Change to BGP MultiHop default TTL value PAN-OS 8.0.2 and 7.1.9

Change to BGP MultiHop default TTL value PAN-OS 8.0.2 and 7.1.9

10896
Created On 04/23/20 18:05 PM - Last Modified 12/06/22 04:06 AM


Symptom


  • BGP fails to enter/remain Established State after upgrade of Palo Alto Firewall from either PAN-OS 8.0.0, 8.0.1, or 7.1.9 and below.
  • No other configuration changes made. 

Environment


  • Palo Alto Firewalls
  • PAN-OS 7.1, 8.0 and 8.1.
  • BGP Multihop.

 

Cause


For PAN-OS 7.1.8 and PAN-OS 8.0.1 and earlier:
  • The default value of 0 means a TTL of 2 for eBGP, The default value of 0 means 255 for iBGP. 
For PAN-OS 7.1.9 and PAN-OS 8.0.3 and later versions
  • The default value of 0 means a TTL of 1 for eBGP. The default value of 0 means 255 for iBGP. 
Refer: Step 7-7 of Configure BGP

Resolution


Increase the Multi Hop, the time-to-live (TTL)  value to "2" or as needed.  

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PPm8CAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language