#Upgrading cluster switches

I'm looking into upgrading our cluster switches and we got Cisco 3132/3232/9336 switches.
some of them are running 9.3(14) and thats the max supported version according to netapp compability sheet.

But cisco has released all the way up to 9.3(16).
Is 9.3(16) really unsupported?

In general it takes some time until a new NXOS version is support because of validation checks/run time etc.

You can also send a request into NetApp to see about getting the support matrix updated. If there are no new features being used, no reason to upgrade. The only real reason to upgrade is to possibly correct known CVEs

There may be a "fix" in the newer code that breaks the cluster.

(unlikely, but possible if it is not tested/qualified)

On the 9336, I use 10.4(4)
DO NOT FORGET to install the epld update!!!

install all nxos bootflash:nxos.bin epld bootflash:epld.bin

Oh, by the way that’s on newer 10.1+ train. I’m pretty sure on the 9 train you need to install nxos and EPLD in two separate reboots

Obviously if it’s not available on the command line, it won’t work in a single step

This page is your friend

https://www.cisco.com/c/dam/en/us/td/docs/dcn/tools/nexus-9k3k-issu-matrix/index.html

Beginning with 10.5(3)F EPLD is bundled with the NX-OS image.
So the following will be enough in the future (once NetApp finally approves newer versions):
install all nxos <image-name>

https://www.cisco.com/c/en/us/td/docs/dcn/nx-os/nexus9000/105x/epld/nxos-n9k-epld-1053.html#EPLDUpgradeDuringInstallAll

The latest NetApp validated version 10.4(4) by the way has several known vulnerabilities: https://sec.cloudapps.cisco.com/security/center/softwarechecker.x?productSelected=nx_os&selectedMethod=A&captchaPage=true&platformCode=265096&versionNamesSelected=10.4(4)&allAdvisoriesSelectedByTree=N&advisoryType=0&iosBundleId=cisco-sa-20250326-bundle&isFewCheckBoxChecked1=false&isNoneCheckBoxsChecked1=true#~onStep3

I don't understand why NetApp always take so much time to validate new versions (10.4(4) is one year old.)
It's not like they're using any advanced features of NX-OS, it's actually really basic (if you compare it to what NX-OS is capable of).

Can you upgrade the 3232c with 9000 series firmware? It's the same tin but need to have that confirmed by cisco

pretty sure that's not possible and they only look the same and are not the same hardware inside

Best thing to do
Go to Cisco.com
Go to the support
Type in 3232c
Find the release
Look at the filename and record the checksum
Look at the same file for the 9339c-fx2
If the checksum is the same then it’s the same file and should be OK

I just looked.
Filename: nxos.9.3.16.bin
Checksum @ 9336 : cb5bc7a1a6d5153f33a6585eafb1fcc8
Checksum @ 3232C: cb5bc7a1a6d5153f33a6585eafb1fcc8

So, same file.

Thanks for all the advises, the EPLD I got under control 😁

Can you go to 10.4.(5) from 9.3(14) like a normal NXOS upgrade?
Would be nice to align all the cluster switches tbh.
At least the switches that support 10.4.(5) that is...

Today its like 50/50 if they run 9.3 or 10.4.

Yes that is accurate. It's 2 step rocket with 2 reboots.

Yes, direct update is supported. Always check this page: https://www.cisco.com/c/dam/en/us/td/docs/dcn/tools/nexus-9k3k-issu-matrix/index.html
But last I checked 10.4(4) was the latest NetApp validated version.

Awesome @craggy furnace

This is where I check for supported versions btw
https://mysupport.netapp.com/site/info/cisco-ethernet-switch
Cisco 9336C

That 10.4(5)M was added in the past week!

oh ok, HWU still shows 10.4(4)

"when in doubt, HWU is correct" so I would go with whatever the HWU shows as that is definitely checked and validated

Also, in the "supported" columns, you will find 10.5(3)(F)!!

@void cloud strange they did that thanks for checking. Is it the same for version 10? I'll probably check their support before doing so just in case for support contract reasons.

10 isn’t supported on the 3232

Missed that!

This is exciting 😁