1. Home
    2. PAN-OS
    3. PAN-OS® Release Notes
    4. PAN-OS 8.1 Release Information
    5. Changes to Default Behavior
    6. Networking Changes in PAN-OS 8.1

    Networking Changes in PAN-OS 8.1

    When the device uses a DNS proxy for the DNS Server setting, internal queries act according to the service route configuration to use the MGT interface or explicitly configured dataplane interface address.
    PAN-OS 8.1 has the following changes in default behavior for networking features:
    Feature
    Change
    Jumbo Frame Global MTU
    As of PAN-OS 8.1, if you
    Enable Jumbo Frame
     Global MTU configuration (
    Device
    Setup
    Session
    Session Settings
    ) and reboot your firewall, packet buffers are then redistributed to process jumbo frames more efficiently.
    DNS Proxy
    In releases prior to PAN-OS 8.1, when the Device uses a DNS Proxy Object for the DNS Server setting (instead of using the DNS Server’s address), internal DNS queries do not use the DNS Service Route Configuration if the service route is configured to use the management interface; instead, internal DNS queries use the address of the dataplane interface if a dataplane interface is configured on the DNS proxy object. This also occurs for a virtual system when the virtual system is configured with a DNS Proxy Object instead of defaulting to the global Device DNS Server settings.
    Beginning with PAN-OS 8.1, when the Device uses a DNS Proxy Object for the DNS Server setting, internal DNS queries act according to the service route configuration to use the management interface or the explicitly configured dataplane interface address, whichever is configured.
    External Dynamic List Service Routes
    When an External Dynamic List service route is configured to use default values, a user-defined Palo Alto Networks service route configuration takes precedence (introduced in PAN-OS 8.0). The EDL service route takes precedence
    only
     when it has been explicitly configured. If both service routes are configured to use defaults, the management port is used to retrieve EDL updates.
    Dynamic IP and Port NAT Oversubscription
    Beginning with PAN-OS 8.1.0, the default setting of the Dynamic IP and Port (DIPP) NAT oversubscription rate changed from 1 to 2 on the VM-100 and VM-200 firewalls.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo