Overview of System Startup

The system loads the system software, configuration file and certificate file during startup. If a patch file is specified for next startup, the system also loads the specified patch file.

System startup scenarios include:

Version upgrade

Upgrade the system software to a later version. Upgrade the device to add new features, optimize existing features, or solve problems in the current version. To do this, load the upgrade system software and restart the device.
Version rollback

Downgrade the system software to an earlier version. Perform version rollback to restore normal service operation if an error occurs after the upgrade. To do this, load the earlier version system software and restart the device.
First startup

When deploying a new device on a network, load an existing configuration file on the device to perform initial configuration quickly.

A new device contains only default factory configurations. Setting up the configuration required to connect a new device to your network and deploy services on it can take time. In this case, you can specify a configuration file that meets user needs for the device and then restart the device.
Patch update

Specify the patch file to be loaded after an upgrade. You can specify a new patch file when upgrading the device. The patch takes effect as soon as the upgrade is complete.

The upgrade of a device is closely related to the released software versions. The corresponding upgrade guide is released with each new version and you can upgrade the device according to the guide. Visit http://support.huawei.com/enterprise to download the upgrade guide based on the product name and version.
For details about commands used during device upgrades, see Upgrade Commands in "Basic Configurations Commands" in the S2720, S5700, and S6700 V200R019C10 Command Reference.

Secure Startup

The S5730-HI, S5730S-EI, S5730-SI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6720-LI, S6720S-LI, S6720S-SI, S6720-SI, S6730-H, S6730S-H, S6730-S, and S6730S-S support secure flash startup.

Communication devices consist of multiple embedded computer systems, where software may be vulnerable to viruses and modified by attackers and even attacked by Trojan horses and unauthorized programs. Once a system is being attacked, the attacker may modify configurations or intercept packets to tamper with or intercept data.

Secure startup is based on the transfer mechanism of a trust chain, that is, from the initial trust root. The trust status is retained each time the computing environment is converted. This ensures a reliable computing environment. During startup, the system establishes a complete trust chain from the trust root, BootROM, BIOS, OS Kernel, to applications, with each level measuring the boot phase of the next level. The measurement results are irrevocably saved to the TPM chip. This implementation ensures:

Setup and transmission of the trust chain.
Recording of the system's trusted status.

System Software

The device software includes BootROM/BootLoad software and system software. After the device is powered on, it runs the BootROM/BootLoad software to initialize the hardware and display the hardware parameters. The device then runs the system software, which provides drivers and adaptation functions for hardware, and offers services features. The BootROM/BootLoad software and system software are prerequisites for device startup and operation, providing support, management, and services for the device.

A device upgrade includes BootROM/BootLoad software upgrade and system software upgrade.

The BootROM/BootLoad software is included in the system software package (.cc file) of the device. The BootROM/BootLoad software is automatically upgraded during a system software upgrade.

Configuration File

A configuration file is a collection of command lines. The current configurations are saved in the configuration file, and continue to take effect after the device restarts. You can view configurations in the configuration file or upload the file to other devices to implement batch configuration.

A configuration file is in text format and meets the following requirements:

The configuration file saves configuration commands.
The configuration file only stores non-default parameters to save the space.
The commands used in the same command view form a section. Sections are separated by blank lines or comment lines beginning with comment signs (#). There can be one or multiple blank or comment lines.
Sections are arranged in the following order: global configurations, interface-based configurations, protocol configurations, and user interface configurations.
The configuration file name extension must be .cfg or .zip. In addition, the configuration file must be saved to the root directory of the storage device.
- A configuration file with the file name extension .cfg is a text file, and you can view the file content in the text file. After the file is specified as the configuration file for next startup, the system restores all commands in the file one by one during a startup.
- A .cfg file is compressed to a .zip file that occupies less space. After being specified as the configuration file, the .zip file is decompressed to the .cfg file and the system restores all commands in the .cfg file one by one during startup.
The commands in a configuration file must be expressed in their complete forms. Abbreviations are not allowed.
Each command in a configuration file is wrapped using \r\n. No other invisible characters can be used to wrap commands.
It is recommended that you transfer the configuration file to a device using FTP in binary mode.

The following table describes the factory configuration, configuration file, and current configuration.

