The question I pose in response to that line of thinking is: Why is a client
pulling TFTP from the server while you're deactivating the services, and why do
you not have redundant TFTP?
The scenario I mentioned regarding the phone needing a restart would only be
necessary if the phone was in a factory reset, which would mean an engineer
would be hands-on with the phone and/or the user at that point in time, in
which case why would you also be deactivating TFTP at that point in time, and
even if you do, you already have a contact to resolve the issue with.
In the case of phone configuration files delivered via TFTP - if those fail to
download, the phone falls back to the last stored configuration, if memory
serves. In the case of a phone delivering a new update while operational, it
waits until it finishes downloading (alleviating need for TFTP) before
executing an upgrade, meaning it should once again be irrelevant to the TFTP
deactivation.
I mean, there's plenty of "what ifs" but TFTP downloads only ever happen during
changes - new firmware installation, or new configuration to the phone. Even if
you don't have clearly defined maintenance windows, I believe you shouldn't be
making a change as serious as migrating from IP to FQDN at the same time as you
would be deploying a new firmware image to all your 7900 handsets, for example.
Ben Amick
Telecom Analyst
From: Ryan Huff [mailto:ryanh...@outlook.com]
Sent: Thursday, December 01, 2016 5:41 PM
To: James Buchanan <james.buchan...@gmail.com>
Cc: Ben Amick <bam...@humanarc.com>; Cisco VoIP Group
<cisco-voip@puck.nether.net>
Subject: Re: [cisco-voip] Are there any gotchas to watch out for switching to
FQDN server names from IP address server names?
Anthony and James have highlighted one of the greater weaknesses of thinking
like an engineer.
As an engineer, we look at TFTP service interruption and see all the potential
outcomes and things that could happen. We think about a firmware download being
interrupted on an endpoint and realize that it's simply a phone reset to fix.
That's great, if your end-users think like engineers and know what you know.
Although a nuclear power plant sitting in Japan or China is an extreme example
in my opinion, it is right on point. There are many, many situations beyond a
nuclear power plant where something as minor as a phone firmware download being
interrupted would be completely unacceptable to the customer.
In an SMB scenario with clearly defined maintenance windows, I can see this not
being such a big deal potentially. However if you're dealing with a customer
that counts endpoints in the tens of thousands (or even thousands), it stands
to reason that more than a few endpoints might be impacted by something as,
"trivial" as a TFTP service reset.
It may be trivial in the permanency of the impact it could have on an endpoint,
but it is not trivial a enough to assume that it would not have any impact to
end-user performance, expectations or usability.
-Ryan
On Dec 1, 2016, at 5:26 PM, James Buchanan
<james.buchan...@gmail.com<mailto:james.buchan...@gmail.com>> wrote:
If the endpoint is 8000 miles away from you and located in a nuclear power
plant, that TFTP interruption wasn't so trivial.
On Thu, Dec 1, 2016 at 5:10 PM, Ben Amick
<bam...@humanarc.com<mailto:bam...@humanarc.com>> wrote:
An endpoint in the middle of an upgrade has already entirely downloaded the
firmware into memory, and would not be affected. If it is mid-download then it
would have no affect other than breaking the operation and perhaps requiring a
manual restart if it is coming off a factory reset
Ben Amick
Telecom Analyst
From: cisco-voip
[mailto:cisco-voip-boun...@puck.nether.net<mailto:cisco-voip-boun...@puck.nether.net>]
On Behalf Of Anthony Holloway
Sent: Thursday, December 01, 2016 5:08 PM
To: Nick Barnett <nicksbarn...@gmail.com<mailto:nicksbarn...@gmail.com>>
Cc: Cisco VoIP Group
<cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>>
Subject: Re: [cisco-voip] Are there any gotchas to watch out for switching to
FQDN server names from IP address server names?
Is TFTP really that trivial? What would happen to an endpoint, which is in the
middle of a firmware upgrade, when you deactivate TFTP?
On Thu, Dec 1, 2016 at 2:51 PM, Nick Barnett
<nicksbarn...@gmail.com<mailto:nicksbarn...@gmail.com>> wrote:
I figured that a reboot would work, but TAC told me it wouldn't... and rather
than experimenting, I just did what they said to do :) Besides, deactivating
TFTP is trivial and in a properly laid out deployment should have 0 impact.
