S1720&S2700&S5700&S6720 V200R010SPH002 Patch Installation Guide

S1720&S2700&S5700&S6720 Series Ethernet
Switches
V200R010SPH002
Patch Installation Guide
Issue 01
Date 2017-05-22
HUAWEI TECHNOLOGIES CO., LTD.

Copyright Huawei Technologies Co., Ltd. 2017. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulat ed by the contract made bet ween Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees or
representations of any kind, either express or implied.
The information in this document is subject to change without notice. E very effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://e.huawei.com
Issue 01 (2017-05-22) Huawei Proprietary and Confidential i

Copyright Huawei Technologies Co., Ltd.
S1720&S2700&S5700&S6720 Series Ethernet Switches
Patch Installation Guide About This Document
About This Document
Issue Release Date Description
01 2017-05-22 Initial commercial release.
Issue 01 (2017-05-22) Huawei Proprietary and Confidential ii

Patch Installation Guide Contents
Contents
About This Document.................................................................................................................... ii

1 Precautions for Installation ......................................................................................................... 1
2 Preparations for Installation ....................................................................................................... 2
2.1 Checklist ............................................................................................................................................................................................2
2.2 Preparing the Patch Files ................................................................................................................................................................2
2.3 Verify ing the Software Integrity ....................................................................................................................................................5
2.4 Verify ing the Running Version ......................................................................................................................................................5
2.5 Verify ing the Switch Running Status............................................................................................................................................6
2.6 Backing Up Data in Flash Memory ..............................................................................................................................................7
2.7 Checking the Space in the Flash Memory ...................................................................................................................................7
3 Patch Loading to a Stand-Alone Switch ................................................................................... 9

3.1 Installat ion Procedure......................................................................................................................................................................9
3.1.1 Patch Installat ion Process............................................................................................................................................................9
3.1.2 Uploading or Downloading the Patch File to the Switch ......................................................................................................9
3.1.2.1 Using the Switch as an FTP Server ........................................................................................................................................9
3.1.2.2 Using the Switch as an FTP Client.......................................................................................................................................11
3.1.2.3 Using the Switch as an SFTP Client ....................................................................................................................................12
3.1.3 Loading the Patch File ...............................................................................................................................................................13
3.1.4 Loading the Web File .................................................................................................................................................................13
3.2 Installat ion Verificat ion.................................................................................................................................................................14
3.2.1 Verify ing Patch Installation.......................................................................................................................................................14
3.2.2 Verify ing the Web File Update .................................................................................................................................................15
3.3 SP Rollback and Verification .......................................................................................................................................................15
3.3.1 Rolling Back the Patch Installation .........................................................................................................................................15
3.3.2 Rolling Back the Web File Loading ........................................................................................................................................16
4 Patch Loading to an SVF System ............................................................................................. 17

4.1 Installat ion Procedure....................................................................................................................................................................17
4.1.1 Patch Installat ion Process..........................................................................................................................................................17
4.1.2 Uploading or Downloading the Patch Files of Parent and AS to the Parent ....................................................................17
4.1.2.1 Using the Switch as an FTP Server ......................................................................................................................................18
4.1.2.2 Using the Switch as an FTP Client.......................................................................................................................................19
Issue 01 (2017-05-22) Huawei Proprietary and Confidential iii

Patch Installation Guide Contents
4.1.2.3 Using the Switch as an SFTP Client ....................................................................................................................................20

4.1.3 Loading the Patch File o f Parent..............................................................................................................................................21
4.1.4 Loading the Patch File o f AS....................................................................................................................................................22
4.1.5 Loading the Web File .................................................................................................................................................................23
4.2 Verify ing Patch Installation ..........................................................................................................................................................23
4.2.1 Verify ing Patch Installation.......................................................................................................................................................23
4.2.2 Verify ing the Web File Update .................................................................................................................................................25
4.3 Rollback and Verification .............................................................................................................................................................25
4.3.1 Rolling Back the Patch Installation .........................................................................................................................................25
4.3.2 Rolling Back the Web File Loading ........................................................................................................................................26
A Acronyms and Abbreviations.................................................................................................. 27
Issue 01 (2017-05-22) Huawei Proprietary and Confidential iv

Patch Installation Guide 1 Precautions for Installation
1 Precautions for Installation
Before installing the patch package, read the S1720&S2700&S5700&S6720

V200R010SPH002 Patch Release Notes to know basic patch information and impact of patch
installation.
V200R010SPH002 is the latest patch of the S1720&S2700&S5700&S6720. It fixes different

issues for different models. For the patch files for different models, see 2.2 Preparing the
Patch Files.
The patch packages of the S1720&S2700&S5700&S6720 are released based on the R version
and each version is backward compatible. You only need to install the latest patch package,
regardless of the patch version that is running.
If an informal patch or emergency patch is running and the latest commercial patch cannot be
installed directly, delete the running patch, install the latest commercial patch, and restart the
switch. Otherwise, unexpected problems may occur, for example, resource leaks.
Issue 01 (2017-05-22) Huawei Proprietary and Confidential 1

Patch Installation Guide 2 Preparations for Installat ion
2 Preparations for Installation
2.1 Checklist
Table 2-1 lists the preparations for the patch installation.
Table 2-1 Checklist
No. Item Start Time Time Required

(Days/Hours/Min
utes)
1 2.2 Preparing the Patch Files One day before 30 minutes

patch installation
2 2.3 Verifying the Software One day before 30 minutes

Integrity patch installation
3 2.4 Verifying the Running Version One day before 10 minutes

patch installation
4 2.5 Verifying the Switch Running One day before 10 minutes
Status patch installation
5 2.6 Backing Up Data in Flash One day before 30 minutes
Memory patch installation
6 2.7 Checking the Space in the Two hours before 20 minutes
Flash Memory patch installation
2.2 Preparing the Patch Files

Prepare the patch files and reference documents one day before patch installation. The
procedure is as follows:
Step 1 Log in to http://support.huawei.com/enterprise/ and search for the patch software and version
documents of S1720 V200R010SPH002/S2700 V200R010SPH002/S5700
V200R010SPH002/S6720 V200R010SPH002.

