Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1366
Views
10
Helpful
2
Replies

Adding a network module to Firepower 4110

Go to solution
Ivan Drobilo
Level 1
Level 1

‎03-10-2022 06:17 AM

Hi all,

 

I am planning to add 10Gb network modules to a existing FP4110 devices (running container instances) and I have a question regarding the impact of the change. According to HA requirements for FTD, both FTDs should "have the same number and types of interfaces".

My plan was to power off the secondary/standby units, install the module and power the device back on in order to initialize the module. When the standby boots and HA is reformed, I move these secondary/standby units to active and do the same install on the primary units.

The FTD HA requirements also state that they have to "Be the same model. In addition, for container instances, they must use the same resource profile attributes." However,  it is possible to maintain FTD HA while making changes to the resource profile on FXOS, so for a period of time both units do not have matching resource profiles.

I would expect the same to be possible while installing modules, but I do not have a spare/test FP4110 units to check.

 

My question is whether I should expect downtime or other issues with HA during the time when the secondary unit has the module installed, but the primary still does not?

 

Thank you!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-10-2022 06:49 AM

Until interfaces from the new module are allocated to the logical devices they don't have any knowledge of the module. So your HA will be unaffected by adding a network module to one of the chassis while you wait to add the same to the other one.

Once you have them in both chassis and add them to a given logical device there will indeed be a temporary period during which the hardware doesn't match. I haven't tried it to see how HA behaves at that point in time but I would expect it to allow it and just give a warning - similar to how it reacts during an upgrade.

View solution in original post

2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-10-2022 06:49 AM

Until interfaces from the new module are allocated to the logical devices they don't have any knowledge of the module. So your HA will be unaffected by adding a network module to one of the chassis while you wait to add the same to the other one.

Once you have them in both chassis and add them to a given logical device there will indeed be a temporary period during which the hardware doesn't match. I haven't tried it to see how HA behaves at that point in time but I would expect it to allow it and just give a warning - similar to how it reacts during an upgrade.

Go to solution
Ivan Drobilo
Level 1
Level 1
In response to Marvin Rhoads

‎03-10-2022 11:12 PM

Hi Marvin,

 

thank you very much.

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card