Dear PhoneBoy,

thanks for your reply.

As this SK is from 2017 I doubt that Engineering is going fix this in the near future so I hoped for some creative ways to have this fixed on my own.

What I think is rather irritating is  "some instances" in  "This causes the process to fail in some instances."
If the issue is to come from is a too small partition the process starts to fail from a certain Jumbo as the amount of data tends to grow from take to take.

I'm taking a closer look at Blink now but I miss some features:

-pruning of the HD including the log Partition

- I see how to install and configure a single machine but not how to auto provision a mass rollout and apply individual  config_system templates. I'm lacking something comparable to the possibility in isomorphic to tie template A to MAC address X and template B to MAC address Y or something the like.  

Is there a comparison of ALL those tools (Isomorphic/Blink/Zero Touch/CDT/LSA) and which use cases they where meant for?

Thanks & kind regards

Zoltan

AFAIK, there is no Blink image for 6k series

Not sure. Accoding to this, there's one for Quantum devices:

https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/m...

but according to this the Blink utility wouldn't work for them:

https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/m...

Blink is not supported on 6K, they have a special RAID. https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... - 6K series are not listed.

Ah, thanks for clarification; so I'm stuck with isomorphic anyway.

How long would a RFE take and how/where am I supposed to open it?

looks rather trivial at first glance:

there is a file in the iso called appliance_configuration.xml where every single appliance starting from the Nokia/early Check Point IP appliances are described.

increasing the "lv_fcd" from 8192 to 16384 might do the trick.

Not sure that’s the right file to modify.
Maybe one of @Tsahi_Etziony ’s team can comment on this.

Somethings seem to work because if I break the syntax (I've written 16.384 instead of 16384) no partitioning takes place an the anaconda partitioning tool throws an error. 

Writing the ISO file anyway seems to loose some data because the written file is always way smaller than the original mounting/comparing those files shows quite some missing files.

I'd very much appreciate @Tsahi_Etziony to have a look at this. 

Hi @PhoneBoy @Zoltan_Bogdan @_Val_ 
We have blinks  for 6K.
You can see details at the following link:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Regarding isomorphic, from R81.10 we made a change so that Jumbo would be copied straight to the current partition and would not be saved in FCD partition.
This should solve the problem of the partition size.

Good news. The main Blink SK should be adjusted then, @Dov_Fraivert 

It would be great if Checkpoint implemented this fix on the ISO images so customers are not forced to just use blink images.

I take it, this should be a relatively easy thing to do?

Yes, we will update the SK,

Dear @Dov_Fraivert 

<edit>

Great news, thanks for sharing, so I'take Blink into consideration again:

Concerning  isomorphic sounds good, but I encounter the issue anyway.

I missed the 81 in 81.10 - sorry. Is there some kind of backport possible?

</edit>

I'm using isomorphic build 187 to make 80.40 installations with the latest Jumbo (T118) alongside DA (Build 284) applied.

As the error anaconda throws during installation is exactly the one described in  sk122014, the Fix somehow doesn't seem to work.

Any suggestions (take a sooner build/another image etc.)?

Since the correction is only from R81.10. For R80.40, if there is a problem with size of the partition, the recommendation is to create isomorphic with iso only and install JHF after that.

@Zoltan_Bogdan I would be happy if you would send me privately more details about the installation you need to do. Maybe we can use other tools we have like Octo or Zero Touch.

If it helps I've tried to get a RFE raised, only to be faced with "Whats the financial justification, or something along these line".

Checkpoint, very simply get it fixed please; its the right thing to do.  Why wait for customers to complain when you know there is a problem. 

It sounds like we've fixed the issue in R81.10 (if I'm understanding @Dov_Fraivert 's comments correctly).
For earlier releases, it looks like you have a workaround now 🙂

It would be nice if this could also be adjusted for the R80.40 and R81 images.

A workaround ... as long as you know about the issue. This problem bit me last week when trying to upgrade some firewalls from R77.30 to R80.40. There's no warning in the ISOmorphic documentation to not apply large hotfixes like a jumbo. The demonstrative screenshots even use R80.40. This is definitely a documentation bug, which should be trivial to fix.

There's no warning in ISOmorphic itself that it's about to create installation media which will wipe your box but won't actually install the new version. No warning after the media is created, either. While I get that changing the partition sizes would require releasing a new ISO image for older products, ISOmorphic not warning us is definitely a bug in that tool.

When I raised the TAC case (ages ago), I pointed out the same observations and suggested that safety checks where put in place to stop the rebuild as a result of this issue.

I'm pretty sure I done this a very long time ago and also ask TAC via an old case for this be be done.  

Either why this is not a specific customer requirement this is a requirement in general as clearly the partition sizes need adjust to account for the size of Jumbos.

Dear @genisis__ ,

"I've also had the same issue when mounting any ISO via LOM."

=> That's a little strange. That has always worked for me.

From when is your TAC case?

I believe its another know issue.  I should point out that I've not had this issue building R81 using the ISO image over iDRAC. 

Now remember when going over iDRAC I'm just using the standard ISO image, no Jumbo's etc integrated. 

Awesome!

where did you get the various file to do the above?  Have you tried this on R81.x images at all?

One other thing,  realistically we should not be doing this as Checkpoint could turn around and not support the installation as you have modified the original ISO (Checkpoint should really know this does not work as many people have logged TAC cases,  and it just looks like that age old thing, they cannot be bother update the ISOs)