Step 2 Download the patch software and version documents of S1720 V200R010SPH002/S2700
V200R010SPH002/S5700 V200R010SPH002/S6720 V200R010SPH002.
Step 3 Verify the downloaded files and check the file information against the following table.
Table 2-2 Information about S1720 V200R010SPH002

Product Patch Version Size (Byte) Patch File
Name
S1720-GF V200R010SPH002 438,485 S1720-GF-V200R010SPH002.pat
S1720-G V200R010SPH002 35,864 S1720-GW-V200R010SPH002.pat

W

Name
S2720-EI V200R010SPH002 438,485 S2720EI-V200R010SPH002.pat

Name
S5700-LI V200R010SPH002 438,485 S5700LI-V200R010SPH002.pat
S5700S-LI V200R010SPH002 438,485 S5700S-LI-V200R010SPH002.pat

S5720-LI V200R010SPH002 47,604 S5720LI-V200R010SPH002.pat
S5720S-LI V200R010SPH002 42,599 S5720S-LI-V200R010SPH002.pat
S5720-SI/S V200R010SPH002 52,488 S5720SI-V200R010SPH002.pat

5720S-SI

S5720-HI V200R010SPH002 823,739 S5720HI-V200R010SPH002.pat

Name
S6720-EI/S V200R010SPH002 66,729 S6720EI-V200R010SPH002.pat

6720S-EI

Step 4 (Optional) Check the web file.
Table 2-6 Web file information

Web File Name Digital Signature Minimum Version and
Patch
S1720-GF-V200R010C00S S1720-GF-V200R010C00S S1720

PC600.002.web.7z PC600.002.web.7z.asc V200R010C00SPC600+V2
00R010SPH002
S1720-GW-V200R010C00S S1720-GW-V200R010C00S
PC600.002.web.7z PC600.002.web.7z.asc
S2720EI-V200R010C00SP S2720EI-V200R010C00SP S2700
C600.002.web.7z C600.002.web.7z.asc V200R010C00SPC600+V2
00R010SPH002
S2750EI-V200R010C00SP S2750EI-V200R010C00SP
C600.002.web.7z C600.002.web.7z.asc
S5700-10P-LI-V200R010C S5700-10P-LI-V200R010C S5700
00SPC600.002.web.7z 00SPC600.002.web.7z.asc V200R010C00SPC600+V2
00R010SPH002
S5700-P-LI-BAT-V200R01 S5700-P-LI-BAT-V200R01
0C00SPC600.002.web.7z 0C00SPC600.002.web.7z.as
c
S5700-P-LI-V200R010C00 S5700-P-LI-V200R010C00
SPC600.002.web.7z SPC600.002.web.7z.asc
S5700S-28P-PWR-LI-V200 S5700S-28P-PWR-LI-V200
R010C00SPC600.002.web.7 R010C00SPC600.002.web.7
z z.asc
S5700S-P-LI-V200R010C0 S5700S-P-LI-V200R010C0
0SPC600.002.web.7z 0SPC600.002.web.7z.asc
S5700S-X-LI-V200R010C0 S5700S-X-LI-V200R010C0
S5700-TP-LI-V200R010C0 S5700-TP-LI-V200R010C0
S5700-X-LI-V200R010C00 S5700-X-LI-V200R010C00
S5710-X-LI-V200R010C00 S5710-X-LI-V200R010C00
S5720EI-V200R010C00SP S5720EI-V200R010C00SP
C600.002.web.7z C600.002.web.7z.asc
S5720HI-V200R010C00SP S5720HI-V200R010C00SP
C600.002.web.7z C600.002.web.7z.asc
S5720LI-V200R010C00SP S5720LI-V200R010C00SP
C600.002.web.7z C600.002.web.7z.asc
S5720SI-V200R010C00SP S5720SI-V200R010C00SP

Web File Name Digital Signature Minimum Version and

Patch
C600.002.web.7z C600.002.web.7z.asc
S5720S-LI-V200R010C00S S5720S-LI-V200R010C00S
S5720S-SI-V200R010C00S S5720S-SI-V200R010C00S
S6720EI-V200R010C00SP S6720EI-V200R010C00SP S6720EI
C600.002.web.7z C600.002.web.7z.asc V200R010C00SPC600+V2
00R010SPH002
S6720S-EI-V200R010C00S S6720S-EI-V200R010C00S
----End
2.3 Verifying the Software Integrity

After obtaining the software, verify the software integrity. If the integrity check is not passed,
obtain the correct patch file. For the patch file obtaining procedure, see 2.2 Preparing the
Patch Files.
An incomplete patch file may compromise the switch.
The digital certificate and verification method are released on

http://support.huawei.com/enterprise/ with the SP package. Click the software installation
package to obtain the corresponding digital signature, and click Digital Signature
Authentication Mode to view the authentication method.
2.4 Verifying the Running Version

S5700LI-V200R010SPH001 is used as an example.
Step 1 Check that the running system version matches the patch version.
<Quidway> display version

Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.170 (S5700 V200R010C00SPC600)
Copyright (C) 2000-2016 HUAWEI TECH CO., LTD
HUAWEI S5700-28TP-LI-AC Routing Switch uptime is 0 week, 0 day, 7 hours, 50 minutes
ES5D2T28M000 0(Master) : uptime is 0 week, 0 day, 7 hours, 49 minutes

DDR Memory Size : 256 M bytes
FLASH Memory Size : 200 M bytes
Pcb Version : VER.B
BootROM Version : 020a.0001
CPLD Version : 0105
Software Version : VRP (R) Software, Version 5.170 (V200R010C00SPC600)

Step 2 Check whether the switch has patches and view the patch versions.
If no patch is running on the switch, the following information is displayed:
<Quidway> display patch-information

Info: No patch exists.
The state of the patch state file is: Idle
The current state is: Idle
If the switch has patches, the patch versions are displayed.

