[cisco-voip] Are there any gotchas to watch out for switching to FQDN server names from IP address server names?

Wed Aug 31 17:17:14 EDT 2016

Thanks Ryan. Yes, I'm just trying to change the process node names. Right
now, when someone logs in with cucilync, it prompts them for several
certificates. Those certs are references a CN that is an IP address. I'm
thinking that if I change the node name to an FQDN, and assuming I have my
cert chain signed properly and deployed, hopefully the end user will NOT
see these cert warnings any more. Does that sound about right?

On Wed, Aug 31, 2016 at 3:39 PM, Ryan Huff <ryanhuff at outlook.com> wrote:

> Nick,
>
>
> If the UC servers already have DNS entries (means they already have a
> domain name too); then the servers are already using FQDNs, at least for
> internal referencing. If you're saying the you want to change the
> processNode names (the CM Server references) then as long as the FQDNs are
> resolvable in the forward and reverse direction, it should be fine.
>
>
> If you need to change the hostname or domain names of the servers to
> something more palatable (a crossroads often encountered when dealing with
> Jabber and end users and UC servers that were IP addresses first); that is
> a horse of a much different color; please *carefully *consult
> http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/
> install/10_0_1/ipchange/CUCM_BK_C3782AAB_00_change-
> ipaddress-hostname-100/CUCM_BK_C3782AAB_00_change-ipaddress-hostname-100_
> chapter_0100.html (especially in the case of IM & Presence HA)
>
>
> If you are also talking about changing the IP Phone URL references under
> Enterprise Parameters (from IP address to FQDN); your phone networks will
> need DNS capabilities to resolve those FQDNs as well. As a matter of
> practice, I always ensure IP phone networks have DNS capabilities, but it
> can be uncommonly found out in the wild.
>
>
> Beyond that, if you are simply just changing the processNode references
> for IP addresses to FQDNs (presumably, so CUCM requests come from an FQDN
> and not an IP address) and everything is already resolving correctly, you
> should be g2g.
>
>
> Thanks,
>
>
> = Ryan =
>
>
>
>
> ------------------------------
> *From:* cisco-voip <cisco-voip-bounces at puck.nether.net> on behalf of Nick
> Barnett <nicksbarnett at gmail.com>
> *Sent:* Wednesday, August 31, 2016 4:13 PM
> *To:* Cisco VoIP Group
> *Subject:* [cisco-voip] Are there any gotchas to watch out for switching
> to FQDN server names from IP address server names?
>
> We are on 10.0 and this cluster has been upgraded over the years from 8.0
> to 8.6 to 10.0.  I know it used to be common practice to rip the host name
> out of a new node and put in the IP address. That's how we are set up...
> but now that I need to do some work with certs so that jabber and cucilync
> work properly, it's time to fix this.
>
> Is there anything I should watch out for? Anything that may bite me in
> rare cases? We have CER, CVP, CUC, UCCE and a rarely used IMP.
>
> I checked that each node has DNS enabled by looking at "show network eth0"
> on each sub. I also then looked up each FQDN from each node and they all
> resolve properly. As far as I know, that's about it.
>
> Thanks in advance!
>
> nick
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20160831/a2536641/attachment.html>