- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Firmware update warning with R81.20 upgrade on Azu...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
			
				
					
						
							Firmware update warning with R81.20 upgrade on Azure
						
					
					
				
			
		
	
		
	
	
	
	
	
	
	
	
			
					
				
		
	
Hi all,
I need to update a customer's Azure-hosted management and log servers from R81.10 to R81.20.
Following R81.20 documentation, I went the in-place upgrade path, as per sk177714.
(For some reason, the regular CPUSE upgrade packages do not show up on Azure VMs, and you need to use specific packages from this SK).
Everything looked fine but then Verify Update gave me a very confusing message:
Based on a system check, a firmware update may be necessary on one or more network cards to bring them up to date with the current Gaia network drivers. This update is a one-time process which could take several minutes, and is executed after Gaia OS upgrade is finished and has rebooted post-upgrade. After the firmware update is complete, the system will automatically reboot once more to apply the new firmware. Please do not reboot or shut the system down during this time.
The need for a firmware update on an Azure VM is rather unexpected.
However, I learned Azure VM do indeed run on hardware with Mellanox NICs, as do CP appliances, and part of the real NIC is actually exposed to the VM.
https://learn.microsoft.com/en-us/azure/virtual-network/accelerated-networking-how-it-works
Did you guys run into this?
Can we fearlessly go on with the upgrade in this situation?
I wouldn't want the upgrade process to fail trying to flash a new NIC firmware, and either just crash here or enter an endless reboot loop...
And before anyone asks, yes I'm also running this through TAC.
I'm just looking for insight from fellow admins with hands-on experience with this use case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I only started using it like 2.5 years ago, but it's still much more painful to work with than a plain management.
I hate waiting for my logs to finally pop up there when I'm diagnosing some issue, vs almost real time on a real mgmt.
Many Check Point procedures still require local access to the management, and the need to go through TAC for this...
Effed up IP address reverse lookups also sucks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have not had any issues with logs at all. Used to be problem at the beginning, but now its totally fine, been for awhile actually. I guess our experiences certainly differ...
Put it this way...whatever works better for you guys, thats what I would stick with.
Andy
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Speaking of this, little ironic it happened after we had discussion here lol
Andy
Andy
 
					
				
				
			
		
- « Previous
- 
						- 1
- 2
 
- Next »


 
		
		
		
		
		
	
			 
					
				 
					
				 
		
			