Oversubscription

Upgrading a 6500 is pretty straight forward, provided the necessary is done in the right order. I’ve listed the steps I would typically take to fully upgrade a single Cisco-6509-E (single Route-Processor) with a IPSEC VPN SPA blade.

It is always smart to play with a bonus when you can, and our recommended casinos are trusted sites where players can feel safe when taking a bonus. Be sure to check out No Hw Module Switch 1 Slot 1 Oversubscription the bonus terms and conditions, find out how to claim the bonus on the casino you wish to play at. If you enter the no hw-module switch switchnumber slot slotnumber oversubscription command to configure non-oversubscription mode (performance mode), then only ports 1, 5, 9, and 13 are configurable; the other ports on the module are disabled.

  1. The figure below shows the interface module. Figure 18: 1-port 10 Gigabit Ethernet XFP Interface Module Cisco ASR 903 Aggregation Services Router Hardware Installation Guide. Page 46: 8-Port 10 Gigabit Ethernet Interface Module (8X10Ge) To remove the configuration, use no hw-module subslot command.
  2. If fpga code is update without the use of 'force' the card is able to boot without any issues in a 12.0(32)S node Log message seen after fpd 'force' upgrade and loading of 12.0(32)S6:%MBUS-6-NOFPGAIMG: No FPGA image available for slot 1.
  3. Hw Module Switch 1 Slot 1 Oversubscription your live dealer Australian pokies online casino experience will Hw Module Switch 1 Slot 1 Oversubscription bring you a realistic casino event that Hw Module Switch 1 Slot 1 Oversubscription you can enjoy anywhere and at any time.
No hw-module slot 1 oversubscription port-group 1

Please lab this if possible BEFORE trying it in a production network. I have illustrated the steps to be taken if some of the known funnies occur during an upgrade. Feel free to use this as a guideline.

Firstly download the IOS and image versions, you need. Obviously do a little homework and check the specific IOS for known bugs using the Bug Toolkit. Don’t just pick any IOS. Make sure all the required features are relatively bug free.

Copy the downloaded files to the following locations:

  • ROMMON firmware to sup-bootflash
  • BOOTLDR to bootflash
  • IOS to flash disk

I always use FTP if possible, due to the higher transfer rates. 10.3.29.239 is connected to the switch and is running a FTP server, expecting a username:password of cisco:pass.


I would recommend verifying the IOS images after copying. It’s relatively easy for the image to get corrupted during copying. No need to waste time with corrupt images, when it can be avoided.

It is generally safe practise to backup the working running-config to a file on flash disk0:

No Hw-module Slot 1 Oversubscription Port-group 1

1- Lets start, first upgrade the Rom-Monitor:

Oversubscription

Confirm the current boot variables:

2- Specify the new BootLDR to load during boot:

3- Specify the order of the booting images. Firstly the new IOS image, secondly the previous working IOS image. Refer to a previous post, why to do this HERE.

4- Reload the box.

5- If during startup, you encounters config related errors like the ones below, make a note of each command the new IOS didn’t apply:

Do not save the config at any time before reloading using “write mem” or “copy run start”.
Else you will overwrite a working config with the above commands missing.

6- Rename the new IOS file on flash to force the next boot to use the second IOS file listed in boot command along with the working config:

7- If the box has a VPN-SPA blade for offloading IPSEC encryption/decryption, it might be necessary to upgrade the SPA FPD (Field Programmable Devices) code.
Before reloading confirm if the SPA FPD code matches the new IOS version.

The following command will show the current/required version:


8- If the min. required version is higher than the current version, the FPD code must be upgraded. Download the supporting .pkg from from Cisco and copy it to the flash disk:

Oversubscription

9- Then upgrade the SIP and the IPSEC SPA

10- Reload the box again. This time the old IOS will be used to boot since the new IOS file is not available. The list of error commands (Point 5) needs to be corrected, either manually or by using notepad. I would suggest using notepad)

11- Copy the running config to your laptop:

12- Edit the config file in notepad. Ensure all the commands are corrected for the new IOS. Here is a list of commands I needed to change with this upgrade:

13- Rename the config-file to something else, and copy the new config-file back to disk0. Confirm there are now two config-files (original and new):

14-Load the changed config to the startup configuration:

15-Rename the NEW-IOS file back to the original name as listed in the boot command:

No Hw-module Switch 1 Slot 1 Oversubscription Port-group 1

16-Reload the box the last time. If all was done correctly, everything should be working.

