Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1990
Views
5
Helpful
8
Replies

Jabber with DNS SRV on multi sites

Slavik Bialik
Level 7
Level 7

‎05-09-2016 03:28 AM - edited ‎03-17-2019 06:05 PM

Hi,

I'm having an issue with the DNS SRV resolving. 

I have a CUCM & CUPS cluster in country A.

And currently working on another CUCM & CUPS cluster in country B.

The common thing for those countries is the domain, for example: domain.com.

Another thing that is important to note, is that the domain controllers in each country are replicated and have exactly the same records.

At first, when I had only one cluster in country A, we had set the usual DNS SRVs:

_cisco-uds._tcp.domain.com

_cuplogin._tcp.domain.com

And of course it worked.

But now I have a much more complicated issue, now I want that if someone is trying to access Jabber from country B, it'll point him to the CUCM cluster of site B, and not site A.

But because all of the DCs are replicated, and they all have the same _cisco-uds._tcp.domain.com SRV record, it points all the countries to the CUCM cluster of site A.

What is the best practice for this topology? How can I achieve it?

Another thing I must note, as it's very important I think, is that we have Expressway in each country, so the users must enter 'username@domain.com' when they log in, so If the solution you provide is to use internal different DNS domain names for each country, so each time they'll loose WiFi access in the HQ, and will connect to the internet at home for example, the Internet won't recognize those "internal DNS domain names". Unless you have a solution for this one, too.

Hope you understand what I mean.

Thanks in advance!

Best regards,

Slavik.

Labels:
0 Helpful
8 Replies 8

Jaime Valencia
Cisco Employee
Cisco Employee

‎05-09-2016 08:01 AM

Use ILS, see here

https://www.youtube.com/watch?v=PdH50_zp4wc&list=PLFuOESqSTxEvZChqWgAJanctohRMe99CR&index=2

And even if the answer was a different internal domain, you can still make that work

http://www.cisco.com/c/en/us/support/docs/unified-communications/expressway-series/117811-configure-vcs-00.html

HTH

java

if this helps, please rate
0 Helpful

Slavik Bialik
Level 7
Level 7
In response to Jaime Valencia

‎06-05-2016 12:27 AM

Hi Jaime,

I worked it out eventually. I used the same domain, and used ILS in order to make the user authentication work. And actually it works great. After all, the ILS request is a small one, and I don't really mind if a user will authenticate himself via Europe cluster even if he's in United States.

So anyway, thanks! And unfortunately I didn't get any updates via mail that you responded, otherwise I could save a little bit time on making this topology work.

Thanks.

0 Helpful

Richard Simmons
Level 3
Level 3
In response to Slavik Bialik

‎08-14-2017 08:21 AM

Hi Slavik,

Does this work with MRA and external DNS entries?

Thanks,

Richard

0 Helpful

Slavik Bialik
Level 7
Level 7
In response to Richard Simmons

‎08-14-2017 09:52 AM

What do you mean? Do you want to publish your DNS entries on the public DNS, not on the internal? Because you're not allowed to do it with MRA, as in the public internet it is not allowed to publish the '_cisco-uds' and '_cuplogin' SRV records, if that is what you mean.

Anyway, in the my topology it is working great with MRA. I have 3 clusters across the world, with DNS GEO-location that resolves the closest '_collab-edge' SRV record that points you to the closest Expressway-E server. From there, it is connected to the internal DNS, and in the internal DNS of the company I configured one of the CUCM clusters first regarding the internal SRV records (cisco-uds and cuplogin), and of course the rest clusters with lower priority. That way every user, no matter where he is, he'll communicate with the most prioritized CUCM cluster and via ILS that is running between the 3 CUCM clusters, it is pointing the user to authenticate and register to its home cluster CUCM.

And it is working PERFECTLY for a year or so ;)

0 Helpful

Richard Simmons
Level 3
Level 3
In response to Slavik Bialik

‎08-15-2017 12:36 AM

Hi Slavik,

It sounds like you've got working exactly the scenario that i'm looking into, 3 CUCM clusters each with there own Expressway MRA pair. 

Thanks for confirming it works with MRA and a single domain across all clusters.

Richard

0 Helpful

Slavik Bialik
Level 7
Level 7
In response to Richard Simmons

‎08-15-2017 12:41 AM

Hi Richard, I'm glad it helped.

Anyway, do not forget to set the ILS between the clusters, otherwise it won't work well.

0 Helpful

jdungca1230
Level 1
Level 1
In response to Slavik Bialik

‎03-22-2018 12:21 AM

Slavik,
What Geo-DNS service did you used?
0 Helpful

Slavik Bialik
Level 7
Level 7
In response to jdungca1230

‎03-22-2018 01:17 PM

Hi, we used:

https://dyn.com/dns/

It is working great and very easy to set up.

Customers Also Viewed These Support Documents