FroDo Comware Upgrade
We would like to announce a staged upgrade of the version of Comware running on our HPE 5510 FroDos. This blog entry aims to answer the majority of questions that this work will raise. Please, however, feel free to contact the Networks team with any further questions at networks@it.ox.ac.uk
Why?
As part of ongoing maintenance it is essential that we keep our FroDo software up to date. The new version of software being deployed addresses a number of vulnerabilities and bugs. For those interested this upgrade takes us from R1309 to R1309 P06 and involves over 300 devices.
Relevant Bug Fixes
201806290399
• Symptom: The value of the snmpEngineboot node is incorrect.
• Condition: This symptom occurs if the whole IRF fabric is rebooted to cause a master/subordinate switchover.
Addressed Vulnerabilities
This release addresses the following CVE
CVE-2016-9586
CVE-2017-15896
CVE-2017-3737
CVE-2017-3738
CVE-2017-3736
CVE-2017-12190
CVE-2017-12192
CVE-2017-15274
CVE-2017-15299
CVE-2017-1000253
CVE-2017-3735
CVE-2017-6458
CVE-2016-9042
CVE-2014-9297
CVE-2015-9298
Information about the detail of these vulnerabilities can be found at https://cve.mitre.org/cve/search_cve_list.html
Impact
The expected impact is ~5-10 minutes for Option 1 customers during which time the FroDo will reload and external services will not be available. For Option 2 customers the impact is expected to be minimal thanks to the In Service Software Upgrade (ISSU) capability introduced in the firmware update applied in August 2017.
We will be carrying out the upgrades between 06:00 and 07:30 to minimise impact.
Timescale
We plan to upgrade approximately 80 FroDo’s on the each of the following days:
Group A: Tuesday 18th September
Group B: Thursday 20th September
Group C: Tuesday 25th September
Group D: Thursday 27th September
Schedule
We have attempted,where possible, to group devices around main sites and annexes so that those sites will only see one period of disruption. Detailed schedules listing devices and dates can be found at https://docs.ntg.ox.ac.uk/pub/reference/FroDoUpgrade-Sep2018
Once again, if you have any further queries then please contact us at networks@it.ox.ac.uk