https://live.paloaltonetworks.com/t5/general-topics/management-interface-dropping-packets/m-p/524748#M108554 <P>Hi,</P> <P>My monitoring system is detecting packet loss on my panorama device. When pinging the DG there is no packet loss. When checked the interface stats on the cli I can see the below.</P> <P>&nbsp;</P> <P>admin@MANPANORAMA01(primary-active)&gt; show interface management</P> <P><BR />-------------------------------------------------------------------------------<BR />Name: Management Interface<BR />Link status:<BR />Runtime link speed/duplex/state: 100/full/up<BR />Configured link speed/duplex/state: auto/auto/auto<BR />MAC address:<BR />Port MAC address 3c:ec:ef:55:38:46</P> <P>Ip address: 192.168.20.21<BR />Netmask: 255.255.254.0<BR />Default gateway: 192.168.20.1<BR />Ipv6 address: unknown<BR />Ipv6 link local address: fe80::3eec:efff:fe55:3846/64<BR />Ipv6 default gateway:<BR />-------------------------------------------------------------------------------</P> <P><BR />-------------------------------------------------------------------------------<BR />Logical interface counters:<BR />-------------------------------------------------------------------------------<BR />bytes received 19514555673572<BR />bytes transmitted 13800146722446<BR />packets received 17142368823<BR />packets transmitted 15211441301<BR />receive errors 0<BR />transmit errors 0<BR />receive packets dropped 821<BR />transmit packets dropped 0<BR />multicast packets received 5<BR />-------------------------------------------------------------------------------</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>What could be causing packet loss on this interface?</P> Wed, 21 Dec 2022 11:41:21 GMT LimaSupport 2022-12-21T11:41:21Z https://live.paloaltonetworks.com/t5/general-topics/management-interface-dropping-packets/m-p/524748#M108554 <P>Hi,</P> <P>My monitoring system is detecting packet loss on my panorama device. When pinging the DG there is no packet loss. When checked the interface stats on the cli I can see the below.</P> <P>&nbsp;</P> <P>admin@MANPANORAMA01(primary-active)&gt; show interface management</P> <P><BR />-------------------------------------------------------------------------------<BR />Name: Management Interface<BR />Link status:<BR />Runtime link speed/duplex/state: 100/full/up<BR />Configured link speed/duplex/state: auto/auto/auto<BR />MAC address:<BR />Port MAC address 3c:ec:ef:55:38:46</P> <P>Ip address: 192.168.20.21<BR />Netmask: 255.255.254.0<BR />Default gateway: 192.168.20.1<BR />Ipv6 address: unknown<BR />Ipv6 link local address: fe80::3eec:efff:fe55:3846/64<BR />Ipv6 default gateway:<BR />-------------------------------------------------------------------------------</P> <P><BR />-------------------------------------------------------------------------------<BR />Logical interface counters:<BR />-------------------------------------------------------------------------------<BR />bytes received 19514555673572<BR />bytes transmitted 13800146722446<BR />packets received 17142368823<BR />packets transmitted 15211441301<BR />receive errors 0<BR />transmit errors 0<BR />receive packets dropped 821<BR />transmit packets dropped 0<BR />multicast packets received 5<BR />-------------------------------------------------------------------------------</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P>What could be causing packet loss on this interface?</P> Wed, 21 Dec 2022 11:41:21 GMT https://live.paloaltonetworks.com/t5/general-topics/management-interface-dropping-packets/m-p/524748#M108554 LimaSupport 2022-12-21T11:41:21Z https://live.paloaltonetworks.com/t5/general-topics/management-interface-dropping-packets/m-p/524756#M108555 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/154359">@LimaSupport</a> ,</P> <P>&nbsp;</P> <P>That is a tough one.&nbsp; Most traffic dropped on the management interface is supposed to be dropped.&nbsp; For example, a Cisco switch could be sending CDP packets.&nbsp; Other layer 2 protocols could also be dropped.&nbsp; I see that you have IPv6 configured.&nbsp; So, it is probably not IPv6.&nbsp; You could have your Permitted IP Addresses <A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClovCAC" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClovCAC</A> configured and these packets do not come from an allowed source.&nbsp; I think the only way to know for sure is to (at the same time) do a packet capture of transmitted packets on the next hop device and received packets on the management interface <A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/take-packet-captures/take-a-packet-capture-on-the-management-interface" target="_blank">https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/monitoring/take-packet-captures/take-a-packet-capture-on-the-management-interface</A> and compare to see which packets are missing from the Panorama capture.</P> <P>&nbsp;</P> <P>The drops are most likely benign and not causing negative impact.&nbsp; If you really want to know, you can do the packet captures.</P> <P>&nbsp;</P> <P>Thanks,</P> <P>&nbsp;</P> <P>Tom</P> Wed, 21 Dec 2022 13:27:33 GMT https://live.paloaltonetworks.com/t5/general-topics/management-interface-dropping-packets/m-p/524756#M108555 TomYoung 2022-12-21T13:27:33Z