Step 3 (Optional) Before installing patches to an SVF, check whether the AS has patches and view
the patch versions.
<HUAWEI>display uni-mng upgrade-info verbose
The total number of AS is : 1
----------------------------------------------------------------------------
AS name: as0
Work status: NO-UPGRADE
Startup system-software: flash:/ s5700-p-li-V200R010C00SPC600.cc
Startup version: V200R010C00SPC600
Startup patch: --
Next startup system-software: flash:/ s5700-p-li-V200R010C00SPC600.cc
Next startup patch: --
Download system-software: --
Download version: --
Download patch: --
Method: --
Upgrading phase: --
Last operation result: --
Error reason: --
Last operation time:
------------------------------------------------------------------------------
If the Startup patch field has an empty value, the AS does not have a patch. If the AS has
patches, the patch versions are displayed.
----End
2.5 Verifying the Switch Running Status

The procedure is as follows:
Step 1 Run the display device command in the user view to check the device running status. Ensure
that the device works properly.
<Quidway> display device
S5700-28TP-LI-AC's Device status:
Slot Sub Type Online Power Register Status Role
-------------------------------------------------------------------------------
0 - S5700-28TP-LI Present PowerOn Registered Normal Master
If the switch is working properly, the value of the Online field is Present and the value of the
Register field is Registered.
Step 2 (Optional) Before installing a patch to an SVF, check the status of eac h AS.

<Quidway> display as all

Total: 1, Normal: 1, Fault: 0, Idle: 0, Version mismatch: 0
--------------------------------------------------------------------------------
No. Type MAC IP State Name
--------------------------------------------------------------------------------
0 S5700-P-LI aaaa-bbbb-cc92 192.168.11.254 normal as1
--------------------------------------------------------------------------------
----End
2.6 Backing Up Data in Flash Memory

To prevent key data loss during SP upgrade, back up the important files in the flash memory
before installing the SP. Run the display startup command to view important files in the flash
memory, including configuration files, web system files, and patch files.
2.7 Checking the Space in the Flash Memory

Before installing the patch file, ensure that the flash memory has sufficient space.
Step 1 Check the available space.
Run the dir command in the user view to check available space in the flash memory. Ensure
that the available space is sufficient for the SP.
<Quidway> dir flash: Directory of flash:/
Idx Attr Size(Byte) Date Time FileName

0 -rw- 36 Sep 26 2016 03:47:28 $_patchstate_reboot
1 -rw- 8,423 Sep 26 2016 03:38:02 private-data.txt
2 drw- - Aug 29 2016 01:32:16 syslogfile
3 drw- - Sep 26 2016 03:40:26 resetinfo
4 -rw- 3,684 Sep 26 2016 03:47:28 $_patch_history
5 -rw- 8,633 Sep 26 2016 03:39:34 174.cfg
6 drw- - Aug 29 2016 01:30:08 compatible
7 -rw- 836 Sep 26 2016 03:38:22 rr.dat
8 -rw- 836 Sep 26 2016 03:38:22 rr.bak
9 drw- - Sep 26 2016 07:37:22 logfile
10 drw- - Aug 31 2016 02:58:18 user
11 drw- - Aug 31 2016 02:59:00 localuser
12 drw- - Sep 20 2016 06:00:22 dhcp
13 drw- - Sep 19 2016 07:57:42 $_install_mod
14 -rw- 26,793,884Sep 20 2016 02:25:20 s5700-p-li-v200r010c00spc600.cc
204,556 KB total (172,504 KB free)
Step 2 Delete redundant files.
If the available space in the flash memory is insufficient for the patch file, delete redundant
files to free up space.

Before deleting the system software (with the file name extension .cc), configuration file (with the file
name extension .cfg or .zip), license file (with the file name extension .dat), web file (with the file name
extension .web.zip or .web.7z), or patch file (with the file name extension .pat), ensure that they are not
in use.
The files deleted by the delete command are stored in the recycle bin. To restore these files,
run the undelete command. The files in the recycle bin still occupy CF card space. The reset
recycle-bin command permanently deletes all files from the recycle bin.
You can also run the delete /unreserved command to permanently delete files without placing
them in the recycle bin. This command is equivalent to running the delete and reset
recycle-bin commands in sequence.
# To delete redundant files, run:

<Quidway> delete flash:/vrpcfg1.zip
Delete flash:/vrpcfg1.zip?[Y/N]:y
Info: Deleting file flash:/vrpcfg1.zip...succeeded.
# To restore the files in the recycle bin, run:

<Quidway> undelete flash:/vrpcfg1.zip
Undelete flash:/vrpcfg1.zip?[Y/N]:y
%Undeleted file flash:/vrpcfg1.zip.
# To permanently delete files from the recycle bin, run:
<Quidway> reset recycle-bin flash:/
----End

Patch Installation Guide 3 Patch Loading to a Stand-Alone Switch
3 Patch Loading to a Stand-Alone Switch
3.1 Installation Procedure

3.1.1 Patch Installation Process

Table 3-1 describes the patch installation process.
Table 3-1 Patch installation process

Step Recommended Start Time Required
Time (Minutes)
3.1.2 Uploading or 00:00 15

Downloading the Patch File to
the Switch
3.1.3 Loading the Patch File 00:20 5
3.1.4 Loading the Web File 00:30 5
3.1.2 Uploading or Downloading the Patch File to the Switch
When a patch file is uploaded or downloaded to a stack, the file must be stored in the flash
memory of the master switch.
3.1.2.1 Using the Switch as an FTP Server

In the following example, the switch is used as the FTP server. The FTP user name is ftpuser,
the password is Huawei@123, the FTP server IP address is 1.1.1.1, and the FTP client IP
address is 1.1.1.2.