17-Proceed with testing STP, IGP’s, LDP, BGP and VPN’s and Crypto’s.

For a good overall look at what the 6500 is doing, use the following command :

My wonderful Kiwi Cattools is doing configuration backup of devices every 15 minutes. Two times till now it happened to me that different ASA SSM modules are stopping to respond on ssh configuration requests.
After getting the status of the module; the status show up as: Unresponsive
fw-01# show module 1 details
Getting details from the Service Module, please wait...
Unable to read details from slot 1
ASA 5500 Series Security Services Module-20
Model: ASA-SSM-20
Hardware version: 1.0
Serial Number: JAF1535CKBP
Firmware version: 1.0(11)5
Software version: 7.1(6)E4
MAC Address Range: 44d3.ca8e.06f8 to 44d3.ca8e.06f8
App. name: IPS
App. Status: Not Applicable
App. Status Desc: Not Applicable
App. version: 7.1(6)E4
Data plane Status: Not Applicable
Status: Unresponsive
Hw-module
Only way to do it is to reset the module using command:

hw-module module 1 shutdown

Shutdown module in slot 1? [confirm]
Shutdown issued for module in slot 1

fw-01# show module 1 details
Getting details from the Service Module, please wait...
Unable to read details from slot 1
ASA 5500 Series Security Services Module-20
Model: ASA-SSM-20
Hardware version: 1.0
Serial Number: JAF1535CKBP
Firmware version: 1.0(11)5
Software version: 7.1(6)E4
MAC Address Range: 44d3.ca8e.06f8 to 44d3.ca8e.06f8
App. name: IPS
App. Status: Not Applicable
App. Status Desc: Not Applicable
App. version: 7.1(6)E4
Data plane Status: Not Applicable
Status: Down


fw-01# hw-module module 1 reset
The module in slot 1 should be shut down before
resetting it or loss of configuration may occur.
Reset module in slot 1? [confirm]
Reset issued for module in slot 1


Now you need to wait for a while (about2 minutes during Initialization state):
fw-01# show module 1 details
Getting details from the Service Module, please wait...
Unable to read details from slot 1
ASA 5500 Series Security Services Module-20
Model: ASA-SSM-20
Hardware version: 1.0
Serial Number: JAF1535CKBP
Firmware version: 1.0(11)5
Software version: 7.1(6)E4
MAC Address Range: 44d3.ca8e.06f8 to 44d3.ca8e.06f8
App. name: IPS
App. Status: Not Applicable
App. Status Desc: Not Applicable
App. version: 7.1(6)E4
Data plane Status: Not Applicable
Status: Init

After about 2 minutes you will get correct status output for SSM module:
fw-01# show module 1 details
Getting details from the Service Module, please wait...
ASA 5500 Series Security Services Module-20
Model: ASA-SSM-20
Hardware version: 1.0
Serial Number: JAF1535CKBP
Firmware version: 1.0(11)5
Software version: 7.1(6)E4
MAC Address Range: 44d3.ca8e.06f8 to 44d3.ca8e.06f8
App. name: IPS
App. Status: Up
App. Status Desc: Normal Operation
App. version: 7.1(6)E4
Data plane Status: Up
Status: Up
Mgmt IP addr: 10.10.212.21
Mgmt Network mask: 255.255.255.0
Mgmt Gateway: 10.10.212.1
Mgmt Access List: 10.20.150.0/23
Mgmt Access List: 10.30.150.0/23
Mgmt web ports: 443
Mgmt TLS enabled: true

Useful links:
1. Configuring the ASA 5500 AIP SSM
2. Configuring the ASA 5500 AIP SSM - PDF
Coments are closed
Scroll to top