Information Technology Grimoire

Version .0.0.1

IT Notes from various projects because I forget, and hopefully they help you too.

Palo Alto Cheat Sheet Networking

Routing

Command	Description
`show routing route`	Display the routing table.
`show routing fib virtual-router <name> \| match <x.x.x.x/Y>`	Look at routes for a specific destination.
`set system setting arp-cache-timeout <60-65536>`	Change the ARP cache timeout setting from the default of 1800 seconds.
`show system setting arp-cache-timeout`	View the ARP cache timeout setting.

NAT

Command	Description
`set system setting persistent-dipp enable yes`	(PAN-OS 10.1.7 and later) Enable persistent NAT for DIPP.
`show running nat-policy`	Show the NAT policy table.
`test nat-policy-match`	Test the NAT policy.
`show running ippool`	Show NAT pool utilization.
`show running global-ippool`	Show NAT pool utilization.

BFD

Command	Description
`show routing bfd active-profile [<name>]`	Show BFD profiles.
`show routing bfd details [...]`	Show BFD details.
`show routing bfd drop-counters session-id <session-id>`	Show BFD statistics on dropped sessions.
`show counter global \| match bfd`	Show counters of transmitted, received, and dropped BFD packets.
`clear routing bfd counters session-id all \| <1-1024>`	Clear counters of transmitted, received, and dropped BFD packets.
`clear routing bfd session-state session-id all \| <1-1024>`	Clear BFD sessions for debugging purposes.

PVST+

Command	Description
`set session pvst-native-vlan-id <vid>`	Set the native VLAN ID.
`set session drop-stp-packet`	Drop all STP BPDU packets.
`show vlan all`	Verify PVST+ BPDU rewrite configuration, native VLAN ID, and STP BPDU packet drop.
`show counter global`	Show counter of times the 802.1Q tag and PVID fields in a PVST+ BPDU packet do not match.

Troubleshooting

Command	Description
`ping host <destination-ip-address>`	Ping from the management (MGT) interface to a destination IP address.
`ping source <ip-address-on-dataplane> host <destination-ip-address>`	Ping from a dataplane interface to a destination IP address.
`show netstat statistics yes`	Show network statistics.