Imperva Cyber Community

Expand all | Collapse all

MTU size config survives but not enforced after upgrade/patch installation

  • 1.  MTU size config survives but not enforced after upgrade/patch installation

    CHAMPION
    Posted 10-25-2019 11:23
    According to this article https://imperva.my.salesforce.com/kA0D0000000PM7g?popup=true, if you change MTU size of interfaces, this config will survive after upgrade/patch installation.

    This is true but config is not enforced after device first boot of post upgrade/patch installation and you need to reboot the appliance or run "service network restart" command manually.

    I think, this enforcement can be included to upgrade/patch process and not to be required to run manually.
    #AllImperva

    ------------------------------
    cezmi çal
    technical expert
    Barikat Cyber Security
    ------------------------------


  • 2.  RE: MTU size config survives but not enforced after upgrade/patch installation

    Imperva Employee
    Posted 10-25-2019 17:49
    Thank you sharing your experience - I'd like to get some more detail, and feed it back in to our development team.

    What was the "original" version of SecureSphere, and what was the "upgrade" version?
    Was this an MX or Gateaway?
    If a Gateway, was this a physical Gateway or VM Gateway?
    If a physical Gateway, was this copper / 1G, or Fiber/10G NICs?
    Were the NICs in question the management NIC, bridge NICs or all NICs?

    Thank you,
    Erik

    ------------------------------
    Erik Hersker
    Sr. Technical Account Manager
    ------------------------------



  • 3.  RE: MTU size config survives but not enforced after upgrade/patch installation

    CHAMPION
    Posted 10-31-2019 07:19
    Hi Erik,

    According to Phil's last post, it can be replicated on any version. Do you still need specific details of my environment?

    @Phil Klassen Firstly, thank you for testing and opening a feature request. As I see, this config survive after a patch installation but still it is not activated without reboot or service restart.

    Lastly, is there any opportunity to follow related FR status/updates?

    ------------------------------
    cezmi çal
    technical expert
    Barikat Cyber Security
    ------------------------------



  • 4.  RE: MTU size config survives but not enforced after upgrade/patch installation

    Imperva Employee
    Posted 10-28-2019 08:19
    This should not be the case
    If you edit the ifcfg file and do a save - it should save the change

    I just did a test where I changed the MTU and rebooted 
    The interface came up with an MTU of 9000

    i did find that the ONBOOT parameter must be set to 'yes' to be applied 
    Are there any other details that may help explain the difference  seen

    ------------------------------
    Phil Klassen
    ------------------------------



  • 5.  RE: MTU size config survives but not enforced after upgrade/patch installation

    Imperva Employee
    Posted 10-28-2019 12:20
    I need to amend my response - we will need to open a feature request for suitability after an upgrade 
    It should survive a patch 

    Your FR for surviving an upgrade is 00465604
    Thanks

    ------------------------------
    Phil Klassen
    ------------------------------