Fortinet white logo
Fortinet white logo

FortiGate-7000F Handbook

HA cluster firmware upgrades

HA cluster firmware upgrades

All of the FIMs and FPMs in a FortiGate-7000F HA cluster run the same firmware image. You upgrade the firmware from the primary FIM in the primary FortiGate-7000F.

If uninterruptible-upgrade and session-pickup are enabled, firmware upgrades should only cause a minimal traffic interruption. Use the following command to enable these settings; they are disabled by default. These settings are synchronized.

config system ha

set uninterruptible-upgrade enable

set session-pickup enable

end

When these settings are enabled, the primary FortiGate-7000F primary FIM uploads firmware to the secondary FortiGate-7000F primary FIM, which uploads the firmware to the secondary FIM and the FPMs in the secondary FortiGate-7000F. Then the FIMs and FPMs in the secondary FortiGate-7000F upgrade their firmware, reboot, and resynchronize.

Then all traffic fails over to the secondary FortiGate-7000F which becomes the new primary FortiGate-7000F. Then the FIMs and FPMs in the new secondary FortiGate-7000F upgrade their firmware and rejoin the cluster. Unless override is enabled, the new primary FortiGate-7000F continues to operate as the primary FortiGate-7000F.

Normally, you would want to enable uninterruptible-upgrade to minimize traffic interruptions. But uninterruptible-upgrade does not have to be enabled. In fact, if a traffic interruption is not going to cause any problems, you can disable uninterruptible-upgrade so that the firmware upgrade process takes less time.

As well, some firmware upgrades may not support uninterruptible-upgrade. Make sure to review the release notes before running a firmware upgrade to verify whether or not enabling uninterruptible-upgrade is supported to upgrade to that version.

Note

To make sure a FortiGate-7000F firmware upgrade is successful, before starting the upgrade Fortinet recommends you use health checking to make sure the FIMs and FPMs are all synchronized and operating as expected.

If you are following a multi-step upgrade path, you should re-do health checking after each upgrade step to make sure all components are synchronized before the next step.

You should also perform a final round of health checking after the firmware upgrade process is complete.

For recommended health checking commands, see the following Fortinet community article:

Technical Tip: FortiGate-6000/7000 Chassis health check commands.

HA cluster firmware upgrades

HA cluster firmware upgrades

All of the FIMs and FPMs in a FortiGate-7000F HA cluster run the same firmware image. You upgrade the firmware from the primary FIM in the primary FortiGate-7000F.

If uninterruptible-upgrade and session-pickup are enabled, firmware upgrades should only cause a minimal traffic interruption. Use the following command to enable these settings; they are disabled by default. These settings are synchronized.

config system ha

set uninterruptible-upgrade enable

set session-pickup enable

end

When these settings are enabled, the primary FortiGate-7000F primary FIM uploads firmware to the secondary FortiGate-7000F primary FIM, which uploads the firmware to the secondary FIM and the FPMs in the secondary FortiGate-7000F. Then the FIMs and FPMs in the secondary FortiGate-7000F upgrade their firmware, reboot, and resynchronize.

Then all traffic fails over to the secondary FortiGate-7000F which becomes the new primary FortiGate-7000F. Then the FIMs and FPMs in the new secondary FortiGate-7000F upgrade their firmware and rejoin the cluster. Unless override is enabled, the new primary FortiGate-7000F continues to operate as the primary FortiGate-7000F.

Normally, you would want to enable uninterruptible-upgrade to minimize traffic interruptions. But uninterruptible-upgrade does not have to be enabled. In fact, if a traffic interruption is not going to cause any problems, you can disable uninterruptible-upgrade so that the firmware upgrade process takes less time.

As well, some firmware upgrades may not support uninterruptible-upgrade. Make sure to review the release notes before running a firmware upgrade to verify whether or not enabling uninterruptible-upgrade is supported to upgrade to that version.

Note

To make sure a FortiGate-7000F firmware upgrade is successful, before starting the upgrade Fortinet recommends you use health checking to make sure the FIMs and FPMs are all synchronized and operating as expected.

If you are following a multi-step upgrade path, you should re-do health checking after each upgrade step to make sure all components are synchronized before the next step.

You should also perform a final round of health checking after the firmware upgrade process is complete.

For recommended health checking commands, see the following Fortinet community article:

Technical Tip: FortiGate-6000/7000 Chassis health check commands.