[cisco-voip] Question about enabling DNS on CUCM cluster(s)

Thu Mar 26 11:34:29 EDT 2015

Sorry for resurrecting this old thread, now that I have some spare cycles
to devote to this I wanted to follow up about it..

- The node names are not changing, just adding DNS servers and domain name
to each node

- Call Manager servers are defined by IP address, and IP's are also not
changing.

- with respect to database replication, it seems configuring DNS and
setting a domain name should take care of itself just with rebooting each
node one at a time

- production cluster is mixed-mode security. Currently no domain name is
setup, and in the certificates this is reflected in the CN. On my test
cluster, which already has dns and a domain name configured, I see that the
CN has the domain as part of it - so when I add a domain name to my
production cluster all the certs will need to be regenerated, requiring a
CTL update

My initial thoughts on this were just to update the dns info and reboot one
at a time on each node (pub first), letting dbrep settle down between
reboots, and then run the CTL client to update that, then restart CM and
TFTP services on each node.

So, do I just need to do one CTL update after I have made the change and
rebooted all my nodes, or will I have to update the CTL after each reboot?
I'm picturing in my head getting halfway into the process and having phones
unable to pull config files until I update the CTL at the end, but does TVS
take care of this interim case?

Thanks!!
Ed

On Mon, Aug 11, 2014 at 9:43 AM, Ryan Ratliff (rratliff) <rratliff at cisco.com
> wrote:

>  Kind of makes me want to enable mixed-mode on the 2nd cluster.
>
>
> If you've got the eTokens handy then it will certainly make you life a lot
> easier when it comes to SBD and endpoints.
>
> -Ryan
>
>  On Aug 11, 2014, at 8:41 AM, Ed Leatherman <ealeatherman at gmail.com>
> wrote:
>
>  Thanks Matt,
>
>  So it sounds like purely from database replication perspective enabling
> DNS by itself isn't an issue.
>
>  If I do need to change the domain or hostnames on the cluster then it
> becomes a certificate operation of some variety depending on the security
> state of the particular cluster - in addition to minding replication. Kind
> of makes me want to enable mixed-mode on the 2nd cluster.
>
>  Thanks!
>
> Ed
>
>
> On Mon, Aug 11, 2014 at 8:19 AM, Matthew Loraditch <
> MLoraditch at heliontechnologies.com> wrote:
>
>>
>> https://supportforums.cisco.com/document/68701/communications-manager-security-default-and-itl-operation-and-troubleshooting#Changing_Host_Names_or_Domain_Names
>>
>>
>>
>> Take a look there, pretty much covers every scenario, I just did a
>> multi-node with ITL only for the same reasons as you and it worked like a
>> charm.
>>
>>
>>
>> Rebuild definitely not necessary.
>>
>>
>>
>>
>>
>> <image001.jpg>
>>
>> Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA
>>
>> 1965 Greenspring Drive
>> Timonium, MD 21093
>>
>> direct voice. 443.541.1518
>> fax.  410.252.9284
>>
>> Twitter <http://twitter.com/heliontech>  |  Facebook
>> <http://www.facebook.com/#!/pages/Helion/252157915296>  | Website
>> <http://www.heliontechnologies.com/>  |  Email Support
>> <support at heliontechnologies.com?subject=Technical%20Support%20Request>
>>
>> Support Phone. 410.252.8830
>>
>> <image002.png>
>>
>>
>>
>> *From:* cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] *On
>> Behalf Of *Ed Leatherman
>> *Sent:* Monday, August 11, 2014 8:00 AM
>> *To:* Cisco VOIP
>> *Subject:* [cisco-voip] Question about enabling DNS on CUCM cluster(s)
>>
>>
>>
>> Good morning!
>>
>>
>>
>> Was hoping someone with a little more experience on the jabber/collab
>> edge side could point me in the right direction here.
>>
>>
>>
>> I have 2 CUCM clusters that I am researching configuring jabber and/or
>> collab edge for. Up till now I've never had a need for DNS resolution on
>> the either. One of them has been operational since version 3 dot something
>> and back then it seemed the recommendation to stay away from DNS in general
>> on CUCM unless there was a good reason otherwise.
>>
>>
>>
>> I see there are just a few commands to enable it and setup servers etc -
>> are there any gotchas with database replication or security that I need to
>> be aware of? I don't plan on changing the hostname of the servers
>> themselves or their IP addresses.
>>
>>
>>
>> The old cluster has CTLs/USB tokens. The "slightly" newer cluster is just
>> running in security-by-default mode. Both clusters are @ version 9.1.
>>
>>
>>
>> My research thus far seems to say turning DNS up on earlier versions of
>> CUCM required rebuilds but seems to not be the case now, but I haven't
>> turned up anything in the official docs. I have a TAC case open to ask
>> about it but I'm still at the explain DNS and what my business case is
>> stage ;)
>>
>>
>>
>> Appreciate any tips!
>>
>>
>>
>> Thanks,
>>
>> Ed
>>
>>
>>
>>
>>
>>
>>
>> --
>> Ed Leatherman
>>
>
>
>
>  --
> Ed Leatherman
>  _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>

-- 
Ed Leatherman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150326/c4397932/attachment.html>