The FTP protocol will bring risk to network security. The SFTP or FTPS protocol is recommended.
Modify the settings according to your network plan.

Step 1 Configure the switch as an FTP server.
Enable the FTP service on the switch, and set the FTP user name to ftpuser and password to
Huawei@123.
<Quidway> system-view
[Quidway] ftp server enable
Warning: FTP is not a secure protocol, and it is recommended to use SFTP.
Info: Succeeded in starting the FTP server.
[Quidway] aaa
[Quidway-aaa] local-user ftpuser password cipher Huawei@123
Info: Add a new user.
[Quidway-aaa] local-user ftpuser service-type ftp
[Quidway-aaa] local-user ftpuser ftp-directory flash:/
[Quidway-aaa] local-user ftpuser privilege level 15
[Quidway-aaa] return
Step 2 Set an IP address for the switch.

The following uses VLANIF1 as an example.
[Quidway] interface vlanif 1
[Quidway-Vlanif1] ip address 1.1.1.1 24
[Quidway-Vlanif1] quit
Step 3 Log in to the FTP server (switch).
This example assumes that the FTP server runs the Windows XP operating system.
Save the patch file to be uploaded in the specified directory (for example, D:\>directory).
Choose Start > Run. Enter cmd, and then press Enter. Enter ftp 1.1.1.1. Enter the user name
and password as prompted, and press Enter. The following information is displayed:
D:\>ftp 1.1.1.1
Connected to 1.1.1.1.
220 FTP service ready.
User (1.1.1.2:(none)): ftpuser
331 Password required for ftpuser.
Password:
230 Logged on.
ftp>
Step 4 Upload the patch file.
Ensure that the FTP client (PC) and the FTP server (switch) can communicate with each other.
Run the put source-filename [destination-filename] command on the FTP client (PC) to
upload the patch file. After the patch file is uploaded, run the bye command to close the FTP
connection.
ftp> bin
200 Type set to I.

ftp>
ftp> put D:\S5700LI-V200R010SPH0001.pat
200 Port command okay.
150 Opening Binary mode data connection for directory list.
226 Transfer complete.
ftp: 76,194byte(s) received in 2.2370 second(s)85.308Kbyte(s)/sec.
ftp> bye
221 Goodbye.
D:\>
----End
3.1.2.2 Using the Switch as an FTP Client

In the following example, the switch is used as an FTP client. The FTP user name is ftpuser,
address is 1.1.1.2. Change the settings according to your network plan.
Step 1 Set a management IP address for the switch.

Step 2 Log in to the FTP server from the switch.
Ensure that the FTP client (switch) and the FTP server (PC) can communicate with each other.
Save the patch file to be uploaded in the specified directory (for example, the FTP root
directory) on the FTP server. Use Telnet to log in to the switch through the management
interface. Enter the following information on the operation terminal to log in to the FTP
server.
<Quidway> ftp 1.1.1.1

Trying 1.1.1.1 ...
Press CTRL+K to abort
220 i
User(1.1.1.1:(none)): ftpuser
Enter password:
230 Logged on.
[ftp]
Step 3 Download the patch file.

Run the get source-filename [destination-filename] command on the FTP client (switch) to
download the patch file from the FTP server. After the patch file is downloaded, run the bye
command to close the FTP connection.
[ftp] bin
200 Type set to I.

[ftp]
[ftp] get S5700LI-V200R010SPH001.pat
200 Port command successful.
150 Opening data channel for file download from server of S5700LI -V200R010SPH001.pat.
226 Successfully transferred "ES5700LI-V200R010SPH001.pat".
FTP: 76,194byte(s) received in 2.2370 second(s)85.308Kbyte(s)/sec.
[ftp] bye
221 Goodbye .
<Quidway>
----End
3.1.2.3 Using the Switch as an SFTP Client

In the following example, the switch is used as an SFTP client. The SFTP user name is
sftpuser, the password is Huawei@123, the SFTP server IP address is 1.1.1.1, and the SFTP
client IP address is 1.1.1.2. Change the settings according to your network plan.
Huawei does not provide SFTP server software. Obtain the software and install it before the upgrade.

Step 2 Log in to the SFTP server (PC) from the switch.
Ensure that the SFTP client (switch) and the SFTP server (PC) can ping each other.
Save the patch file to be loaded to the SFTP server directory (for example, the SFTP root
directory), log in to the switch from the management interface through Telnet, and enter the
following command on the switch to log in to the SFTP server:
[Quidway] ssh client first-time enable
[Quidway] sftp 1.1.1.1
Please input the username:sftpuser
Trying 1.1.1.1 ...
Connected to 1.1.1.1 ...
Warning: The preferred encryption or digest algorithm is insecure. Using a security
algorithm (AES-256,SHA-256) is recommended.
The server's public key does not match the one catched before.
The server is not authenticated. Continue to access it? [Y/N]:y
Update the server's public key now? [Y/N]: y
Enter password: Huawei@123

<sftp-client>

Run the get remote-filename [ local-filename ] command on the SFTP client (switch) to
download the patch file from the SFTP server.

<sftp-client> get S5700LI-V200R010SPH001.pat Remote file: / S5700LI-V200R010SPH001.pat

---> Local file: S5700LI-V200R010SPH001.pat \ End of file
SuccessInfo: Downloading file successfully ended.
Step 4 Close the SFTP connection.
<sftp-client> quit
----End
3.1.3 Loading the Patch File
On the S1720&S2700&S5700&S6720, the methods of installing the patch file in a stack and on a
single device are the same. In a stack, you only need to install the patch file on the master switch.
In patch-related commands, the all keyword is mandatory. This keyword indicates the local device in
a standalone environment and indicates all member devices in a stack.
Load the patch file to the switch as follows:
Method 1
Step 1 Load the patch file.
<Quidway> patch load S5700LI-V200R010SPH001.pat all
Info: The patch is being loaded. Please wait for a moment.
Info: Succeeded in loading the patch on the master board.............
Info: Finished loading the patch.
Step 2 Activate the patch file.
<Quidway> patch active all

Info: Succeeded in activating the patch on the master board.......
Info: Finished activating the patch.
Step 3 Run the patch file.

