This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
K_R_V
Collaborator
‎2023-08-25 01:17 AM
Jump to solution

Spark 1530 Cluster upgrade ( R81.10.00 - R81.10.07 )-> kernel crash

We  upgraded 2 Spark 1530 clusters, and experienced the same behavior on both clusters.

What did we do :

We upgraded the Standby firewall FW2 from R81.10.00 to R81.10.07. After rebooting, FW2 had the outgoing policy and after a policy push, the correct policy was installed and firewall was in STANDBY state.
So far so good.

cluster 1 :

We upgraded FW1,  firewall was constantly rebooting, responded to ping and SSH for 10 seconds before rebooting, console output :

INIT: version 2.88 booting
INIT: Entering runlevel: 3
Booting CRASH kernel...

after factory reset and upgrade, cluster was back online.

cluster 2 :
We initiated a failover to FW2 with the cluster down script, and FW2 became the active firewall. At this moment, FW1 crashed and rebooted, over and over again. In the 10 second window it was reachable, I managed to log in and do a "fw unloadlocal".
This prevented the crashing and I was able to upgrade the device. After the upgrade and policy install, cluster was OK again.

Do we do something wrong here, did anybody experienced the same behavior, known issue ? 

We have 30 more cluster to upgrade !

0 Kudos
1 Solution

Accepted Solutions
K_R_V
Collaborator
‎2024-01-02 07:18 AM
In response to K_R_V
Jump to solution

Upgrades with version R81.10.08 - Build 616 do not have this issue, problem seems to be resolved in this version !

View solution in original post

14 Replies
G_W_Albrecht
MVP Silver
MVP Silver
‎2023-08-25 01:24 AM
Jump to solution

Contact TAC to get this resolved !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
K_R_V
Collaborator
‎2023-08-25 03:24 AM
In response to G_W_Albrecht
Jump to solution

TAC case has been created, but with my experience with TAC, this will take some time and frustration ( other discussion !  😁)

We'll see where it goes, but I'm just wondering if somebody else had the same issue .. 

(1)
the_rock
MVP Diamond
MVP Diamond
‎2023-08-25 06:13 AM
In response to K_R_V
Jump to solution

You are 100% right, but personally, if I were you, I would see if issue can be escalated. At this point, no customer would feel comfortable continuing the process, specially considering the seriousness of the issue you experienced with first cluster.

Just my opinion.

Andy

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
K_R_V
Collaborator
‎2023-09-01 04:59 AM
In response to K_R_V
Jump to solution

feedback from TAC and cased closed 🙄

The current occurrence is quite rare and happening on Centrally Managed SMB appliances
due to a policy issue where the policy is not installed on the gateway/cluster after the upgrade.

We do suggest performing the upgrade and once the upgrade performed, installing the policy
in order to avoid a roll-back to previous versions.

Is there anything else we can assist you with?

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2023-09-01 05:05 AM
In response to K_R_V
Jump to solution

If I were you, I would escalate that issue through your Sales person, thats totally unacceptable. That answer logically does not make much sense...lets think about it for a second. So there are probably 1000s of customers who do upgrades on regular Gaia devices and if same issue occured, are they going to blame it on the fact that right policy was not installed??!!

Andy

Best,
Andy
"Have a great day and if its not, change it"
G_W_Albrecht
MVP Silver
MVP Silver
‎2023-09-01 05:48 AM
In response to K_R_V
Jump to solution

According to your description the answer is unacceptable: In cluster 2 the issue has happened after failover and before the upgrade.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
the_rock
MVP Diamond
MVP Diamond
‎2023-09-01 05:51 AM
In response to G_W_Albrecht
Jump to solution

Personally, answer @K_R_V was given by TAC makes no sense. I cant logically see how any of that (whether it be failover or crash itself) can be caused by policy. 

Andy

Best,
Andy
"Have a great day and if its not, change it"
PhoneBoy
Admin
Admin
‎2023-09-01 12:59 PM
In response to K_R_V
Jump to solution

Note that it’s required to perform a policy install after doing a major upgrade (eg from R80.20.xx to R81.10.xx).
Never seen it being necessary when upgrading within the same major release.

0 Kudos
Jones
Collaborator
Collaborator
‎2023-11-16 06:04 PM
Jump to solution

I'm experiencing a similar issue when upgrading a 1600 centrally managed cluster from R80.20.50 to R81.10.08 or from R81.10.05 to R81.10.08. The first unit went fine, but the second unit keeps crashing the kernel. Ending up reverting back to R80.20.50.

Did you find any solution for this issue for your other cluster upgrades?

0 Kudos
K_R_V
Collaborator
‎2023-11-17 12:40 AM
In response to Jones
Jump to solution

The other clusters have not yet been upgraded due to some issues with vmac in R81.10.05, 7 and 8. This should be fixed in R81.10.10 so I'm waiting for the GA version.

The upgrade issue is not in R81.10.00, so you can maybe upgrade to this version.

Is your cluster also using VMAC ?

0 Kudos
Jones
Collaborator
Collaborator
‎2023-11-17 07:55 AM
In response to K_R_V
Jump to solution

I upgraded to R81.10.05 that went fine. But upgrading to R81.10.08 reverted me back to R80.20.50 so I stayed there. I'm not using VMAC so this must be something else. 

0 Kudos
K_R_V
Collaborator
‎2024-01-02 07:18 AM
In response to K_R_V
Jump to solution

Upgrades with version R81.10.08 - Build 616 do not have this issue, problem seems to be resolved in this version !

Jones
Collaborator
Collaborator
‎2024-01-08 12:01 AM
In response to K_R_V
Jump to solution

According to sk181079, Build 683 is the latest and replaced 608.

DateDescription
30 Nov. 2023Release of Build 996001683, replacing Build 996001608.
07 Sep. 2023Release of Build 996001608, replacing Build 996001601. 
31 Aug. 2023First release of this document (Build 996001601).
0 Kudos
K_R_V
Collaborator
‎2024-01-08 03:09 AM
In response to Jones
Jump to solution

Fixed in , R81.10.08 (996001690), but was proved by TAC.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events