Archive for March, 2009

How to set up a DHCP server to auto install new firmware image and config for Cisco (ME3400/ME2400/Catalyst Blade 3020/Catalyst 2960/Catalyst 3750/Catalyst ME3750) on boot

First of all, you need to have image 12.2(44) and newer to be able to upgrade a image, if you have older image, you are only able to install new configuration.

For ISC DHCP server you need also a configured TFTP server

There are some bugs on Cisco pages regarding option 125 and auto install feature .

Understanding option 125:

If you want to install new firmware image via dhcp you have to use dhcp option 125.

The DHCP option 125 (Vendor-Identifying Vendor-Specific) is used to tell the switch which firmware it have to download. The structure is defined in RFC 3925.

The data has to be send as raw hex string, the data contains for example:

Hex(0000.0009) -> Vendor specific code, for Cisco it is dec(0009)=hex(0000.0009)
Hex(12) -> data lenght,  Hex(12) = dec (18) (data length+  suboption code + string lenght)=(1+1+16)
Hex(05) -> suboption code, has to be 05
Hex(10) ->lenght of the string to be send(autoinstall_dhcp) 16 chars=>dec(16)

Hex(61:75:74:6f:69:6e:73:74:61:6c:6c:5f:64:68:63:70) = String(autoinstall_dhcp)

The final magic string looks like this:

If you want different file name, you have to recalculate these numbers.

If you don`t want to install new firmware, don`t send option 125 or the autoinstall_dhcp file should be empty.

echo “me340x-metroipaccessk9-tar.122-46.SE.tar” > /tftproot/autoinstall_dhcp

This has to be a tar file, not .bin image!

echo “your config here” > /tftproot/me3400.init



# defining option code 125 as hex string to be sent.
option option-125 code 125 = string;
# some subnet
subnet netmask {
     # some range
     # domain server
     option domain-name-servers;
     # default router
     option routers;
     # TFTP server name (this is option code 150)
     option tftp-server-name "";
     # defining TFTP and NTF server
     # defining boot file with startup configuration
     option bootfile-name "me3400.init";
     # sending option 125 with encoded filename autoinstall_dhcp which contains filename to be downloaded as new firmware
     send option-125 00:00:00:09:12:05:10:61:75:74:6f:69:6e:73:74:61:6c:6c:5f:64:68:63:70;
     # 5 min lease time
     default-lease-time 600;
     max-lease-time 600;

For DHCP server on Cisco router/switch:

option code 150 is equivalent to option tftp-server-name in ISC dhcp server.

Switch# config terminal
Switch(config)# ip dhcp pool pool1
Switch(dhcp-config)# network
Switch(dhcp-config)# bootfile me3400.init
Switch(dhcp-config)# default-router
Switch(dhcp-config)# option 150
Switch(dhcp-config)# option 125 hex 0000.0009.1205.1061.7574.6f69.6e73.7461.6c6c.5f64.6863.70
Switch(dhcp-config)# exit
Switch(config)# tftp-server flash:me3400.init
Switch(config)# tftp-server flash:me340x-metroipaccessk9-tar.122-46.SE.tar
Switch(config)# tftp-server flash:autoinstall_dhcp
Switch(config)# interface gigabitEthernet1/0/4
Switch(config-if)# no switchport
Switch(config-if)# ip address
Switch(config-if)# end

Example of boot:

The switch is booted with 12.2(44)  and then download 12.2(46) image and boot with new firmware, after that new config is downloaded and used as startup-config.

All by itself, don`t touch the keyboard. It looks like this:

Press RETURN to get started!

