Updating DNS server IP addresses on Cisco voice servers

09 Sep

This post focuses on something that went right when making voice changes – shocking, I know!  Yes, I did open two different TAC cases before making the changes, and yes, I did have to talk to TAC once during the actual change process, but in my book, that’s a total win.

My mission, which the sys admin gave me no choice but to accept, was to change the DNS ip addresses each voice server was pointing to.  Now in sys admin world, this is hardly a big thing, but in voice world, no change is so small and insignificant that cannot be made intricately cumbersome to complete.

If you live in the CUCM 8.x universe, you are probably familiar now with the concept of a license mac. Changing any of the components that went into generating the precious license mac for the server invalidates all the pretty, pretty licenses you spent hours (likely even days) of your life trying to get in the first place. Changing primary DNS *is* one of those components in 8.x, so accepting your fate of needing to rehost licenses for ALL THE THINGS is step one in 8.x universe. Step two likely involves some heavy drinking.

But I currently live in 9.1.2 world – so some of this misery is offset.  The CUCM and Unity Connection (UNCX) teams at some point decided this whole invalidating-the-licenses-for-minor-changes deal was a suckfest, at least I’m assuming that was their thought process, so with version 9.x, changing primary DNS server ip address for CUCM and UNCX servers doesn’t upset the license mac gods. Cisco IM&P now leverages CUCM licensing in 9.x, so no rehosting required for those servers, either.

UCCX, though. Of course UCCX still cares. Because UCCX.

So enough background and onto the process – which is pretty straightforward considering it’s voice stuffs. Standard disclaimer, I put this list together from various calls with TAC asking for documentation and clarification on the process for each application and what to expect. Your mileage may vary, don’t take my word for it, always have a good backup, and certainly don’t blow your voice servers up. Check the docs, check with TAC. Note that for each application, the changes are made on the publisher/primary server first, then any subscribers or secondary servers.

For CUCM and UNCX servers:

-In the GUI of the License server, remove the CUCM or UNCX server instance from the License server.  Yes, I know the trepidation of deleting anything from a voice server – especially involving licensing, but it is strongly recommended to do so. If you forget or don’t do this, PROBABLY nothing will happen, according to my conversations with TAC.  But no way I’m taking that chance, you decide for yourself…

-At the CLI of the server, issue the following commands:

set network dns primary X.X.X.X
set network dns secondary X.X.X.X
show network eth0 – confirm the changes

-Add the instance back to the license server and synchronize. When adding the server back, remember it’s the OS username and password that you want to be using.

-Additional step for CUCM highly recommended by TAC: restart the Cisco Tomcat service at the CLI with the command utils service restart Cisco Tomcat

-This is also the process for stand alone license servers, but of course you don’t have to remove any instances from the license server or perform the Tomcat restart.

For IM&P servers:

-At the CLI of the server, issue the following commands:

set network dns primary X.X.X.X note you will still get an error message that rehosting is required, but I confirmed later with TAC that this is just a holdover error message from the 8.x days.
set network dns secondary X.X.X.X
show network eth0 – confirm the changes

For UCCX servers (note I have an HA environment):

-Take note of the current server license MAC, put it in a safe place.  I copied the contents of the license files to my desktop and took a screenshot of the current license configuration page. Because it’s voice and the paranoia with licensing runs deep.

-Sacrifice a chicken or two, and then at the CLI of the server, issue the following commands on each server:

set network dns primary X.X.X.X
set network dns secondary X.X.X.X
show network eth0 (confirm the changes)

-Reboot the primary, wait for what feels like an eternity for the primary to come back up and get it’s services started, then reboot the secondary.

-Take note of the new license mac and request a rehost, provide licensing with the new and the old license macs.

-Load the new license file and start happy dance.  Unless you hit an issue like I did and the new license won’t load. Then try another reboot of the pair, attempt license load once more with fingers more tightly crossed than before, and then proceed to happy dance.

Last, but not least, my good twitter friend and awesome voice guru Ryan Huff pointed out to me this Answer File Generator tool which can be used to predict your new license mac so you can request a rehost in advance. I decided that the 30 day grace period for UCCX would be enough for this project, but it’s fantastic to know that such a thing exists. Especially if you are going to be invalidating a lot of licenses, have a very small change window, and want to go ahead and get off grace period licensing as quickly as possible*.


