Nexus Software Upgrade Guide

This guide covers the Cisco Nexus NX-OS software upgrade process in a practical, step-by-step manner, including rollback and recovery scenarios.
The goal is to minimize service disruption and ensure the device can always be recovered in case of failure.

1. Pre-Upgrade Checks

Before starting the software upgrade, you must complete the preparation steps below.
Most upgrade failures are caused by skipping or underestimating this phase.

Configuration Backup

  • Always take a full configuration backup before upgrading.
  • Store the backup outside the device (local PC, FTP/SFTP server, etc.).
  • This backup is critical if a rollback or manual recovery is required.

Switch Model and Current Software Version

Verify the switch model and the currently running NX-OS version using the following commands:

show version
show module
show inventory

These outputs are required to:

  • Select the correct NX-OS image
  • Validate the upgrade path
  • Confirm hardware compatibility

2. Downloading the Software Image

  • Download the appropriate NX-OS image for your switch model from Cisco’s official website:
    https://software.cisco.com/download/home
  • A valid Cisco account with sufficient privileges is required.
  • After downloading, record the MD5 hash value.

The MD5 checksum is essential to verify file integrity and ensure the image was not corrupted during download.

3. Upgrade Path Verification

Not all NX-OS versions support a direct upgrade.
In many cases, intermediate versions are required.

Use Cisco’s official tools to verify the correct upgrade path:

  • Nexus Upgrade Matrix Tools
  • Nexus 9000 / 3000 Series
  • Nexus 7000 Series

If multiple upgrade steps are required, download all intermediate images in advance.

4. Copying the Image to the Switch

FTP File Transfer

FTP is a commonly used method, but NX-OS images can be close to 2 GB in size,
so transfer time depends heavily on network performance.

Example FTP server details:

  • FTP Server IP Address: 10.10.10.5
  • FTP Username: user1
  • FTP Password: Qazwsx
  • File: nxos.9.3.10.bin

Recommended single-command copy method:

copy ftp://user1:Qazwsx@10.10.10.5/nxos.9.3.10.bin bootflash:

If multiple VRFs exist on the Nexus switch, you will be prompted to select one.
In most environments, the management VRF is used.

This is my preferred method, especially when:

  • An FTP server is not available
  • Time is limited
  • Network-based transfers introduce unnecessary risk

Ensure the USB filesystem is supported by Nexus devices.

copy usb1:nxos.9.3.10.bin bootflash:

MD5 Verification

After the file transfer completes, verify the file integrity:

show file bootflash:nxos.9.3.10.bin md5sum

The output must exactly match the MD5 hash provided by Cisco.

5. Software Upgrade Process

Once all checks are completed, start the upgrade:

install all nxos bootflash:nxos.9.3.10.bin
  • The switch automatically saves the current configuration.
  • You will be asked to confirm before reboot.
  • After confirmation, the system reboots and the upgrade begins.

Upgrade duration varies depending on the hardware model and image size.

6. Troubleshooting and Recovery

Entering ROMMON Mode

If the upgrade fails or the device does not boot:

  • During startup, access the console and press
    CTRL + L or CTRL + C
    to enter ROMMON mode.

Booting from TFTP

set ip 10.10.10.2 255.255.255.0
set gw 10.10.10.1
cmdline recoverymode=1
boot tftp://10.10.10.2/tftpboot/nxos.9.3.10.bin
init system
reload-nxos

Booting from USB

boot usb1:nxos.9.3.10.bin bootflash:
set ip 10.10.10.2 255.255.255.0
set gw 10.10.10.1
cmdline recoverymode=1
boot usb1:nxos.9.3.10.bin
init system
reload-nxos

After booting successfully via USB or TFTP, always verify and correct boot settings:

show boot

configure terminal
  boot nxos bootflash:/nxos.9.3.10.bin

Critical Warning

During the software upgrade process, ensure that:

  • Network connectivity
  • Power supply

remain stable and uninterrupted.
Any interruption may render the device unusable.