Check Point Gaia OS is based on RHEL 5.2 distribution and kernel.
All supported FW versions today are using 2.6.18-92 kernel. According to RH release dates, it is almost 8 years old now. Since then, Red Hat released two major versions and numerous minor releases.
Most disturbing, RHEL support for production systems only lasts 10 years, according to RH Life Cycle policies. In reality that means less and less drivers being supported with older kernels, thus fewer compatible open server options available.
I would hope to see kernel changed with the last main release, R80, but apparently it is not the case.
Does Check Point plan to use a modern Linux kernel any time soon? I do not know. Do you?
--------------------
To support Check Point Video Nuggets project send your donations to https://www.paypal.me/cpvideonuggets
To support this blog simply subscribe to Indeni tech news via this link.
All supported FW versions today are using 2.6.18-92 kernel. According to RH release dates, it is almost 8 years old now. Since then, Red Hat released two major versions and numerous minor releases.
Most disturbing, RHEL support for production systems only lasts 10 years, according to RH Life Cycle policies. In reality that means less and less drivers being supported with older kernels, thus fewer compatible open server options available.
I would hope to see kernel changed with the last main release, R80, but apparently it is not the case.
Does Check Point plan to use a modern Linux kernel any time soon? I do not know. Do you?
--------------------
To support Check Point Video Nuggets project send your donations to https://www.paypal.me/cpvideonuggets
To support this blog simply subscribe to Indeni tech news via this link.
If I am not misstaken there was information about this on CPX in France. That they would go to a newer redhat release in R80.20
ReplyDeleteAre you sure? That was not Dorit's road map sessions, certainly. Who said that?
DeleteIt's in the GAIA tips and tricks session.
DeleteIt's coming, and was announced at CPX. There will be an alignment with 7, but to add that to all the changes in r80 would have made QA painfully longer.
ReplyDeleteThanks. I am not sure there was such a session in Nice.
DeleteWhat about VSX redesign and rebuild to the normal DB management? Using of objects_5_0.C and VRF patch is ridiculous in 2016.
ReplyDeleteDone already in R80 management, actually. It finally uses not even one but two databases
DeleteI heard it in Nice (advanced appliance track, 2nd day) and it was announced as RHEL7 Kernel 3.10 for 2017
ReplyDeleteThanks, Norbert.
ReplyDeleteIn one of the sessions in CPX (R80 management I think it was) they said they are aiming for new kernel in 2017 with R80.20 release.
ReplyDeleteThe problem slowing down the transition to never kernels lies in VSX, which utilizes the linux VRF mechanism for route separation. The newer kernel's network namespaces is different implementation than the old one in 2.6 kernel. CP is certainly determined to change the kernel (as they must have struggled to find and choose the hw with relevant drivers for their new appliances), but it's not easy change, apparently.
ReplyDeleteWe are actively working on the alignment and expect it to be ready in 2017
ReplyDeleteGood to know, Liran. Can you give us more details about the target version?
DeleteThe R80.10 EA team told me, that R80.20 will have a new kernel
ReplyDelete