<Quidway> patch run all
Info: Succeeded in running the patch on the master board..............
Info: Finished running the patch.
----End
Method 2
Step 1 Load and run the patch file.
<Quidway> patch load S5700LI-V200R010SPH001.pat all run
Info: The patch is being loaded. Please wait for a moment.
Info: Succeeded in running the patch on the master board............ .
----End
3.1.4 Loading the Web File

Load the web file to the switch as follows:

Step 1 Run the system-view command to enter the system view.

Step 2 Run the http server load { file-name | default } command to load the web file.
The http server load default command loads the web file in the current system software.
----End
3.2 Installation Verification

3.2.1 Verifying Patch Installation
Check whether the patch package is installed successfully:
Step 1 View information about the patch package.

Patch Package Name :flash:/s5700li-v200r010sph001.pat
Patch Package Version:V200R010SPH001
The state of the patch state file is: Running
The current state is: Running
************************************************************************
* Information about hot patch errors is as follows: *
************************************************************************
Slot CurrentVersion
------------------------------------------------------------
No hot patch error occurs on any board.
*************************************************************** *********
* The hot patch information, as follows: *
************************************************************************
Slot Type State Count Time(YYYY-MM-DD HH:MM:SS)

------------------------------------------------------------------------
0 C Running 4 2017-03-27 04:30:53+00:00
The fields in the command output have the following meanings:

Patch Package Name: name of the patch file.
Patch Package Version: patch version.
Slot: slot ID on a stand-alone device or stack ID in a stack.
Type: C indicates a single-core patch.
State: patch status.
a. Running: The patch is running.
b. Deactive: The patch is in inactive state.
c. Active: The patch is in active state.

Count: number of patch units.

Time: time of last operation on patch.
After the patch is installed, check the following items:
Check the Patch Package Name and Patch Package Version fields to determine
whether the loaded patch is correct. If not, load and install the correct patch.
Check the patch status (State).
a. If the patch is in Running state, the patch is working properly.
b. If the patch is in Deactive state, run the patch active all command in the user view
to activate the patch, and run the patch run all command to run the patch. If the
patch is still not in Running state, contact Huawei technical support personnel.
c. If the patch is in Active state, run the patch run all command in the user view to
run the patch. If the patch is still not in Running state, contact Huawei technical
support personnel.
Step 2 Perform related operations after the patch takes effect.
None.
----End
3.2.2 Verifying the Web File Update

Step 1 Check whether the web file is correct.
Run the dir command in the user view to check the name and size of the web file on the
switch. Ensure that the web file is correctly uploaded or downloaded.
Run the display current-configuration | include http server load command to check
whether the loaded web file is correct.
Step 2 Open the web browser on the PC, enter the management IP address of the switch, and press
Enter to display the Login page. (Ensure that the PC and switch have a reachable route to
each other.) Enter the web account, password, and select a language for the web system.
Step 3 Click Login or press Enter. The web system homepage is displayed.
----End
3.3 SP Rollback and Verification

Perform an SP rollback if the SP installation fails and you confirm that the SP needs to be
rolled back.
3.3.1 Rolling Back the Patch Installation

Step 1 Delete the SP.
<Quidway> patch delete all

Warning: The device needs to restart after the patch is deleted.
This will delete the patch. Are you sure? [Y/N]y..
Info: Succeeded in deleting the patch on the master board.........
Info: Finished deleting the patch.

Step 2 Restart the device.

<Quidway> reboot
Step 3 (Optional) Load the old patch file. For details, see 3.1.3 Loading the Patch File.
Whether this step needs to be performed depends on the result of step 2 in 2.4 Verifying the
Running Version.
If no patch is running on the device before the upgrade, this step is skipped. If patches have
run on the device before the upgrade, load the old patch file.
Step 4 Run the display patch-information command to view patch information. The command
output should be the same as the result of step 2 in 2.4 Verifying the Running Version.
----End
3.3.2 Rolling Back the Web File Loading

Roll back the web file loading as follows:
Step 1 Load the previous web file.
For details, see 3.1.4 Loading the Web File.
----End

Patch Installation Guide 4 Patch Loading to an SVF System
4 Patch Loading to an SVF System
4.1 Installation Procedure

In this example, the parent is S5720HI and the patch file for the parent is 5720HI-V200R010SPH001;
the AS is S5700LI and the patch file for the AS is S5700LI-V200R010SPH001.
4.1.1 Patch Installation Process

Table 4-1 describes the patch installation process.
Table 4-1 Patch installation process
Step Recommended Start Time Required

Time (Minutes)
4.1.2 Uploading or 00:00 15

Downloading the Patch Files of
Parent and AS to the Parent
4.1.3 Loading the Patch File of 00:20 5
Parent
4.1.4 Loading the Patch File of 00:30 5

AS
4.1.5 Loading the Web File 00:40 5
4.1.2 Uploading or Downloading the Patch Files of Parent and AS

to the Parent

In an SVF system, the patch files of parent and AS need to be transferred to the flash memory
of the parent, and then the patch file of AS is moved to unimng/ in the root directory of the
parent.
4.1.2.1 Using the Switch as an FTP Server

In the following example, the switch is used as the FTP server. The FTP user name is ftpuser,
address is 1.1.1.2.
Modify the settings according to your network plan.

Step 1 Configure the switch as an FTP server.
Enable the FTP service on the switch, and set the FTP user name to ftpuser and password to
Huawei@123.
[Quidway] ftp server enable
Warning: FTP is not a secure protocol, and it is recommended to use SFTP.
Info: Succeeded in starting the FTP server.
[Quidway] aaa
[Quidway-aaa] local-user ftpuser password cipher Huawei@123
Info: Add a new user.
[Quidway-aaa] local-user ftpuser service-type ftp
[Quidway-aaa] local-user ftpuser ftp-directory flash:/
[Quidway-aaa] local-user ftpuser privilege level 15
[Quidway-aaa] return
Step 2 Set an IP address for the switch.

