<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
ITL being regenerated is ok as long as the cert that signed it (CallManager.pem of the TFTP server) doesn’t change. Changing DNS domain names will absolutely regenerate all your certs.
<div class=""><br class="">
</div>
<div class="">Specific to this the CTL does have the IP address in it, and older phones actually used to enforce that the TFTP server was in the CTL file (killer in the lab when changing alt tftp a lot). </div>
<div class=""><br class="">
</div>
<div class="">It could also have been a change you made a long time ago, just never got “implemented” until the reboot and the new cert or whatever started getting used. </div>
<div class=""><br class="">
<div class=""> -Ryan </div>
<br class="">
<div>
<div class="">On May 1, 2017, at 9:55 AM, Brian Meade <<a href="mailto:bmeade90@vt.edu" class="">bmeade90@vt.edu</a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div dir="ltr" class="">Sounds like it was only phones that just have a CTL that were affected. Models with CTL and ITL or ITL only should not have been affected.</div>
<div class="gmail_extra"><br class="">
<div class="gmail_quote">On Mon, May 1, 2017 at 12:31 AM, Ben Amick <span dir="ltr" class="">
<<a href="mailto:bamick@humanarc.com" target="_blank" class="">bamick@humanarc.com</a>></span> wrote:<br class="">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="auto" class="">
<div class="">Our 6900s and 8831s and 7900 comfy phones were ok, but seemingly all our 7900 desk phones as well as all the CIPCs were affected<span class="HOEnZb"><font color="#888888" class=""><br class="">
<br class="">
Ben Amick
<div class="">Telecom Analyst</div>
</font></span></div>
<div class="">
<div class="h5">
<div class=""><br class="">
On May 1, 2017, at 12:19 AM, Brian Meade <<a href="mailto:bmeade90@vt.edu" target="_blank" class="">bmeade90@vt.edu</a>> wrote:<br class="">
<br class="">
</div>
<blockquote type="cite" class="">
<div class="">
<div dir="ltr" class="">Did you have trust list issues on all phones or just pre-SBD model phones like 7960s/40s that have CTLs only?</div>
<div class="gmail_extra"><br class="">
<div class="gmail_quote">On Sun, Apr 30, 2017 at 2:17 PM, Ben Amick <span dir="ltr" class="">
<<a href="mailto:bamick@humanarc.com" target="_blank" class="">bamick@humanarc.com</a>></span> wrote:<br class="">
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple" class="">
<div class="m_-3598844822827544233m_5224969718100416961WordSection1">
<p class="MsoNormal"><span style="font-family:"Garamond",serif;color:#1f497d" class="">So it seems like it wasn’t the ITL file at fault, but rather the CTL file not being updated<u class=""></u><u class=""></u></span></p>
<p class="MsoNormal"><span style="font-family:"Garamond",serif;color:#1f497d" class=""><u class=""></u> <u class=""></u></span></p>
<p class="MsoNormal" style="text-autospace:none"><b class=""><span style="font-size:10.0pt;font-family:"Garamond",serif;color:#3b3838" class="">Ben Amick<u class=""></u><u class=""></u></span></b></p>
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.0pt;font-family:"Garamond",serif;color:#3b3838" class="">Telecom Analyst</span><span style="font-size:9.0pt;font-family:"Garamond",serif;color:#666666" class=""><u class=""></u><u class=""></u></span></p>
<p class="MsoNormal"><span style="font-family:"Garamond",serif;color:#1f497d" class=""><u class=""></u> <u class=""></u></span></p>
<p class="MsoNormal"><b class=""><span style="font-size:11.0pt;font-family:"Calibri",sans-serif" class="">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif" class=""> James Buchanan [mailto:<a href="mailto:james.buchanan2@gmail.com" target="_blank" class="">james.buchanan2@gmail.<wbr class="">com</a>]
<br class="">
<b class="">Sent:</b> Sunday, April 30, 2017 2:06 PM<br class="">
<b class="">To:</b> Ben Amick <<a href="mailto:bamick@HumanArc.com" target="_blank" class="">bamick@HumanArc.com</a>><br class="">
<b class="">Cc:</b> Ryan Huff <<a href="mailto:ryanhuff@outlook.com" target="_blank" class="">ryanhuff@outlook.com</a>>; Gary Bates_Command Solutions <<a href="mailto:gbates@commandsolutions.com.au" target="_blank" class="">gbates@commandsolutions.com.a<wbr class="">u</a>>;
<a href="mailto:cisco-voip@puck.nether.net" target="_blank" class="">cisco-voip@puck.nether.net</a></span></p>
