Cisco WLC and AP upgrade process

Recently I was required to upgrade a Cisco WLC from an older version of code to the latest ED code base, so that the client could leverage the newer feature sets offered. However the challenge was that the client had close to 100 APs all registered to one WLC 5508 controller over multiple sites and the maintenance window for the outage could be no longer 1 hour.

The upgrade in it’s simplest form would be to upload the new code base onto the controller and reboot, at which point all APs associated to that controller would go into Discovery Mode and try and look for a new controller to associate with. Once the rebooted controller is back online they would re-associate but before they are able to serve clients, they would need to download the new AP image from the controller. This can be a serious issue, as depending on the type of controller you are limited to how many concurrent APs can download an AP image and over different network links this process can be even slower.

To overcome this issue, I did the following things:

  1. Upload the new controller code base
  2. Pre-Download the AP image to all associated APs
  3. Scheduled the reboot of the controller and APs

Below I will detail each step in it’s entirety, but before I proceed, please insure you have completed the following:

  • Downloaded the latest WLC code base from Cisco using your CCO account
  • Installed a TFTP server or FTP server on your Laptop/PC with access to the WLC image

Step 1: Upgrade the Controller Code Base (LAB)

First you will need to SSH into your controller using a client such as Putty or SecureCRT. Once you have logged in and authentication, type in the following commands which setup the TFTP source of the new code base:

transfer download mode tftp

transfer download datatype code

transfer download serverip X.X.X.X

transfer download filename AIR-CT5500-K9-7-4-100-0.aes

transfer download start

The WLC will then start transferring the code from your TFTP server and upgrade the active partition on the WLC with the new code base. You can confirm what partition is active with the following command:

show boot

Cisco WLCs are quite flexible in that they allow you to have an active and backup partition, in the case of an upgrade by default the newer version of code becomes the default code on the next reboot. This can potentially have adverse affects incase your controller reboots and your APs have not upgraded to the newer version of code. To stop this from happening I recommend changing the boot image back to the older code by executing:

config boot backup

Confirm that the old image (backup) is the default by executing:

show boot

Step 2: Pre-Download AP Images

To see the current state of Images on the APs, execute the following command:

show ap image all
Figure 1: show ap image all before pre-download

From figure 1 you can ascertain that there the new image on the controller has not been applied to the APs. To pre-download the image to all APs, execute the following command:

config ap image predownload primary all

If you execute the command

show ap image all
Figure 2: show ap image all - after executing pre-download command
Figure 2: show ap image all – after executing pre-download command

You will see which APs are set to pre-download the new Image, you will also get a the status bar to update once the download has been completed. This can take a while!

You can also manually specify which APs your want to pre-download to, if that was a requirement. Once you have confirmed that all APs have been upgraded to the new image, proceed to step 3.

Step 3: Schedule a reboot of the controller and APs

Now that we have upgraded the controller to the new release and pre-downloaded the new AP images, we will need to schedule a reload. This is so that the controller and APs can swap to their new images.

To do this insure that APs primary image is the new code, by executing:

show ap image all

If you need to swap between primary and backup, execute the following command:

config ap image swap all

confirm that the new image is active for Access Points. Now we need to schedule the Controller to reboot at pre-determined time. For the purposes of this post, I have set it to reboot 1 minute 30 seconds from now and swap the default partition to the newer version of code and save the running-configuration before the reload

reset system in 00:01:30 image swap reset-aps save-config

7 thoughts on “Cisco WLC and AP upgrade process”

  1. Thanks for the info, it was helpful. I lost a bunch of APs after the upgrade so I’m wondering if I need to go find and restart them. Thoughts?

    1. You should be able to check the AP Join statistics on the WLC to see when they last tried to join. That’s the best place to start. The CLI command is show ap join stats, you should be able to see in the GUI too.

  2. Because I pre-downloaded everything onto the AP’s and controller it was around 30 mins from memory. AP’s need to re-establish a connection back to the controller and depending on the connectivity speeds this may be longer. I would schedule for 120 min outage window to give yourself ample time.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s