[cisco-voip] ITL issue - incomplete ITL files cached on TFTP ?

Dennis Heim Dennis.Heim at cdw.com
Sat Mar 3 14:02:22 EST 2012


In my case this was an option, because the servers wasn't sending out ITL's. Wes, has there been any movement on the Cisco front as far as a way to wipe the ITL/CTL from Callmanager?

Dennis Heim
Senior Engineer (Unified Communications)
CDW  Advanced Technology Services
10610 9th Place
Bellevue, WA 98004

425.310.5299 Single Number Reach (WA)
317.569.4255 Single Number Reach (IN)
317.569.4201 Fax
dennis.heim at cdw.com<mailto:dennis.heim at cdw.com>
cdw.com/content/solutions/unified-communications/<http://www.cdw.com/content/solutions/unified-communications/>

From: Wes Sisk [mailto:wsisk at cisco.com]
Sent: Friday, March 02, 2012 1:50 PM
To: Dennis Heim
Cc: Justin Steinberg; cisco voip
Subject: Re: [cisco-voip] ITL issue - incomplete ITL files cached on TFTP ?

We are still working through the details but deleting or regenerating callmanager.pem or the cert used to sign tftp configuration files has definitely led to the need to manually delete ITL files.

Be very careful when deleting or regenerating certificates on 8.x with security by default:
CSCto51228    SBD: OS CLI does not give enough warning about ITL certificate regen

/wes

On Mar 2, 2012, at 2:34 PM, Dennis Heim wrote:

I ran into something similar with an upgrade a week ago. 3 ccm's total. The pub and sub were fine. I was getting the host not found, but only on phone connected to sub2. I found that sub2's phones were not getting ITL's. I did a "Show itl" from the command line, and it said ITL verification failed. I deleted the callmanager.pem under certificates, and reset the phones and ITL's were being built correctly.

Dennis Heim
Senior Engineer (Unified Communications)
CDW  Advanced Technology Services
10610 9th Place
Bellevue, WA 98004

425.310.5299 Single Number Reach (WA)
317.569.4255 Single Number Reach (IN)
317.569.4201 Fax
dennis.heim at cdw.com<mailto:dennis.heim at cdw.com>
cdw.com/content/solutions/unified-communications/<http://www.cdw.com/content/solutions/unified-communications/>

From: cisco-voip-bounces at puck.nether.net<mailto:cisco-voip-bounces at puck.nether.net> [mailto:cisco-voip-bounces at puck.nether.net]<mailto:[mailto:cisco-voip-bounces at puck.nether.net]> On Behalf Of Justin Steinberg
Sent: Friday, March 02, 2012 10:09 AM
To: cisco voip
Subject: [cisco-voip] ITL issue - incomplete ITL files cached on TFTP ?

Worked on an upgrade last night from CM 7.1 to 8.5.

After the upgrade I am having some ITL issues and think I have a couple ways to work this out but wanted to run this past the group as I haven't seen anyone with a specific issue like this.

CM 8.5.1su2 with three CUCMs running CallManager & TFTP service

What is not working:
-Corporate Directory - I am receiving host not found.  I verified on the phone console logs that I am having a TVS/ITL issue.
-When I look at the contents of the ITL file on the phone LCD, I am only seeing entries for TFTP and TVS on the server that TFTP is pointing to.  I do not see any entries for other cluster nodes

What is working:
-TFTP downloads (ring tones, etc) and TFTP config changes
-'show itl' from CLI is showing verification is ok on all nodes

When I do a TFTP get and download the ITL file from CUCM and compare the Md5 with the phone things match.  Show ITL on the CLI shows verification is ok.   However, if I open the ITLSEPxxxxx.tlv file in notepad, I am not seeing all of my servers listed in the ITL file.   However, when I do a 'show ITL' from the CLI, all the servers show up in there.  It is almost like the TFTP server has old versions of the ITL file (based on switch-version times? etc) and was not updated as other subs went through the switch-version from 7.1 to 8.5.

On a hunch, I restarted the TFTP service on a sub that no phones actually use for TFTP.  After restarting the TFTP service, if I download the ITLSEPxxxx.tlv file and do a MD5, the value changed from pre-TFTP service restart.  Now when I open the file in notepad, I see all of my CUCMs listed in the ITL file.

My question is, can I just restart the TFTP service on the sub that my phones are actually using for TFTP?    I am thinking the TFTP restart will cause the ITL to update (and include the other cluster nodes) but I am not sure whether the phones will then fail with ITL mismatch or whether the phones will update their ITL file and now include the other servers.

I am also thinking of implementing the rollback to PRE 8.0 service parameter, resetting the phones to clear the ITL and then restart the TFTP service.

Any thoughts on whether restarting the TFTP service on the node that phones are using for TFTP will just update the existing ITL the phones use with the other CM nodes or whether that will in effect create an entirely new ITL which would then require manually deleting the ITL files ?

Thanks

Justin



_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120303/b0237007/attachment.html>


More information about the cisco-voip mailing list