- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiOS 5.6.7 is out
Lot of BUG FIX
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
you are right,
it seems like the "last used" field is no longer updatet till the connection count hits 0
or you reset the statistics.
sudo apt-get-rekt
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortigate 60D, 60E and a 201E Cluster updated = no issues so far
sudo apt-get-rekt
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm planning to go to it on Friday on my HA pair of 1500D. We've been running 5.6.3 for about a year now, and apparently the recommended upgrade path is 5.6.3 -> 5.6.6 -> 5.6.7 which seems weird, but I guess I'll be doing a double-upgrade.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Been running 5.6.7 on 300E HA and a 200D since a few days, seems rock solid. Haven´t found any bugs that affect us.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We also upgraded our 1500D cluster and 600D cluster to 5.6.7 last week, mostly because 1500D cluster with 5.6.5 and 5.6.6 had a memory leak bug which slowly ate up lots of memory, up to 90% (that after going to proxy-mode from flow-mode, before stayed around 80%). Memory usage has only slowly gone up so far, we'll see how it will be in a month's time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't know if it's a bug but in 100E there is "bcm.user" process which is using more cpu than in 5.6.5:
PID RSS ^CPU% MEM% FDS TIME+ NAME 93 12M 40.7 0.4 8 1 4:10.67 bcm.user [x3]
Have you noticed this and what even is that process?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have a 100E updated to 5.6.7 five days ago. It did not have the bcm.user high cpu problem. CPU usage has been changing between 2 to 4%.
Another 100E running 5.6.6 with 49 days uptime. bcm.user CPU usage is also between 2 to 4%.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Been running 5.6.7 on low models, 50e 60d 60e 80e, without problem
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Update for that "bcm.user" CPU usage. That specific 100E had also degraded network performance. In example traffic going through policies including IPS filtering sometimes were completely dropped. There was 3000ms spikes on the network.
Rebooting firewall solved this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found something strange on our 1500D and 600D cluster: in the list of firewall rules I have added a column "Last Used" and this column doesn't update anymore with many rules, whereas with many others it is updated. And active sessions + data amount seems to be OK, although I haven't investigated the data amount. The date and time in those problematic rules shows exactly one time and date which is the time and date of firmware upgrade + 48 hours. Nothing too critical but in some cases the correct information or useful feature in debugging is gone. Probably until the next firmware upgrade or restart, who knows.
