Just had the “pleasure” of doing a migration of a CUCM and CuC cluster from the unrestricted version (no encryption) to the restricted (encryption enable and restricted for export) version this weekend. It was a very manual and tedious process. A few tips if doing this yourself. This was done with CUCM and CUC 8.6.
Thanks to this writeup for a cool method of getting Cisco full install bootable ISOs from non-bootable updates. I’ve used this many a time to get servers up in my LAB when I haven’t had access to bootable ISOs yet. Below are the boot files extracted from various bootable versions of CUCM disks. It seems that only 2-4 bytes at 0xC are different. The rest of the file is identical between versions. While putting all of this together, the hacker in me wanted to dive into what those specific bytes refer to so I got distracted for about 4 hrs while I read the ISO 9660 and El Torito specs.
(No, I didn’t get far enough to figure it out… maybe another time when the ADD kicks in again. But anyway…) Here are some the bootfiles for disks I had laying around. cucm_70bootfile.bif cucm_71bootfile.bif cucm_80bootfile.bif cucm_85bootfile.bif cucm_86bootfile.bif cucm_90bootfile.bif
**This would not be supported by TAC. Use only in LAB environments.
I played around a little more with this today. The bootfile extracted by UltraISO in the steps above is actually part of syslinux (specifically isolinux). This is the standard tool used to make a Linux bootable cd/dvds. The extracted file above is simply the isolinux.bin file that is used by isolinux when creating a bootable disk (inserted at sector 17). It follows the El Torito specs (part of iso9660) that isolinux uses for a non-emulated boot of a cd/dvd.
Here’s the cool thing… every Cisco ISO has a copy of the bootfile that was used to generate the El Torito boot image for the bootable version of the disk … Simply mount the non bootable ISO, grab the isolinux/isolinux.bin file and then continue to use the steps for UltraISO to add the file to make the image bootable.
This way you don’t even need to find a working bootable ISO to steal the bootfile from or someone to post bootfiles from different versions. I went through 4 different major CUCM iso releases and compared the extracted bootfile with the isolinux/isolinux.bin file. Minus some padding at the end of the file, isolinux.bin on the disk is identical to the extracted bootfile from a bootable version.
On a side note… I’m working on a perl script to do everything UltraISO does but in mac. I hate being dependent on windows apps.
- Manpage for mkisofs
I’ve been a Voicepulse SIP subscriber of years. I love their SIP business service. It gives me a 4 channel SIP trunk and DID service for about $12 a month plus usage. It’s cheap enough for me to use in my lab without breaking the bank. Initially when my lab was more physical and less virtual, I had the Voicepulse SIP trunks terminated on a Cisco 2801 running CME. From there, I would either register IP Phones directly or quasi-cube the connection to the occasional CUCM I would have spun up for testing. My home office phone ran off this and was mostly up when I wasn’t screwing with the setup. That was about 6-9 months ago before I completely re-did my lab footprint to run everything virtual on MAC Mini’s.
In order to terminate my trunks in a virtual-only environment, I needed something other than a physical Cisco ISR. (Hey Cisco!!! Virtualize a CUBE!!!) What I needed was a virtual appliance to act as a SBC. Voicepulse requires either a static IP (dont have) or SIP authentication (CUCM natively does not support). I’ve been wanting an excuse to play with Acme or Sonus but neither of those were an option for me at the moment. I had some familiarity networking CUCM with Asterisk so… Asterisk to the rescue! I decided I would try to terminate my Voicepulse SIP trunks to Asterisk, and create a SIP trunk between it and CUCM.
This is a must read for anyone who already understands IOS and wants to jump into NXOS.
Just started playing around with GeekTool yesterday. I love this little app. It’s got so many possibilities. Anything that lets me tweak my interface and involves the cmd line I go nuts over. After looking through a few examples, I decided to write a little script that would display my local NIC IP addresses on the desktop. I figured it was a good project to familiarize myself with the way it worked.