Guest

Preview Tool

Cisco Bug: CSCvs76592 - Large amount of device-registration of Sensor-Client-AP request - slowing Cisco DNA Center GUI

Last Modified

Sep 03, 2020

Products (1)

  • Cisco DNA Center

Known Affected Releases

DNAC1.3.1.4

Description (partial)

Symptom:
A large number of device-registration "Sensor-Client-AP" requests to Kong and the Identitymgmt services lead to slow access of the Cisco DNA Center GUI when WLC Assurance telemetry is enabled.  

This behavior will be shown in the identitymgmt logs as follows:
{"timeMillis":1578992641169,"thread":"qtp1059300256-41","level":"INFO","loggerName":"com.cisco.maglev.security.common.util.JWSManager","message":"Algorithm from JWS HEADER: RS256","endOfBatch":false,"loggerFqcn":"org.apache.logging.slf4j.Log4jLogger","threadId":41,"threadPriority":5}
<snip>
{"timeMillis":1578992641171,"thread":"qtp1059300256-41","level":"INFO","loggerName":"com.cisco.maglev.identitymgmt.api.DeviceRegistrationEndPoint","message":"JWS Payload : {\sub\:\70b317bfe580\,\iss\:\70b317bfe580\,\jti\:\1579021363\,\client_id\:\AP-Linux-58ba5d56673d478b51f454a8\,\exp\:1579021663,\aud\:\ https://x.x.x.x api/system/v1/identitymgmt/device-registration/token\}","endOfBatch":false,"loggerFqcn":"org.apache.logging.slf4j.Log4jLogger","threadId":41,"threadPriority":5}

This behavior will be shown in the Kong logs as follows:
x.x.x.x [13/Jan/2020:08:36:47 +0000] "POST /api/system/v1/identitymgmt/device-registration/token HTTP/1.1" 200 "Sensor-Client-AP" 466 x.x.x.x:8033 200 0.602 1.390 1.391 73b3f68b0fcbd0f4b6958d79898162a3
x.x.x.x [13/Jan/2020:08:36:47 +0000] "POST /api/system/v1/identitymgmt/device-registration/token HTTP/1.1" 200 "Sensor-Client-AP" 466 x.x.x.x:8033 200 0.602 1.391 1.391 bd7df4e9a7178d0ac1edb4d74e18a8eb

Conditions:
Identitymgmt log:-

{"timeMillis":1578992641169,"thread":"qtp1059300256-41","level":"INFO","loggerName":"com.cisco.maglev.security.common.util.JWSManager","message":"Algorithm from JWS HEADER: RS256","endOfBatch":false,"loggerFqcn":"org.apache.logging.slf4j.Log4jLogger","threadId":41,"threadPriority":5}
<snip>
{"timeMillis":1578992641171,"thread":"qtp1059300256-41","level":"INFO","loggerName":"com.cisco.maglev.identitymgmt.api.DeviceRegistrationEndPoint","message":"JWS Payload : {\"sub\":\"70b317bfe580\",\"iss\":\"70b317bfe580\",\"jti\":\"1579021363\",\"client_id\":\"AP-Linux-58ba5d56673d478b51f454a8\",\"exp\":1579021663,\"aud\":\" https://172.30.254.24/api/system/v1/identitymgmt/device-registration/token\"}","endOfBatch":false,"loggerFqcn":"org.apache.logging.slf4j.Log4jLogger","threadId":41,"threadPriority":5}


Kong Logs:
10.0.16.11 [13/Jan/2020:08:36:47 +0000] "POST /api/system/v1/identitymgmt/device-registration/token HTTP/1.1" 200 "Sensor-Client-AP" 466 192.168.251.34:8033 200 0.602 1.390 1.391 73b3f68b0fcbd0f4b6958d79898162a3
10.0.16.92 [13/Jan/2020:08:36:47 +0000] "POST /api/system/v1/identitymgmt/device-registration/token HTTP/1.1" 200 "Sensor-Client-AP" 466 192.168.251.34:8033 200 0.602 1.391 1.391 bd7df4e9a7178d0ac1edb4d74e18a8eb
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.