The following uses VLANIF1 as an example.
Step 3 Log in to the FTP server (switch).
This example assumes that the FTP server runs the Windows XP operating system.
Save the patch file to be uploaded in the specified directory (for example, D:\>directory).
Choose Start > Run. Enter cmd, and then press Enter. Enter ftp 1.1.1.1. Enter the user name
and password as prompted, and press Enter. The following information is displayed:
D:\>ftp 1.1.1.1
220 FTP service ready.
User (1.1.1.2:(none)): ftpuser
Password:

230 Logged on.

ftp>
Step 4 Upload the patch file.
Ensure that the FTP client (PC) and the FTP server (switch) can communicate with each other.
Run the put source-filename [destination-filename] command on the FTP client (PC) to
upload the patch file. After the patch file is uploaded, run the bye command to close the FTP
connection.
ftp> bin
200 Type set to I.
ftp>
ftp> put D:\S5720HI-V200R010SPH0001.pat
226 Transfer complete.
ftp: 730,110byte(s) received in 2.2370 second(s)85.308Kbyte(s)/sec.
ftp> put D:\S5700LI-V200R010SPH0001.pat
226 Transfer complete
ftp:76,194byte(s) received in 2.2370 second(s)85.308Kbyte(s)/sec.

ftp> bye
221 Goodbye.
D:\>
----End
4.1.2.2 Using the Switch as an FTP Client

In the following example, the switch is used as an FTP client. The FTP user name is ftpuser,
address is 1.1.1.2. Change the settings according to your network plan.
Step 2 Log in to the FTP server from the switch.
Ensure that the FTP client (switch) and the FTP server (PC) can communicate with each other.
Save the patch file to be uploaded in the specified directory (for example, the FTP root
directory) on the FTP server. Use Telnet to log in to the switch through the management
interface. Enter the following information on the operation terminal to log in to the FTP
server.

<Quidway> ftp 1.1.1.1

Trying 1.1.1.1 ...
220 i
User(1.1.1.1:(none)): ftpuser
Enter password:
230 Logged on.
[ftp]
Run the get source-filename [destination-filename] command on the FTP client (switch) to
download the patch file from the FTP server. After the patch file is downloaded, run the bye
command to close the FTP connection.
[ftp] bin
200 Type set to I.
[ftp]
[ftp] get S5720HI-V200R010SPH001.pat
150 Opening data channel for file download from server of S5720HI-V200R010SPH001.pat.
226 Successfully transferred "S5720HI-V200R010SPH001.pat".
FTP: 730,110byte(s) received in 2.2370 second(s)85.308Kbyte(s)/sec.
[ftp] get S5700LI-V200R010SPH001.pat
150 Opening data channel for file download from server of S5700LI -V200R010SPH001.pat.
226 Successfully transferred "S5700LI-V200R010SPH001.pat".
FTP: 76,194 byte(s) received in 2.2370 second(s) 85.308Kbyte(s)/sec.
[ftp] bye
221 Goodbye .
<Quidway>
----End
4.1.2.3 Using the Switch as an SFTP Client

In the following example, the switch is used as an SFTP client. The SFTP user name is
sftpuser, the password is Huawei@123, the SFTP server IP address is 1.1.1.1, and the SFTP
client IP address is 1.1.1.2. Change the settings according to your network plan.
Huawei does not provide SFTP server software. Obtain the software and install it before the upgrade.

Step 2 Log in to the SFTP server (PC) from the switch.
Ensure that the SFTP client (switch) and the SFTP server (PC) can ping each other.

Save the patch file to be loaded to the SFTP server directory (for example, the SFTP root
directory), log in to the switch from the management interface through Telnet, and enter the
following command on the switch to log in to the SFTP server:
[Quidway] ssh client first-time enable
[Quidway] sftp 1.1.1.1
Please input the username:sftpuser
Trying 1.1.1.1 ...
Connected to 1.1.1.1 ...
Warning: The preferred encryption or digest algorithm is insecure. Using a security
algorithm (AES-256,SHA-256) is recommended.
The server's public key does not match the one catched before.
The server is not authenticated. Continue to access it? [Y/N]:y
Update the server's public key now? [Y/N]: y
Enter password: Huawei@123

<sftp-client>
Run the get remote-filename [ local-filename ] command on the SFTP client (switch) to
download the patch file from the SFTP server.
<sftp-client> get S5720HI-V200R010SPH001.pat Remote file: / S5720HI-V200R010SPH001.pat

---> Local file: S5720HI-V200R010SPH001.pat \ End of file
<sftp-client> get S5700LI-V200R010SPH001.pat
Remote file: / S5700LI-V200R010SPH001.pat ---> Local file:
S5700LI-V200R010SPH001.pat\
End of file
Step 4 Close the SFTP connection.

<sftp-client> quit
----End
4.1.3 Loading the Patch File of Parent

Load the patch file of the parent to the parent.
Method 1
Step 1 Load the patch file.
<Quidway> patch load S5720HI-V200R010SPH001.pat all

Info: The patch is being loaded. Please wait for a moment...
Info: Succeeded in loading the patch on the master board.
Info: The master board does not have kernel patch to be loaded.
Info: Succeeded in loading ENP patch on the master board......
Step 2 Activate the patch file.

