Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
¿Por qué una interfaz del par Vwire muestra "apagado"? - Knowledge Base - Palo Alto Networks

¿Por qué una interfaz del par Vwire muestra "apagado"?

48953
Created On 04/07/19 13:07 PM - Last Modified 03/26/21 17:35 PM


Question


¿Por qué una interfaz del par de cables virtuales muestra apagado?
> show interface all 
<snip>
ethernet1/5             20    ukn/ukn/down(power-down)  00:1b:17:6b:e0:14 
<snip>

Environment


Sistema con al menos un conjunto de interfaces en un par de cables virtuales.

Answer


En las interfaces del par vwire, el paso del estado del link está habilitado de forma predeterminada.
Cuando una interfaz baja, PAN-OS apaga el otro link del par vwire debido al paso del link-state a través.
 
> show interface all 
<snip>
ethernet1/4   19    ukn/ukn/down(autoneg)     00:1b:17:6b:e0:13  <<< Interface that is down due to physical link down
ethernet1/5   20    ukn/ukn/down(power-down)  00:1b:17:6b:e0:14  <<< Interface powered down by PAN-OS
<snip>


Como alternativa, puede comprobar la interfaz webde registros del

webgui-systemlogs

CLI sistema: :
user@firewall> show log system direction equal backward eventid equal link-change
Time                Severity Subtype Object EventID ID Description
===============================================================================
2019/04/07 05:40:44 info     port    ethern link-ch 0  Port ethernet1/4: Down 1Gb/s-full duplex


El registro del sistema, sólo registra la interfaz que va físicamente hacia abajo. Para obtener más información, consulte los siguientes artículos:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClqMCAS
también se puede comprobarhttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClzQCAS

registrobrdagent: 
admin@firewall> less dp0-log brdagent.log  

2019-04-07 05:40:44.600 -0700 Port  4: (port_linked) PHY shows down, val 0x7949
2019-04-07 05:40:44.601 -0700 Port  4: Down 1Gb/s-full duplex
2019-04-07 05:40:44.602 -0700 PORT4: board_port_autoneg_enabled -> board_port_autoneg, link: 0, mode: 1
2019-04-07 05:40:44.620 -0700 Port  5: POWERDOWN command received <<<
2019-04-07 05:40:44.621 -0700 PORT5: board_port_autoneg_enabled -> board_port_powerdown, link: 0, mode: 1
2019-04-07 05:40:44.621 -0700 Port  5: Powered down

"comando POWERDOWN recibido" indica el comando brdagent recibido de mprelay para apagar la interfaz.

mprelay log se puede marcar por razones que muestran la interfaz bajando.

Se detecta el primer link Ethernet1/4 abajo y se detecta inmediatamente link-state-pass-through:
admin@firewall> less dp0-log mprelay.log 

2019-04-07 05:40:44.608 -0700 Interface ethernnet1/4 link down, changed from cached state: yes
2019-04-07 05:40:44.608 -0700 IFMon: vwire interface ethernet1/4 link down, check link-state-pass-through

Entonces el Ethernet1/5 se fija a abajo:
2019-04-07 05:40:44.609 -0700 Set vwire interface ethernet1/5 link state to down
2019-04-07 05:40:44.609 -0700 get interface link properties: name ethernet1/5
2019-04-07 05:40:44.617 -0700 Interface ethernet1/5 current state, speed 3 duplex 2 link 1
2019-04-07 05:40:44.617 -0700 set interface link properties: name ethernet1/5 speed auto duplex auto state down disable no
2019-04-07 05:40:44.624 -0700 IFMon: post event interface ethernet1/4 link down
2019-04-07 05:40:44.624 -0700 IFMon: scheduled link-passthrough scan at 15 seconds later
2019-04-07 05:40:44.625 -0700 IFMon: sys.s1.p5.status changed
2019-04-07 05:40:44.625 -0700 Interface ethernnet1/5 link down, changed from cached state: no
2019-04-07 05:40:44.625 -0700 Interface 5 mode changed from 1 to 3
2019-04-07 05:40:44.625 -0700 Interface 5, if_admin_mode_mask=0x30


Una vez que la interfaz que se trae físicamente hacia arriba, la interfaz apagada se enciende.

mprelay log:
2019-04-07 06:02:56.175 -0700 IFMon: sys.s1.p4.status changed
2019-04-07 06:02:56.176 -0700 Interface ethernnet1/4 link up, changed from cached state: yes
2019-04-07 06:02:56.176 -0700 IFMon: vwire interface ethernet1/4 link up, check link-state-pass-through
2019-04-07 06:02:56.176 -0700 Set vwire interface ethernet1/5 link state to up


registro bradagent:
2019-04-07 06:02:56.176 -0700 PORT4: board_port_autoneg -> board_port_autoneg_linked, link: 1, mode: 1
2019-04-07 06:02:56.176 -0700 Port  4: Up   1Gb/s-full duplex
2019-04-07 06:02:56.179 -0700 Port  4: MAC enabled
2019-04-07 06:02:56.179 -0700 PORT4: board_port_autoneg_linked -> board_port_autoneg_enabled, link: 1, mode: 1
2019-04-07 06:02:56.187 -0700 Port  5: AUTONEG command received
2019-04-07 06:02:56.187 -0700 PORT5: board_port_powerdown -> board_port_reset, link: 0, mode: 3
2019-04-07 06:02:56.187 -0700 Port  5: Power up


 

Additional Information


¿Por qué pasa link-state? 
https://docs.paloaltonetworks.com/ pan-os /7-1/ pan-os -web-interface-help/network/network-virtual-wires

¿Cómo habilitar/deshabilitar el paso de estado de enlace?
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClMiCAK

 
Other users also viewed:
How to download GlobalProtect from the Customer Support Portal
Download and Install the GlobalProtect App for Windows
Resource List: GlobalProtect Configuring and Troubleshooting
PAN-OS Software Updates
Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)
Results 1-5 of 238,865
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLRBCA4&lang=es&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language