On Wed, Nov 30, 2016 at 8:28 AM, NateCCIE
<natec...@gmail.com<mailto:natec...@gmail.com>> wrote:
A reboot does work. What the deal is the new https version of tftp (port 6972)
does not restart with the service restart. So it continues to use the old
cert. But it does stop and start with a service deactivation and reactivation.
Before cucm 11 the tftp over http was only plain text (port 6970)
Sent from my iPhone
On Nov 30, 2016, at 1:12 AM, James Buchanan
<james.buchan...@gmail.com<mailto:james.buchan...@gmail.com>> wrote:
Hello,
If I remember right, it actually has to be deactivated under Service
Management. It's not just restarting the service.
Thanks,
James
On Tue, Nov 29, 2016 at 11:36 PM, Derek Andrew
<derek.and...@usask.ca<mailto:derek.and...@usask.ca>> wrote:
Would a simple reboot accomplish the same as deactivating and activating?
On Mon, Nov 28, 2016 at 2:19 PM, Nick Barnett
<nicksbarn...@gmail.com<mailto:nicksbarn...@gmail.com>> wrote:
I just thought I would share what happened with this, even though it is super
old. Changing the node names to FQDN was mostly painless. The one thing that
bit me was bug CSCuy13916. After changing the names of the nodes, the TFTP
service needs to be DEACTIVATED and then re-activated in order to fully update
the certificates. Before taking those steps, I kept getting certificate errors
from CuciLync, but afterwards, everything worked as designed.
Other than that, any CTI route points (and any other device as well) that exist
will fall to another node in the CMG. Not a big deal, just something to be
aware of.
Thanks,
Nick
On Wed, Aug 31, 2016 at 3:13 PM, Nick Barnett
<nicksbarn...@gmail.com<mailto:nicksbarn...@gmail.com>> wrote:
We are on 10.0 and this cluster has been upgraded over the years from 8.0 to
8.6 to 10.0. I know it used to be common practice to rip the host name out of
a new node and put in the IP address. That's how we are set up... but now that
I need to do some work with certs so that jabber and cucilync work properly,
it's time to fix this.
Is there anything I should watch out for? Anything that may bite me in rare
cases? We have CER, CVP, CUC, UCCE and a rarely used IMP.
I checked that each node has DNS enabled by looking at "show network eth0" on
each sub. I also then looked up each FQDN from each node and they all resolve
properly. As far as I know, that's about it.
Thanks in advance!
nick
--
Copyright 2016 Derek Andrew (excluding quotations)
+1 306 966 4808<tel:(306)%20966-4808>
Communication and Network Services
Information and Communications Technology
Infrastructure Services
University of Saskatchewan
Peterson 120; 54 Innovation Boulevard
Saskatoon,Saskatchewan,Canada. S7N 2V3
Timezone GMT-6
Typed but not read.
