<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Verdana; font-size: 10pt; color: #000000'>Thanks Wes. This thread has been extremely helpful.<br><br>---<br>Lelio Fulgenzi, B.A.<br>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>"Bad grammar makes me [sic]" - Tshirt<br><br><br>----- Original Message -----<br>From: "Wes Sisk" <wsisk@cisco.com><br>To: "Lelio Fulgenzi" <lelio@uoguelph.ca><br>Cc: "cisco-voip mailinglist" <cisco-voip@puck.nether.net>, "Ed Leatherman" <ealeatherman@gmail.com><br>Sent: Monday, September 28, 2009 5:06:58 PM GMT -05:00 US/Canada Eastern<br>Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?<br><br>
<link href="/zimbra/css/msgview.css?v=081117021119" rel="stylesheet">
Negative testing verifies that desirable behavior occurs when product
is used outside recommended use. Examples would include performing
tests:<br>
* CM with DNS configured but DNS server powered down<br>
* CM with DNS configured, physical DNS server running, but DNS service
stopped<br>
* CM with DNS configured, DNS server and service running, but changing
the forward entry to return an incorrect value<br>
* CM with DNS configured, DNS server and service running, but DNS
returning resolution failure<br>
<br>
negative testing would assure 'fail safe' behavior in these conditions.
'Fail Safe' is fire doors defaulting to unlocked during power failure.<br>
<br>
/wes<br>
<br>
<br>
On Monday, September 28, 2009 4:46:44 PM, Lelio Fulgenzi
<a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a> wrote:<br>
<blockquote cite="mid:1928500739.9064171254170804568.JavaMail.root@simcoe.cs.uoguelph.ca">
<style>p { margin: 0; }</style>
<div style="font-family: Verdana; font-size: 10pt; color: rgb(0, 0, 0);">Agreed.
Unfortunately, with so many features requiring it, it may not be an
option.<br>
<br>
What do you mean by "negative testing"<br>
<br>
---<br>
Lelio Fulgenzi, B.A.<br>
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
"Bad grammar makes me [sic]" - Tshirt<br>
<br>
<br>
----- Original Message -----<br>
From: "Wes Sisk" <a class="moz-txt-link-rfc2396E" href="mailto:wsisk@cisco.com" target="_blank"><wsisk@cisco.com></a><br>
To: "Lelio Fulgenzi" <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a><br>
Cc: "cisco-voip mailinglist" <a class="moz-txt-link-rfc2396E" href="mailto:cisco-voip@puck.nether.net" target="_blank"><cisco-voip@puck.nether.net></a>, "Ed
Leatherman" <a class="moz-txt-link-rfc2396E" href="mailto:ealeatherman@gmail.com" target="_blank"><ealeatherman@gmail.com></a><br>
Sent: Monday, September 28, 2009 4:35:58 PM GMT -05:00 US/Canada Eastern<br>
Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?<br>
<br>
Agreed based on both personal preference and experience. IMHO removing
dependency is best measure where when components cannot agree on SLA. <br>
<br>
Also noteworthy that core CM test does not perform 'negative testing'
of DNS responses and availability. This highly weights my approach to
the issue.<br>
<br>
/Wes<br>
<br>
On Monday, September 28, 2009 4:25:46 PM, Lelio Fulgenzi
<a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a>
wrote:<br>
<blockquote cite="mid:2012043053.9055391254169546218.JavaMail.root@simcoe.cs.uoguelph.ca">
<style>p { margin: 0; }</style>
<div style="font-family: Verdana; font-size: 10pt; color: rgb(0, 0, 0);">You
hit the nail on the head with SLAs - DNS SLA -ge VOIP SLA.<br>
<br>
It seems to me, that most things will continue to work, but it's during
some sort of administration/maintenance that things may go awry. But of
course, anything can pop up.<br>
<br>
<br>
<br>
---<br>
Lelio Fulgenzi, B.A.<br>
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
"Bad grammar makes me [sic]" - Tshirt<br>
<br>
<br>
----- Original Message -----<br>
From: "Wes Sisk" <a class="moz-txt-link-rfc2396E" href="mailto:wsisk@cisco.com" target="_blank"><wsisk@cisco.com></a><br>
To: "Lelio Fulgenzi" <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a><br>
Cc: "cisco-voip mailinglist" <a class="moz-txt-link-rfc2396E" href="mailto:cisco-voip@puck.nether.net" target="_blank"><cisco-voip@puck.nether.net></a>, "Ed
Leatherman" <a class="moz-txt-link-rfc2396E" href="mailto:ealeatherman@gmail.com" target="_blank"><ealeatherman@gmail.com></a><br>
Sent: Monday, September 28, 2009 4:14:10 PM GMT -05:00 US/Canada Eastern<br>
Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?<br>
<br>
Unfortunately, it depends.<br>
<br>
With<br>
CSCsq66400 clm rewrites all hosts file entries on subscriber at
every reboot<br>
the name resolution files such as /etc/hosts were rewritten on every
reboot. To accomplish this cluster manager (clm) would attempt
forward/reverse DNS resolution at every reboot. For versions without
the fix for CSCsq66400 any reboot with DNS down, incorrect, or
unreachable will cause informix to not start and therefore critical
system failure.<br>
<br>
CSCsq66400 should help some and CSCsw88022 should help some more.
