Known Issues When Using NFS Logdb on Panorama
Resolution
While Panorama maintains internal storage for log files and statistical data, PAN-OS 4.0 and above supports the addition of storage space through the use of an external NFS (Network File System) data store, Palo Alto Networks has identified some issues when NFS dynamic log partition is enabled on Panorama. The following is a list of the known problems, fixes and workarounds.
NFS monitor may cause Panorama to restart:
When the NFS server is under heavy load, it responds slowly to the probing messages issued by the Panorama NFS monitor, which may record a response failure. When the threshold for failed responses is reached, Panorama reboots. The issue is fixed in PAN-OS version 4.0.7. The new "show" and "set" commands for the dynamic log partition were introduced in 4.0.7 as well.
To view the threshold:
>show system nfs dynamic-logging-partition threshold
Change the threshold (configuration mode).The threshold is the number of failures tolerated before rebooting Panorama.
#set system nfs dynamic-logging-partition threshold
Show how many failures have already occurred:
>show system nfs dynamic-logging-partition failures
Kernel Race Condition
A kernel race condition (contention over the same resource) is causing Panorama to reboot. The workaround is to use a single CPU on the Panorama virtual machine. The fix is in PAN-OS 4.1, slated for release within the next 30 days.
Management Server Core
The logs forwarded from the devices carry less data than the Panorama management server expects, causing Panorama to reboot. This issue has been addressed in PAN-OS 4.0.7 (Bug 32054).
owner: panagent