[c-nsp] 7500 Boot Image
Pete Templin
petelists at templin.org
Wed Jun 14 15:41:10 EDT 2006
Gustavo Rodrigues Ramos wrote:
> There are two main reasons I can see. First of all if you are afraid of
> a security vulnerability. I also have to upgrade my boxes when I need
> some feature not available in old IOS versions. However, I've got a lot
> of problems when I did upgrades in my 7500 boxes a couple of months ago.
He's talking about the boot image, which has no support for routing
protocols and therefore the box is likely unreachable during the brief
period while it's running the boot image to then boot the full image.
If it's not reachable, it's essentially NOT vulnerable.
However, I've seen issues going between 12.0S and 12.2S where my tacacs+
passwords were incompatible between the two trains. Having the boot
image in the same train is probably a smart choice. I tend to sync my
boot images after the first boot, for simple anal retentive issues.
pt
More information about the cisco-nsp
mailing list