Attention: Please read this article completely!
It´s very important to not risk any abnormal behaviour on your device!
October 6th - Zyxel recently found out, that some firmware versions affected by an "FQDN" bug. This bug will cause multiple issues (see below). If you are using FQDN, it´s a must-have to follow this article to smoothly recover your device without any risk.
Affected Firmware Versions:
If you are using one of the above Firmware Versions on one of our affected devices, please make sure to check if you are using FQDN objects.
Check by SSH:
show running-config |match "fqdn"
If you see an output like:
address-object "Name" "FQDN"
You are affected, please follow the procedure below to upgrade successfully to one of the following firmware versions:
- Upgrade to 4.39 WK38
- Upgrade to 4.55 WK38
- Upgrade to 4.60C0 (coming Q4/2020)
If you don´t get any output, it´s fine, you can skip this article and you don´t need to the coming modification.
Preparation Steps (Local Way 1):
- Backup your configuration
(Go to Maintenance -> File Manager -> Select: "startup-config" and Download it. You can also choose the "Copy" button and copy it.
- Remove all "FQDN" related configurations (Firewall Linking, Address Objects...)
- Type via SSH: show running-config |match "fqdn" make sure there is no more FQDN config part visible
- Reboot the device (without Firmware upgrade) - this is mandatory to stop FQDN process & Cleanup cache
- Device may stuck now and need manual reboot by On-Site Agent (wait 10 min before execute)
- Upgrade new Firmware to RUNNING Partition
- Restore your FQDN Backup Config or re-configure this part manually
- Upgrade new Firmware to Standby Partition after device boot successfully in Step 6.
Recovery Steps (Local Way 2):
1.) Backup your configuration
2.) Reset Firewall to System Default
3.) Upgrade newer firmware
4.) Restore configuration
Recovery Steps (Remote):
We are working on a method for that, but it´s not available. Please contact our Support Team, if you need that.
The recovery steps only need to be done once. If you do it and upgrade the firmware to future versions i.e. WK42, 4.61, 4.70 and so on, you can keep FQDN objects in config from WK38 onwards.'
If you don´t do recovery steps, it can have below listed issues, till you fix your configuration!
Possible Issues show up if you are affected (Configured FQDN) + using affected Firmware version
Scenario 1 - Device stuck in the boot process
- Device can´t boot up successfully after Firmware Upgrade is done
Scenario 2 - Partition switch impossible
- Change from "Running" to "Standby" Partition failed (System boot up running again)
Scenario 3 - Previous Firmware Upgrade failed message in Dashboard
- The Dashboard will show "Previous Firmware Upgrade failed" in red in dashboard
Scenario 4 - Firmware #1 Broken & Image Recovery Point Failed
- The Monitor -> Log will show the message, it´s not an RMA case, the device config in this partition is broken (FQDN configured)
Scenario 5 - TCP / UDP Session Timeouts
- Some TCP or UDP sessions may timeout or not deliver at the right time
Scenario 6 - Internet Slowness
- In case of FQDN module is busy, it could slow down Internet Connection in the backend
We are very sorry, that we missed this bug during our Quality Check and we have adjusted needed test flow, to ensure you get the best quality out of the box.
If you encounter any trouble or have any questions, feel free to be in touch with our Support Team