[cisco-voip] DNS client on CUCM, Unity servers?

Ed Leatherman ealeatherman at gmail.com
Mon Sep 28 15:58:00 EDT 2009


Thanks Wes, I don't think I'm going to be activating DNS just for an smtp
server then. I will come up with some other solution for that.
Eventually will want to do AD sync though, I guess I will cross that bridge
when I come to it.

On Mon, Sep 28, 2009 at 3:48 PM, Wes Sisk <wsisk at cisco.com> wrote:

>  Good points, DNS required for reverse resolution of SIP endpoints.  Most
> presence deployments will use CUPS which has heavy AD dependence which will
> require AD which will necessitate DNS.  In short, yes, presence will likely
> require DNS as well.
>
> NAT explanation:
> Whatever is configured under system->server is what gets populated into
> TFTP configuration files passed to devices.  Since there is nothing out
> there to fixup XML, and especially encrypted/signed XML files, the hostname
> would be passed to endpoint.  Endpoint would attempt DNS resolution.  That
> DNS query would be fixedup to return the outside IP of CUCM.  If you
> specified an IP under system->server the endpoint would attempt to contact
> that IP directly.  You could only redirect/NAT that session if you
> controlled IP routing in the remote subnet.  DNS fixup is a more
> friendly/transparent option.
>
> AD explanation:
> AD sync must be configured with servername.  Name to IP resolution requires
> DNS.
>
> /Wes
>
>
> On Monday, September 28, 2009 3:43:34 PM, Lelio Fulgenzi
> <lelio at uoguelph.ca> <lelio at uoguelph.ca> wrote:
>
> Yowza - Can you elaborate on what you mean by NAT and/or AD?
>
>    - Endpoints doing NAT somewhere out there? Not sure why you'd need DNS
>    for that.
>    - As for AD, do you mean AD/LDAP integration/synchroniation?
>
> I would have though you need DNS for SIP endpoints, presence, etc.
>
>
>
> ---
> Lelio Fulgenzi, B.A.
> Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
> (519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> "Bad grammar makes me [sic]" - Tshirt
>
>
> ----- Original Message -----
> From: "Wes Sisk" <wsisk at cisco.com> <wsisk at cisco.com>
> To: "Lelio Fulgenzi" <lelio at uoguelph.ca> <lelio at uoguelph.ca>
> Cc: "cisco-voip mailinglist" <cisco-voip at puck.nether.net><cisco-voip at puck.nether.net>,
> "Ed Leatherman" <ealeatherman at gmail.com> <ealeatherman at gmail.com>
> Sent: Monday, September 28, 2009 3:40:39 PM GMT -05:00 US/Canada Eastern
> Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?
>
> If doing NAT or AD it is required.  Otherwise it is still a liability.
> Example:
> CSCsw88022    Database should still start and function when DNS is
> unavailable
>
> In this case Informix will not start if configured DNS servers are
> unreachable.
>
> /Wes
>
> On Monday, September 28, 2009 3:33:41 PM, Lelio Fulgenzi
> <lelio at uoguelph.ca> <lelio at uoguelph.ca> wrote:
>
> interesting. is the recommendation still to not enable DNS on CUCM
> servers?
>
> ---
> Lelio Fulgenzi, B.A.
> Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
> (519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> "Bad grammar makes me [sic]" - Tshirt
>
>
> ----- Original Message -----
> From: "Wes Sisk" <wsisk at cisco.com> <wsisk at cisco.com>
> To: "Lelio Fulgenzi" <lelio at uoguelph.ca> <lelio at uoguelph.ca>
> Cc: "cisco-voip mailinglist" <cisco-voip at puck.nether.net><cisco-voip at puck.nether.net>,
> "Ed Leatherman" <ealeatherman at gmail.com> <ealeatherman at gmail.com>
> Sent: Monday, September 28, 2009 3:31:18 PM GMT -05:00 US/Canada Eastern
> Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?
>
> yes, but the dependence on DNS will still affect you intermittently.
>
> /wes
>
> On Monday, September 28, 2009 3:28:57 PM, Lelio Fulgenzi
> <lelio at uoguelph.ca> <lelio at uoguelph.ca> wrote:
>
> Wes,
>
> Can we enable DNS but still program the IP address of the CUCM nodes ?
>
> ---
> Lelio Fulgenzi, B.A.
> Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
> (519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> "Bad grammar makes me [sic]" - Tshirt
>
>
> ----- Original Message -----
> From: "Wes Sisk" <wsisk at cisco.com> <wsisk at cisco.com>
> To: "Ed Leatherman" <ealeatherman at gmail.com> <ealeatherman at gmail.com>
> Cc: "cisco-voip mailinglist" <cisco-voip at puck.nether.net><cisco-voip at puck.nether.net>
> Sent: Monday, September 28, 2009 3:26:26 PM GMT -05:00 US/Canada Eastern
> Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?
>
> Enabling DNS will affect all operations. It's not a component-wise defined
> feature, think all or nothing.
>
> All code calls gethostbyname(), gethostbyip(),gethostentry().. which
> invokes host name resolution features.
>
> Just make sure:
> 1. forward resolution for all servers work
> 2. reverse resolution for all servers work
> 3. all servers use same dns suffix
>
> CLI 'set network dns...' is the command set to set and enable dns.
>
> /Wes
>
> On Monday, September 28, 2009 3:09:26 PM, Ed Leatherman
> <ealeatherman at gmail.com> <ealeatherman at gmail.com> wrote:
>
> Follow-up question about DNS..
>
> Originally I did not enable DNS on any nodes, as it was not needed. I would
> now like to configure an SMTP server for alerts, and our systems group wants
> me to use a name instead of IP. Are there any ramifications to turning on
> DNS, regarding things like database replication or intracluster
> communications? My servers are all defined by IP addresses, so it should be
> using that through-out, right?
>
> I'm assuming various "set network dns*" commands will turn this on if I
> decide to do that.
>
> On Tue, Aug 18, 2009 at 10:46 AM, Wes Sisk <wsisk at cisco.com> wrote:
>
>> On the surface this seems an odd question so I'm sure there is
>> misunderstanding.
>>
>> CM needs access to DNS to perform forward and reverse lookups on:
>> SIP endpoints
>> h323 endpoints
>> AD servers
>> other nodes in the cluster
>>
>> There are deployments which do not use any of these and therefore do not
>> need access to a DNS server.  On those, DNS can be disabled.
>>
>> /Wes
>>
>> On Tuesday, August 18, 2009 1:54:37 AM , ciscozest <ciscozest at gmail.com><ciscozest at gmail.com>wrote:
>>
>>  We have 3 CUCM 7.0 servers and only one Unity Connection 7.0 server.
>>
>> We use a load balancer for IP Phone services redundancy. There is no
>> integration with any third party components. When I check our UC system, I
>> found out that DNS client service is enabled on both CUCM and Unity servers
>> which I don’t quite understand why is needed. The Services URL on CUCM is
>> pointing to load balancer IP. Would there be any other reason we have to
>> enable DNS client on CUCM and Unity server? Also is there a load impact by
>> enabling DNS client service?
>>
>>
>>
>> Thank you.
>>
>> ------------------------------
>>
>> _______________________________________________
>> cisco-voip mailing listcisco-voip at puck.nether.nethttps://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>>
>
>
> --
> Ed Leatherman
>
>
>
> _______________________________________________ cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
>
>


-- 
Ed Leatherman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20090928/0248459c/attachment.html>


More information about the cisco-voip mailing list