Recover From Corrupt or Missing File Image or in Rommon Mode
Recover From Corrupt or Missing File Image or in Rommon Mode
in ROMmon Mode
• Introduction, on page 1
• Recover Switch from a Corrupt or Missing Image in ROMmon Mode, on page 2
• Recover Switch from a Continous Reboot, on page 2
• Recover from a Corrupt or Missing Image, on page 5
Introduction
This section explains how to recover a Catalyst 9400 Series Supervisor from a missing or corrupted system
image, or an incorrect boot variable. The Supervisor module image can sometimes be corrupted during a
Trivial File Transfer Protocol (TFTP) download, or when manually deleted by the user. The switch provides
a number of ways to recover should any of these events occur on the Supervisor Engine.
When the Supervisor-equipped switch boots up or resets, there are these two possibilities:
1. The switch starts up normally and displays the Hostname> prompt or the default Switch> prompt.
2. The switch cannot find the image, the image is corrupt, no image is present in the bootflash device, or the
boot variable is set incorrectly and therefore winds up in ROM monitor (ROMmon) mode. It displays the
rommon> prompt. In ROMmon mode, the switch must be able to locate a valid system image from either
the bootflash device. These Supervisor Engine also provides an Ethernet Management port (10/100 Base
T), which is available only from ROMmon mode and can be configured to download a new valid image
through TFTP from a TFTP process. There is no option for Xmodem or Ymodem which allows you to
copy an image through the console port.
Normal Operation
When the switch operates normally, it is at the hostname> prompt or the default Switch> prompt. You can
issue the dir bootflash: command to view the contents of the Supervisor Flash device, as this example shows.
Issue the verify command to determine if the image has a valid checksum, as this example shows:
Switch#dir bootflash:
Directory of bootflash:/
Switch#verify bootflash:packages.conf
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
Verified bootflash:packages.conf
Since the switch recognizes all Flash devices in ROMmon mode, you can issue the dir device-name commands
to show the Flash contents, as is demonstrated in the remaining sections of this document
Notice in the previous example, there is only a single boot image in bootflash. You can have as many system
images as you can fit in the bootflash:. Bootflash size is fixed at 64 MB.
The following are the ROMmon variables that Catalyt 9400 supports and examples to set them:
• MANUAL_BOOT=yes
A value of "yes" disables auto boot and enables manual booting. A value of "no" enables auto boot.
• DEFAULT_GATEWAY=172.27.74.1
• IP_ADDRESS=172.27.74.111
• IP_SUBNET_MASK=255.255.255.0
• TFTP_SERVER=172.19.64.31
These primary symptoms occur in your network if the switch is in ROMmon mode:
• Routing failures occur because ROMmon mode cannot route between VLAN interfaces, and is only
designed to recover the switch.
• If you try to Telnet to any of the interfaces it fails, and if you are connected to the console port of the
Supervisor, you see this prompt:
rommon 1>
Use a rolled male RJ-45 cable to connect from COM1 on the PC to the console port on the Supervisor
module. Use a DB-9 connector on the PC.
2. The reboot continues until autoboot is prevented when you press Control-C and go into ROMmon mode.
This is shown in this example:
**********************************************************
* *
* Welcome to ROM Monitor for WS-X4014 System. *
* Copyright (c) 2002 by Cisco Systems, Inc. *
* All rights reserved. *
* *
**********************************************************
3. Enter the dir bootflash: command to list the files present in the bootflash.
rommon 1 >dir bootflash:
Note The reason the switch reboots continuously is because the system image file name specified does not exist,
but there is a valid file in the bootflash. Also, the system image file name specified is case sensitive. If it is
not specified correctly, it causes a continuous reboot.
4. Since you have the required system image file present in the bootflash:, you can issue the boot
bootflash:<filename> command to boot the switch. The system is booted with that specified image. If
the switch fails to load due to the specified system image being corrupt, or the valid system file is not
present, see the Recover from a Corrupt or Missing Image section of this document.
5. Issue the enable command to enter into EXEC mode, as this example shows:
Switch>enable
Password:
Switch#
6. The system is back up. Issue the dir bootflash: command to note the file in the bootflash:.
7. Issue the show bootvar command to check the current boot variable.
Switch#show bootvar
BOOT variable = bootflash:packages.conf;
Configuration Register is 0x1822
MANUAL_BOOT variable = yes
BAUD variable = 115200
ENABLE_BREAK variable =
CONFIG_FILE variable =
8. Remove the existing incorrect boot variable and add the correct one. Issue the configure terminal
command in order to do this.
