Hw-module Slot Reload

Hw-module subslot power To turn off the power to a 2.5-Gbps transponder module in a line card motherboard before removing it, use the hw-module subslot power command. Hw-module subslot slot/subcard power off Syntax Description. Symptoms: A Cisco 7304 may reload unexpectedly when a port adapter carrier card (7300-CC-PA) is de-activated. Conditions: This symptom is observed when one of the following events occurs and is more likely to occur with high traffic rates: - You enter the hw-module slot slot-number stop. The hw-module slot stop command in EXEC mode automatically stops traffic on the interfaces and deactivates them along with the SPA in preparation for OIR. In similar fashion, you do not need to independently restart any interfaces on a SPA after OIR of a SPA or SIP. Enter the show facility-alarm status command. Please explain to me what do this comand:'hw-module module 7 reset 'I used this comand, and it cause me this problem: PEP76VAL02#hw-module module 7 reset Proceed with reset of standby supervisor? confirm% reset issued for standby supervisor PEP76VAL02# Dec 30 23:09:56.917: rfreloadpeerstub: RP sending reload request to Standby. You can use the hw-module module command to recover, reload, reset, or shut down the AIP-SSM. The following is the command syntax: hw-module module slot reload hw-module module slot reset hw-module module slot shutdown hw-module module slot recover boot configure stop The following steps are necessary to completely refresh the AIP-SSM.

I learned something interesting about the cisco ASA 5558-X chassis & that I thought was interesting;
Hw-modulePlease reference this image from cisco website of a typical 5558-X chassis.
http://www.cisco.com/c/en/us/td/docs/security/asa/hw/maintenance/5585guide/5585Xhw/overview.html#pgfId-1100238
The hw-module slot1 which encompass the IPS also carries the GIGE interfaces gi 1/0-7 and the 10GIGE interfaces as well 1/8-9.
Shutting down the hw-module slot1 will 'DROP' all interfaces in slot1 and not just the IPS modules.
Take a look at these show outputs;

And the available hardware module commands

1: So the meer issuing of a hw-module #1 shutdown, actually shutdown the whole slot1 and NOT just the IPS


2: A issuing of a hw-module #1 reload, will not disturb any GIGE interfaces on slot#1
I found this interesting while diagnostic and debugging a buggy IPS module. I have a case open with TAC over these issues. They are looking into it a trying to determine if this is normal behavior.
I found it funny cisco won't let you shutdown slot#0, but they allow slot#1 , and it will bring all interfaces on that slot down including the IPS module that I was trying to trouble shoot.
http://socpuppet.blogspot.com/2015/01/asa-ips-modules-reloads-732-e4.html
Ken Felix
Freelance Network/Security Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( # # )=
@
/ Slot

Upgrading a 6500 is pretty straight forward, provided the necessary is done in the right order. I’ve listed the steps I would typically take to fully upgrade a single Cisco-6509-E (single Route-Processor) with a IPSEC VPN SPA blade.

Please lab this if possible BEFORE trying it in a production network. I have illustrated the steps to be taken if some of the known funnies occur during an upgrade. Feel free to use this as a guideline.

Firstly download the IOS and image versions, you need. Obviously do a little homework and check the specific IOS for known bugs using the Bug Toolkit. Don’t just pick any IOS. Make sure all the required features are relatively bug free.

Copy the downloaded files to the following locations:

  • ROMMON firmware to sup-bootflash
  • BOOTLDR to bootflash
  • IOS to flash disk

I always use FTP if possible, due to the higher transfer rates. 10.3.29.239 is connected to the switch and is running a FTP server, expecting a username:password of cisco:pass.


I would recommend verifying the IOS images after copying. It’s relatively easy for the image to get corrupted during copying. No need to waste time with corrupt images, when it can be avoided.

It is generally safe practise to backup the working running-config to a file on flash disk0:

Hw-module Slot Reload

1- Lets start, first upgrade the Rom-Monitor:

Confirm the current boot variables:

2- Specify the new BootLDR to load during boot:

Hw-module Slot Reloading Equipment

3- Specify the order of the booting images. Firstly the new IOS image, secondly the previous working IOS image. Refer to a previous post, why to do this HERE.

4- Reload the box.

5- If during startup, you encounters config related errors like the ones below, make a note of each command the new IOS didn’t apply:

Do not save the config at any time before reloading using “write mem” or “copy run start”.
Else you will overwrite a working config with the above commands missing.

6- Rename the new IOS file on flash to force the next boot to use the second IOS file listed in boot command along with the working config:

7- If the box has a VPN-SPA blade for offloading IPSEC encryption/decryption, it might be necessary to upgrade the SPA FPD (Field Programmable Devices) code.
Before reloading confirm if the SPA FPD code matches the new IOS version.

The following command will show the current/required version:


8- If the min. required version is higher than the current version, the FPD code must be upgraded. Download the supporting .pkg from from Cisco and copy it to the flash disk:

9- Then upgrade the SIP and the IPSEC SPA

10- Reload the box again. This time the old IOS will be used to boot since the new IOS file is not available. The list of error commands (Point 5) needs to be corrected, either manually or by using notepad. I would suggest using notepad)

11- Copy the running config to your laptop:

12- Edit the config file in notepad. Ensure all the commands are corrected for the new IOS. Here is a list of commands I needed to change with this upgrade:

13- Rename the config-file to something else, and copy the new config-file back to disk0. Confirm there are now two config-files (original and new):

Hw-module slot reloaded

Hw-module Slot Reloading

14-Load the changed config to the startup configuration:

15-Rename the NEW-IOS file back to the original name as listed in the boot command:

16-Reload the box the last time. If all was done correctly, everything should be working.

Hw-module Slot Reloaded

17-Proceed with testing STP, IGP’s, LDP, BGP and VPN’s and Crypto’s.

For a good overall look at what the 6500 is doing, use the following command :