<Quidway> patch active all

Info: Succeeded in activating the patch on the master board.
Info: The master board does not have kernel patch to be activated.............
Info: Succeeded in activating ENP patch on the master board.
Info: Finished activating the patch.
Step 3 Run the patch file.
<Quidway> patch run all

Info: Succeeded in running the patch on the master board.
Info: The master board does not have kernel patch to be run.
Info: Succeeded in running ENP patch on the master board.
Info: Finished running the patch.
----End
Method 2
Step 1 Load and run the patch file.
<Quidway> patch load S5720HI-V200R010SPH001.pat all run
Info: The patch is being loaded. Please wait for a moment....
Info: Succeeded in running the patch on the master board.
Info: The master board does not have kernel patch to be loaded..............
Info: Succeeded in running ENP patch on the master board......
----End
4.1.4 Loading the Patch File of AS

Load the patch file of the AS to the parent.
Step 1 Configure the local file server.
If the local file server has been configured, skip this step.
[Quidway] uni-mng
[Quidway-um] upgrade local-ftp-server username admin-uni password Test@1234
[Quidway-um]return
Step 2 Move the patch file of AS to the unimng/ directory in the root directory of the parent.
<Quidway>move S5700LI-V200R010SPH001.pat unimng/

Move flash:/s5700li-v200r010sph001.pat to
flash:/unimng/s5700li-v200r010sph001.pat ?[Y/N]:y
%Moved file flash:/s5700li-v200r010sph001.pat to
flash:/unimng/s5700li-v200r010sph001.pat.
Step 3 Set the name of the patch file to be loaded to the AS.
[Quidway] uni-mng
[Quidway-um] as type S5700-P-LI patch S5700LI-V200R010SPH001.pat
[Quidway-um]return

Step 4 Save the configuration.

<Quidway> save
The current configuration will be written to the device.
Are you sure to continue?[Y/N]y
Step 5 Start system software loading on the AS.
<Quidway>system-view
[Quidway]uni-mng
[Quidway-um] upgrade as all
Warning: This command will start the AS upgrade process. Continue?[Y/N]: y
[Quidway-um]return
Step 6 View the patch loading progress.

<Quidway> display uni-mng upgrade-info
--------------------------------------------------------------------------------
Name Method Phase Status Result
--------------------------------------------------------------------------------
as0 -- -- NO-UPGRADE successful
--------------------------------------------------------------------------------
When the results (Result fields) on all ASs displays successful, system software has been
successfully loaded to all ASs.
----End
4.1.5 Loading the Web File

In the SVF system, the web file is loaded only on the parent. Load the web file to the parent
as follows:
Step 1 Run the system-view command to enter the system view.
Step 2 Run the http server load { file-name | default } command to load the web file.
The http server load default command loads the web file in the current system software.
----End
4.2 Verifying Patch Installation

4.2.1 Verifying Patch Installation
Check whether the patch files of parent and AS are successfully installed on the parent.
Step 1 Check whether the patch file of the parent is successfully installed.

Patch Package Name :flash:/s5720hi-v200r010sph001.pat
Patch Package Version:V200R010SPH001
The state of the patch state file is: Running
The current state is: Running

************************************************************************
* Information about hot patch errors is as follows: *
************************************************************************
Slot CurrentVersion
------------------------------------------------------------
No hot patch error occurs on any board.
************************************************************************
* The hot patch information, as follows: *
************************************************************************
Slot Type State Count Time(YYYY-MM-DD HH:MM:SS)

------------------------------------------------------------------------
0 C Running 4 2017-03-27 04:30:53+00:00
The fields in the command output have the following meanings:

Patch Package Name: name of the patch file.
Patch Package Version: patch version.
Slot: slot ID on a stand-alone device or stack ID in a stack.
Type: C indicates a single-core patch.
State: patch status.
a. Running: The patch is running.
b. Deactive: The patch is in inactive state.
c. Active: The patch is in active state.
Count: number of patch units.
Time: time of last operation on patch.
After the patch is installed, check the following items:
Check the Patch Package Name and Patch Package Version fields to determine
whether the loaded patch is correct. If not, load and install the correct patch.
Check the patch status (State).
a. If the patch is in Running state, the patch is working properly.
b. If the patch is in Deactive state, run the patch active all command in the user view
to activate the patch, and run the patch run all command to run the patch. If the
patch is still not in Running state, contact Huawei technical support personnel.
c. If the patch is in Active state, run the patch run all command in the user view to
run the patch. If the patch is still not in Running state, contact Huawei technical
support personnel.
Step 2 Check whether the patch file of the AS is successfully installed.
<Quidway>display uni-mng upgrade-info verbose
----------------------------------------------------------------------------
AS name: as0
Work status: NO-UPGRADE
Startup system-software: flash:/ s5700-p-li-V200R010C00SPC600.cc
Startup version: V200R010C00SPC600

Startup patch: flash:/s5700li-v200r010sph001.pat

Next startup system-software: flash:/ s5700-p-li-V200R010C00SPC600.cc
Next startup patch: flash:/s5700li-v200r010sph001.pat
Download system-software: --
Download version: --
Download patch: s5700li-v200r010sph001.pat
Method: --
Upgrading phase: --
Last operation result: successful
Error reason: --
Last operation time: 2017-04-19 17:22:41
----------------------------------------------------------------------------
Check whether the Startup patch field displays the name of the required patch file. If an
incorrect patch is loaded, load the correct one.
----End
4.2.2 Verifying the Web File Update

In the SVF system, the web file is loaded only on the parent. Therefore, you only need to
verify the web file update on the parent.
Step 1 Check whether the web file is correct.
Run the dir command in the user view to check the name and size of the web file on the
switch. Ensure that the web file is correctly uploaded or downloaded.
Run the display current-configuration | include http server load command to check
whether the loaded web file is correct.
Step 2 Open the web browser on the PC, enter the management IP address of the switch, and press
Enter to display the Login page. (Ensure that the PC and switch have a reachable route to
each other.) Enter the web account, password, and select a language for the web system.
Step 3 Click Login or press Enter. The web system homepage is displayed.
----End
4.3 Rollback and Verification

If the patch installation fails, a rollback is required.
4.3.1 Rolling Back the Patch Installation

Roll back the patch installation on the parent.
Step 1 Delete the patch file of the parent.
<Quidway> patch delete all

Warning: The device needs to restart after the patch is deleted.
This will delete the patch. Are you sure? [Y/N]y..
Info: Succeeded in deleting the patch on the master board.........
Info: Finished deleting the patch.
Step 2 Delete the patch file of the AS.

