VendorPalo Alto Networks
DescriptionPalo Alto Networks Firewalls: CTD Flow dataplane pool utilization high. The dataplane of a Palo Alto Networks firewall has several pools, each with a different role. Indeni will alert when a pool is near exhaustion.
Remediation StepsContact Palo Alto Networks technical support.
How does this work?This script logs into the Palo Alto Networks firewall through SSH and retrieves the status of all the pools. The output includes the total size of the pools and how many elements are available. indeni utilizes this output to determine when the pool is running low on available elements.
Why is this important?On a Palo Alto Networks firewall, the data plane is where the traffic is handled. In the course of processing traffic the firewall needs to retain certain bits of information. This information is saved in pools of memory, easily accessible but limited in size. When the firewall needs to save information it retrieves a member of the pool and when it is done it returns it. If a pool runs out of members the firewall may have trouble handling traffic, potentially losing part of it.
Without Indeni how would you find this?An administrator would need to write a script to poll their firewalls for the information, or simply wait until there's an issue and open a support ticket with TAC.
View Source Code