I have a cluster of 5050s (v7.1.10) that are being prepared to replace another pair of devices. We performed a test migration of the other device config to the 5050s (using the Palo Alto migration tool) and all went well with the test. This config included several FQDN address objects.
To prepare for final migration I wanted to delete the addresses, services, and policies while keeping all other portions of the configuration (such as device config, clustering, logging, etc). I exported the config, deleted the address and service objects and security policies from the XML file, then re-imported the config into the device. All appeared to go well.
I now noticed that the system logs show the device is still attempting to refresh DNS for the FQDN address objects that were deleted. I've searched the running config on the device, exported the config and searched in file, and viewed all relevant areas via the GUI, but I cannot find any configured reference to these FQDNs in the system. However even after rebooting both devices in the cluster, a 'requests system fqnd refresh' still results in the device trying to refresh those entries.
Appreciate any ideas regarding where the system may still be holding this information as well as how to clear it.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!