Fortinet black logo

Hyperscale Firewall Release Notes

Home FortiGate / FortiOS 6.4.11 Hyperscale Firewall Release Notes
6.4.11
7.2.4
7.2.3
7.2.2
7.2.1
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.6
6.2.9
6.2.7
6.2.6

Resolved issues

Resolved issues

The following issues have been fixed in Hyperscale firewall for FortiOS 6.4.11 Build 2030. For inquires about a particular bug, please contact Customer Service & Support. The Resolved issues described in the FortiOS 6.4.11 release notes also apply to Hyperscale firewall for FortiOS 6.4.11 Build 2030.

Bug ID

Description

763966

Resolved an issue that would cause the FGSP to synchronize NP7 sessions from all VDOMs when FGSP is configured to synchronize sessions from a hyperscale VDOM.
756537 Hyperscale firewall sessions now appear on FortiView sessions pages.

766906 838467

Resolved issues with the timestamp format in CPU logging (also called host logging) log messages.

773583

The diagnose sys npu-session purge command now successfully removes all hardware sessions.

782674 782241

Resolved an issue that caused running HA diagnostics to reduce performance on the primary and secondary FortiGates in an FGCP HA cluster with hyperscale firewall VDOMS processing relatively high numbers of connections per second.

795853

Disabling EIF and EIM in a hyperscale firewall policy actively processing traffic no longer causes errors in the NP7 firewall policy database.
807476

Packet buffers are now successfully cleaned up after going through host interface TX/RX queues.
809030 Resolved an issue that could sometimes cause traffic accepted by hyperscale firewall policies with port block allocation (PBA) IP pools to be dropped. The problem would occur after changing the hyperscale firewall policy configuration.
810025 Using EIF to support hairpinning now works as expected for NAT64 sessions.

836443

Interface routes are now successfully deleted from the NP7 LPM routing table after moving an interface to a different VDOM. This change also resolves an issue with DHCP servers on interfaces in hyperscale firewall VDOMs

839958

The service-negate firewall policy option now works as expected in a hyperscale deny policy.

848938

Resolved an issue that could cause the Session Search Engine (SSE) running on an NP7 processor on the primary FortiGate in an FGCP cluster to stop working after received an HASYNC message from the secondary FortiGate.

849741

Resolved issues with how NP7 processors handled jumbo frames that could cause problems with processing regular traffic.
Previous
Next

Resolved issues

The following issues have been fixed in Hyperscale firewall for FortiOS 6.4.11 Build 2030. For inquires about a particular bug, please contact Customer Service & Support. The Resolved issues described in the FortiOS 6.4.11 release notes also apply to Hyperscale firewall for FortiOS 6.4.11 Build 2030.

Bug ID

Description

763966

Resolved an issue that would cause the FGSP to synchronize NP7 sessions from all VDOMs when FGSP is configured to synchronize sessions from a hyperscale VDOM.
756537 Hyperscale firewall sessions now appear on FortiView sessions pages.

766906 838467

Resolved issues with the timestamp format in CPU logging (also called host logging) log messages.

773583

The diagnose sys npu-session purge command now successfully removes all hardware sessions.

782674 782241

Resolved an issue that caused running HA diagnostics to reduce performance on the primary and secondary FortiGates in an FGCP HA cluster with hyperscale firewall VDOMS processing relatively high numbers of connections per second.

795853

Disabling EIF and EIM in a hyperscale firewall policy actively processing traffic no longer causes errors in the NP7 firewall policy database.
807476

Packet buffers are now successfully cleaned up after going through host interface TX/RX queues.
809030 Resolved an issue that could sometimes cause traffic accepted by hyperscale firewall policies with port block allocation (PBA) IP pools to be dropped. The problem would occur after changing the hyperscale firewall policy configuration.
810025 Using EIF to support hairpinning now works as expected for NAT64 sessions.

836443

Interface routes are now successfully deleted from the NP7 LPM routing table after moving an interface to a different VDOM. This change also resolves an issue with DHCP servers on interfaces in hyperscale firewall VDOMs

839958

The service-negate firewall policy option now works as expected in a hyperscale deny policy.

848938

Resolved an issue that could cause the Session Search Engine (SSE) running on an NP7 processor on the primary FortiGate in an FGCP cluster to stop working after received an HASYNC message from the secondary FortiGate.

849741

Resolved issues with how NP7 processors handled jumbo frames that could cause problems with processing regular traffic.
Previous
Next