provides greater stability. Only bug fixes are integrated in GD codes; no new features are added, which translates to fewer bugs introduced. Typically, customers run non-GD code when they require a new feature that is not available on the GD code.

  • Check how old the software is. It is not unusual to see an enterprise customer running a 5-year-old code. This is not acceptable because of bug fixes and possible security holes in some of these codes. After a code goes End of Engineering (EOE), no new changes can be made to the code, and the customer is forced to upgrade. Therefore, it is best to be proactive and ensure the network switches are running reasonably up-to-date codes.

  • Network security holes found in the code can make the device or network vulnerable to attack. It is vital to ensure that the code does not have any security holes. For instance, a couple of years ago, a telnet buffer leak vulnerability would eventually cause a switch to crash because the switch would run out of memory. In a Denial of Service (DoS) attack, this vulnerability could affect the whole network. It is, therefore, important to know what code the switch is running and examine all security vulnerabilities published by Cisco against the code.

  • Software also provides information about the capability of the feature. Say for the example the feature in question is UniDirectional Link Detection (UDLD). Normal UDLD was first introduced in Catalyst OS 5.1(1). However, UDLD Aggressive mode was introduced in Catalyst OS 5.4(3). Having this knowledge can help direct the decision process on what code level the switch needs to be in.

  • Examining the software version provides information about potential or relevant bugs associated with the feature or hardware. Take the UDLD example again. There might be more UDLD bugs in Catalyst OS 5.5(1) than Catalyst OS 5.5(4) because UDLD was first introduced in Catalyst OS 5.5(1). Software might also have some bugs that affect the hardware, such as causing the hardware to reset or crash. Knowing what those bugs are can help the customer move away from those affected codes.

Use either the show module or show version command to display the current code level for the Catalyst switch. The output in Example 12-1 is from a Catalyst 6506 with Supervisor 1A, which is currently running Catalyst OS 7.6(3a) on the Supervisor and IOS 12.1(8b)e15 on the Multilayer Switch Feature Card (MSFC). The output also shows information on the uptime and the memory capacity on the switch.

Example 12-1. Switch Software Information

Switch2 (enable) show version

WS-C6506 Software, Version NmpSW: 7.6(3a)

Copyright (c) 1995-2003 by Cisco Systems

NMP S/W compiled on Sep 24 2003, 18:13:40

System Bootstrap Version: 5.3(1)

System Boot Image File is 'bootflash:cat6000-supk8.7-6-3a.bin'

System Configuration register is 0x2102

Hardware Version: 2.0  Model: WS-C6506  Serial #: TBA04081025

PS1  Module: WS-CAC-1000W    Serial #: SON03500044

Mod Port Model               Serial #    Versions

--- ---- ------------------- ----------- --------------------------------------

1   2    WS-X6K-SUP1A-2GE    SAD04310JC3 Hw : 3.4

                                         Fw : 5.3(1)

                                         Fw1: 5.4(2)

                                         Sw : 7.6(3a)

                                         Sw1: 7.6(3a)

         WS-X6K-SUP1A-2GE    SAD04310JC3 Hw : 3.4

                                         Sw :

3   48   WS-X6248-RJ-45      SAD03408164 Hw : 1.1

                                         Fw : 4.2(0.24)VAI78

                                         Sw : 7.6(3a)

15  1    WS-F6K-MSFC         SAD04281ARM Hw : 2.1

                                         Fw : 12.1(8b)E15

                                         Sw : 12.1(8b)E15

       DRAM                    FLASH                   NVRAM

Module Total   Used    Free    Total   Used    Free    Total Used  Free

------ ------- ------- ------- ------- ------- ------- ----- ----- -----

1       65408K  47749K  17659K  16384K  10877K   5507K  512K  282K  230K

Uptime is 19 days, 17 hours, 15 minutes

To ensure that the Switch2 is not hitting any major bugs or security vulnerabilities, as shown in Example 12-1, the engineer needs to search the Catalyst OS and MSFC IOS code release notes on the Cisco website. This process can seem tedious, but it is crucial. The release notes also provide information such as feature additions and enhancements.