Palo Alto Networks Knowledgebase: Palo Alto Networks Device not Installing Routes like 128.0.0.0/1 or 192.0.0.0/2 Learned Through OSPF

Palo Alto Networks Device not Installing Routes like 128.0.0.0/1 or 192.0.0.0/2 Learned Through OSPF

1364
Created On 02/07/19 23:39 PM - Last Updated 02/07/19 23:39 PM
Content Release Deployment
Resolution

Symptom

The Palo Alto Networks device is not installing routes like 128.0.0.0/1 or 192.0.0.0/2 learned through OSPF. The routes can be seen under LSDB, but are not seen under routing table.

 

For example, run the following CLI command to see the routes under the LSDB:

> show routing protocol ospf lsdb

 

VIRTUAL ROUTER: default (id 1)

  ==========

VR Area ID   Orig RTR ID  LS ID          LSA Type          Seq Number CheckSum   Age Size

1  0.0.0.50  10.46.32.87  10.46.40.87/24 type-2 (Network)  0x80000002 0x00005D4B  8  32

1            10.46.32.65  128.0.0.0/1    type-5 (External) 0x80000001 0x0000A98E  2  49

 

However, route 128.0.0.0/1 is not seen under the routing table:

> show routing route type ospf

 

VIRTUAL ROUTER: default (id 1)

  ==========

destination    nexthop metric flags age interface next-AS

10.46.40.0/24  0.0.0.0 10     Oi    523 ethernet1/3

 

total routes shown: 1

 

Cause

Subnets like 128.0.0.0/1 or 192.0.0.0/2 covers the multicast subnet as well. When installing routes from the unicast routing protocols like OSPF, the Palo Alto Networks device checks for the valid IPv4 unicast route before installing it into the routing table. Palo Alto Networks will reject those subnets as they cover the multicast subnet. If those routes are desired, then the user can add them as a static route.

 

owner: kalavi



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm1bCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language