We switched to IP addresses for our CUCM server entries and haven’t had any application problems. Jabber appears to use the hostnames set in the “UC Server” settings not the System->Server settings. Windows accepts IP addresses in certificate Subject Alt Name attributes too.
We had an issue at one point where some of our phones briefly lost L3 access to DNS and CUCM briefly (no SRST). They were down for 10 minutes or so after the network came back. Seemed like they didn’t like that they had been unable to resolve the CUCM DNS entries. IP address server entries have worked great. Switching just involves change the System->Server entries and rebooting the cluster. I heard that the reboot isn’t necessarily required but RTMT was broken after the change and I was just more comfortable with the reboot anyway. From: cisco-voip [mailto:[email protected]] On Behalf Of Jason Aarons (AM) Sent: 26 May 2015 7:03 PM To: Gyrion, Larry; Cisco-voip ([email protected]) Subject: Re: [cisco-voip] Changing DNS entries in Call Manager 9.1.2.10000-28 Everything is hostnames so https works without complaining. Certificates with ip addresses give warnings. 443/TLS/PKI is the future ☺ You can change CUCM back to ip address but applications and websites, clients like Jabber, will give warnings/errors. I think your DNS should be rock solid, maybe you need secondary/tertiary dns entries. From: cisco-voip [mailto:[email protected]] On Behalf Of Gyrion, Larry Sent: Tuesday, May 26, 2015 5:20 PM To: Cisco-voip ([email protected]<mailto:[email protected]>) Subject: [cisco-voip] Changing DNS entries in Call Manager 9.1.2.10000-28 We had an issue where we lost outbound calling ability when out primary DNS experiencing an unscheduled outage. Our DNS entries are by host-name, not IP address. (it never failed over to the secondary DNS server, other items like computers did and internal and incoming traffic was working fine) We also use UCCE 9 I’m not sure why it was configured by host name rather than IP address when it was configured a long time ago. So my questions are: Is there a valid reason why we use host-names instead of ip addresses? How can we change from host-name to IP address? Will this affect the licensing (ELM)? (The below is reference to pre 9.0 CUCM) From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Anthony Holloway Sent: Monday, January 26, 2015 8:13 PM To: Gyrion, Larry; Cisco-voip ([email protected]<mailto:[email protected]>) Subject: Re: [cisco-voip] Changing DNS entries in Call Manager 8.6.2 The easiest way to view the license MAC, is to SSH to the server, and issue the show status command. Also, http://cisco.com/go/license<http://cisco.com/go/license> enables you to rehost your own license files without opening a case. Of course, I don't guarantee you'll be successful, but it's nice to know this option exists. [Inline image 1] Another thing to note, you will get 30 days to rehost your license before anything bad happens to your servers, but if you're in a pinch, and you're like on day 28 and you need like 10 more days, you can revert your change, then make the same change again, to restart the 30 day period. If that was confusing, let me use this example. If my primary DNS was 1.1.1.1, and I changed it to 2.2.2.2, I would have 30 days to rehost my licenses. On day 28, I set the primary DNS back to 1.1.1.1, then immediately back to 2.2.2.2, and the 30 days starts over. Last, buy certainly not least, if you are changing DNS settings, it would be imperative for you to consider what might happen if you changed your DNS suffix. I cannot speak to your environment exactly, but suffice it to say, certificates are based on names, and names sometimes contain DNS suffixes. You might start a chain reaction of changes, and as such you should plan that piece out more carefully. If you're only changing DNS server addresses, then you can ignore this last paragraph. Good luck. On Mon Jan 26 2015 at 4:43:19 PM Gyrion, Larry <[email protected]<mailto:[email protected]>> wrote: Looking for some guidance on updating the DNS entries on our CUCM cluster. A colleague went through the process, but upon entering the command received a warning stating that the change would invalidate our licenses. Has anybody come across this before, and if so, what was the proper course of action to ensure license preservation? CUCM 8.6.2 Thank you, Larry Gyrion | Telecommunications Analyst | Information Technology Dean Clinic - Corporate offices 1800 W. Beltline Hwy Madison WI. 53713 Phone 608.294.6201<tel:608.294.6201> | 5406201| Fax 608.280.6852<tel:608.280.6852> [email protected]<mailto:[email protected]> | www.deancare.com<http://www.deancare.com/> Partners who care The information contained in this e-mail message and any attachments may be proprietary and is intended only for the confidential use of the designated recipient named above. If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this communication in error please notify us immediately at the e-mail address listed above. Thank you. _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip<https://puck.nether.net/mailman/listinfo/cisco-voip> ________________________________ Confidentiality Notice: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. itevomcid The contents of this message may contain confidential and/or privileged subject matter. If this message has been received in error, please contact the sender and delete all copies. Like other forms of communication, e-mail communications may be vulnerable to interception by unauthorized parties. If you do not wish us to communicate with you by e-mail, please notify us at your earliest convenience. In the absence of such notification, your consent is assumed. Should you choose to allow us to communicate by e-mail, we will not take any additional security measures (such as encryption) unless specifically requested. If you no longer wish to receive commercial messages, you can unsubscribe by accessing this link: http://www.bennettjones.com/unsubscribe
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
