The PaloAlto vendor has reported that a bug has been discovered on the PaloAlto platform that is triggered when SNMP requests are sent with a request-id value of '0'. This can result in high memory utilization on the target device. Are any known scenarios where Performance Manager would send an SNMP request to a managed PaloAlto device where the request-id will have a value '0'. Bug details are below:
|Issue ID||Platform||Affected Version||Target Version||Verified In||Jira Issue Summary||TAC Analysis||Trigger||Impact||Workarounds|
|PAN-130357||All||8.1+||PA-200 Multiple processes (devsrvr,dnsproxyd,useridd,
||SNMPD may experience a memory leak if the incoming query has the request-id field set to 0. Memory pressure may cause OOM condition on PA-200 or low end PA-VM, but leak impacts all platforms.||SNMP request with request-id field set to 0.||SNMPD memory leak. Potential OOM condition on lower end platforms.||If possible, avoid having request-id set to 0 in SNMP queries.|
NetOps Performance Management 19.3
There is no storing/generating of request-id in our code, so the request-id is inside SNMP4j. SNMP4j is the third party java lib we use for all SNMP communication to devices. Performance Management only provide the OIDs and get back the data from the responses.