However, this is clearly corner case. In general if CM is configured
with DNS then DNS needs to carry same or similar SLA to CM.<br>
<br>
/Wes<br>
<br>
On Monday, September 28, 2009 4:03:13 PM, Lelio Fulgenzi <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a>
wrote:<br>
<blockquote cite="mid:221554967.9043581254168193312.JavaMail.root@simcoe.cs.uoguelph.ca">
<style>p { margin: 0; }</style>
<div style="font-family: Verdana; font-size: 10pt; color: rgb(0, 0, 0);">Thanks
Wes. This really highlights the requirements. I notice the bug you
pointed out was only for an upgrade though. Not for actual operations.
Do you think CUCM/informix won't start up without DNS after a normal
restart?<br>
<br>
---<br>
Lelio Fulgenzi, B.A.<br>
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
"Bad grammar makes me [sic]" - Tshirt<br>
<br>
<br>
----- Original Message -----<br>
From: "Wes Sisk" <a class="moz-txt-link-rfc2396E" href="mailto:wsisk@cisco.com" target="_blank"><wsisk@cisco.com></a><br>
To: "Lelio Fulgenzi" <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a><br>
Cc: "cisco-voip mailinglist" <a class="moz-txt-link-rfc2396E" href="mailto:cisco-voip@puck.nether.net" target="_blank"><cisco-voip@puck.nether.net></a>, "Ed
Leatherman" <a class="moz-txt-link-rfc2396E" href="mailto:ealeatherman@gmail.com" target="_blank"><ealeatherman@gmail.com></a><br>
Sent: Monday, September 28, 2009 3:48:30 PM GMT -05:00 US/Canada Eastern<br>
Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?<br>
<br>
Good points, DNS required for reverse resolution of SIP endpoints.
Most presence deployments will use CUPS which has heavy AD dependence
which will require AD which will necessitate DNS. In short, yes,
presence will likely require DNS as well.<br>
<br>
NAT explanation:<br>
Whatever is configured under system->server is what gets populated
into TFTP configuration files passed to devices. Since there is
nothing out there to fixup XML, and especially encrypted/signed XML
files, the hostname would be passed to endpoint. Endpoint would
attempt DNS resolution. That DNS query would be fixedup to return the
outside IP of CUCM. If you specified an IP under system->server the
endpoint would attempt to contact that IP directly. You could only
redirect/NAT that session if you controlled IP routing in the remote
subnet. DNS fixup is a more friendly/transparent option.<br>
<br>
AD explanation:<br>
AD sync must be configured with servername. Name to IP resolution
requires DNS.<br>
<br>
/Wes<br>
<br>
On Monday, September 28, 2009 3:43:34 PM, Lelio Fulgenzi <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a>
wrote:<br>
<blockquote cite="mid:118551312.9031391254167014822.JavaMail.root@simcoe.cs.uoguelph.ca">
<style>p { margin: 0; }</style>
<div style="font-family: Verdana; font-size: 10pt; color: rgb(0, 0, 0);">Yowza
- Can you elaborate on what you mean by NAT and/or AD? <br>
<ul>
<li>Endpoints doing NAT somewhere out there? Not sure why
you'd
need DNS for that.</li>
<li>As for AD, do you mean AD/LDAP integration/synchroniation?</li>
</ul>
I would have though you need DNS for SIP endpoints, presence, etc.<br>
<br>
<br>
<br>
---<br>
Lelio Fulgenzi, B.A.<br>
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
"Bad grammar makes me [sic]" - Tshirt<br>
<br>
<br>
----- Original Message -----<br>
From: "Wes Sisk" <a class="moz-txt-link-rfc2396E" href="mailto:wsisk@cisco.com" target="_blank"><wsisk@cisco.com></a><br>
To: "Lelio Fulgenzi" <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a><br>
Cc: "cisco-voip mailinglist" <a class="moz-txt-link-rfc2396E" href="mailto:cisco-voip@puck.nether.net" target="_blank"><cisco-voip@puck.nether.net></a>, "Ed
Leatherman" <a class="moz-txt-link-rfc2396E" href="mailto:ealeatherman@gmail.com" target="_blank"><ealeatherman@gmail.com></a><br>
Sent: Monday, September 28, 2009 3:40:39 PM GMT -05:00 US/Canada Eastern<br>
Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?<br>
<br>
If doing NAT or AD it is required. Otherwise it is still a liability.
