Palo Alto Route and Zone Lookup

Check route by matching the IP:

  • test routing fib-lookup virtual-router default ip <IP>

Check zones on the Interfaces

  • show interface all

Show routing table

  • show routing route

Examples:

admin@PaloAlto> test routing fib-lookup virtual-router default ip 172.18.57.125

--------------------------------------------------------------------------------
runtime route lookup
--------------------------------------------------------------------------------
virtual-router: default
destination: 172.18.57.125
result:
via 10.243.21.174 interface ethernet1/23, source 10.243.21.164, metric 10
--------------------------------------------------------------------------------

admin@PaloAlto> show interface all

total configured hardware interfaces: 9
name              id      speed/duplex/state      mac address
-------------------------------------------------------------------------------
ethernet1/1       16      1000/full/up            d4:f4:be:88:5f:10
ethernet1/2       17      1000/full/up            d4:f4:be:88:5f:11
ethernet1/23      38      10000/full/up           d4:f4:be:88:5f:26
ethernet1/24      39      10000/full/up           d4:f4:be:88:5f:27
dedicated-ha1     5       ukn/ukn/ukn(autoneg)    00:90:0b:49:6e:d3
dedicated-ha2     6       ukn/ukn/down(autoneg)   d4:f4:be:88:5f:06
vlan              1       [n/a]/[n/a]/up          d4:f4:be:88:5f:01
loopback          3       [n/a]/[n/a]/up          d4:f4:be:88:5f:03
tunnel            4       [n/a]/[n/a]/up          d4:f4:be:88:5f:04

aggregation groups: 0

total configured logical interfaces: 9

name              id    vsys zone             forwarding               tag     address
----------------- ----- ---- ---------------- ------------------------ ------ ------------------
ethernet1/1       16    1    rabodmz          vr:default               0      172.17.31.225/28
ethernet1/2       17    1    uat              vr:default               0      10.243.41.193/29
ethernet1/23      38    1    trust            vr:default               0      10.243.21.164/28
ethernet1/24      39    1    dmz-transit      vr:default               0      172.17.25.25/29
dedicated-ha1     5     1                     ha                       0      N/A
dedicated-ha2     6     1                     ha                       0      N/A
vlan              1     1                     N/A                      0      N/A
loopback          3     1                     N/A                      0      N/A
tunnel            4     1                     N/A                      0      N/A