Upgrading an active/standby failover configuration – Cisco ASA 5505 User Manual
Page 1840
 
81-6
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 81 Managing Software and Configurations
Performing Zero Downtime Upgrades for Failover Pairs
Performing Zero Downtime Upgrades for Failover Pairs
The two units in a failover configuration should have the same major (first number) and minor (second 
number) software version. However, you do not need to maintain version parity on the units during the 
upgrade process; you can have different versions on the software running on each unit and still maintain 
failover support. To ensure long-term compatibility and stability, we recommend upgrading both units 
to the same version as soon as possible.
shows the supported scenarios for performing zero-downtime upgrades on a failover pair.
For more details about upgrading the software on a failover pair, see the following topics:
•
Upgrading an Active/Standby Failover Configuration, page 81-6
•
Upgrading an Active/Active Failover Configuration, page 81-7
Upgrading an Active/Standby Failover Configuration
To upgrade two units in an Active/Standby failover configuration, perform the following steps:
Step 1
Download the new software to both units, and specify the new image to load with the boot system 
command (see the 
“Configuring the Application Image and ASDM Image to Boot” section on
Step 2
Reload the standby unit to boot the new image by entering the following command on the active unit:
active# failover reload-standby
Step 3
When the standby unit has finished reloading, and is in the Standby Ready state, force the active unit to 
fail over to the standby unit by entering the following command on the active unit. 
Table 81-1
Zero-Downtime Upgrade Support
Type of Upgrade
Support
Maintenance Release
You can upgrade from any maintenance release to any other 
maintenance release within a minor release. 
For example, you can upgrade from 7.0(1) to 7.0(4) without first 
installing the maintenance releases in between.
Minor Release
You can upgrade from a minor release to the next minor release. You 
cannot skip a minor release. 
For example, you can upgrade from 7.0(1) to 7.1(1). Upgrading from 
7.0(1) directly to 7.2(1) is not supported for zero-downtime upgrades; 
you must first upgrade to 7.1(1).
Major Release
You can upgrade from the last minor release of the previous version to 
the next major release.
For example, you can upgrade from 7.2(1) to 8.0(1), assuming that 
7.2(1) is the last minor version in the 7.x release series.
Note
Zero downtime upgrades are possible, even when feature 
configuration is migrated, for example, from 8.2.x to 8.3.x.