Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Nortel Manuals
  4. Network Hardware
  5. 6000 Series
  6. Manual

Nortel 6000 Series Manual page 10

Switched firewall
Hide thumbs

Advertisement

Hitless Upgrade
If you have a high availability setup, consisting of 2 accelerators and 2 or more directors, you can
upgrade the cluster with virtually no downtime. To start the hitless upgrade process, please use
"/boot/software/hitless/activate" command from CLI. For hitless upgrade to work smoothly, make sure the
following conditions are met.
• Both the active and backup accelerators should have all the network links up
• Do not disconnect any network cables or reboot any accelerator or director while
upgrade is in progress.
Hitless upgrade works by upgrading one side of the cluster first, then failing over traffic to that side and
upgrading the other side. Hitless upgrade will pause after upgrading one side and wait for you to re-
establish the trust and push the policy to the upgraded side before failing over to that side. Stateful
session failover is not available during hitless upgrade because Check Point sync will not work between
different versions
Procedure for HITLESS upgrade from CLI
• Use "/boot/software/download" to download R60 or R65 upgrade package
(NSF_Director_4.2.2.0_R60.pkg or NSF_Director_4.2.2.0_R65.pkg).
• Activate 4.2.2 image using "/boot/software/hitless/activate". This should be done only in one SFD.
• Once upgrade is done to one side of the cluster please perform the following on the firewall director
and the CP management server for the firewall to become operational and upgrade to continue to
the other side,
o Reset sic on the firewall director (/cfg/fw/sic).
o Unload the default policy on the firewall director (/maint/diag/uldplcy).
o On the CP management server, Reset and re-initialize sic on the firewall director object.
• Push the Check Point Firewall policy from the CP management server.
Once the other side is upgraded please perform steps 3 & 4 for HA to become operational
Notes:
Upgrade to 4.2.2 from any previous version is not supported through BBI. Only CLI upgrade is supported
Platforms Supported
3.
Hardware Platforms Supported
EB1639067(E5) + EB1639131(E5)
EB1639113(E5) + EB1639131(E5)
©2007-2008 Nortel Networks Limited
PEC
EB1639173(E5)
EB1639174(E5)
MODEL #
Nortel Switched Firewall system 6416
Nortel Switched Firewall System 6616
Nortel Switched Firewall System 6426
Nortel Switched Firewall System 6626
hitless
10

Advertisement

loading

Related Manuals for Nortel 6000 Series

Related Products for Nortel 6000 Series