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#no boot system flash bootflash:packages.conf
Switch(config)#boot system flash bootflash:cat9400packages.conf
Switch(config)#end
9. Save the configuration from running to startup, by issuing the write memory command.
Switch#write memory
Building configuration...
Compressed configuration from 4359 bytes to 1730 bytes[OK]
Switch#
10. Check the boot variable again to make sure it is set properly so that the switch boots up the correct
system file on the next reboot. Issue the show bootvar command in order to do this.
Switch#show bootvar
BOOT variable = bootflash:cat9400packages.conf
Configuration Register is 0x1822
MANUAL_BOOT variable = yes
BAUD variable = 115200
ENABLE_BREAK variable =
CONFIG_FILE variable =
1. Make a console connection to the Supervisor. Typically on a standard Windows operating system
platform, configure a HyperTerminal connection directly to COM1 with these settings:
• 9600 bps
• Eight data bits
• No parity
• One stop bit
Use a rolled male RJ-45 cable to connect from COM1 on the PC to the console port on the Supervisor
module. Use a DB-9 connector on the PC, and a HyperTerminal connect window to connect to the
Supervisor.
2. Press Enter. If you get the rommon > prompt, skip to Step 3. If the switch continuously reboots, press
Control-C to prevent autoboot and to get into ROMmon mode.
**********************************************************
* *
* Welcome to ROM Monitor for WS-X4014 System. *
* Copyright (c) 2002 by Cisco Systems, Inc. *
* All rights reserved. *
* *
**********************************************************
3. Verify that there is a valid file present in the bootflash: by issuing the dir bootflash: command, as this
example shows. If you do have any valid file, see the Recovering from a Continuous Reboot section of
this document for the recovery. Otherwise, continue to the next step.
rommon 1 >dir bootflash:
rommon 3 >set
PS1=rommon ! >
RommonBuild=5
ConfigReg=0x2102
BOOT=bootflash:packages.conf
SkipDiags=0
BSI=0
RET_2_RTS=13:36:46 UTC Tue Aug 15 2000
RET_2_RUTC=966346606
BootStatus=Failure
BootedFileName=bootflash:packages.conf
RommonVer=12.1(11br)EW
4. Issue the unset BOOT command to clear the current invalid boot variable, which defines the file to
load.
rommon 6 >unset BOOT
5. Connect the management port on the Supervisor to the network to access a TFTP server. The Fast
Ethernet port (10/100 MGT) on the Supervisor Engine is inoperative in normal operation in current
software release. An Ethernet cable plugged into the 10/100 MGT is active only in ROMmon mode
As this example shows, if you plan to connect the 10/100 MGT port to the PC/Router directly, use a
straight cable. If you connect to another switch, use a crossover cable.
rommon 7 >
The Management port auto-negotiates speed and duplex with the connected device. Currently, you can
not hardcode speed and duplex settings. Since this port is available only in ROMmon mode and for
TFTP only, it is not a major concern if the speed and duplex are mismatched due to any potential
auto-negotiating problem. The TFTP application has an internal packet loss mechanism to prevent any
corruption of the system image being downloaded.
6. Enter the set commands to configure an IP address for the 10/100 MGT port, as this example shows.
If the subnet mask is not specified, the IP address would take the default classful mask.
rommon 7> set IP_ADDRESS=192.168.247.10
rommon 8> set IP_SUBNET_MASK=255.255.255.0
7. Enter the set DEFAULT_GATEWAY command to configure the default gateway for the switch to
use to get to the TFTP server, as this example shows. The default gateway should be a routing device
in the same subnet as the IP address configured in Step 6.
