[cisco-voip] Changing DNS entries in Call Manager 9.1.2.10000-28

Thu May 28 10:43:02 EDT 2015

If you're using UDS for Directory Lookup with Jabber, users will get
certificate warnings since CUCM will present whatever is in the
System->Server list as the UDS servers.  Some internal CAs will allow you
to add the IP address as a SAN to the tomcat certificate to workaround this.

On Thu, May 28, 2015 at 10:26 AM, Eric Pedersen <PedersenE at bennettjones.com>
wrote:

>  We switched to IP addresses for our CUCM server entries and haven’t had
> any application problems. Jabber appears to use the hostnames set in the
> “UC Server” settings not the System->Server settings.  Windows accepts IP
> addresses in certificate Subject Alt Name attributes too.
>
>
>
> We had an issue at one point where some of our phones briefly lost L3
> access to DNS and CUCM briefly (no SRST). They were down for 10 minutes or
> so after the network came back. Seemed like they didn’t like that they had
> been unable to resolve the CUCM DNS entries. IP address server entries have
> worked great.
>
>
>
> Switching just involves change the System->Server entries and rebooting
> the cluster. I heard that the reboot isn’t necessarily required but RTMT
> was broken after the change and I was just more comfortable with the reboot
> anyway.
>
>
>
> *From:* cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] *On Behalf
> Of *Jason Aarons (AM)
> *Sent:* 26 May 2015 7:03 PM
> *To:* Gyrion, Larry; Cisco-voip (cisco-voip at puck.nether.net)
> *Subject:* Re: [cisco-voip] Changing DNS entries in Call Manager
> 9.1.2.10000-28
>
>
>
> Everything is hostnames so https works without complaining.  Certificates
> with ip addresses give warnings.  443/TLS/PKI is the future J
>
>
>
> You can change CUCM back to ip address but applications and websites,
> clients like Jabber, will give warnings/errors.  I think your DNS should be
> rock solid, maybe you need secondary/tertiary dns entries.
>
>
>
> *From:* cisco-voip [mailto:cisco-voip-bounces at puck.nether.net
> <cisco-voip-bounces at puck.nether.net>] *On Behalf Of *Gyrion, Larry
> *Sent:* Tuesday, May 26, 2015 5:20 PM
> *To:* Cisco-voip (cisco-voip at puck.nether.net)
> *Subject:* [cisco-voip] Changing DNS entries in Call Manager
> 9.1.2.10000-28
>
>
>
>
>
> We had an issue where we lost outbound calling ability when out primary
> DNS experiencing an unscheduled outage.
>
> Our DNS entries are by host-name, not IP address.  (it never failed over
> to the secondary DNS server, other items like computers did and internal
> and incoming traffic was working fine)
>
>
>
> We also use UCCE 9
>
>
>
> I’m not sure why it was configured by host name rather than IP address
> when it was configured a long time ago.
>
>
>
> So my questions are:
>
> Is there a valid reason why we use host-names instead of ip addresses?
>
>
>
> How can we change from host-name to IP address?
>
> Will this affect the licensing (ELM)? (The below is reference to pre 9.0
> CUCM)
>
>
>
> *From:* avholloway at gmail.com [mailto:avholloway at gmail.com
> <avholloway at gmail.com>] *On Behalf Of *Anthony Holloway
> *Sent:* Monday, January 26, 2015 8:13 PM
> *To:* Gyrion, Larry; Cisco-voip (cisco-voip at puck.nether.net)
> *Subject:* Re: [cisco-voip] Changing DNS entries in Call Manager 8.6.2
>
>
>
> The easiest way to view the license MAC, is to SSH to the server, and
> issue the show status command.
>
>
>
> Also, http://cisco.com/go/license enables you to rehost your own license
> files without opening a case.  Of course, I don't guarantee you'll be
> successful, but it's nice to know this option exists.
>
>
>
> [image: Inline image 1]
>
>
>
> Another thing to note, you will get 30 days to rehost your license before
> anything bad happens to your servers, but if you're in a pinch, and you're
> like on day 28 and you need like 10 more days, you can revert your change,
> then make the same change again, to restart the 30 day period.
>
>
>
> If that was confusing, let me use this example.  If my primary DNS was
> 1.1.1.1, and I changed it to 2.2.2.2, I would have 30 days to rehost my
> licenses.  On day 28, I set the primary DNS back to 1.1.1.1, then
> immediately back to 2.2.2.2, and the 30 days starts over.
>
>
>
> Last, buy certainly not least, if you are changing DNS settings, it would
> be imperative for you to consider what might happen if you changed your DNS
> suffix.  I cannot speak to your environment exactly, but suffice it to say,
> certificates are based on names, and names sometimes contain DNS suffixes.
> You might start a chain reaction of changes, and as such you should plan
> that piece out more carefully.  If you're only changing DNS server
> addresses, then you can ignore this last paragraph.
>
>
>
> Good luck.
>
>
>
> On Mon Jan 26 2015 at 4:43:19 PM Gyrion, Larry <Larry.Gyrion at deancare.com>
> wrote:
>
> Looking for some guidance on updating the DNS entries on our CUCM
> cluster.  A colleague went through the process, but upon entering the
> command received a warning stating that the change would invalidate our
> licenses.  Has anybody come across this before, and if so, what was the
> proper course of action to ensure license preservation?
>
> CUCM 8.6.2
>
>
>
>
>
> Thank you,
>
> *Larry Gyrion** | Telecommunications Analyst | Information Technology*
> Dean Clinic - Corporate offices
> 1800 W. Beltline Hwy
> Madison WI. 53713
> Phone 608.294.6201 | 5406201| Fax 608.280.6852
> larry.gyrion at deancare.com | www.deancare.com
>
> *Partners who care*
>
>
>
>
>
> The information contained in this e-mail message and any attachments may
> be proprietary and is intended only for the confidential use of the
> designated recipient named above. If the reader of this message is not the
> intended recipient or an agent responsible for delivering it to the
> intended recipient, you are hereby notified that you have received this
> document in error and that any review, dissemination, distribution or
> copying of this message is strictly prohibited. If you have received this
> communication in error please notify us immediately at the e-mail address
> listed above. Thank you.
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>  ------------------------------
>
>
> Confidentiality Notice: This email message, including any attachments, is
> for the sole use of the intended recipient(s) and may contain confidential
> and privileged information. Any unauthorized review, use, disclosure or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply email and destroy all copies of the original
> message.
>
>
> itevomcid
>
>
> The contents of this message may contain confidential and/or privileged
> subject matter. If this message has been received in error, please contact
> the sender and delete all copies. Like other forms of communication, e-mail
> communications may be vulnerable to interception by unauthorized parties.
> If you do not wish us to communicate with you by e-mail, please notify us
> at your earliest convenience. In the absence of such notification, your
> consent is assumed. Should you choose to allow us to communicate by e-mail,
> we will not take any additional security measures (such as encryption)
> unless specifically requested.
>
> If you no longer wish to receive commercial messages, you can unsubscribe
> by accessing this link: http://www.bennettjones.com/unsubscribe
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150528/0e14ca7c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16825 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150528/0e14ca7c/attachment.png>