[http://homepage.usask.ca/dfa878/uofs.gif]
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/2DRPoQd6Qm7HKcThKOrKrhhpvpj73AjhOrhhpvpj7ffICQkmnTDNPPXxJ55MQsCzCZXETdAdlBoG2yrqKMSdKndASRtxIrsKr7fKCzCX3P_nUsOCqenSn-LsKCOYNObbXyr3bDbnhIyyHuWvaxVZicHs3jq9JwTvHEEzD61RTPhOrKr9PCJhbcmrIlU6A_zMdMjlS67OFek7qVqlblbCqOmdSBiRiVCIByV2Hsbvg5bdSaY3ivNU6CQhObb1I5-Aq83iTqlblbCqOmdbFEw48-q89A_zVEwS1oQg4qPIjSxEwDkQg6dDoCq8aJPd43JoCy2xykX4Vg8Cy2tjh0bwe70MQgk-9DUCy26G_gQgeNGGq80Qb6y3k48_ixEwFYjfNd44dl-x8SyyUrAd9z>
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/avndy0O921J5xWXzdQrICXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCNPXFEVKMY_R-7cFCzBZB_HTbFILcsyO-UCMOVORQr8EGTKDOEuvkzaT0QSCrodTWWa8VNwttYQsCXCOsVHkiP5CX5u1FfUY3s4RtxxYGjB1SKmBiRiVCIBztFkJkKpH9oKgGT2TQ1iPtyL0QDYu1FJ4syOMr1vF6y0QJSBiRiVCIBziWq812fCy2pfU-q8dwmd416IX4ZEq89Rd41zpS9Cy2HsPh0Xm9EwEoBeNek29EwDkQg2U3xMcd45fyp-9EwxGLQd43IqGCy0d2NEwR12fQEq8av4PYjh13lvEidEEK6XK0r>
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/avndy0Od2hJ5xWXzdQrICXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCNPXFEVKMY_R-7cFCzBZB_HTbFILcsyO-UCMOVORQr8EGTKDOEuvkzaT0QSOrodTWWa8VNwttYQsCXCOsVHkiP5CX5u1FfUY3s4RtxxYGjB1SKmBiRiVCIBztFkJkKpH9oKgGT2TQ1iPtyL0QDYu1FJ4syOMr1vF6y0QJSBiRiVCIBziWq812fCy2pfU-q8dwmd416IX4ZEq89Rd41zpS9Cy2HsPh0Xm9EwEoBeNek29EwDkQg2U3xMcd45fyp-9EwxGLQd43IqGCy0d2NEwR12fQEq8av4PYjh13lvEidEEK6POOZMMU65W2U>
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/avndz9J5xWXzdQrICXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCNPXFEVKMY_R-7cFCzBZB_HTbFILcsyO-UCMOVORQr8EGTKDOEuvkzaT0QSMrodTWWa8VNwttYQsCXCOsVHkiP5CX5u1FfUY3s4RtxxYGjB1SKmBiRiVCIBztFkJkKpH9oKgGT2TQ1iPtyL0QDYu1FJ4syOMr1vF6y0QJSBiRiVCIBziWq812fCy2pfU-q8dwmd416IX4ZEq89Rd41zpS9Cy2HsPh0Xm9EwEoBeNek29EwDkQg2U3xMcd45fyp-9EwxGLQd43IqGCy0d2NEwR12fQEq8av4PYjh13lvEidEEK6_xY9sPpEZtBt>
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient or the employee or
agent responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this communication
in error, please contact the sender immediately and destroy the material in its
entirety, whether electronic or hard copy. Thank you
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/2DRPos86Qm7HKcFT7fCXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCO5NSTouvW_cFFFLLTWZOWrbUXDbL8K6zBXG8FHnjlKUeVkffGhBrwqrhdK6XYCej79zANOoUTsSjDdqymoIToHMd9_7wrwCHIcfBisEeROQGmGncRAIrymS1dJRQ5lrCvmFnBPrbdTSjobZ8Qg6BKQGmGncRAIqnjh08hYQgj9_7Ph1I2NEw8RDoDJ3h1eFEwcreNcQglrCq87qNd4534FS9Owhd44WCy0n0se1xEwFYjfNd44dl-xEwtzlkQg1Emd46E8h-B3h1jUCvyq88qHZ2hJ55MSKdK>
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/2DRPoQ821J5xWXzatNPVKVJ55BZBcsehd79J55BZBcsY-Orhhpvuv7ffK6Qkn3hOqerTKzsSgRmlyEa9JGX3oSVsSjrlS6NJOVIxstJS7D-LPaqqrXZ-LsKCO-eVOXObxEVuWyaqRQRrK3Kl3PWApmU6CQPrxK_9zANOoVcsCedTdAVPmEBCbdSaY3ivNU6U9GX33VkDa3JsJaBGBPdpb6UBJwjrtt1lmVDRGlVsSOPtZAS2_id41FrJaBGBPdpb6BQQg24vd44OvNYQgr0Iq82dpS9XgQgjGq836PIjd45mVCy1SIjh1gNatysE4jh1eFEw5M73woq8av4PYjh13lvEq87oRld40q5zh1G24vFgQgk-9DUCy26G_gArhhsdBM-W12JY>
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient or the employee or
agent responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this communication
in error, please contact the sender immediately and destroy the material in its
entirety, whether electronic or hard copy. Thank you
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip
