Exam PCNSE topic 1 question 73 discussion

Correct: B,C ======= PAN-EDU-311 Advanced Troubleshooting Dynamic Routing module "Confirm virtual router runtime status on the active firewall, go to the Network > Virtual Router screen and click on More Runtime Stats" ======= https://live.paloaltonetworks.com/t5/general-topics/bgp-traffic-pcap/td-p/237407 For troubleshooting purposes it may be necessary to collect the PCAPs of the OSPF and BGP traffic that the Palo Alto Networks device is processing. The quickest way to perform troubleshooting is through the CLI. To start the BGP capture, use the following CLI command: > debug routing pcap bgp on

Correct A,C

Idiotic question, but of course you will check the logs before doing a capture ... B is also valid, but I would go with A and C

A and B. It cannot be C because in the runtime stats, you do not look for configuration issues.

I think is A and B

A & C are the correct answer

I would say AC. The question is very similar to the next on (#74) concerning OSPF. They're both routing protocols so it's reasonable to begin basic troubleshooting the same way -- look at the system logs and stats.

It cant be A because, the system logs doesn't generate logs when it comes to traffic, Ive been through the system logs loads of times and never seen BGP traffic errors being logged. B and C looks more relevant

Tested this.

B and C

Which two options would help the administrator troubleshoot this issue? Can it be A and B? When I view the Runtime Stats, can I troubleshoot? or only see the stats? When I look into the sytem log I see info why not onlu stats (just think out loud)

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/network/network-virtual-routers/more-runtime-stats-for-a-virtual-router#id37f2aaf9-bb39-40e8-a838-33f22ccbc05e

C is correct 100% Between A and B - i choose B: > debug routing pcap bgp on this command is designed for BGP troubleshooting as asked in the question

so C is correct. Second answer = Could be A as inside system logs we can filter is based on BGP and see what errors we get. PCAP could possibly valid too.... Also if we are saying no new routes are being populated to vRouter, what is the point of checking runtime logs :/ zzz

I think that A and C are correct. We can check BGP events on System tab and Virtual Router Runtime Status. Capturing traffic is required when we must check if connectivity between peers works correctly.

'Which two options would help...' Not conclusively identify. Troubleshooting best practices dictate you start with the least involved measures. Of the options, performing a PCAP is the most involved. A, B.

B is definitely one of the correct options. BGP debug pcap commands will show by far the most detail when troubleshooting BGP. However, A and C could both be correct. You can view status of BGP in the Runtime Stats section of the Virtual Router and this could tell you if BGP is configured incorrectly (but BGP not establishing isn't necessarily an indicator there is a misconfiguration locally); however this is not where BGP is configured (you have to open/edit the actual VR to configure BGP.) For that reason I think A would be the other correct answer, as you can view BGP events in System logs with this filter: (subtype eq routing) and (description contains 'BGP'), which is more useful for actual troubleshooting than just seeing current status.