Hi Libin,

Is the version 11.0.0-264 is stable to use?

What means by FIPS Compliance in AsyncOS 11?

Thank you

Hi 

Async OS 11 is now a general deployment and should be stable for use.
It is currently not available for ESA x90 hardware models though due to a defect seen, no other hardware/virutal models are affected by the defect.

FIPS certification is required on Async OS by government and military organizations, since its not cheap to get certified not all Async OS versions are FIPS compliant.

https://en.wikipedia.org/wiki/FIPS_140-2

Regards,

Libin Varghese

Hi Libin,

According to Release Notes for AsyncOS 11.0, it mentioned that it is available for x90.

Supported Hardware for This Release • All virtual appliance models. • The following hardware models: – C380, C390, C680, or C690 – C170 or C190 – Some C370, C370D, C670 or X1070 appliances To determine whether your appliance is supported, and to remedy the situation if it is not currently compatible, see http://www.cisco.com/c/en/us/support/docs/field-notices/638/fn63931.html. The following hardware is NOT supported for this release: C160, C360, C660, and X1060

Lets say if currently i didnt enable the FIPS, can i proceed with the upgrade?

Thanks in advance and hope you can help me to clarify these thing. 

Yes, you can upgrade to Async OS 11 without FIPS enabled.

Async OS 11 is compatible with x90 models as the release notes suggest, however has been temporarily removed for them in order to fix the below defect.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf14316/?referring_site=bugquickviewredir

It will be made available to x90 models again once the defect is fixed.

Regards,
Libin Varghese

Asyncos used to be FreeBSD based, is the AsyncOS 11 Linux based?

The bug report says:

121 | Linux kernel panic: page fault
122 | Linux kernel panic: db_trace_se
124 | Linux kernel panic: 43

Hello,

AsyncOS 11.x (for ESA) is still primarily FreeBSD based; however, please note that it's an extremely custom build with many proprietary modifications.

Thanks!

-Dennis M.

Hi,

thank you - I was justed surprised about the Linux panic notes in the bug report - where do they come from?

Regards

   Carsten

Hi,

Is it safe to upgrade for x90 hardware?

Kindly advise.

Async OS 11 is temporarily not available for x90 hardware.

You can certainly upgrade it other Async OS releases prior to that.

Regards,

Libin Varghese

The kernel panics are seen via ipmitool which would only be available from back-end (remote access) from TAC. Usually that type of information is not published for public consumption, but it seems like they thought it would be appropriate in this case, especially since there's really no other errors/logs seen other than the kernel panics. 

-Dennis M. 

Is it fixed in build 267(11.0 Hot Patch 1)?

I seems not.

Hello,

Yes, there were some modifications to address the kernal panic issues within 11-0-0-267 for x90 hardware, along with some other fixes. We are not yet sure if it's a complete fix as this is more of a soak test; however, the more important detail of -267 is that we've enabled capturing of the kernal panic itself so that we can further debug. If you are running x90 hardware on -267 and still running into the kernal panics, please open a TAC case ASAP so that we can obtain the needed information and provide to our dev team.

Thanks!

-Dennis M.

Hi,

Async OS 11 is not showing in the available image list in C190 hardware running 10.X code. Is it removed for C190 currently?.

Thanks and Regards

Shabeeb