Monitoring interface traffic with SNMP

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Monitoring interface traffic with SNMP

L2 Linker

Using physical PA boxes, this works fine.  However, with the VM version (at least in Azure) it does not.  Only the mgmt interface shows any traffic when reading interface statistics through SNMP.

 

Is this a known issue?  ethernet1/1 is the untrusted interface and I'd like to chart utilization of it, but it just stays 0.

 

IF-MIB::ifInOctets.1 = Counter32: 271149367
IF-MIB::ifInOctets.2 = Counter32: 0
IF-MIB::ifInOctets.3 = Counter32: 0
IF-MIB::ifInOctets.4 = Counter32: 0
IF-MIB::ifInOctets.5 = Counter32: 0
IF-MIB::ifInOctets.6 = Counter32: 0
IF-MIB::ifInOctets.7 = Counter32: 0
IF-MIB::ifInOctets.8 = Counter32: 0

 

IF-MIB::ifDescr.1 = STRING: mgmt
IF-MIB::ifDescr.2 = STRING: ethernet1/1
IF-MIB::ifDescr.3 = STRING: ethernet1/2
IF-MIB::ifDescr.4 = STRING: ethernet1/3
IF-MIB::ifDescr.5 = STRING: ethernet1/4
IF-MIB::ifDescr.6 = STRING: ethernet1/5
IF-MIB::ifDescr.7 = STRING: ethernet1/6
IF-MIB::ifDescr.8 = STRING: ethernet1/7

5 REPLIES 5

L1 Bithead

I haven't been able to get it work.  PA support told us it was due to Azure limitations and the drivers they are using for their NIC's.  The workaround we were provided was using the Palo Alto chrome app....

That's unfortunate.  I was hoping to add that interface to my "outside world connectivity" dashboard, but I guess that won't be happening.

L0 Member

I just wanted to chime in here that we are currently experiencing this exact same issue in Azure using VM-300's. We have 3 interfaces, including the management interface, and we are only able to see traffic data for the management interface. We've tried using both the 32bit Counters (1.3.6.1.2.1.2.2.1) and the 64bit Counters (1.3.6.1.2.1.31.1.1) and both are 0.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmrcCAC

 

This KB describes the exact same issue; however, the 0 values persist even when using the 64bit Counters. Is anyone able to confirm that this is in fact an Azure problem? It's very odd that some traffic and not all would be showing, especially since the management NIC is also hosted in Azure.

 

SNMPInterfaces64.pngSNMPWalk64.pngSNMPWalkLinux.png

Yep, VM300 on Azure and I get nothing but the MGMT interface. 

 

Anyone had any joy in getting this to work.

 

D.

L2 Linker

What version of PANOS are you running? If it is 9.0 or below, it will not work due to the drivers. It was fixed in PANOS 9.1:

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PMWvCAO

 

 

  • 8900 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!