Concept	Description	Command
Factory configuration	Factory configuration is the basic configuration on a new device, which enables the device to start and work properly when there is no configuration file or the configuration file is lost or damaged.	-
Configuration file	When the device is powered on, it reads the configuration file from the default directory to boot the system. The configuration in this file is called the initial configuration. If the default directory does not contain a configuration file, the device uses the default parameters for initialization.	Run the display startup command to check the current and next startup configuration files. Run the display saved-configuration command to check the configuration file for next startup.
Current configuration	The configurations valid during device running.	Run the display current-configuration command to check the current configuration.

If you modify the current configuration and want to use the modified configuration as the next startup configuration, run the save command to save the new configuration to the default storage device.

A configuration file can contain up to 30,000 command lines. If more than 30,000 commands are configured, some commands may be lost after an upgrade.

The maximum length of a command supported by the system is 510 characters. If a command in incomplete form is configured, the system saves the command to the configuration file in its complete form. This can cause the command to exceed the maximum length of 510 characters. The incomplete command cannot be recovered after the system restarts.

Certificate File

Certificate files provide public keys and related information for switches to change from the traditional mode to NETCONF mode and obtain the Agile Controller-Campus address.

Certificate files required by switches of the current version for startup include device.pem, default_ca.cer, root.cer, default_local.cer, ca_config.ini, and private-data.txt. These files can only be deleted using the BootLoad menu, instead of using commands. However, if you delete these files, switches will fail to register with the Agile Controller-Campus.

Patch File

A patch is a kind of software compatible with the system software. It is used to correct pertinent software issues, fix other errors, or improve adaptation of the system software. For example, patches can fix defects of the system and optimize some functions to meet service requirements.

Patches are released in patch files. A patch file may contain one or more patches with different functions. When patch files are loaded from the storage device to the patch area in the memory, they are assigned unique sequence numbers for users to identify, manage, and operate the patches.

Patch Classification

Patches are classified into hot and cold patches based on their impact on services.

Hot patch (HP): Services are not interrupted when the HP is loaded and activated. This reduces upgrade costs and avoids risk.
Cold Patch (CP): You must restart the device or cards on the device for the CP to take effect. Services are interrupted during the restart.

Patches are also classified into incremental and non-incremental patches based on patch dependency.

Incremental patch: Dependent on previous patches. A new patch file contains all the patch information in the previous patch file. You can install the patch file without uninstalling the original patch file.
Non-incremental patch: Exclusive to the current system. Uninstall the existing patch file before installing and running the new one.

All currently released patches are hot patches or incremental patches. All patches mentioned in the subsequent sections are either hot or incremental patches unless otherwise specified.

Patch State

You can only change the patch state using command lines.

Table 1 describes patch states.

**Table 1** Patch states
State	Description	Patch State Transition
Idle	The patch file is saved to the storage device but has not been loaded to the patch area.	When a patch in the storage device is loaded to the patch area, it enters the inactive state.
Deactive	When a patch is loaded to the patch area, the patch is in the deactive state.	You can perform either of the following operations on a patch in the deactive state: Uninstall the patch to delete it from the patch area. Run the patch file temporarily to change the state to active.
Active	When a patch is stored in the patch area and runs temporarily, it enters the active state. The active patch changes to the inactive state when the device is restarted.	You can perform either of the following operations on a patch in the active state: Uninstall the patch to delete it from the patch area. Run the patch permanently to change the state to running.
Running	When a patch is stored in the patch area and runs permanently, the patch is in the running state. The running patch remains in the running state when the device is restarted.	You can unload a patch in the running state so that it can be deleted from the patch area.

Figure 1 shows the transitions between different patch states.

Figure 1 Patch state transition

Installing Patches

Installing patches is a way of upgrading a device. You can install patches in the following ways:

Install hot patches on a running device without interrupting services. This is an advantage of hot patches.

For details on how to install patches, see the corresponding patch installation guide. For details about commands used for device upgrade, see Upgrade Commands in "Basic Configurations Commands" in the S2720, S5700, and S6700 V200R019C10 Command Reference.
Specify a patch file for next startup. This method is described in this chapter. In this case, the patch file takes effect after the device restarts. The method is often used during a system upgrade.