Example: <br>
CSCsw88022 Database should still start and function when DNS is
unavailable <br>
<br>
In this case Informix will not start if configured DNS servers are
unreachable.<br>
<br>
/Wes<br>
<br>
On Monday, September 28, 2009 3:33:41 PM, Lelio Fulgenzi <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a>
wrote:<br>
<blockquote cite="mid:968576007.9025891254166421807.JavaMail.root@simcoe.cs.uoguelph.ca">
<style>p { margin: 0; }</style>
<div style="font-family: Verdana; font-size: 10pt; color: rgb(0, 0, 0);">interesting.
is the recommendation still to <span style="font-weight: bold; font-style: italic; text-decoration: underline;">not</span>
enable DNS on CUCM servers?<br>
<br>
---<br>
Lelio Fulgenzi, B.A.<br>
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
"Bad grammar makes me [sic]" - Tshirt<br>
<br>
<br>
----- Original Message -----<br>
From: "Wes Sisk" <a class="moz-txt-link-rfc2396E" href="mailto:wsisk@cisco.com" target="_blank"><wsisk@cisco.com></a><br>
To: "Lelio Fulgenzi" <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a><br>
Cc: "cisco-voip mailinglist" <a class="moz-txt-link-rfc2396E" href="mailto:cisco-voip@puck.nether.net" target="_blank"><cisco-voip@puck.nether.net></a>, "Ed
Leatherman" <a class="moz-txt-link-rfc2396E" href="mailto:ealeatherman@gmail.com" target="_blank"><ealeatherman@gmail.com></a><br>
Sent: Monday, September 28, 2009 3:31:18 PM GMT -05:00 US/Canada Eastern<br>
Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?<br>
<br>
yes, but the dependence on DNS will still affect you intermittently.<br>
<br>
/wes<br>
<br>
On Monday, September 28, 2009 3:28:57 PM, Lelio Fulgenzi <a class="moz-txt-link-rfc2396E" href="mailto:lelio@uoguelph.ca" target="_blank"><lelio@uoguelph.ca></a>
wrote:<br>
<blockquote cite="mid:1561852362.9023051254166137273.JavaMail.root@simcoe.cs.uoguelph.ca">
<style>p { margin: 0; }</style>
<div style="font-family: Verdana; font-size: 10pt; color: rgb(0, 0, 0);">Wes,<br>
<br>
Can we enable DNS but still program the IP address of the CUCM nodes ?<br>
<br>
---<br>
Lelio Fulgenzi, B.A.<br>
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>
(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
"Bad grammar makes me [sic]" - Tshirt<br>
<br>
<br>
----- Original Message -----<br>
From: "Wes Sisk" <a class="moz-txt-link-rfc2396E" href="mailto:wsisk@cisco.com" target="_blank"><wsisk@cisco.com></a><br>
To: "Ed Leatherman" <a class="moz-txt-link-rfc2396E" href="mailto:ealeatherman@gmail.com" target="_blank"><ealeatherman@gmail.com></a><br>
Cc: "cisco-voip mailinglist" <a class="moz-txt-link-rfc2396E" href="mailto:cisco-voip@puck.nether.net" target="_blank"><cisco-voip@puck.nether.net></a><br>
Sent: Monday, September 28, 2009 3:26:26 PM GMT -05:00 US/Canada Eastern<br>
Subject: Re: [cisco-voip] DNS client on CUCM, Unity servers?<br>
<br>
Enabling DNS will affect all operations. It's not a component-wise
defined feature, think all or nothing. <br>
<br>
All code calls gethostbyname(), gethostbyip(),gethostentry().. which
invokes host name resolution features.<br>
<br>
Just make sure:<br>
1. forward resolution for all servers work<br>
2. reverse resolution for all servers work<br>
3. all servers use same dns suffix<br>
<br>
CLI 'set network dns...' is the command set to set and enable dns.<br>
<br>
/Wes<br>