<Quidway>system-view
[Quidway]uni-mng
[Quidway-um]undo as type S5700-P-LI patch
[Quidway-um]patch delete as all
Warning: This command will start to delete the patch of AS. Continue? [Y/N]:y
Info: This operation will take several seconds. Please wait...
[Quidway-um]return
Step 3 Restart the parent.
<Quidway>reboot uni-mng
Info: Start to reboot the uni-mng system.
Info: This operation will take several seconds. Please wait....
Warning: Ensure that the configuration file has been saved. This command will re
boot the uni-mng system. Continue? [Y/N]:y
Step 4 (Optional) Load the previous patch file of the parent. For details, see 4.1.3 Loading the Patch
File of Parent.
Running Version.
Step 5 Run the display patch-information command to view patch information. The command
output should be the same as the result of step 2 in 2.4 Verifying the Running Version.
Step 6 (Optional) Load the previous patch file of the AS. For details, see 4.1.4 Loading the Patch
File of AS.
Running Version.
Step 7 Run the display uni-mng upgrade-info verbose command to view patch information. The
command output should be the same as the result of step 3 in 2.4 Verifying the Running
Version.
----End
4.3.2 Rolling Back the Web File Loading

In the SVF system, the web file is loaded only on the parent. Therefore, rollback needs to be
performed only on the parent.
Roll back the web file loading as follows:
Step 1 Load the previous web file.
For details, see 4.1.5 Loading the Web File.
----End

Patch Installation Guide A Acronyms and Abbreviations
A Acronyms and Abbreviations
F
FTP File Transfer Protocol
S
SFTP Secure File Transfer Protocol


S1720&S2700&S5700&S6720 V200R010SPH002 Patch Installation Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

S1720&S2700&S5700&S6720 V200R010SPH002 Patch Installation Guide

Uploaded by

Copyright:

Available Formats

S1720&S2700&S5700&S6720 Series Ethernet

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Issue 01 (2017-05-22) Huawei Proprietary and Confidential i

About This Document

Issue Release Date Description

01 2017-05-22 Initial commercial release.

Issue 01 (2017-05-22) Huawei Proprietary and Confidential ii

About This Document.................................................................................................................... ii

3 Patch Loading to a Stand-Alone Switch ................................................................................... 9

4 Patch Loading to an SVF System ............................................................................................. 17

Issue 01 (2017-05-22) Huawei Proprietary and Confidential iii

4.1.2.3 Using the Switch as an SFTP Client ....................................................................................................................................20

A Acronyms and Abbreviations.................................................................................................. 27

Issue 01 (2017-05-22) Huawei Proprietary and Confidential iv

1 Precautions for Installation

Before installing the patch package, read the S1720&S2700&S5700&S6720

V200R010SPH002 is the latest patch of the S1720&S2700&S5700&S6720. It fixes different

Issue 01 (2017-05-22) Huawei Proprietary and Confidential 1

2 Preparations for Installation

Table 2-1 Checklist

No. Item Start Time Time Required

1 2.2 Preparing the Patch Files One day before 30 minutes

2 2.3 Verifying the Software One day before 30 minutes

3 2.4 Verifying the Running Version One day before 10 minutes

2.2 Preparing the Patch Files

Issue 01 (2017-05-22) Huawei Proprietary and Confidential 2

Table 2-2 Information about S1720 V200R010SPH002

S1720-GF V200R010SPH002 438,485 S1720-GF-V200R010SPH002.pat

S1720-G V200R010SPH002 35,864 S1720-GW-V200R010SPH002.pat

Table 2-3 Information about S2700 V200R010SPH002

S2720-EI V200R010SPH002 438,485 S2720EI-V200R010SPH002.pat

S2750-EI V200R010SPH002 438,485 S2750EI-V200R010SPH002.pat

Table 2-4 Information about S5700 V200R010SPH002

S5700-LI V200R010SPH002 438,485 S5700LI-V200R010SPH002.pat

S5700S-LI V200R010SPH002 438,485 S5700S-LI-V200R010SPH002.pat

S5720S-LI V200R010SPH002 42,599 S5720S-LI-V200R010SPH002.pat

S5720-SI/S V200R010SPH002 52,488 S5720SI-V200R010SPH002.pat

S5720-EI V200R010SPH002 55,648 S5720EI-V200R010SPH002.pat

Table 2-5 Information about S6720 V200R010SPH002

S6720-EI/S V200R010SPH002 66,729 S6720EI-V200R010SPH002.pat

Issue 01 (2017-05-22) Huawei Proprietary and Confidential 3

Step 4 (Optional) Check the web file.

Table 2-6 Web file information

S1720-GF-V200R010C00S S1720-GF-V200R010C00S S1720

Issue 01 (2017-05-22) Huawei Proprietary and Confidential 4

Web File Name Digital Signature Minimum Version and

2.3 Verifying the Software Integrity

The digital certificate and verification method are released on

2.4 Verifying the Running Version

<Quidway> display version

ES5D2T28M000 0(Master) : uptime is 0 week, 0 day, 7 hours, 49 minutes

Issue 01 (2017-05-22) Huawei Proprietary and Confidential 5

<Quidway> display patch-information

If the switch has patches, the patch versions are displayed.

2.5 Verifying the Switch Running Status

Issue 01 (2017-05-22) Huawei Proprietary and Confidential 6

<Quidway> display as all

2.6 Backing Up Data in Flash Memory

2.7 Checking the Space in the Flash Memory

<Quidway> dir flash: Directory of flash:/

Idx Attr Size(Byte) Date Time FileName