Hello,
At one of our customers (yes still running on 5.0.12) we noticed more and more packet drops, caused by destination interface unknown messages in the logs. This happens on all their firewalls, on Port Channels, on dual gateways with same metric (ECMP is used) but we cannot pinpoint the cause. We think that there is a bug in the software.
We started a wireshark trace and we saw packets coming in but they cannot be routed.
Does anybody have had similar issues and found a solution?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
What device are you using? Can you upgrade it a few revision higher and see if it still happens? I try not to be more than 2 releases back. With many vendors, they want you on the latest and greatest release to even talk to you.
Hi, the customer uses several FGT1200D, 1000C and 3950B clusters. It happens on all these devices.
We tried to push the customer already to allow us to upgrade all devices to higher software levels but they don't see the urgency (yet). There are factories (worldwide) running behind these devices that run 24/7 and that cannot afford any downtime is the reason.
Though we know that in the end, downtime needs to be reserved, since things will get worse more and more.
Kind regards,
Ralph
Hi Ralph,
I'm with the same problem. Could you find the solution?
Thank you very much, greetings!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.