<br>
On Monday, September 28, 2009 3:09:26 PM, Ed Leatherman <a class="moz-txt-link-rfc2396E" href="mailto:ealeatherman@gmail.com" target="_blank"><ealeatherman@gmail.com></a>
wrote:<br>
<blockquote cite="mid:94a1afde0909281209u6f6319f9w6f4f095bc84e3299@mail.gmail.com">Follow-up
question about DNS.. <br>
<br>
Originally I did not enable DNS on any nodes, as it was not needed. I
would now like to configure an SMTP server for alerts, and our systems
group wants me to use a name instead of IP. Are there any ramifications
to turning on DNS, regarding things like database replication or
intracluster communications? My servers are all defined by IP
addresses, so it should be using that through-out, right?<br>
<br>
I'm assuming various "set network dns*" commands will turn this on if I
decide to do that.<br>
<br>
<div class="gmail_quote">On Tue, Aug 18, 2009 at 10:46
AM,
Wes
Sisk <span dir="ltr"><<a href="mailto:wsisk@cisco.com" target="_blank">wsisk@cisco.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>On the surface this seems an odd question so I'm
sure
there
is
misunderstanding.<br>
<br>
CM needs access to DNS to perform forward and reverse lookups on:<br>
SIP endpoints<br>
h323 endpoints<br>
AD servers<br>
other nodes in the cluster<br>
<br>
There are deployments which do not use any of these and therefore do
not need access to a DNS server. On those, DNS can be disabled.<br>
<br>
/Wes
<div>
<div class="h5"><br>
<br>
On Tuesday, August 18, 2009 1:54:37 AM , ciscozest <a href="mailto:ciscozest@gmail.com" target="_blank"><ciscozest@gmail.com></a> wrote:<br>
</div>
</div>
<blockquote>
<div>
<div class="h5">
<p style="margin: 0cm 0cm 0pt;"><font size="3" face="Times New Roman">We have 3 CUCM 7.0 servers and only
one Unity Connection 7.0 server.</font></p>
<p style="margin: 0cm 0cm 0pt;"><font size="3" face="Times New Roman">We use a load balancer for IP Phone
services redundancy. There is no integration with any third party
components. When I check our UC system, I found out that DNS client
service is enabled on both CUCM and Unity servers which I don’t quite
understand why is needed. The Services URL on CUCM is pointing to load
balancer IP. Would there be any other reason we have to enable DNS
client on CUCM and Unity server? Also is there a load impact by
enabling DNS client service?</font></p>
<p style="margin: 0cm 0cm 0pt;"><font size="3" face="Times New Roman"> </font></p>
<p style="margin: 0cm 0cm 0pt;"><font size="3" face="Times New Roman">Thank you.</font></p>
</div>
</div>
<pre><hr size="4" width="90%">
_______________________________________________
cisco-voip mailing list
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a>
</pre>
</blockquote>
<br>
</div>
<br>
_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
<br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
Ed Leatherman<br>
<br>
</blockquote>
<br>
<br>
_______________________________________________
cisco-voip mailing list <a class="moz-txt-link-abbreviated" href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a>
<a class="moz-txt-link-freetext" href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a>
</div>
</blockquote>
<br>
</div>
</blockquote>
<br>
</div>
</blockquote>
<br>
</div>
</blockquote>
<br>
</div>
</blockquote>
<br>
</div>
</blockquote>
<br>
</div></body></html>