Skip to main content
gfubrad
gfubrad
New Member
September 22, 2010
Question

Firmware upgrade to HA Cluster taking long time

  • September 22, 2010
  • 3 replies
  • 9290 views
I have two FGT 310B configured in a HA AA Cluster. Attempting to upgrade the firmware from 4.2.1 to 4.2.2 through the GUI with no traffic interruption. It' s been over 2.5 hours since I uploaded new firmware and neither unit has rebooted. Uptime is still the same on each. I have a support ticket submitted, but no response yet. Anyone have experience with HA firmware updates? I know I can break the HA and update them at the same time, but I' d rather do it with no interruption. How can I monitor the process?

    3 replies

    doshbass
    doshbass
    New Member
    September 23, 2010
    The uniteruptable-upgrade process does take quite a long time, but 2.5 hours does not seem right, especially for a simple patch level upgrade. Did you get a confirmation that the upload file uploaded correctly and upgrade was beginning. The fact that you can access the GUI seems to me that it didn' t.
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    September 23, 2010
    hello, as a measure of precaution, I recommend to always monitor the CLI via the console port during upgrades. In your case you should connect to the primary unit' s console port to see whether there are messages coming up. The ssh CLI doesn' t tell the whole story, not to mention the local log via GUI. I' d suspect that the upgrade has died at some time. This is no regular behaviour esp. not for an A-A cluster. Try to re-initiate the upgrade and watch the messages. If all fails you can break up the cluster by disconnecting one unit (quickly). This usually is not necessary as the cluster mgmt has improved vastly over the versions. This will mean traffic interruptions of course. If you' ve upgrade the isolated unit, give it a high HA priority before reconnecting. Thus it will become the master unit and upgrade the other unit automatically.
    omkam
    omkam
    Visitor III
    May 13, 2023

    I am facing similar issue. While upgrading from 6.4.7 to 6.4.9, It is taking too long to upload the firmware. FortiGate is standalone. No logs are getting generated as firewall is still not rebooted.

     

    FortiGate: 80F 

    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    May 13, 2023

    Maybe this will help you:

    when I experienced such a hanging update, I connected to the console port (serial, 8N1 9600 baud). Exactly when I connected (without login), the process resumed and the update went through.

     

    If not, reboot the FGT, and restart the upgrade, this time while watching the console port.

    Terms & ConditionsAccessibility statement