ITL being regenerated is ok as long as the cert that signed it (CallManager.pem of the TFTP server) doesn’t change. Changing DNS domain names will absolutely regenerate all your certs.
Specific to this the CTL does have the IP address in it, and older phones actually used to enforce that the TFTP server was in the CTL file (killer in the lab when changing alt tftp a lot). It could also have been a change you made a long time ago, just never got “implemented” until the reboot and the new cert or whatever started getting used. -Ryan On May 1, 2017, at 9:55 AM, Brian Meade <[email protected]<mailto:[email protected]>> wrote: Sounds like it was only phones that just have a CTL that were affected. Models with CTL and ITL or ITL only should not have been affected. On Mon, May 1, 2017 at 12:31 AM, Ben Amick <[email protected]<mailto:[email protected]>> wrote: Our 6900s and 8831s and 7900 comfy phones were ok, but seemingly all our 7900 desk phones as well as all the CIPCs were affected Ben Amick Telecom Analyst On May 1, 2017, at 12:19 AM, Brian Meade <[email protected]<mailto:[email protected]>> wrote: Did you have trust list issues on all phones or just pre-SBD model phones like 7960s/40s that have CTLs only? On Sun, Apr 30, 2017 at 2:17 PM, Ben Amick <[email protected]<mailto:[email protected]>> wrote: So it seems like it wasn’t the ITL file at fault, but rather the CTL file not being updated Ben Amick Telecom Analyst From: James Buchanan [mailto:[email protected]<mailto:[email protected]>] Sent: Sunday, April 30, 2017 2:06 PM To: Ben Amick <[email protected]<mailto:[email protected]>> Cc: Ryan Huff <[email protected]<mailto:[email protected]>>; Gary Bates_Command Solutions <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]> Subject: Re: [cisco-voip] Migrating IP space Hello, This is expected behavior if I read this correctly: http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/install/9_0_1/ipchange/CUCM_BK_C936116C_00_changing-ipaddress-hostname-cucm-90.html#wp69916%0A. Thanks, James On Sun, Apr 30, 2017 at 6:54 PM, Ben Amick <[email protected]<mailto:[email protected]>> wrote: V9.1.2, yeah, just IP change, along with DNS and NTP change as well because we were migrating entire IP scopes, but no hostname or cluster changes, no. Ben Amick Telecom Analyst From: Ryan Huff [mailto:[email protected]<mailto:[email protected]>] Sent: Sunday, April 30, 2017 7:04 AM To: Gary Bates_Command Solutions <[email protected]<mailto:[email protected]>> Cc: Ben Amick <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]> Subject: Re: [cisco-voip] Migrating IP space Ben, The "Prepare Cluster for Rollback to Pre 8.0" parameter in part, is used to empty out the ITL and CTL files on each phone (the process to do that involves more than just setting that parameter though). As I recall, you enable the parameter, bounce TVS on each server to clear out all entries in the ITL/CTL files of each phone in TFTP, then bounce TFTP on all nodes to refresh the cache list; lastly, reboot all phones to trigger an ITL/CTL download from TFTP. You would check a the phones and ITL/CTL should be empty. This allows the phone to "blindly" trust new ITL/CTL connections without verification. This is what you typically did when moving SBD phones between clusters when the certs were different. Now why an IP change ONLY caused that, I'm not sure specifically without seeming the files per-change compared to post-change. Other than to say given the way ITL/CTL works; it suggests something changed with how the ITL/CTL files on TFTP were signed and when the phones downloaded them after the change, they couldn't verify ("trust") them with what they already had. All you changed was the IP address of CUCM correct, nothing else? What version of CUCM? Thanks, Ryan On Apr 30, 2017, at 6:20 AM, Gary Bates_Command Solutions <[email protected]<mailto:[email protected]>> wrote: Very odd bug fix I not encountered this before, I thout the idea of named hostnames for the server wod alleviate the need for any IP address dependency Did it resolve the phone connection bug ? Gary Sent from my iPhone On 30 Apr 2017, at 3:19 pm, Ben Amick <[email protected]<mailto:[email protected]>> wrote: So I was performing an IP migration of systems tonight, and ran into an issue where the ITL files on every system refused to connect to the new IPs, despite the fact that the ITLs were based on the hostname of the systems. I was instructed by TAC afterwards while trying to fix it that the proper method, regardless of version change or not, if changing any attributes of the CM, is to enable the enterprise parameter of something along the lines of “Prepare for rollback for pre 8.0 migration” Anyone else familiar with this procedure? I find that to be a strange name for something that needs to be turned on for so many different pieces of work. Ben Amick Telecom Analyst Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/5fHCN0g40USyMqemnTXFK8CXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCS235DXCzB_HYCUU-PtDHTbFIFIsM--Ozt_G8EHnjlLtPBgY-F6lK1FJ4SCrLO8VZZdZV5dMTsSjDdqymoIToHMd9_7wrwCHIcfBisEeROQGmGncRAIrymS1dJRQ5lrCvmFnBPq9EVuvsdwLQzh0qmXiFqFsPmiNFtd40T8z7pOwhd40q5zh1hrrurpvdLEsL112s1OIs> _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/k-Kr6wUg6h0SyMqemnTXFK8CXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCS235DXCzB_HYCUU-PtDHTbFIFIsM--Ozt_G8EHnjlLtPBgY-F6lK1FJcSCrLO8VZZdZV5dMTsSjDdqymoIToHMd9_7wrwCHIcfBisEeROQGmGncRAIrymS1dJRQ5lrCvmFnBPq9EVuvsdwLQzh0qmXiFqFsPmiNFtd40T8z7pOwhd40q5zh1hrrurpvdXHbE> Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/5fHCNESyMqemnNPXX31KVJ55BZBcsehd79J55BZBcsY-Orhhpvuv7ffK6Qkn3hOqerTKzsSgRmlyEa9JGX3oSVsSjrlS6NJOVIse79Knd7b_nVddNdBAQsZuVtdBVDCnxP1EVuvWyaqRQRrTjVkffGhBrwqrhdI6XYOe73xMUse7f6XCOsVHkiP5CX5u1FfUY3s4RtxxYGjB1SKmBiRiVCIBzozGLQUwToDIdwC2y8DOVJd6XXxI5-Aq83iTqlblbCqOmdbFEw6V4oXek29Ew3gIq8abrrPrbVL6LO0BEEEY8X> Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/k-Kr6hEi4x8SyMqemn4kSnD3tPqabbXaoUsyqejqabbXaoVVZASyyO-Y-euvsdEEK6zAQsTLt6VIxGIH5gkjrlS6NJOVICSHIdzrBPqrwUwVsQsLZvATS6n7HLtuVtd5UQsYMMMeo76zBPG8FHnjlKYPOEuvkzaT0QSyrvdTVeXz0UsepjudTdAVPmEBCbdSaY3ivNU6U9GX33VkDa3JsJaBGBPdpb6O2LWxVEVK2y8DOVJcttVcS2_id41FrJaBGBPdpb6BQQg3syctDa14Qg1Emd455JJVJBYSVeH> Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Thank you _______________________________________________ cisco-voip mailing list [email protected]<mailto:[email protected]> https://puck.nether.net/mailman/listinfo/cisco-voip
_______________________________________________ cisco-voip mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-voip
