Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
the_rock
Champion
Champion

Possible cosmetic bug in R80.40 jumbo take 131?

Jump to solution

Hey guys,

Just wondering if anyone seen this in jumbo take 131 before...so when IPS blade is enabled and updates scheduled, it all works as expected, update shows latest build, but in dashboard, under security policy -> threat prevention -> policy -> updates, there is yellow mark about IPS updates, but if you even try update it manually, says its up to date and ips stat on gateway shows latest build as well.

I tested this on jumbo 120, 125, 126 and no issues, ONLY on take 131. By the way, disabling and re-enabling IPS blade does not do anything. Just to clarify, I am using latest build of smart console, build 425.

Anyone experienced the same?

0 Kudos
1 Solution

Accepted Solutions
the_rock
Champion
Champion

TAC came back saying this is simply cosmetic and reboot of management/gateway in question would be needed. Since this is standalone, I wont bother, because I can tell IPS updates are working. In case anyone sees this issue, thats what you need to do to fix it ;- )

View solution in original post

0 Kudos
12 Replies
the_rock
Champion
Champion

TAC came back saying this is simply cosmetic and reboot of management/gateway in question would be needed. Since this is standalone, I wont bother, because I can tell IPS updates are working. In case anyone sees this issue, thats what you need to do to fix it ;- )

View solution in original post

0 Kudos
genisis__
Advisor

I had a different issue, more serious where all IP connectivity just stopped, luckily I had a LOM.  It was strange because the jumbo installed ok, and was all working fine for a good few days.  I then had to make another change which required the device to be rebooted.

After the reboot I could no longer access the device.  I jumped on LOM and all the configuration was there.  I checked arp and there where no arp entries, its like the routed process just stopped.

I firstly revert the change I made and rebooted (note: JHFA131 no uninstalled at the point), and this did not make a difference.

I then uninstalled JHFA131 and then everything was working again. I then installed JHFA125 and made the specific change and everything was all good.

The issue was reported to TAC via an pre-existing case and in typical TAC fashion ask why I did not install the GA release as its not recommended to install the ongoing JHFA (far enough), but they did not investigate the issue which would have been helpful to stabilise JHFA131 going forward. 

I did report it here as well and I believe the Team responsible for Jumbo may be taking a look at the files I uploaded to the pre-existing case.

Ilya_Yusupov
Employee
Employee

Hi @genisis__ ,

 

We suspecting that the issue you have been encountering is a known issue that we already addressed in later takes.
in order to be on safe side that this is indeed same, any chance you have fwk.elg from the the incident time to share with me so i can validate that this is indeed same case?

 

Thanks,

Ilya  

the_rock
Champion
Champion

@Ilya_Yusupov ...just wondering, since sometimes, depending who you talk to in TAC, some people say its okay to install ongoing jumbo, some people say not a good idea...what is best recommendation? Stick with GA and only install ongoing if specific issue is fixed?

0 Kudos
MatanYanay
Employee
Employee

Hi @the_rock 

Every Jumbo release is first introduced as “Ongoing” version, ready for deployment for early adopters customers.

“Ongoing” release is in high quality and passed all Check Point release Criteria and installation decision can be based on functionality and relevant fixes.

Check Point Recommendation for all deployments is to install the latest Jumbo GA .

the_rock
Champion
Champion

Ok, thank you for confirming. I just hope that answer becomes more consistent across TAC.

0 Kudos
genisis__
Advisor

I only provided the messages files and cpinfo (I think I may still have these).  When I tried to get TAC on a call with me to investigate, basically there was not one person available even though I said we have a complete outage.

Secondly - you stated this may have been a result of a known issue, so why on earth was the take not removed or a note put on the SK making it clear this could happen?

0 Kudos
Ilya_Yusupov
Employee
Employee

@genisis__ ,

 

The issue is not scoped to that specific take and its not so wide, yes when it happen you will have an outage and i'm truly sorry about that.

It is race condition during boot process which may cause to an outage.
As i mention i suspect that this is same issue we encounter with other customer but to be sure i need to check fwk.elg.

0 Kudos
genisis__
Advisor

I'm happy to get the fwk.* files from the unit if that helps, together with the messages files and cpinfo took during the evening and provide this, can you please ping me privately with sftp creds

 

0 Kudos
Ilya_Yusupov
Employee
Employee

@genisis__  - i send you the account via email.

 

Thanks,

Ilya 

0 Kudos
Dorit_Dor
Employee
Employee

To answer few of the questions that were raised conceptually

1. we dont release jumbo with known issues

2. an on-going jumbo is a new jumbo that has less street time and sometimes we find issues that become “known” (this is the case with 131). They are very freshly known. 

3. At this point we need to decide between this being very wide and pull the jumbo to the issue being limited in scope and we just stop to proactively offer it until new jumbo is released. 

4. With take 131 we estimated that the scope of impact is limited. We therefore released today a newer on-going jumbo that fixes this as well as few other important fixes (131 is not going to be a GA jumbo). As we assumed the scope was limited, we indicated that it will not be GA but did not make a wider warning. See that we referenced it not being GA in https://community.checkpoint.com/t5/Product-Announcements/R80-40-Jumbo-Hotfix-Accumulator-New-Ongoin...

5.In vast majority of the cases, the on going take will become GA. We intend that ppl that have issues that are resolved by the specific on-going jumbo, to install it before its GA. 

6. TAC will offer you the on-going take if it fixes a problem you have and as long as they dont know of issues. TAC gets “early signs” from r&d when we suspect something so they may “hold” from recommending the on-going even if we are not yet 100% of the issue. They may therefore, stop recommending it for short time and then return to recommending it if we see that it was false alarm. In some cases they may recommend on-going jumbo after validating that the use case isnt included in suspected issues. 

Your feedback is always valuable, Dorit

0 Kudos
genisis__
Advisor

The issue I experienced has been included in JHFA138 which was released today (ongoing take). Thanks to Ilya for communicating with me on this.