*my rehosted license file for UCCX was generated in under 15 mins. Impressive. Still a PITA, but at least a quick PITA…

Published 09/09/2015










Tags: , , , , , , , , , ,

17 responses to “Updating DNS server IP addresses on Cisco voice servers

  1. Troy

    2015/09/10 at 06:02

    Great Post! I am going to try out the Answer File Generator because of a future change I will be making that will cause the lic MAC to change.

    • amyengineer

      2015/10/30 at 12:51

      Thanks for the feedback! Did you end up using the Answer File Generator? How’d it go?

  2. Rolando Valenzuela

    2015/09/10 at 11:17

    Sharing your post with a related thread on Cisco Support Forum

  3. Troy (@Tdaddysmooth)

    2015/10/09 at 07:31

    Why did you have to change the DNS?

    • amyengineer

      2015/10/30 at 12:48

      Because I lost a bet with the systems engineer. 😉
      Nah, only kidding, because the server team needed to retire some aging DNS servers and the original ones were installed in data VLANs – so correcting past wrongs, but causing me some pain. 🙂

  4. Manpreet Singh

    2015/11/28 at 05:32

    What is the purpose of this change in DNS or IP?

    • amyengineer

      2016/01/15 at 13:24

      The systems engineering team had a reason – I believe they needed to retire the old DNS servers.

  5. carolyn

    2016/01/02 at 10:10

    Once again, a great post!

  6. Matt Nicholls (@mmnicholls)

    2016/01/13 at 11:37

    amy, do you know if they completely did away with the re-licensing in 9.x and 10.x? our server team is asking me to make dns, dhcp and dc changes affecting my cucm, cuc, uccx, im&p, wlc and switches. so much fun to double check each device. =\

    • amyengineer

      2016/01/15 at 13:22

      It’s definitely not all gone – not every little thing changes the license mac, but something’s still do. CUCM and Unity Connection are a bit better due to ELM – you can remove from ELM, make the changes, then add server back, but UCCX will require a rehost for sure. I opened a TAC case for each one to find out for sure when I did DNS changes.

      The UCCX engineer provided me this list of items that change the license mac in UCCX 9.x:
      Here are the License MAC Parameters:
      Time zone
      NTP Server 1 (or ‘none’)
      NIC speed (or ‘auto’)
      IP Address
      IP Mask
      Gateway Address
      Primary DNS
      SMTP Server (or ‘none’)
      Certificate Information (Organization, Unit, Location, State, Country)

  7. SRS

    2016/04/28 at 16:38

    Hi Amy , just curious , which part of UCCX Server that require DNS Resolution, I think we put all the connection with the IP Address not Hostname. What is the step after we created the CUAFG? do we require to have a license maintenance in order to rehost the license ?

  8. David Harrell

    2016/04/29 at 19:59

    Just had to rehost the license files on my UCCX server and this little guide was the most helpful source of information that I could find. Thank you very much. Cisco is very irritating with having to go through this process just because a DNS entry needs to be changed.

    FYI, we found that if the primary DNS server goes missing that at least for a while, there are major issues with the agents. So we had to bring the old box back up just to restore order.

    I do have a question about the license files. I just added the new hosted license files without deleting the old ones. Do you think that is ok or should I find another service window and delete the old licenses. The OCD in me wants to delete them, but the old Network Engineer in me screams “its working! Leave it the hell alone!”

    • amyengineer

      2016/04/29 at 20:11

      Glad to help!! I would just leave the old licenses – they are tied to an inactive license MAC and I’ve not seen that cause issues. That’s just my two cents! I’m with you – it’s working, try not to touch it! 🙂

  9. David Harrell

    2016/05/02 at 07:16

    Made it past the first real test of re-licensing. The call center folks came into the office and UCCX was working as expected. Always good to make a change on Friday night and not get a call at way too early on Monday because of something missed.

    One more note on UCCX licensing. In an HA environment (at least in version 10.6.1), you only have to rehost the license for the pub/primary server. It pushes the license to the sub/secondary server. The license people at Cisco don’t know the products, so we had a bit of confusion until I did the “show uccx license” and “utils uccx list license” commands.

  10. Aaron Banks

    2016/08/15 at 12:36

    I used this procedure on 10.5.2 – THANK YOU AMY!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: