We changed the DNS servers, not the domain name, so I don’t think that’s the
issue. I think it’s just a fault of the TFTP+CTL enforcement as you mention, as
we are using our cluster pub+subs for the TFTP instead of a dedicated separate
unit. I reboot these boxes plenty as it is, since they’re old aging MCS chassis
(hopefully this is the last year I have to put up with these)
Ben Amick
Telecom Analyst
From: Ryan Ratliff (rratliff) [mailto:rratl...@cisco.com]
Sent: Monday, May 01, 2017 2:31 PM
To: Ben Amick <bam...@humanarc.com>
Cc: cisco-voip voyp list <cisco-voip@puck.nether.net>
Subject: Re: [cisco-voip] Migrating IP space
ITL being regenerated is ok as long as the cert that signed it (CallManager.pem
of the TFTP server) doesn’t change. Changing DNS domain names will absolutely
regenerate all your certs.
Specific to this the CTL does have the IP address in it, and older phones
actually used to enforce that the TFTP server was in the CTL file (killer in
the lab when changing alt tftp a lot).
It could also have been a change you made a long time ago, just never got
“implemented” until the reboot and the new cert or whatever started getting
used.
-Ryan
On May 1, 2017, at 9:55 AM, Brian Meade
<bmead...@vt.edu<mailto:bmead...@vt.edu>> wrote:
Sounds like it was only phones that just have a CTL that were affected. Models
with CTL and ITL or ITL only should not have been affected.
On Mon, May 1, 2017 at 12:31 AM, Ben Amick
<bam...@humanarc.com<mailto:bam...@humanarc.com>> wrote:
Our 6900s and 8831s and 7900 comfy phones were ok, but seemingly all our 7900
desk phones as well as all the CIPCs were affected
Ben Amick
Telecom Analyst
On May 1, 2017, at 12:19 AM, Brian Meade
<bmead...@vt.edu<mailto:bmead...@vt.edu>> wrote:
Did you have trust list issues on all phones or just pre-SBD model phones like
7960s/40s that have CTLs only?
On Sun, Apr 30, 2017 at 2:17 PM, Ben Amick
<bam...@humanarc.com<mailto:bam...@humanarc.com>> wrote:
So it seems like it wasn’t the ITL file at fault, but rather the CTL file not
being updated
Ben Amick
Telecom Analyst
From: James Buchanan
[mailto:james.buchan...@gmail.com<mailto:james.buchan...@gmail.com>]
Sent: Sunday, April 30, 2017 2:06 PM
To: Ben Amick <bam...@humanarc.com<mailto:bam...@humanarc.com>>
Cc: Ryan Huff <ryanh...@outlook.com<mailto:ryanh...@outlook.com>>; Gary
Bates_Command Solutions
<gba...@commandsolutions.com.au<mailto:gba...@commandsolutions.com.au>>;
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
Subject: Re: [cisco-voip] Migrating IP space
Hello,
This is expected behavior if I read this correctly:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/install/9_0_1/ipchange/CUCM_BK_C936116C_00_changing-ipaddress-hostname-cucm-90.html#wp69916%0A.
Thanks,
James
On Sun, Apr 30, 2017 at 6:54 PM, Ben Amick
<bam...@humanarc.com<mailto:bam...@humanarc.com>> wrote:
V9.1.2, yeah, just IP change, along with DNS and NTP change as well because we
were migrating entire IP scopes, but no hostname or cluster changes, no.
Ben Amick
Telecom Analyst
From: Ryan Huff [mailto:ryanh...@outlook.com<mailto:ryanh...@outlook.com>]
Sent: Sunday, April 30, 2017 7:04 AM
To: Gary Bates_Command Solutions
<gba...@commandsolutions.com.au<mailto:gba...@commandsolutions.com.au>>
Cc: Ben Amick <bam...@humanarc.com<mailto:bam...@humanarc.com>>;
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
Subject: Re: [cisco-voip] Migrating IP space
Ben,
The "Prepare Cluster for Rollback to Pre 8.0" parameter in part, is used to
empty out the ITL and CTL files on each phone (the process to do that involves
more than just setting that parameter though).
As I recall, you enable the parameter, bounce TVS on each server to clear out
all entries in the ITL/CTL files of each phone in TFTP, then bounce TFTP on all
nodes to refresh the cache list; lastly, reboot all phones to trigger an
ITL/CTL download from TFTP. You would check a the phones and ITL/CTL should be
empty.
This allows the phone to "blindly" trust new ITL/CTL connections without
verification. This is what you typically did when moving SBD phones between
clusters when the certs were different.
Now why an IP change ONLY caused that, I'm not sure specifically without
seeming the files per-change compared to post-change. Other than to say given
the way ITL/CTL works; it suggests something changed with how the ITL/CTL files
on TFTP were signed and when the phones downloaded them after the change, they
couldn't verify ("trust") them with what they already had.
