The administrator has enabled BGP on a virtual router on the Palo Alto Networks NGFW, but new routes do not seem to be populating the virtual router. Which two options would help the administrator troubleshoot this issue? (Choose two.)
A.
View the System logs and look for the error messages about BGP.
B.
Perform a traffic pcap on the NGFW to see any BGP problems.
C.
View the Runtime Stats and look for problems with BGP configuration.
Correct: B,C
=======
PAN-EDU-311 Advanced Troubleshooting Dynamic Routing module
"Confirm virtual router runtime status on the active firewall, go to the Network > Virtual Router screen and click on More Runtime Stats"
=======
https://live.paloaltonetworks.com/t5/general-topics/bgp-traffic-pcap/td-p/237407
For troubleshooting purposes it may be necessary to collect the PCAPs of the OSPF and BGP traffic that the Palo Alto Networks device is processing. The quickest way to perform troubleshooting is through the CLI.
To start the BGP capture, use the following CLI command:
> debug routing pcap bgp on
how would a pcap help you identify the root cause of the problem (unless you know every bit of the bgp protocol decode), while system logs will display non-ambiguous messages such as peer restart, authentication failed... etc
For troubleshooting purposes it may be necessary to collect the PCAPs of the OSPF and BGP traffic that the Palo Alto Networks device is processing. The quickest way to perform troubleshooting is through the CLI.
I would say AC. The question is very similar to the next on (#74) concerning OSPF. They're both routing protocols so it's reasonable to begin basic troubleshooting the same way -- look at the system logs and stats.
It cant be A because, the system logs doesn't generate logs when it comes to traffic, Ive been through the system logs loads of times and never seen BGP traffic errors being logged.
B and C looks more relevant
Which two options would help the administrator troubleshoot this issue? Can it be A and B?
When I view the Runtime Stats, can I troubleshoot? or only see the stats?
When I look into the sytem log I see info why not onlu stats (just think out loud)
so C is correct.
Second answer = Could be A as inside system logs we can filter is based on BGP and see what errors we get. PCAP could possibly valid too....
Also if we are saying no new routes are being populated to vRouter, what is the point of checking runtime logs :/ zzz
I think that A and C are correct. We can check BGP events on System tab and Virtual Router Runtime Status. Capturing traffic is required when we must check if connectivity between peers works correctly.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ChiaPet75
Highly Voted 4 years, 8 months agohcir
8 months, 1 week agoBreyarg
3 years, 2 months agoEdu147
Highly Voted 5 years, 7 months agonguyncute09
3 months, 3 weeks agotester12
5 years, 5 months agojonboy22
2 years, 8 months agoaf67d32
Most Recent 1 week, 1 day agoDSBlue
1 week, 6 days agokambata
7 months, 3 weeks agohcir
8 months, 1 week ago123XYZT
10 months, 2 weeks agotechplus
1 year, 4 months agosov4
1 year, 6 months agoplaythegamewithme
1 year, 8 months agohcir
8 months, 1 week agoDenskyDen
2 years agolildevil
1 year, 10 months agohdrnzienlaoroljol
2 years agomic_mic
2 years, 1 month agoTAKUM1y
2 years, 5 months agoUFanat
2 years, 8 months agodatz
2 years, 8 months agoasdasd123123iu
2 years, 10 months ago