Vwire interfaces are flap

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Vwire interfaces are flap

L4 Transporter

We have a Paloalto connected in vwire mode Cisco ASR1 is  connected on PA eth1/21 (Primary) and Cisco ASA (Primary)is connected on PA eth1/22. Same as Cisco ASR2(secondary) is connected on ethernet1/23 and Cisco ASA(secondary) is connected via Ethernet 1/24. Interface are automatically going down and coming up 

Can any one suggest me why is going up and down and more information where is see more information in logs

 

I have found the KB and logs.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLRBCA4

 

For Brdagent

2020-07-22 08:43:20.893 +0430 Port 24: Down 10Gb/s-full duplex
2020-07-22 08:43:20.895 +0430 PORT24: board_port_autoneg_enabled -> board_port_autoneg, link: 0, mode: 1
2020-07-22 08:43:21.028 +0430 Port 23: POWERDOWN command received
2020-07-22 08:43:21.029 +0430 PORT23: board_port_autoneg_enabled -> board_port_powerdown, link: 0, mode: 1
2020-07-22 08:43:21.029 +0430 Port 23: Powered down
2020-07-22 08:43:22.278 +0430 Petra port 7 link changed - Link Down
2020-07-22 08:45:49.690 +0430 PORT24: board_port_autoneg -> board_port_autoneg_linked, link: 1, mode: 1
2020-07-22 08:45:49.692 +0430 Port 24: Up 10Gb/s-full duplex
2020-07-22 08:45:49.694 +0430 Port 24: MAC enabled
2020-07-22 08:45:49.717 +0430 PORT24: board_port_autoneg_linked -> board_port_autoneg_enabled, link: 1, mode: 1
2020-07-22 08:45:49.718 +0430 Port 23: AUTONEG command received
2020-07-22 08:45:49.727 +0430 PORT23: board_port_powerdown -> board_port_reset, link: 0, mode: 3
2020-07-22 08:45:49.728 +0430 Port 23: Power up

 

For Mprelay Logs 

2020-07-22 08:43:20.895 +0430 IFMon: sys.s1.p24.status changed
2020-07-22 08:43:20.896 +0430 Interface ethernnet1/24 link down, changed from cached state: yes
2020-07-22 08:43:20.896 +0430 IFMon: vwire interface ethernet1/24 link down, check link-state-pass-through
2020-07-22 08:43:20.896 +0430 Set vwire interface ethernet1/23 link state to down
2020-07-22 08:43:20.897 +0430 get interface link properties: name ethernet1/23
2020-07-22 08:43:20.906 +0430 Interface ethernet1/23 current state, speed 4 duplex 2 link 1
2020-07-22 08:43:20.906 +0430 set interface link properties: name ethernet1/23 speed auto duplex auto state down disable no
2020-07-22 08:43:21.032 +0430 IFMon: post event interface ethernet1/24 link down
2020-07-22 08:43:21.032 +0430 IFMon: scheduled link-passthrough scan at 15 seconds later
2020-07-22 08:43:21.033 +0430 IFMon: sys.s1.p23.status changed
2020-07-22 08:43:21.034 +0430 Interface ethernnet1/23 link down, changed from cached state: no
2020-07-22 08:43:21.034 +0430 Interface 23 mode changed from 1 to 3
2020-07-22 08:43:21.034 +0430 IFMon: scheduled link-passthrough scan already scheduled: 2

 

Joshan_Lakhani_0-1595447238139.png

 

5 REPLIES 5

Cyber Elite
Cyber Elite

you'll want to verify speed and duplex settings on all devices and set them identical everywhere (can't have static on one and auto on another)

 

if you can't figure out which link is causing the problem, you can disable 'Link State Pass Through' in the vwire objects (Network > Virtual Wires) temporarily so only the 'faulty' link will go down and you can focus on that

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

@reaper Thanks for reply

 

As Paloalto recommended to configure the AUTO in VWire Mode. As i have also see in my neighbor device an set auto neg. So can i configure Forcefully Duplex Full and speed 1000 as i the port Tengigbit Ethernet. Please suggest https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClMiCAK

@Joshan_Lakhanithe configuration should be identical on all 8 interfaces , so all to auto or all to forced. it is likely one device is set differently and is causing the flap

 

if all are set to auto, it is possible one device is implementing auto diffeently than the others, in which case it may be necessary to force the speed (don't touch the duplex)

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Thanks for you reply @reaper 

 

when i check in auto assistant link  iam facing below issue please suggest what i can do now.

 

 

Joshan_Lakhani_0-1595682632620.pngJoshan_Lakhani_1-1595682663141.png

Joshan_Lakhani_2-1595682693900.png

Joshan_Lakhani_3-1595682712634.png

Joshan_Lakhani_4-1595682731991.png

Joshan_Lakhani_5-1595682751783.png

Joshan_Lakhani_6-1595682774186.pngJoshan_Lakhani_7-1595682801055.pngJoshan_Lakhani_8-1595682821927.png

 

 

 

 

Cyber Elite
Cyber Elite

Well... have you tried doing what i suggested ?

In regards to autoassistant, did you check the logs further, as it suggests?

 

if no to both of the above questions, i guess you may want to open a support case and have the firewall checked by support

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 4041 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!