08-01-2025 03:47 AM
Hello
I wanted to ask you a question about a problem I just encountered, I have seen the BUG PAN-226361 reproduced in the PA-820
equipment is in version 10.2.10-h9 and yet this BUG has been corrected in the hotfix 7 of the same version, does anyone know if it has been re-activated in higher versions and what is the recommendation of Paloalto in that case? anyone else with the same problem?
|
PAN-226361 This issue is now resolved. See PAN-OS 10.2.10-h7 Addressed Issues. |
Sessions might end unexpectedly with the error resources-unavailable when the firewall incorrectly interprets the Content and Threat Detection (CTD) global packet queue as being full. |
08-04-2025 02:24 AM
Hi @Alpalo ,
There might be other reasons why you are seeing sessions end unexpectedly with the error resources-unavailable.
In bug PAN-226361 this was related to packet-descriptors and memory pools being interpreted incorrectly as depleted.
For example, I've seen similar reports related to ctd_pkt_queued and ctd_pkt_queued_proxy counters going into the negative (PAN-270549).
This also leads to sessions ending with reason 'resources-unavailable' or sessions bypass l7 inspection.
The behavior you're seeing might have a different root cause.
I'd recommend generating a TSF and submitting it to tech support for analysis.
Kind regards,
-Kim.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
