DC IONs are advertising the same prefix to BGP peer

DC IONs are advertising the same prefix to BGP peer

432
Created On 01/13/25 11:57 AM - Last Modified 09/23/25 22:57 PM


Symptom


  • Both DC IONs are advertising the same branch prefixes on their LAN
  • BGP core peers flapping multiple times before the issue.
  • The issue impacted the site around 5AM UTC
  • VPN status change

Environment


  • Prisma SD-WAN: =<6.1.9, =<6.3.4
  • ION Devices
  • BGP peers
  • High Availability Active/Backup Setup

Cause


Misconfiguration in the routing process caused both Active/Backup DC IONs to advertise the same prefixes to the firewall.

Resolution


  1. The issue is resolved under CGSDW-28329
  2. Upgrading the fixed versions of  6.1.9-b5, 6.1.11, 6.3.5 or 6.4.3 will resolve the issue.

Additional Information


Restore the affected BGP peers by clearing and re-establishing the sessions
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000PR2lCAG&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail