NDP Plugin discovery job timing out due to large node depth

NDP Plugin discovery job timing out due to large node depth

116
Created On 07/30/25 01:43 AM - Last Modified 10/24/25 22:07 PM


Symptom


• Network discovery job timing out when inspecting Device > IoT Security > Network Discovery > Last Run > View Details:
ndp-timeout 
• Neighbor discovery log shows an excessive number of discovered devices such as IP Phones:

firewall> less plugin-log plugin_nd_neighbor_discovery.log
...
DEBUG: [neighbor_discovery] LLDP neighbors: {'128.xxx.xxx.63': {...'192.168.1.131': ...'node_platform': 'Cisco IP Phone 8831'
DEBUG: [neighbor_discovery] LLDP neighbors: {'128.xxx.xxx.63': {...'192.168.1.132': ...'node_platform': 'Cisco IP Phone 8831'
DEBUG: [neighbor_discovery] LLDP neighbors: {'128.xxx.xxx.63': {...'192.168.1.133': ...'node_platform': 'Cisco IP Phone 8831'
...

• NDP Plugin node depth is configured to a high value (Device > IoT Security > Network Discovery > Discovery Scope Settings > Maximum Number of Hops)

Environment


• Palo Alto Networks Firewall
• Network Discovery Plugin

Cause


An excessively deep node depth in the network discovery scope settings causes the SNMP crawl to try discovery of hundreds of network devices, exceeding the configured timeout period. 

The network discovery scope should only discover network infrastructure such as switches. Client devices such as IP Phones should not be included in the depth.

Resolution


Reduced the node depth setting (Device > IoT Security > Network Discovery > Discovery Scope Settings > Maximum Number of Hops) in the Network Discovery settings to 1, and then slowly increase to determine the appropriate lowest depth value. 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000kA6CKAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail