| Description |
This article explains why there are Forward Traffic events not contain poluuid and policyname fields. After upgrading v7.2.10, v7.4.7, v7.6.2 or before and performing HA failover, UUID and Policy Name fields in Forward Traffic are missing. Both columns look empty in the GUI and the CLI, and the exported raw data does not contain poluuid="", policyname=”” fields as well.
|
| Solution |
Below are examples missing both fields.
The GUI, when a failover happens on the slave:
Forward Traffic not containing poluuid and policyname fields:
date=2024-10-18 time=00:38:18 eventtime=1729237098886392424 tz="-0700" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=200.200.200.100 srcport=50378 srcintf="port10" srcintfrole="undefined" dstip=52.113.194.132 dstport=443 dstintf="port9" dstintfrole="undefined" srccountry="Brazil" dstcountry="United States" sessionid=2520 proto=6 action="server-rst" policyid=2 policytype="policy" service="HTTPS" trandisp="snat" transip=100.100.10.2 transport=50378 duration=75 sentbyte=0 rcvdbyte=40 sentpkt=0 rcvdpkt=1 appcat="unscanned" rcvddelta=0
This is because HA is unable to sync pol_uuid_idx in session between the primary and the secondary.
Primary:
session info: proto=6 proto_state=01 duration=209 expire=3589 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=4
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
state=log may_dirty npu synced f00
statistic(bytes/packets/allow_err): org=6175/40/1 reply=19676/39/1 tuples=2
tx speed(Bps/kbps): 37/0 rx speed(Bps/kbps): 119/0
orgin->sink: org pre->post, reply pre->post dev=16->15/15->16 gwy=100.100.100.1/0.0.0.0
hook=post dir=org act=snat 200.200.200.100:50026->52.113.194.132:443(100.100.100.254:50026)
hook=pre dir=reply act=dnat 52.113.194.132:443->100.100.100.254:50026(200.200.200.100:50026)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=3 pol_uuid_idx=558 auth_info=0 chk_client_info=0 vd=0 ---> pol_uuid_idx mismatched
serial=00003fe5 tos=ff/ff app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=0x000c00 ofld-O ofld-R
npu info: flag=0x81/0x81, offload=9/9, ips_offload=0/0, epid=136/137, ipid=137/136, vlan=0x0000/0x0000
vlifid=137/136, vtag_in=0x0000/0x0000 in_npu=1/1, out_npu=1/1, fwd_en=0/0, qid=4/2
Secondary:
session info: proto=6 proto_state=01 duration=227 expire=3372 timeout=3600 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
origin-shaper=
reply-shaper=
per_ip_shaper=
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
state=log dirty may_dirty npu f00 syn_ses
statistic(bytes/packets/allow_err): org=0/0/0 reply=0/0/0 tuples=2
tx speed(Bps/kbps): 0/0 rx speed(Bps/kbps): 0/0
orgin->sink: org pre->post, reply pre->post dev=16->15/15->16 gwy=0.0.0.0/0.0.0.0
hook=post dir=org act=snat 200.200.200.100:50026->52.113.194.132:443(100.100.100.254:50026)
hook=pre dir=reply act=dnat 52.113.194.132:443->100.100.100.254:50026(200.200.200.100:50026)
pos/(before,after) 0/(0,0), 0/(0,0)
misc=0 policy_id=3 pol_uuid_idx=0 auth_info=0 chk_client_info=0 vd=0 ---> pol_uuid_idx mismatched
serial=00003fe5 tos=ff/ff app_list=0 app=0 url_cat=0
rpdb_link_id=00000000 ngfwid=n/a
npu_state=00000000
npu info: flag=0x00/0x00, offload=0/0, ips_offload=0/0, epid=0/0, ipid=0/0, vlan=0x0000/0x0000
vlifid=0/0, vtag_in=0x0000/0x0000 in_npu=0/0, out_npu=0/0, fwd_en=0/0, qid=0/0
no_ofld_reason:
This issue was fixed in the following releases:
- V7.2.11 and later.
- V7.4.8 and later.
- V7.6.3 and later.
|
