Examice

Exam PCNSE All QuestionsBrowse all questions from this exam

Question 73

The administrator has enabled BGP on a virtual router on the Palo Alto Networks NGFW, but new routes do not seem to be populating the virtual router.

Which two options would help the administrator troubleshoot this issue? (Choose two.)

View the System logs and look for the error messages about BGP.

Perform a traffic pcap on the NGFW to see any BGP problems.

View the Runtime Stats and look for problems with BGP configuration.

View the ACC tab to isolate routing issues.

Correct Answer: A, C

To troubleshoot why new BGP routes are not populating the virtual router, it is essential to start with less invasive steps. Viewing the System logs for error messages about BGP can provide immediate insight into potential issues, such as misconfigurations or connectivity problems. Additionally, checking the Runtime Stats for the virtual router allows the administrator to verify the current status and configuration of BGP, identifying any problems with the BGP setup. These methods offer a systematic approach to diagnose the problem before resorting to more involved procedures like traffic captures.

Discussion

ChiaPet75Options: BC

Correct: B,C ======= PAN-EDU-311 Advanced Troubleshooting Dynamic Routing module "Confirm virtual router runtime status on the active firewall, go to the Network > Virtual Router screen and click on More Runtime Stats" ======= https://live.paloaltonetworks.com/t5/general-topics/bgp-traffic-pcap/td-p/237407 For troubleshooting purposes it may be necessary to collect the PCAPs of the OSPF and BGP traffic that the Palo Alto Networks device is processing. The quickest way to perform troubleshooting is through the CLI. To start the BGP capture, use the following CLI command: > debug routing pcap bgp on

Breyarg

agreed. i have had to TS this a good few times and only these options actually seem relevant to real life.

hcir

debug routing pcap bgp on is not a traffic pcap, but a management plane pcap

Edu147Options: AC

Correct A,C

tester12

Why is not B instead of A ?

jonboy22

Probably because B requires more practical legwork than A or C do.

trashboatOptions: AB

B is definitely one of the correct options. BGP debug pcap commands will show by far the most detail when troubleshooting BGP. However, A and C could both be correct. You can view status of BGP in the Runtime Stats section of the Virtual Router and this could tell you if BGP is configured incorrectly (but BGP not establishing isn't necessarily an indicator there is a misconfiguration locally); however this is not where BGP is configured (you have to open/edit the actual VR to configure BGP.) For that reason I think A would be the other correct answer, as you can view BGP events in System logs with this filter: (subtype eq routing) and (description contains 'BGP'), which is more useful for actual troubleshooting than just seeing current status.

mohr22

A and B is correct. View will give same information which is already has been known in question.

Joey456Options: AC

'Which two options would help...' Not conclusively identify. Troubleshooting best practices dictate you start with the least involved measures. Of the options, performing a PCAP is the most involved. A, B.

123XYZTOptions: AB

I think is A and B

techplusOptions: AC

A & C are the correct answer

mic_micOptions: AB

Which two options would help the administrator troubleshoot this issue? Can it be A and B? When I view the Runtime Stats, can I troubleshoot? or only see the stats? When I look into the sytem log I see info why not onlu stats (just think out loud)

TAKUM1yOptions: BC

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-web-interface-help/network/network-virtual-routers/more-runtime-stats-for-a-virtual-router#id37f2aaf9-bb39-40e8-a838-33f22ccbc05e

asdasd123123iuOptions: AC

I think that A and C are correct. We can check BGP events on System tab and Virtual Router Runtime Status. Capturing traffic is required when we must check if connectivity between peers works correctly.

kambataOptions: AC

Idiotic question, but of course you will check the logs before doing a capture ... B is also valid, but I would go with A and C

hcirOptions: AB

A and B. It cannot be C because in the runtime stats, you do not look for configuration issues.

sov4Options: AC

I would say AC. The question is very similar to the next on (#74) concerning OSPF. They're both routing protocols so it's reasonable to begin basic troubleshooting the same way -- look at the system logs and stats.

playthegamewithmeOptions: BC

It cant be A because, the system logs doesn't generate logs when it comes to traffic, Ive been through the system logs loads of times and never seen BGP traffic errors being logged. B and C looks more relevant

hcir

system logs generates events related to bgp

DenskyDenOptions: BC

Tested this.

lildevil

And your results?

hdrnzienlaoroljolOptions: BC

B and C

UFanatOptions: BC

C is correct 100% Between A and B - i choose B: > debug routing pcap bgp on this command is designed for BGP troubleshooting as asked in the question

datzOptions: AC

so C is correct. Second answer = Could be A as inside system logs we can filter is based on BGP and see what errors we get. PCAP could possibly valid too.... Also if we are saying no new routes are being populated to vRouter, what is the point of checking runtime logs :/ zzz