This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

PA3020 - receive errors and output errors.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

PA3020 - receive errors and output errors.

MPI-AE
L4 Transporter

‎06-12-2017 02:21 AM

Hey!

 

I don't know if that's a real problem:

 

I have a PA-3020 and its internal interfaces are connected to a Cisco 3850 Switch (copper, 1000 Base T)

 

When I do a "show interface ethernet1/5" on the firewall, the receive errors are permanently increasing.

 

On the cisco switchport, there are a lot of output errors.

 

The cables are new.

 

Is anyone in the same situation?

 

Thanks in advance!

0 Likes Likes
8 REPLIES 8

TranceforLife
L6 Presenter

‎06-12-2017 02:26 AM

Hi,

 

Post the output of the show interface command, please:

 

> show interface ethernet1/5

 

The possible events and packets could be the following incorrect length of VLAN tag, unexpected VLAN tag, unsupported L2 protocol, incorrect IP checksum, TCP/UDP packet checksum error, TCP/UDP port 0, Invalid TCP flag, etc. 

https://live.paloaltonetworks.com/t5/Learning-Articles/The-Difference-Between-Receive-Errors-for-Har...


0 Likes Likes

MPI-AE
L4 Transporter
In response to TranceforLife

‎06-12-2017 02:37 AM

eth.JPG

0 Likes Likes

TranceforLife
L6 Presenter
In response to MPI-AE

‎06-12-2017 02:53 AM

Hi,

 

The above-mentioned article explains receive errors counters. So what is happening on the Cisco side? What can you see in the logs or in the interface counters?

0 Likes Likes

MPI-AE
L4 Transporter
In response to TranceforLife

‎06-12-2017 05:08 AM

I get that on the switch port:

eth.JPG

 

But I get that on many interfaces. Very likely that it's a bug of the 3850.

 

And I figured out that the receive error on the firewall interfaces increments every 10 seconds.

 

That is when the switch sends out a keepalive.

 

So maybe everything is fine?!

0 Likes Likes

TranceforLife
L6 Presenter
In response to MPI-AE

‎06-12-2017 05:38 AM - edited ‎06-12-2017 05:39 AM

I am not Cisco expert but l think you are on the right way:

 

https://supportforums.cisco.com/discussion/13018581/catalyst-3850-high-total-output-drops-and-output...

 

 

0 Likes Likes

MPI-AE
L4 Transporter
In response to TranceforLife

‎06-12-2017 08:13 AM

I will try it!

 

I have a last question: I have a Aggregate Link on the Palo Alto with two interfaces.

 

The option "LACP" is disabled.

 

I get a lot of outpot errors on these interfaces.

 

Should I enable LACP on the ae and on the switch?

0 Likes Likes

TranceforLife
L6 Presenter
In response to MPI-AE

‎06-12-2017 08:18 AM

Sorry not an LACP guru but I believe it should be enabled from the both sides and at least one side should be active:

 

https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-LACP/ta-p/65837

0 Likes Likes

MPI-AE
L4 Transporter
In response to TranceforLife

‎06-12-2017 08:32 AM

Thanks for the link!

 

Maybe someone else can share his experiences to do a normal etherchannel or a LACP etherchannel?

0 Likes Likes
  • 5662 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks