Default route for Interface configured as DHCP Client

Default route for Interface configured as DHCP Client

348
Created On 01/02/23 15:34 PM - Last Modified 11/05/25 22:42 PM


Symptom


The default route configured on Network > Virtual Routers is not selected to forward traffic.
  
admin@(active)> show routing route

flags: A:active, ?:loose, C:connect, H:host, S:static, ~:internal, R:rip, O:ospf, B:bgp, 
       Oi:ospf intra-area, Oo:ospf inter-area, O1:ospf ext-type-1, O2:ospf ext-type-2, E:ecmp, M:multicast

VIRTUAL ROUTER: default (id 1)
  ==========
destination                                 nexthop                                 metric flags      age   interface          next-AS    
0.0.0.0/0                                   10.73.108.1                             10     A S E            ethernet1/1                   
0.0.0.0/0                                   10.73.108.100                           10       S E            ethernet1/1

 

Environment


Palo Alto Networks Firewall any PAN-OS.

Cause


If the Firewall is configured with DHCP Client on any dataplane interface, the option 'Automatically create default route pointing to default gateway provided by server' will take precedence over any default route configured on Network > Virtual Routers > Virtual Router > Static Routes
  
admin@(active)> show routing route

flags: A:active, ?:loose, C:connect, H:host, S:static, ~:internal, R:rip, O:ospf, B:bgp, 
       Oi:ospf intra-area, Oo:ospf inter-area, O1:ospf ext-type-1, O2:ospf ext-type-2, E:ecmp, M:multicast

  
VIRTUAL ROUTER: default (id 1)
  ==========
destination                                 nexthop                                 metric flags      age   interface          next-AS    
0.0.0.0/0                                   10.73.108.1                             10     A S E            ethernet1/1                   
0.0.0.0/0                                   10.73.108.100                           10       S E            ethernet1/1 << static route configured

admin@(active)> test routing fib-lookup ip 8.8.8.8 virtual-router default

--------------------------------------------------------------------------------
runtime route lookup
--------------------------------------------------------------------------------
virtual-router:   default
destination:      8.8.8.8
result:           
  via 10.73.108.1 interface ethernet1/1, metric 10 << gateway used is the DHCP Server
--------------------------------------------------------------------------------

 

Resolution


Disable the option 'Automatically create default route pointing to default gateway provided by server' if there is another gateway configured on the default route.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000saHVCAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail