[177591] in North American Network Operators' Group
Re: Cisco IOS stable/production safe versions?
daemon@ATHENA.MIT.EDU (Daniel Corbe)
Wed Jan 28 09:16:09 2015
X-Original-To: nanog@nanog.org
From: Daniel Corbe <corbe@corbe.net>
To: Nick Ellermann <nellermann@broadaspect.com>
Date: Wed, 28 Jan 2015 09:15:58 -0500
In-Reply-To: <3551369d5e2b4a9796964e4f335aa827@exchange.broadaspect.local>
(Nick Ellermann's message of "Tue, 27 Jan 2015 14:27:00 +0000")
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Nick Ellermann <nellermann@broadaspect.com> writes:
> I have a Cisco IOS specific question for the group and also
> specifically related to the 6500 platform. We have always been very
> conservative with our IOS version that we run in production, we are
> still running a pretty old safe harbor build of 12.2.x on SUP 720
> 3BXLs with BGP and OSFP routing. Any advice from fellow network
> operators that are running the 6500 platform in the core still for
> versions that are considered safe for production? We are stable, but I
> am really wanting access to features such as Netflow v9, etc.
>
> Thanks for any advice!
>
You're pretty spot on with your thinking here. Don't upgrade unless
there's a known vulnerability, a bug fix or a feature that you need on a
particular device; and don't expose your management to the Internet.
tl;dr: don't fix what isn't broken.
Having said that; make use of the software download tools on your CCO
account. Cisco has a list of recommended builds for your particular
platform and code train.
When in doubt you can always fall back to S-train stuff on a Sup720.
-S images were made for service providers and are generally very stable.
-Daniel
