cOS Core 14.00 FAQ
Last modified on 10 Jan, 2023. Revision 28- FAQs
- What appliances will be supported to run cOS Core 14.00?
- Why will the new appliances only support cOS Core 14.00?
- Is it difficult to upgrade from cOS Core 13.00 to 14.00?
- Can the E or W-series appliances be upgraded to the 64-bit version of cOS Core 14.00?
- What is the benefit of moving to 64-bit on the new appliances?
- Will there be differences between 32-bit and 64-bit cOS Core 14.00?
- Is it complex to migrate from from a 32-bit appliances to a 64-bit appliance?
- How many vCPUs and memory does the different Virtual Appliances support?
- What is the difference between interrupt and polling mode in Virtual Appliances?
- Is the 64-bit version based on Linux?
- Is the minimum recommended 2 or 3 vCPU’s for the 64-bit version?
- Why does the 64-bit version require 3 vCPUs to enable poll-offloading?
- What are the criterias to run interrupt mode using 1 CPU Core on a 64 bit image?
- Which Virtual Appliance Image should I choose, 32-bit or 64-bit Virtual Appliance?
- Related articles
Up to date for | cOS Core 14.00.00 |
Supported since | cOS Core 14.00.00 |
Status | OK |
FAQs
What appliances will be supported to run cOS Core 14.00?
The following existing models will support cOS Core 14.00
- Clavister NetWall E10
- Clavister NetWall E20
- Clavister NetWall E80
- Clavister NetWall W20
- Clavister NetWall W30
- Clavister NetWall W40
- Clavister NetWall W50
- Virtual Appliances running the 32-bit image (VMware, Hyper-V, KVM).
The new appliances introduced 2021 will only support cOS Core 14.00 or later:
- Clavister NetWall 110
- Clavister NetWall 140
- Clavister NetWall 510
- Clavister NetWall 550
- Clavister NetWall 6200
- Clavister NetWall 6600
- Virtual Appliances running the 64-bit image (VMware, KVM).
Any appliance that is released after the release of cOS Core 14.00 will ONLY support cOS Core 14.00 or later.
Why will the new appliances only support cOS Core 14.00?
The new appliances will use a 64-bit version of cOS Core, this version is not possible to to downgrade to older versions as they are only available in 32-bit versions.
Is it difficult to upgrade from cOS Core 13.00 to 14.00?
No, it’s done in the same way as from 12.00 to 13.00 or upgrading from cOS Core 13.00.07 to 13.00.08. Remember to read the release notes for any version specific information.
Can the E or W-series appliances be upgraded to the 64-bit version of cOS Core 14.00?
No, appliances running the 32-bit firmware will not be possible to upgrade to the 64-bit version of cOS Core, also there is no real benefit as the E and W-series appliances are optimized for the 32-bit firmware.
What is the benefit of moving to 64-bit on the new appliances?
There are a number of benefits, mainly the possibility to use more memory, but also leverage new hardware features that is not available when using 32-bit.
Will there be differences between 32-bit and 64-bit cOS Core 14.00?
There is no visible difference between the two versions, except that the 64-bit version will be able to use more memory. Over a longer time period there might be diverging feature set on old appliances (running 32-bit) and new appliances (running 64-bit), where some features requiring 64-bit processing will only be available on newer appliances. But as long as possible Clavister will try to keep feature parity. There was a similar situtaion with cOS Core 12.00 where some features did not work on IXP-based platforms (Clavister E5 and E7) due to hardware limitations.
Is it complex to migrate from from a 32-bit appliances to a 64-bit appliance?
No, it’s not complex at all, it’s as easy as it was upgrading from Clavister E7 to Clavister NetWall E80.
How many vCPUs and memory does the different Virtual Appliances support?
32-bit Image (x86) | 64-bit Image (x86_64) | 64-bit Image (ARMv8) | Comment | |
---|---|---|---|---|
Number of vCPU Supported | ||||
1 vCPU | ![]() | ![]() | ![]() | 32-bit image: The image will run in interrupt mode. 64-bit image: The image can run in either interrupt mode or polling mode (See below for details) |
2 vCPU | ![]() | ![]() | The image will run in polling mode. | |
3 vCPU | ![]() | The image will run in polling mode and use one vCPU for interface offloading. | ||
Recommended Memory | ||||
Min | 512 MB | 1 GB | 1 GB | cOS Core and run with less memory if needed, but this is the recommended minimum for normal operation. |
Max | 4 GB | 16 GB | 16 GB |
What is the difference between interrupt and polling mode in Virtual Appliances?
The main difference between interrupt and polling is that in interrupt, the device notifies the CPU that it requires attention while, in polling, the CPU continuously checks the status of the devices to find whether they require attention. In brief, an interrupt is asynchronous whereas polling is synchronous. This means that when running polling mode the CPU load on the VM will always be 100%.
Is the 64-bit version based on Linux?
From 14.00, cOS Core is using Linux as a boot loader when running 64-bit, Linux is used for memory management, file system access, etc, (same functions is provided by “Firewall Loader/FWLDr” in 32-bit cOS Core). The Clavister cOS Core is still directly using the network cards so no network traffic can reach the Linux subsystem.
Is the minimum recommended 2 or 3 vCPU’s for the 64-bit version?
While it is possible to run using only 1 vCPU it is recommended to use at least two as one vCPU will then be used by the Linux base system which is used for memory management, disk access and more. Using only 1 vCPU may result in packet latency as both cOS Core and the Linux base will share the same CPU.
