09-30-2020 09:04 AM
Hi,
We have 2 virtual NAC appliances with identical configuration (I’ve attached some info).
On busy moments, we get a lot of complaints of users not being able to log on to random laptops (using identifi wi-fi and the nac with AD/nps for auth)
so I did some digging in (many) logs and status pages of the nacs.
I noticed that on one device the “UpdateService Thread Pool” and “UpdateService Scheduled Thread Pool” builds up about 25.000 throttled tasks per day. The screenshot I’ve attached shows the state 2 hrs after a “nacctl restart” command (this seems to reset it to 0)
On the other NAC, this value is most of the time very low and doesn’t throttle..
I notice the complaints are less when the “nacctl restart” command cleared the queue, but this is no solution..
anyone has an idea?
thx
Solved! Go to Solution.
09-30-2020 10:37 AM
Dani,
You run the version 8.1 and the current release is 8.5.
There are so many enhancements and bug fixes released since 8.1.
The risk is to chase a known issue and to lose a lot of time in debugging.
Wouldn’t be an upgrade to 8.5 an option?
Mig
10-12-2020 12:45 PM
Hello,
You can look at the threads to see what the threads are currently active doing to try and figure out if there is a performance issue and what process it resolves around.
I would suspect reverse DNS lookups for IP resolution.
Go to status → threads and look for “update”
The thread output hopefully will have a “hint” about what it’s doing. You will probably see all threads doing the same thing.
Thanks
-Ryan
10-12-2020 12:34 PM
Hello Dani,
in parallel to the update of XMC/NAC you can check your NAC behaviour with the command “nacstatus” on the NAC gateway with the throttled events. Have an eye to the switches with lost contact or other snmp problems (“ Switch Dynamic Information” table in nacstatus). If you have an great amount of devices which can’t contact by nac this can be the cause for the mentioned problem.
Best regards
Stephan
09-30-2020 07:49 PM
Dani,
If I remember well
You’ll start with a 90 days trial and will have to upgrade your licence via the support portal at no cost.
The issue is the licence format that has changed in 8.5.
Mig
09-30-2020 07:47 PM
One more question..
How about licensing? If the 8.1 has a valid license, it stays in place after the upgrade?