- Have added the Sub to pub system > server > add new
- Both have same rev 8.0.3-10000-8
- Can ping the sub from the pub
- Security passwords are the same I've rebuilt both systems
I've tried and tried but can't this second server to join the cluster.
Utils network (hostname of sub) won't resolve on the Publisher. I didn't enable DNS on either server could this be causing the problem?
do a "set network dns primary
personnally i prefer not to use DNS as if is another dependency
I created a DNS entry for each which are pingable. But the sub says that it can't resolve the IP into a host name (DNS reverse lookup failed) I set up DNS on the sub via the install procedure. When I went to set it on the pub via the CLI it complained of invalidating the license and having to re-host it.
Ok...that's what I thought
With VMware the license is created in a new/different manner that's why you are
seeing this warning;
Cisco Unified Communications Manager on VMware on Cisco UCS B-Series Blade Servers uses a different licensing model than Cisco Unified Communications Manager on an MCS server. The MAC address of the NIC card is no longer used to associate the license to the server.
Instead, the license gets associated to a license MAC, which is a 12 digit HEX value created by hashing the following parameters that you configure on the server:
•NTP server 1 (or "none")
•NIC speed (or "auto")
•IP Address (or "dhcp")
•IP Mask (or "dhcp")
•Gateway Address (or "dhcp")
•Primary DNS (or "dhcp")
•SMTP server (or "none")
•Certificate Information (Organization, Unit, Location, State, Country)
This hash of these fields is called the LICENSE MAC
Note : Once there is a change in any of the parameters that creates the License MAC, it will
give you 30 day grace period to generate a new license file for the CM based on new license
Thanks for the direction again. Wow what a pain!
I go to the answer file generator fill in all the prompts (some pull downs are empty like product and version) hit generate answer file and get nothing. Tried to do it logged in to TAC account and also not logged in. Tried via my company's internet/proxy and tried via my own ISP w/o proxy... All with the same result it just sits there and doesn't do anything.
I must be missing something or doing something wrong. Will continue to research and try to get it to work.
Ok went and got a new eval license 8. License tool asked me if it was VMWare I said yes. Loaded it and restarted all services. Went back to sub install same result. It cant verify connectivity. It's pinging, Ive reset the security pw no DNS. ??? What am I missing?
syslog/CiscoLog is full of the following messages:
ClusterMgr message integrity check error. ClusterMgr has received a message which has failed a
message integrity check. This can be an indication that another node in the cluster is configured with the
wrong security password.
I've reset the security password but still get the same result. Also notice that the messaging service isn't starting. Get an alarm stating Cisco messaging interface has failed to start.
Also 'show tech network host' only shows the pub in /etc/hosts. If I look at the CCMAdmin it's listed in servers. Is there a way to edit /etc/hosts?
Is the security password referenced by 'set password user security' and the 'pwrecovery' user the same?
I use the pwrecovery / pwreset to set it to 'xxxxxxxx' . If I then try to use 'set password user security' it balks and says the old pw doesn't match.
Looked at syslog/securitylog.txt on the publisher it had this message in it:
I searched the forum, cisco.com and the entire internet for 'CLIM_DENY','exceded the specified rate limit of 100 connections' but found nothing.
I'm still at it... Haven't given up yet! I've tried all sorts of things but still end up with the same error.
I tried changing the link aggregation method for the etherchannel from PAGP (Cisco propiertary 802.2ad) to LAGP (IEEE 802.3ad) (yeah I'm desparate).
Putting the pub and sub in the same vlan on the same vswitch didn't make a difference either.
I did a capture on the portchannel but I'm thinking it's actually not showing the traffic that is taking place on the virtual switch itself between the VM's. Reason why is; It definitely shows that the sub and pub are talking but the sequences are way out of whack resulting in TCP retransmissions and Duplicate acknowledgements. I'm guessing that some of the packets are going directly between the vm's and some aren't? If that's so what's causing it? Yet pings don't lose a packet to or from either host.
I'm not giving up yet... Learning a lot along the way... It's fun!
I haven't given up on this yet. No I haven't got it to work. I've also posted in the VMWare community forum as well and have talked to TAC about it. Yeah go figure at least they did talk to me. I was beginning to think I was practicing black magic or something ha just joking mates don't take it too seriously. Still no idea why this is failing. This isn't production and I'm spending way too much time on it but I'm stubborn as they come. Learning a whole lot along the way.