How to Track CRC Errors on Interfaces for Palo Alto Firewalls


#1

It was really fun for Indeni to attend Ignite as a sponsor. I do apologize for those that were stuck in lines for the hands-on session.

Here’s a picture of the Indeni team attempting to take a photo, mid-laughter.

Of the many things I encountered during my demo’s at the booth, a lot of people asked if we could track CRC errors on the interfaces. I was very confused by this because generally, you can use SNMP to dig into the RX/TX statistics. I did some digging and could only find the following approach: https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Check-for-CRC-Errors-on-an-Interface/ta-p/53293

As you can see, the approach requires that you run a command over CLI and on top of that, you have to convert the values from hex to decimal. Yikes

I wanted to prod a bit in the community and see what people’s opinions are on this. @Brad_Spilde?


#2

Here is the other relevant link: https://live.paloaltonetworks.com/t5/Configuration-Articles/CLI-Command-to-Display-OID-quot-IF-MIB-iflnDiscards-quot/ta-p/52350

I checked with my PANW SE and he suggested the show global counter command but I don’t see CRC in the list and definitely isn’t a per interface counter like customers would be looking for.

I think the calculation option or via SNMP are the options.


#3

Interesting, the OID does not seem to differentiate whether it was caused by CRC, oversized packets, or bad framing. Let’s assuming you encounter a cocktail of the issues. I would assume the counter value would be a summation of all?

Would there be value in having Indeni give you that level of detail in the system?


An Engineer’s Reflections - Ignite 2018