Show Commands to Verify L3 Sub-interface Configuration

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Show Commands to Verify L3 Sub-interface Configuration

L3 Networker

Hello Community,


I have configured L3 Sub-Interface on a Palo Alto firewall in a virtual environment. Can someone please let me know if there are any show commands to verify that the configuration is working successfully?


Thank you




L4 Transporter

Shoudl be show interface adn interface#/#.# Build int lab to confirm


admin@PALO-TIA-03P(active-primary)> show interface ethernet1/3.10

Name: ethernet1/3.10, ID: 1035, 802.1q tag: 10
Operation mode: layer3
Interface IP address:
Interface management profile: N/A
Service configured:
Zone: N/A, virtual system: vsys1
Adjust TCP MSS: no

Hi Clyde,


Thanks for getting back to me.


Aren't there any other show commands than the one you provided below?



Community Team Member

This info is also included in the command Clyde provided but doing 'show counter interface ethernet1/3.10' shows logical interface numbers ... any number other than 0 should indicate traffic going through the logical interface.  For physical counters you should use the physical interface.


admin@PA-VM> show counter interface ethernet1/3.10


Interface: ethernet1/3.10



Logical interface counters read from CPU:


bytes received                           25406

bytes transmitted                        0

packets received                         285

packets transmitted                      0

receive errors                           0

packets dropped                          236

packets dropped by flow state check      0

forwarding errors                        0

no route                                 236

arp not found                            0

neighbor not found                       0

neighbor info pending                    0

mac not found                            0

packets routed to different zone         0

land attacks                             0

ping-of-death attacks                    0

teardrop attacks                         0

ip spoof attacks                         0

mac spoof attacks                        0

ICMP fragment                            0

layer2 encapsulated packets              0

layer2 decapsulated packets              0



Hope it helps.


LIVEcommunity team member, CISSP
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

Thanks KiWi

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!