Why does the 64-bit version require 3 vCPUs to enable poll-offloading?
See previous answer, since Poll-offloading requires a dedicated vCPU it would not be enough to allocate only two vCPU’s in order to enable this feature.
What are the criterias to run interrupt mode using 1 CPU Core on a 64 bit image?
Below is a small list of the requirements in order to run interrupt mode on 64 bit.
- A Virtual system.
- Only 1 CPU core allocated (so no poll-cores enabled).
- Advanced setting->Misc->"Interface Interrupt mode" must be set to Auto (default).
- The VIRT-IO interface driver is NOT used.
- Note: Interrupt mode is currently verified to work with the E1000E driver for VMware. Mixing e.g. VIRT-IO and E1000E will cause it to fall back to polling mode.
Which Virtual Appliance Image should I choose, 32-bit or 64-bit Virtual Appliance?
This depends on your need, if you need many small firewalls, using as little resources as possible you should select the 32-bit image, if you need high performance the 64-bit image with multiple vCPUs are abetter choice.
Related articles
11 Jan, 2023 ipsec core vpn
22 Sep, 2021 core ftps sftp
23 Aug, 2022 core ipreputation
21 Oct, 2022 core arp routing
25 Nov, 2022 core hyperv azure
9 Dec, 2022 arp core
14 Nov, 2022 incontrol cli core webui
14 Dec, 2022 core
23 Aug, 2022 core certificate oneconnect ipsec vpn
23 Aug, 2022 sslvpn openconnect oneconnect android core
17 Nov, 2022 core license updates idp antivirus wcf ipreputation applicationcontrol
19 Oct, 2022 core wizard setup
8 Sep, 2020 snmp core wireshark
30 Mar, 2022 core ethernet netwall coscore
9 Dec, 2022 core stateless connections
2 Feb, 2021 core sslvpn macos certificate
26 Jan, 2023 core rules transpose
23 Nov, 2022 core ipsec
19 Feb, 2021 core arp
7 Sep, 2022 core cli pcap netwall pcapdump
23 Aug, 2022 core ha cluster
17 Oct, 2022 core license
22 Mar, 2021 core ipsec routing
23 Aug, 2022 vmware log ha rarp arp core
24 Nov, 2022 core snmp
22 Jan, 2021 core ipreputation
15 Apr, 2021 core brokenlink cluster
17 Jun, 2021 core ipsec routing
23 Aug, 2022 core arp garp
9 Mar, 2021 core ping connections
5 Mar, 2021 sslvpn openconnect oneconnect linux core
8 Apr, 2021 core sslvpn oneconnect interfaces arp
30 Nov, 2022 core routing
1 Jun, 2022 core routing management
8 Sep, 2020 core ipreputation blacklist threatprevention
23 Jun, 2021 core connections
31 Mar, 2022 incontrol core netcon netwall ha cluster coscore
25 May, 2022 howto core authenticator authentication webauth captive
25 Nov, 2022 core routing bgp
13 May, 2022 core license
24 May, 2021 core howto mdns multicast transparentmode airprint igmp dns
21 Apr, 2021 core cluster ha
14 Apr, 2021 core license ipsec
8 Sep, 2020 core ipsec rules access
26 May, 2021 kvm core arm x86
27 Jan, 2023 ipsec core windows vpn l2tp
25 Jan, 2022 core ethernet settings
15 Nov, 2022 tcp log core
28 Nov, 2022 core loopback license
6 Jul, 2021 core stream tcpsequence sequence stateless
15 Nov, 2022 core cli
2 Nov, 2022 core threshold
11 Apr, 2021 core sfp gbic hardware
23 Aug, 2022 core oneconnect
28 Nov, 2022 core configuration oneconnect
17 Oct, 2022 core wcf
1 Dec, 2022 ipsec core
28 Oct, 2020 core howto ethernet packetloss cpu
14 Dec, 2022 ha core idp cli cluster antivirus configuration
24 Nov, 2021 core arm kvm
20 Jan, 2023 core log webui memlog
25 Nov, 2022 core configuration sslvpn management
7 Dec, 2022 pcapdump log cli core logsnoop
29 Jun, 2021 core oneconnect
7 Dec, 2022 ipsec ike troubleshoot core
23 May, 2022 core log logreceiver
14 Dec, 2022 core ipsec
23 Aug, 2022 howto core pbr routing netwall isp
20 May, 2021 kvm core arm coscore netwall
1 Dec, 2022 applicationcontrol core
23 Aug, 2022 core behaviour icmp ping traceroute
15 Dec, 2022 core routing ospf
6 Dec, 2022 core dns
7 Nov, 2022 core cpu troubleshoot
23 Aug, 2022 core ipsec license memory
7 Nov, 2022 core arp log routing
18 Nov, 2022 core cluster
30 Nov, 2020 howto core cloud-init dhcp
15 Dec, 2021 core idp ipreputation log4j
28 Nov, 2022 core stream
24 Mar, 2021 core connections
21 Jun, 2022 core ha hacluster netwall coscore slb
7 May, 2021 core ethernet vlan arp garp
2 Dec, 2022 netwall ikev2 windows certificate vpn core
10 Oct, 2022 core mtu netwall mtudiscovery
23 Aug, 2022 core connections ipsec memory
27 Jan, 2021 core stateless routing brokenlink
23 Aug, 2022 sslvpn openconnect oneconnect macos windows linux core
8 Jul, 2021 incontrol domains core
21 Nov, 2022 radius ldap authentication core
2 Dec, 2022 dhcp ipsec core