All you changed was the IP address of CUCM correct, nothing else? What version
of CUCM?
Thanks,
Ryan
On Apr 30, 2017, at 6:20 AM, Gary Bates_Command Solutions
<gba...@commandsolutions.com.au<mailto:gba...@commandsolutions.com.au>> wrote:
Very odd bug fix
I not encountered this before,
I thout the idea of named hostnames for the server wod alleviate the need for
any IP address dependency
Did it resolve the phone connection bug ?
Gary
Sent from my iPhone
On 30 Apr 2017, at 3:19 pm, Ben Amick
<bam...@humanarc.com<mailto:bam...@humanarc.com>> wrote:
So I was performing an IP migration of systems tonight, and ran into an issue
where the ITL files on every system refused to connect to the new IPs, despite
the fact that the ITLs were based on the hostname of the systems. I was
instructed by TAC afterwards while trying to fix it that the proper method,
regardless of version change or not, if changing any attributes of the CM, is
to enable the enterprise parameter of something along the lines of “Prepare for
rollback for pre 8.0 migration”
Anyone else familiar with this procedure? I find that to be a strange name for
something that needs to be turned on for so many different pieces of work.
Ben Amick
Telecom Analyst
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient or the employee or
agent responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this communication
in error, please contact the sender immediately and destroy the material in its
entirety, whether electronic or hard copy. Thank you
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/5fHCN0g40USyMqemnTXFK8CXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCS235DXCzB_HYCUU-PtDHTbFIFIsM--Ozt_G8EHnjlLtPBgY-F6lK1FJ4SCrLO8VZZdZV5dMTsSjDdqymoIToHMd9_7wrwCHIcfBisEeROQGmGncRAIrymS1dJRQ5lrCvmFnBPq9EVuvsdwLQzh0qmXiFqFsPmiNFtd40T8z7pOwhd40q5zh1hrrurpvdLEsL112s1OIs>
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/k-Kr6wUg6h0SyMqemnTXFK8CXCQkmnSkNMV4QsCQkmnSkNPPX9J55BZVYsY-Urhhsd79EVLuWdPp3lpmawECSHIdzrBPpdJnor6TbCS235DXCzB_HYCUU-PtDHTbFIFIsM--Ozt_G8EHnjlLtPBgY-F6lK1FJcSCrLO8VZZdZV5dMTsSjDdqymoIToHMd9_7wrwCHIcfBisEeROQGmGncRAIrymS1dJRQ5lrCvmFnBPq9EVuvsdwLQzh0qmXiFqFsPmiNFtd40T8z7pOwhd40q5zh1hrrurpvdXHbE>
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient or the employee or
agent responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this communication
in error, please contact the sender immediately and destroy the material in its
entirety, whether electronic or hard copy. Thank you
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/5fHCNESyMqemnNPXX31KVJ55BZBcsehd79J55BZBcsY-Orhhpvuv7ffK6Qkn3hOqerTKzsSgRmlyEa9JGX3oSVsSjrlS6NJOVIse79Knd7b_nVddNdBAQsZuVtdBVDCnxP1EVuvWyaqRQRrTjVkffGhBrwqrhdI6XYOe73xMUse7f6XCOsVHkiP5CX5u1FfUY3s4RtxxYGjB1SKmBiRiVCIBzozGLQUwToDIdwC2y8DOVJd6XXxI5-Aq83iTqlblbCqOmdbFEw6V4oXek29Ew3gIq8abrrPrbVL6LO0BEEEY8X>
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient or the employee or
agent responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this communication
in error, please contact the sender immediately and destroy the material in its
entirety, whether electronic or hard copy. Thank you
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<http://cp.mcafee.com/d/k-Kr6hEi4x8SyMqemn4kSnD3tPqabbXaoUsyqejqabbXaoVVZASyyO-Y-euvsdEEK6zAQsTLt6VIxGIH5gkjrlS6NJOVICSHIdzrBPqrwUwVsQsLZvATS6n7HLtuVtd5UQsYMMMeo76zBPG8FHnjlKYPOEuvkzaT0QSyrvdTVeXz0UsepjudTdAVPmEBCbdSaY3ivNU6U9GX33VkDa3JsJaBGBPdpb6O2LWxVEVK2y8DOVJcttVcS2_id41FrJaBGBPdpb6BQQg3syctDa14Qg1Emd455JJVJBYSVeH>
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient or the employee or
agent responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this communication
in error, please contact the sender immediately and destroy the material in its
entirety, whether electronic or hard copy. Thank you
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net<mailto:cisco-voip@puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law. If
the reader of this message is not the intended recipient or the employee or
agent responsible for delivering the message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this communication
in error, please contact the sender immediately and destroy the material in its
entirety, whether electronic or hard copy. Thank you
_______________________________________________
cisco-voip mailing list
cisco-voip@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-voip