<div class="">
<div class="m_-3598844822827544233h5"><br class="">
<b class="">Subject:</b> Re: [cisco-voip] Migrating IP space<u class=""></u><u class=""></u></div>
</div>
<div class=""><br class="webkit-block-placeholder">
</div>
<div class="">
<div class="m_-3598844822827544233h5">
<p class="MsoNormal"><u class=""></u> <u class=""></u></p>
<div class="">
<div class="">
<div class="">
<div class="">
<p class="MsoNormal" style="margin-bottom:12.0pt">Hello,<u class=""></u><u class=""></u></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">This is expected behavior if I read this correctly:
<a href="http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/install/9_0_1/ipchange/CUCM_BK_C936116C_00_changing-ipaddress-hostname-cucm-90.html#wp69916%0A" target="_blank" class="">
http://www.cisco.com/c/en/us/t<wbr class="">d/docs/voice_ip_comm/cucm/inst<wbr class="">all/9_0_1/ipchange/CUCM_BK_<wbr class="">C936116C_00_changing-ipaddress<wbr class="">-hostname-cucm-90.html#<wbr class="">wp69916%0A</a>.<u class=""></u><u class=""></u></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Thanks,<u class=""></u><u class=""></u></p>
</div>
<p class="MsoNormal">James<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"><u class=""></u> <u class=""></u></p>
<div class="">
<p class="MsoNormal">On Sun, Apr 30, 2017 at 6:54 PM, Ben Amick <<a href="mailto:bamick@humanarc.com" target="_blank" class="">bamick@humanarc.com</a>> wrote:<u class=""></u><u class=""></u></p>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in" class="">
<div class="">
<div class="">
<p class="MsoNormal"><span style="font-family:"Garamond",serif;color:#1f497d" class="">V9.1.2, yeah, just IP change, along with DNS and NTP change as well because we were migrating entire IP scopes, but no hostname or cluster changes, no.</span><u class=""></u><u class=""></u></p>
<p class="MsoNormal"><span style="font-family:"Garamond",serif;color:#1f497d" class=""> </span><u class=""></u><u class=""></u></p>
<div class="">
<p class="MsoNormal" style="text-autospace:none"><b class=""><span style="font-size:10.0pt;font-family:"Garamond",serif;color:#3b3838" class="">Ben Amick</span></b><u class=""></u><u class=""></u></p>
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.0pt;font-family:"Garamond",serif;color:#3b3838" class="">Telecom Analyst</span><u class=""></u><u class=""></u></p>
</div>
<p class="MsoNormal"><span style="font-family:"Garamond",serif;color:#1f497d" class=""> </span><u class=""></u><u class=""></u></p>
<div class="">
<div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in" class="">
<p class="MsoNormal"><b class="">From:</b> Ryan Huff [mailto:<a href="mailto:ryanhuff@outlook.com" target="_blank" class="">ryanhuff@outlook.com</a>]
<br class="">
<b class="">Sent:</b> Sunday, April 30, 2017 7:04 AM<br class="">
<b class="">To:</b> Gary Bates_Command Solutions <<a href="mailto:gbates@commandsolutions.com.au" target="_blank" class="">gbates@commandsolutions.com.a<wbr class="">u</a>><br class="">
<b class="">Cc:</b> Ben Amick <<a href="mailto:bamick@HumanArc.com" target="_blank" class="">bamick@HumanArc.com</a>>;
<a href="mailto:cisco-voip@puck.nether.net" target="_blank" class="">cisco-voip@puck.nether.net</a><br class="">
<b class="">Subject:</b> Re: [cisco-voip] Migrating IP space<u class=""></u><u class=""></u></p>
</div>
</div>
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
<div class="">
<p class="MsoNormal">Ben,<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal">The "Prepare Cluster for Rollback to Pre 8.0" parameter in part, is used to empty out the ITL and CTL files on each phone (the process to do that involves more than just setting that parameter though).<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal">As I recall, you enable the parameter, bounce TVS on each server to clear out all entries in the ITL/CTL files of each phone in TFTP, then bounce TFTP on all nodes to refresh the cache list; lastly, reboot all phones to trigger an ITL/CTL
download from TFTP. You would check a the phones and ITL/CTL should be empty.<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal">This allows the phone to "blindly" trust new ITL/CTL connections without verification. This is what you typically did when moving SBD phones between clusters when the certs were different.<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal">Now why an IP change ONLY caused that, I'm not sure specifically without seeming the files per-change compared to post-change. Other than to say given the way ITL/CTL works; it suggests something changed with how the ITL/CTL files on TFTP
were signed and when the phones downloaded them after the change, they couldn't verify ("trust") them with what they already had.<u class=""></u><u class=""></u></p>
</div>
<div class="">
<div class="">
<p class="MsoNormal"><br class="">
All you changed was the IP address of CUCM correct, nothing else? What version of CUCM?<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal">Thanks,<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal">Ryan<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">On Apr 30, 2017, at 6:20 AM, Gary Bates_Command Solutions <<a href="mailto:gbates@commandsolutions.com.au" target="_blank" class="">gbates@commandsolutions.com.a<wbr class="">u</a>> wrote:<u class=""></u><u class=""></u></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt" class="">
<div class="">
<div class="">
<p class="MsoNormal">Very odd bug fix<u class=""></u><u class=""></u></p>
</div>
<div id="m_-3598844822827544233m_5224969718100416961m_2596576685271738358AppleMailSignature" class="">
<p class="MsoNormal">I not encountered this before,<u class=""></u><u class=""></u></p>
</div>
<div id="m_-3598844822827544233m_5224969718100416961m_2596576685271738358AppleMailSignature" class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div id="m_-3598844822827544233m_5224969718100416961m_2596576685271738358AppleMailSignature" class="">
<p class="MsoNormal">I thout the idea of named hostnames for the server wod alleviate the need for any IP address dependency <u class=""></u><u class=""></u></p>
</div>
<div id="m_-3598844822827544233m_5224969718100416961m_2596576685271738358AppleMailSignature" class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div id="m_-3598844822827544233m_5224969718100416961m_2596576685271738358AppleMailSignature" class="">
<p class="MsoNormal">Did it resolve the phone connection bug ?<u class=""></u><u class=""></u></p>
</div>
<div id="m_-3598844822827544233m_5224969718100416961m_2596576685271738358AppleMailSignature" class="">
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
</div>
<div id="m_-3598844822827544233m_5224969718100416961m_2596576685271738358AppleMailSignature" class="">
<p class="MsoNormal">Gary<br class="">
<br class="">
Sent from my iPhone<u class=""></u><u class=""></u></p>
</div>
<div class="">
<p class="MsoNormal" style="margin-bottom:12.0pt"><br class="">
On 30 Apr 2017, at 3:19 pm, Ben Amick <<a href="mailto:bamick@HumanArc.com" target="_blank" class="">bamick@HumanArc.com</a>> wrote:<u class=""></u><u class=""></u></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt" class="">
<div class="">
<p class="MsoNormal">So I was performing an IP migration of systems tonight, and ran into an issue where the ITL files on every system refused to connect to the new IPs, despite the fact that the ITLs were based on the hostname of the systems. I was instructed
by TAC afterwards while trying to fix it that the proper method, regardless of version change or not, if changing any attributes of the CM, is to enable the enterprise parameter of something along the lines of “Prepare for rollback for pre 8.0 migration”
<u class=""></u><u class=""></u></p>
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
<p class="MsoNormal">Anyone else familiar with this procedure? I find that to be a strange name for something that needs to be turned on for so many different pieces of work.<u class=""></u><u class=""></u></p>
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
<p class="MsoNormal" style="text-autospace:none"><b class=""><span style="font-size:10.0pt;color:#3b3838" class="">Ben Amick</span></b><u class=""></u><u class=""></u></p>
<p class="MsoNormal" style="text-autospace:none"><span style="font-size:9.0pt;color:#3b3838" class="">Telecom Analyst</span><u class=""></u><u class=""></u></p>
<p class="MsoNormal"> <u class=""></u><u class=""></u></p>
<p class="MsoNormal"><br class="">
Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is
not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received
this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you
<u class=""></u><u class=""></u></p>
</div>
</blockquote>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt" class="">
<div class="">
<p class="MsoNormal">______________________________<wbr class="">_________________<br class="">
cisco-voip mailing list<br class="">
<a href="mailto:cisco-voip@puck.nether.net" target="_blank" class="">cisco-voip@puck.nether.net</a><br class="">
<a href="http://cp.mcafee.com/d/5fHCN0g40USyMqemnTXFK8CXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCS235DXCzB_HYCUU-PtDHTbFIFIsM--Ozt_G8EHnjlLtPBgY-F6lK1FJ4SCrLO8VZZdZV5dMTsSjDdqymoIToHMd9_7wrwCHIcfBisEeROQGmGncRAIrymS1dJRQ5lrCvmFnBPq9EVuvsdwLQzh0qmXiFqFsPmiNFtd40T8z7pOwhd40q5zh1hrrurpvdLEsL112s1OIs" target="_blank" class="">https://puck.nether.net/mailma<wbr class="">n/listinfo/cisco-voip</a><u class=""></u><u class=""></u></p>
</div>
</blockquote>
</div>
</blockquote>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt" class="">
<div class="">
<p class="MsoNormal">______________________________<wbr class="">_________________<br class="">
cisco-voip mailing list<br class="">
<a href="mailto:cisco-voip@puck.nether.net" target="_blank" class="">cisco-voip@puck.nether.net</a><br class="">
<a href="http://cp.mcafee.com/d/k-Kr6wUg6h0SyMqemnTXFK8CXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCS235DXCzB_HYCUU-PtDHTbFIFIsM--Ozt_G8EHnjlLtPBgY-F6lK1FJcSCrLO8VZZdZV5dMTsSjDdqymoIToHMd9_7wrwCHIcfBisEeROQGmGncRAIrymS1dJRQ5lrCvmFnBPq9EVuvsdwLQzh0qmXiFqFsPmiNFtd40T8z7pOwhd40q5zh1hrrurpvdXHbE" target="_blank" class="">https://puck.nether.net/mailma<wbr class="">n/listinfo/cisco-voip</a><u class=""></u><u class=""></u></p>
</div>
</blockquote>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br class="">
Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is
not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received
this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you
<br class="">
______________________________<wbr class="">_________________<br class="">
cisco-voip mailing list<br class="">
<a href="mailto:cisco-voip@puck.nether.net" target="_blank" class="">cisco-voip@puck.nether.net</a><br class="">
<a href="http://cp.mcafee.com/d/5fHCNESyMqemnNPXX31KVJ55BZBcsehd79J55BZBcsY-Orhhpvuv7ffK6Qkn3hOqerTKzsSgRmlyEa9JGX3oSVsSjrlS6NJOVIse79Knd7b_nVddNdBAQsZuVtdBVDCnxP1EVuvWyaqRQRrTjVkffGhBrwqrhdI6XYOe73xMUse7f6XCOsVHkiP5CX5u1FfUY3s4RtxxYGjB1SKmBiRiVCIBzozGLQUwToDIdwC2y8DOVJd6XXxI5-Aq83iTqlblbCqOmdbFEw6V4oXek29Ew3gIq8abrrPrbVL6LO0BEEEY8X" target="_blank" class="">https://puck.nether.net/mailma<wbr class="">n/listinfo/cisco-voip</a><u class=""></u><u class=""></u></p>
</blockquote>
</div>
<p class="MsoNormal"><u class=""></u> <u class=""></u></p>
</div>
</div>
</div>
</div>
</div>
<div class="m_-3598844822827544233HOEnZb">
<div class="m_-3598844822827544233h5"><br class="">
Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is
not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received
this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you
</div>
</div>
<br class="">
______________________________<wbr class="">_________________<br class="">
cisco-voip mailing list<br class="">
<a href="mailto:cisco-voip@puck.nether.net" target="_blank" class="">cisco-voip@puck.nether.net</a><br class="">
<a href="http://cp.mcafee.com/d/k-Kr6hEi4x8SyMqemn4kSnD3tPqabbXaoUsyqejqabbXaoVVZASyyO-Y-euvsdEEK6zAQsTLt6VIxGIH5gkjrlS6NJOVICSHIdzrBPqrwUwVsQsLZvATS6n7HLtuVtd5UQsYMMMeo76zBPG8FHnjlKYPOEuvkzaT0QSyrvdTVeXz0UsepjudTdAVPmEBCbdSaY3ivNU6U9GX33VkDa3JsJaBGBPdpb6O2LWxVEVK2y8DOVJcttVcS2_id41FrJaBGBPdpb6BQQg3syctDa14Qg1Emd455JJVJBYSVeH" rel="noreferrer" target="_blank" class="">https://puck.nether.net/mailma<wbr class="">n/listinfo/cisco-voip</a><br class="">
<br class="">
</blockquote>
</div>
<br class="">
</div>
</div>
</blockquote>
</div>
</div>
</div>
<div class="HOEnZb">
<div class="h5"><br class="">
Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is
not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received
this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
_______________________________________________<br class="">
cisco-voip mailing list<br class="">
<a href="mailto:cisco-voip@puck.nether.net" class="">cisco-voip@puck.nether.net</a><br class="">
https://puck.nether.net/mailman/listinfo/cisco-voip<br class="">
</div>
</div>
<br class="">
</div>
</body>
</html>