Showing results for 
Search instead for 
Did you mean: 

CUCM warning: DNS unreachable

Hi all,

after upgrade CUCM from 8.6 to we found this warning message that DNS is unreachable on the publisher CUCM GUI.

When I tried to resolve some hostnames from both CUCM nodes through CLI it was normally worked so DNS is not unreachable.

Any ideas?





yeah... already try restart server twice times. Still doesn't work. :(

 I only use one DNS server. I already delete the secondary DNS server in case that cause issue. but still keep the same issue.


Hi All,


I have upgraded CUCM, Unity Connection and IMPS cluster servers from version 10.5 to 11.0 and I am getting the "DNS Unreachable" warning message on all the servers. I have configured two DNS entries on all the servers and both are reachable from CLI of all servers. All the DNS entries are on the DNS servers. In 10.5 version there was no such error message and nothing is changed on the DNS servers or on the network side. Is there BUG related to version 11.0?




Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.


please check event. log from RTMT or through CLI. There I found my DNS unreachable root cause issue.



Hi Vaijanath,


please attach the output for "Utils diagnose test" from the server you are seeing the alert.



Hi Jitender,


Thank you for your help. I performed the diagnostic test and it showed me Reverse DNS lookup mismatch issue. The issues is corrected after updating the records in DNS server.


admin:utils diagnose test

Log file: platform/log/diag2.log

Starting diagnostic test(s)
test - disk_space          : Passed (available: 1520 MB, used: 12508 MB)
skip - disk_files          : This module must be run directly and off hours
test - service_manager     : Passed
test - tomcat              : Passed
test - tomcat_deadlocks    : Passed
test - tomcat_keystore     : Passed
test - tomcat_connectors   : Passed
test - tomcat_threads      : Passed
test - tomcat_memory       : Passed
test - tomcat_sessions     : Passed
skip - tomcat_heapdump     : This module must be run directly and off hours
test - validate_network    : Reverse DNS lookup mismatch
test - raid                : Passed
test - system_info         : Passed (Collected system information in diagnostic log)
test - ntp_reachability    : Passed
test - ntp_clock_drift     : Passed
test - ntp_stratum         : Passed
skip - sdl_fragmentation   : This module must be run directly and off hours
skip - sdi_fragmentation   : This module must be run directly and off hours

Diagnostics Completed





Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

Hi Vaijanath,


Happy to help.



Hi ,

I had this problem too,but can be resolved by adding manual DNS host entry in your DNS server.

The problem I'm having with this thread is that Cisco is treating this as if its a misconfiguration of DNS causing the issue.  That is simply not true.  Its a perfectly valid and common occurrence to have a server referred to by different names with the same IP address.  Heck, the PLM and CUCM run on the same server, but have to have different DNS entries.  According to this new 'check', it invalidates your DNS to do this, even though its perfectly fine. Cisco is acting like this is suddenly an incorrect DNS configuration and that its not a bug in their 'rigorous test'.  Cisco needs to just admit its a bug, and the workaround is to remove and DNS entries that you can live without.   

I had the same issue. CUCM PUB had two entries in DNS for reverse lookup.

Once removed, it didnt show that warning: DNS unreachable again :)


nslookup at cmd level and utils diagnose test at CLI level helped us.


M Taha


11.0 is a bit more rigorous in checking the DNS configuration. Do a "show network eth0". If your domain name has a trailing period, remove it (set network domain ...).

I had a system that did dhcp. It set our domain name with the trailing period. When we upgraded from 10.5.2 to 11.0 and the "DNS Unreachable" message appeared. It did not happen in 10.5.2 but these new checks in 11.0 were annoying.

Also, make sure your DNS has the correct forward and reverse entries.

michael mack

I have a brand new BE6K-S using the pre-loaded images on the CUCM and the 2921 router running version 11 that also has this issue.  The router is the DNS server in this case.  I'll check it for duplicate entries, but same exact symptoms.  Publisher says it can't reach the DNS server, but everything seems to work fine. Since this is the configuration that ships straight from Cisco and is supposed to be usable straight out of the box its a little surprising.  Whatever is new in version 11 seems to be a little too aggressive in checking DNS.  I'm hoping there's no actual functional issue and its just cosmetic.  

Hi Michael,

i would says to run "Utils diagnose test" and if it fails on revers DNS then check your DNS server.


Your understanding is correct  Michael that starting 11.x there are some rigorous checked added for DNS resolution and the warning cum error message you are able to see on Publisher GUI page is part of that only. As suggested by Jitender do a utils diagnose test and look for any issues there with your forward and reverse lookup entries.



This really should be a bug. Its not a rigorous test if it fails on a valid DNS configuration. I was pretty disappointed that Cisco is treating this like its a valid check on DNS. Its clearly not correct.  I'm hoping they fix this.  Heck, just having the PLM run on the CUCM box means you cannot use DNS, as you'd have one name for the PLM server and a different one for the CUCM, which you can't do because of this.  

So the new checks that the CUCM performs is actually invalid.  If you have any entry that points to the CUCM's IP address with a different name, this error pops up, even though its a 100% valid DNS configuration.  

In my case, I was using the pre-configured image from Cisco, including the pre-configured router.  The router has entries for both the CUCM and the PLM, which are of course the same IP address.  This caused the CUCM to state that it could not communicate with the DNS server.  Even though this is a completely valid DNS configuration (straight from Cisco) you have to remove the extra entry.  

Recognize Your Peers
Content for Community-Ad