Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
chowr_ftnt
Staff
Staff

Created on ‎04-11-2025 01:33 AM Edited on ‎06-25-2025 06:27 AM By Staff

Article Id 387264

Technical Tip: FortiGate may reboot more than 1 time when upgrading to v7.4

Description FortiGate NP7 platforms may reboot twice or three times when upgrading to v7.4.
Scope FortiGate.
Solution

The default QoS type can be verified by following the CLI commands.

 

show full system npu | grep default-qos-type

In FortiGate v7.0 or v7.2, the NPU default-qos-type is shaping.

Since FortiGate v7.4, the default-qos-type has been changed from shaping to policing.

 

Therefore, when upgrading to v7.4, FortiGate needs to reboot more than 1 time to set the NPU driver setting same as the CLI setting.

 

Starting from v7.4.8 GA  and v7.6.1 3 GA, the option for 'default-qos-type' can only be set to 'policing'. This is to deal with a known issue where the Queuing based Traffic Management QTM module in NP7 models is responsible for shaping, may hang when receiving a packet with MTU size 6000 or larger, causing FortiOS not to honor fragmentation.

 

config system npu
    set default-qos-type policing <---
end

 

Details related to this change can be found on the following release notes link: Changes to NP7 traffic shaping.
Labels:
633
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.