Technical Tip: How to rebuild the FFDB database in case of error 'ffdb_err_msg_print: ret=-4, Error: kernel error'

• Kernel error 'ffdb_err_msg_print: ret=-4, Error: kernel error' is observed on the FortiGate when there is an issue with the FFDB files.

This can be verified using the below command:

diagnose debug config-error-log read

• It is possible to remove the FFDB files using the below steps and download the database again.

To clear the FFDB files:

diag internet-service clear /data2/ffdb_app
diag internet-service clear /data2/ffdb_map
diag internet-service clear /data2/ffdb_map_res

Use the command 'fnsysctl ls /data2/' to verify the database is deleted.

Run the below command to download the database again:

execute update-now

• For the FortiGate Cluster, the Kernel error 'ffdb_err_msg_print: ret=-4, Error: kernel error' may cause out-of-sync issue between the FortiGates' devices.

If the above troubleshooting steps did not help, fail-over the traffic to one of the FortiGates that has no error and consider rebooting the FortiGates with the error detected.