{"id":3,"date":"2009-03-05T15:17:40","date_gmt":"2009-03-05T14:17:40","guid":{"rendered":"http:\/\/itblog.antik.sk\/?p=3"},"modified":"2013-10-22T08:23:54","modified_gmt":"2013-10-22T07:23:54","slug":"how-to-set-up-a-dhcp-server-to-auto-install-new-firmware-image-and-config-for-cisco-me3400me2400catalyst-blade-3020catalyst-2960-on-boot","status":"publish","type":"post","link":"http:\/\/itblog.antik.sk\/?p=3","title":{"rendered":"How to set up a DHCP server to auto install new firmware image and config for Cisco (ME3400\/ME2400\/Catalyst Blade 3020\/Catalyst 2960\/Catalyst 3750\/Catalyst ME3750) on boot"},"content":{"rendered":"

First of all, you need to have image 12.2(44) and newer to be able to upgrade a image, if you have older image, you are only able to install new configuration.<\/p>\n

For ISC DHCP server you need also a configured TFTP server<\/p>\n

There are some bugs on Cisco pages regarding option 125 and auto install feature .<\/p>\n

Understanding option 125:<\/strong><\/p>\n

If you want to install new firmware image via dhcp you have to use dhcp option 125.<\/p>\n

The DHCP option 125 (Vendor-Identifying Vendor-Specific) is used to tell the switch which firmware it have to download. The structure is defined in RFC 3925.<\/p>\n

The data has to be send as raw hex string, the data contains for example:<\/p>\n

Hex(0000.0009) -> Vendor specific code, for Cisco it is dec(0009)=hex(0000.0009)
\nHex(12) -> data lenght, \u00a0Hex(12) = dec (18) (data length+\u00a0 suboption code + string lenght)=(1+1+16)
\nHex(05) -> suboption code, has to be 05
\nHex(10) ->lenght of the string to be send(autoinstall_dhcp) 16 chars=>dec(16)<\/p>\n

Hex(61:75:74:6f:69:6e:73:74:61:6c:6c:5f:64:68:63:70) = String(autoinstall_dhcp)<\/p>\n