rommon 8> set DEFAULT_GATEWAY=192.168.0.1
8. Enter the set command to verify the configurations which have been made.
switch: set
BAUD=9600
BOOT=bootflash:cat9k_iosxe.16.06.01.SPA.bin;
BOOTLDR=
BSI=0
CALL_HOME_DEBUG=0000000000000
CONFIG_FILE=
CRASHINFO=bootflash:crashinfo_RP_01_00_20170907-054557-UTC
DEFAULT_GATEWAY=172.16.94.193
DEFAULT_ROUTER=172.16.94.193
DISABLE_AUTH=
ENABLE_BREAK=yes
EULA_ACCEPTED=TRUE
IP_ADDRESS=172.16.94.221
IP_SUBNET_MASK=255.255.255.224
LICENSE_BOOT_LEVEL=network-advantage+dna-advantage,all:MACALLAN-CHASSIS;
MAC_ADDR=E4:AA:5D:59:7A:FC
MANUAL_BOOT=no
MODEL_NUM=C9400-SUP-1
MOTHERBOARD_SERIAL_NUM=JAE2124023Z
RANDOM_NUM=808994625
RET_2_RCALTS=1504781417
RET_2_RTS=
ROMMON>DISABLE_AUTH=
ROMMON_AUTOBOOT_ATTEMPT=3
SWITCH_IGNORE_STARTUP_CFG=0
SWITCH_NUMBER=1
SYSTEM_SERIAL_NUM=
TEMPLATE=access
TFTP=SERVER=172.16.53.46
9. Ping the TFTP server to ensure that there is connectivity to the server from the MGT port on the
Supervisor Engine. Enter the ping tftp_server_ip_address command, as this example shows:
rommon 9 >ping 192.168.0.1
If the ping is not successful, troubleshoot the IP connectivity issue from the default gateway to the TFTP
server. If the TFTP server is the same subnet, make sure it is configured with the IP address you are
pinging.
10. Once the ping to the TFTP server is successful, you can issue the boot
tftp://tftp_server_ip_address/image_path_and_file_name command to specify the system image which
is available in the TFTP server to boot the Supervisor.
rommon 1>boot tftp://192.168.0.1/cat9k/cat9k_iosxe.2017-08-25_09.41.bin
attempting to boot from [tftp://192.168.0.1/cat9k/cat9k_iosxe.2017-08-25_09.41.SSA.bin]
interface : eth0
macaddr : E4:AA:5D:59:7B:44
ip : 192.168.247.10
netmask : 255.255.0.0
gateway : 192.168.0.1
server : 192.168.0.1
file : cat9k/cat9k_iosxe.2017-08-25_09.41.bin
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
cisco C9407R (X86) processor (revision V00) with 869398K/6147K bytes of memory.
Processor board ID FXS1939Q3LZ
144 Gigabit Ethernet interfaces
16 Ten Gigabit Ethernet interfaces
4 Forty Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
15958516K bytes of physical memory.
11161600K bytes of Bootflash at bootflash:.
1638400K bytes of Crash Files at crashinfo:.
0K bytes of WebUI ODM Files at webui:.
to up
*Sep 1 13:21:36.477: %LINK-3-UPDOWN: Interface GigabitEthernet5/0/17, changed state
to up
*Sep 1 13:21:36.487: %LINK-3-UPDOWN: Interface GigabitEthernet5/0/24, changed state
to up
*Sep 1 13:21:36.494: %LINK-3-UPDOWN: Interface GigabitEthernet5/0/25, changed state
to up
*Sep 1 13:21:36.504: %LINK-3-UPDOWN: Interface GigabitEthernet5/0/33, changed state
to up
*Sep 1 13:21:36.590: %LINK-3-UPDOWN: Interface GigabitEthernet5/0/37, changed state
to up
*Sep 1 13:21:37.449: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/1, changed state to up
*Sep 1 13:21:37.462: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/9, changed state to up
*Sep 1 13:21:37.469: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/13, changed state to up
*Sep 1 13:21:37.477: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/17, changed state to up
*Sep 1 13:21:37.488: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/24, changed state to up
*Sep 1 13:21:37.494: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/25, changed state to up
*Sep 1 13:21:37.504: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/33, changed state to up
*Sep 1 13:21:37.591: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet5/0/37, changed state to up
Note The IP address of the TFTP server and the file has already been preselected since you used the information
for the transfer of the image to the bootflash:. If you would like to change it, type the new IP address or image
name. Otherwise, press Enter and the preselected information is used.
The system image has been copied. Issue the dir bootflash: command to note the file in the bootflash:.
11. Enter the verify command to verify the integrity of the downloaded file. If the verification fails, you
have to download the file again.
Switch#verify bootflash:packages.conf
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
CCCCCCCCCCCCC
Verified bootflash:packages.conf
12. Enter the show bootvar command to check the current boot variable.
13. Remove any existing incorrect boot variables and add the correct one.
14. Enter the write memory command to save the configuration from running to startup.
15. Use the show bootvar command to check the boot variable again to ensure it is set correctly, so that
the switch boots up the correct system file on the next reboot.