*Mar 1 00:00:26.801: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Mar 1 00:00:28.068: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
*Mar 1 00:00:49.819: %SYS-5-RESTART: System restarted —
Cisco IOS Software, ME340x Software (ME340x-METROIPACCESSK9-M), Version 12.2(44)SE5, RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Thu 22-Jan-09 07:43 by gereddy
*Mar 1 00:00:51.195: %LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed state to up
*Mar 1 00:00:52.202: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
*Mar 1 00:00:52.831: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
Loading autoinstall_dhcp from (via Vlan1): !
[OK – 41 bytes]

*Mar 1 00:01:06.060: AUTOINSTALL: Vlan1 is assigned
*Mar 1 00:01:06.060: AUTOINSTALL: Obtain tftp server name resolved to
*Mar 1 00:01:06.060: AUTOINSTALL: Obtain default router (opt 3)
examining image…
extracting info (114 bytes)
extracting me340x-metroipaccessk9-mz.122-46.SE/info (421 bytes)
extracting info (114 bytes)

System Type: 0x00000000
Ios Image File Size: 0x009E4A00
Total Image File Size: 0x009E4A00
Minimum Dram required: 0x08000000
Image Suffix: metroipaccessk9-122-46.SE
Image Directory: me340x-metroipaccessk9-mz.122-46.SE
Image Name: me340x-metroipaccessk9-mz.122-46.SE.bin

Old image for switch 1: unknown

Extracting images from archive into flash…
me340x-metroipaccessk9-mz.122-46.SE/ (directory)
me340x-metroipaccessk9-mz.122-46.SE/html/ (directory)
extracting me340x-metroipaccessk9-mz.122-46.SE/html/foo.html (0 bytes)
extracting me340x-metroipaccessk9-mz.122-46.SE/me340x-metroipaccessk9-mz.122-46.SE.bin (10368733 bytes)
extracting me340x-metroipaccessk9-mz.122-46.SE/info (421 bytes)
extracting info (114 bytes)

Installing (renaming): `flash:update/me340x-metroipaccessk9-mz.122-46.SE’ ->
New software image installed in flash:me340x-metroipaccessk9-mz.122-46.SE

All software images installed.
Requested system reload in progress…
Loading me3400.init from (via Vlan1): !
[OK – 30529 bytes]

*Mar 1 00:04:56.554: AUTOINSTALL: Obtain tftp server name resolved to
*Mar 1 00:04:56.554: AUTOINSTALL: Obtain default router (opt 3)
000012: *Mar 1 01:04:57.627: %SYS-6-CLOCKUPDATE: System clock has been updated from 00:04:57 UTC Mon Mar 1 1993 to 01:04:57 MET Mon Mar 1 1993, configured from console by console.
000013: *Mar 1 01:04:57.627: %SYS-6-CLOCKUPDATE: System clock has been updated from 01:04:57 MET Mon Mar 1 1993 to 01:04:57 MET Mon Mar 1 1993, configured
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: 00:23:ea:94:a5:00
Xmodem file system is available.
The password-recovery mechanism is enabled.

*** The system will autoboot in 5 seconds ***
Send break character to prevent autobooting.

Initializing Flash…
flashfs[0]: 8 files, 5 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 26132480
flashfs[0]: Bytes available: 6381568
flashfs[0]: flashfs fsck took 9 seconds.
…done Initializing Flash.
Loading “flash:me340x-metroipaccessk9-mz.122-46.SE/me340x-metroipaccessk9-mz.122-46.SE.bin”…@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File “flash:me340x-metroipaccessk9-mz.122-46.SE/me340x-metroipaccessk9-mz.122-46.SE.bin” uncompressed and installed, entry point: 0x3000

, ,

1 Comment

ME 3400 queue setting

With default policy on ME 3400 switches, you can observe some problems with burst traffic coming from GigE interface. This is due to default queue-limit setting. Here is an example,how to increase it and use with triple play policy on customer’s port:

policy-map qosout
class VOIP
class IPTV
bandwidth remaining percent 80
queue-limit 272
class JUNK
bandwidth remaining percent 10

policy-map shap
description OUTPUT SHAPING
class class-default
shape average 34000000
service-policy qosout

int fast 0/1
service output shap

No Comments