The final magic string looks like this:\r\n00:00:00:09:12:05:10:61:75:74:6f:69:6e:73:74:61:6c:6c:5f:64:68:63:70<\/pre>\n
If you want different file name, you have to recalculate these numbers.<\/p>\n
If you don`t want to install new firmware, don`t send option 125 or the autoinstall_dhcp file should be empty.<\/p>\n
echo “me340x-metroipaccessk9-tar.122-46.SE.tar” > \/tftproot\/autoinstall_dhcp<\/p>\n
This has to be a tar file, not .bin image!<\/p>\n
echo “your config here” > \/tftproot\/me3400.init<\/p>\n
For ISC DHCP:<\/strong><\/p>\n
 <\/strong><\/p>\n
dhcpd.conf:<\/p>\n
authoritative;\r\n# defining option code 125 as hex string to be sent.\r\noption option-125 code 125 = string;\r\n# some subnet\r\nsubnet 10.1.1.0 netmask 255.255.255.0 {\r\n     # some range\r\n     range 10.1.1.10 10.1.1.250;\r\n     # domain server\r\n     option domain-name-servers 1.2.3.4;\r\n     # default router\r\n     option routers 10.1.1.1;\r\n     # TFTP server name (this is option code 150)\r\n     option tftp-server-name \"10.1.1.2\";\r\n     # defining TFTP and NTF server\r\n     next-server 10.1.1.2;\r\n     # defining boot file with startup configuration\r\n     option bootfile-name \"me3400.init\";\r\n     # sending option 125 with encoded filename autoinstall_dhcp which contains filename to be downloaded as new firmware\r\n     send option-125 00:00:00:09:12:05:10:61:75:74:6f:69:6e:73:74:61:6c:6c:5f:64:68:63:70;\r\n     # 5 min lease time\r\n     default-lease-time 600;\r\n     max-lease-time 600;\r\n     }\r\n}\r\r\nFor DHCP server on Cisco router\/switch:\r<\/strong>\r\noption code 150 is equivalent to option tftp-server-name in ISC dhcp server.\r\n\r\nSwitch# config terminal\r\nSwitch(config)# ip dhcp pool pool1\r\nSwitch(dhcp-config)# network 10.10.10.0 255.255.255.0\r\nSwitch(dhcp-config)# bootfile me3400.init\r\nSwitch(dhcp-config)# default-router 10.10.10.1\r\nSwitch(dhcp-config)# option 150 10.10.10.1\r\nSwitch(dhcp-config)# option 125 hex 0000.0009.1205.1061.7574.6f69.6e73.7461.6c6c.5f64.6863.70\r\nSwitch(dhcp-config)# exit\r\nSwitch(config)# tftp-server flash:me3400.init\r\nSwitch(config)# tftp-server flash:me340x-metroipaccessk9-tar.122-46.SE.tar\r\nSwitch(config)# tftp-server flash:autoinstall_dhcp\r\nSwitch(config)# interface gigabitEthernet1\/0\/4\r\nSwitch(config-if)# no switchport\r\nSwitch(config-if)# ip address 10.10.10.1 255.255.255.0\r\nSwitch(config-if)# end<\/pre>\n
Example of boot:<\/strong><\/p>\n
The switch is booted with 12.2(44) \u00a0and then download 12.2(46) image and boot with new firmware, after that new config is downloaded and used as startup-config.<\/p>\n
All by itself, don`t touch the keyboard. It looks like this:<\/p>\n
Press RETURN to get started!
\n
\n<\/strong>*Mar  1 00:00:26.801: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
\n*Mar  1 00:00:28.068: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
\n*Mar  1 00:00:49.819: %SYS-5-RESTART: System restarted —
\nCisco IOS Software, ME340x Software (ME340x-METROIPACCESSK9-M), Version 12.2(44)SE5, RELEASE SOFTWARE (fc2)
\nCopyright (c) 1986-2009 by Cisco Systems, Inc.
\nCompiled Thu 22-Jan-09 07:43 by gereddy
\n*Mar  1 00:00:51.195: %LINK-3-UPDOWN: Interface GigabitEthernet0\/1, changed state to up
\n*Mar  1 00:00:52.202: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0\/1, changed state to up
\n*Mar  1 00:00:52.831: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
\nLoading autoinstall_dhcp from 10.254.5.2 (via Vlan1): !
\n[OK – 41 bytes]<\/p>\n
*Mar  1 00:01:06.060: AUTOINSTALL: Vlan1 is assigned 10.252.4.42
\n*Mar  1 00:01:06.060: AUTOINSTALL: Obtain tftp server name 10.254.5.2 resolved to 10.254.5.2
\n*Mar  1 00:01:06.060: AUTOINSTALL: Obtain default router (opt 3) 10.252.4.1
\nexamining image…
\nextracting info (114 bytes)
\nextracting me340x-metroipaccessk9-mz.122-46.SE\/info (421 bytes)
\nextracting info (114 bytes)<\/p>\n
System Type:             0x00000000
\nIos Image File Size:   0x009E4A00
\nTotal Image File Size: 0x009E4A00
\nMinimum Dram required: 0x08000000
\nImage Suffix:          metroipaccessk9-122-46.SE
\nImage Directory:       me340x-metroipaccessk9-mz.122-46.SE
\nImage Name:            me340x-metroipaccessk9-mz.122-46.SE.bin
\nImage Feature:         IP|LAYER_3|PLUS|SSH|3DES|MIN_DRAM_MEG=128<\/p>\n
Old image for switch 1: unknown<\/p>\n
Extracting images from archive into flash…
\nme340x-metroipaccessk9-mz.122-46.SE\/ (directory)
\nme340x-metroipaccessk9-mz.122-46.SE\/html\/ (directory)
\nextracting me340x-metroipaccessk9-mz.122-46.SE\/html\/foo.html (0 bytes)
\nextracting me340x-metroipaccessk9-mz.122-46.SE\/me340x-metroipaccessk9-mz.122-46.SE.bin (10368733 bytes)
\nextracting me340x-metroipaccessk9-mz.122-46.SE\/info (421 bytes)
\nextracting info (114 bytes)<\/p>\n
Installing (renaming): `flash:update\/me340x-metroipaccessk9-mz.122-46.SE’ ->
\n`flash:me340x-metroipaccessk9-mz.122-46.SE’
\nNew software image installed in flash:me340x-metroipaccessk9-mz.122-46.SE<\/p>\n
All software images installed.
\nRequested system reload in progress…
\nLoading me3400.init from 10.254.5.2 (via Vlan1): !
\n[OK – 30529 bytes]<\/p>\n
*Mar  1 00:04:56.554: AUTOINSTALL: Obtain tftp server name 10.254.5.2 resolved to 10.254.5.2
\n*Mar  1 00:04:56.554: AUTOINSTALL: Obtain default router (opt 3) 10.252.4.1
\n000012: *Mar  1 01:04:57.627: %SYS-6-CLOCKUPDATE: System clock has been updated from 00:04:57 UTC Mon Mar 1 1993 to 01:04:57 MET Mon Mar 1 1993, configured from console by console.
\n000013: *Mar  1 01:04:57.627: %SYS-6-CLOCKUPDATE: System clock has been updated from 01:04:57 MET Mon Mar 1 1993 to 01:04:57 MET Mon Mar 1 1993, configured
\nBoot Sector Filesystem (bs) installed, fsid: 2
\nBase ethernet MAC Address: 00:23:ea:94:a5:00
\nXmodem file system is available.
\nThe password-recovery mechanism is enabled.<\/p>\n
*** The system will autoboot in 5 seconds ***
\nSend break character to prevent autobooting.<\/p>\n
Initializing Flash…
\nflashfs[0]: 8 files, 5 directories
\nflashfs[0]: 0 orphaned files, 0 orphaned directories
\nflashfs[0]: Total bytes: 32514048
\nflashfs[0]: Bytes used: 26132480
\nflashfs[0]: Bytes available: 6381568
\nflashfs[0]: flashfs fsck took 9 seconds.
\n…done Initializing Flash.
\ndone.
\nLoading “flash:me340x-metroipaccessk9-mz.122-46.SE\/me340x-metroipaccessk9-mz.122-46.SE.bin”…@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
\nFile “flash:me340x-metroipaccessk9-mz.122-46.SE\/me340x-metroipaccessk9-mz.122-46.SE.bin” uncompressed and installed, entry point: 0x3000
\nexecuting…<\/p>\n
<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"
First of all, you need to have image 12.2(44) and newer to be able to upgrade a image, if you have older image, you are only able to install new configuration. For ISC DHCP server you need also a configured TFTP server There are some bugs on Cisco pages regarding option 125 and auto install […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[6,4,5],"_links":{"self":[{"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=\/wp\/v2\/posts\/3"}],"collection":[{"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3"}],"version-history":[{"count":25,"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=\/wp\/v2\/posts\/3\/revisions"}],"predecessor-version":[{"id":91,"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=\/wp\/v2\/posts\/3\/revisions\/91"}],"wp:attachment":[{"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/itblog.antik.sk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}