Map a UC appliance as a network drive

Remember the "good old days" of CCM 4.x? You can do almost everything on the box. Because it's in fact a Windows 2000 box. However, this brings security and supportability issues.

With the introduction of Linux-based Unified Communication appliance (CUCM 5.x), Cisco locked down the box. You can only access the box via admin web page or a tailored command line.

One of the inconveniences is to review log files. On the old-school CCM 4.x, you may just view the logs in C:\Program Files\Cisco\Trace. On the new UC appliance, you'll have to use RTMT (RealTime Monitoring Tool). This is especially annoying if you're testing your system. For each test, you'll have to download a new set of logs to your computer. (though you may use 'Remote Browse' in RTMT, its function is very limited)

What if we can go back to the "good old days" and view the file system just like a Windows drive?

Take a look at the screenshot below. It's a CUCM 6.1.4 mapped to my Windows XP laptop. You can read/write files on CUCM just like a local hard drive. For those people who are not a fan of VI, you may use your favorite editor (such as Notepad++/UltraEdit). And you may use any Windows tools, such as Windows search, WinGrep, WinZip, etc. How's that? :)


To achieve this, you need two things: a root account on CUCM and a software who can map a SFTP server to a network drive (such as sFTPdrive).

UC Appliance on VMWare

In theory, any software runs on x86 platform should be able to run on VMWare, unless the software vendor explicitly block it.

Cisco has many software running on x86 platform. We'll discuss Unified Communication products here - CUCM, CER, UCCX, etc.

CUCM

CUCM is the flagship of Cisco UC products. You may install CUCM on VMWare just fine. No hacking is required, but you'll receive a warning that VMWare is not "officially" supported. ie. you shouldn't use it in production. Cisco planned to support VMWare in production in the future ( probably with UC 8).

Though you may install CUCM on VMWare, there are some limitations.

Limitation #1 Licensing

Cisco limits the number of nodes and DLUs on a VMWare MAC address. (3 nodes, 125 DLUs at the time I'm writing this blog). If you should need more than 3 nodes and 125 DLUs, you may change the MAC address of the CUCM (change in VM guest, not in VM host). Just Google keywords "change MAC address on Linux" and you'll find the answer.

Limitation #2 SNMP Agent

You'll notice that "SNMP Master Agent" service fails to start if CUCM was installed on VMWare. This will cause problem if you're testing CER (Emergency Responder). CER needs SNMP connection to CUCM to retrieve phone info. The workaround would be issue the command on CUCM root shell "/sbin/chkconfig snmpd off". Then reboot the server.

Limitation #3 VMWare Acknowledgement

Since from version 7, CUCM requires you acknowledge the "VMWare agreement" during startup. If you reboot the CUCM remotely (either via OS Admin web or via CLI), the server will not boot up until you press the "Agree" button on the console. The workaround is to edit /usr/local/bin/base_scripts/hardware_check.sh,

change the line

if [ "$hwmodel" = "vmware" ];

to

if [ "$hwmodel" = "foobar" ];

CER

Besides the limitations mentioned about, CER has another limitation with VMWare.

CER retrieve information from CUCM via SNMP. This includes the machine type of CUCM. If CUCM is running on VMWare, the machine type will be "unsupported" from CER point of view. The workaround is to edit /usr/local/CER/etc/devices.xml file on the CER box. Add the following tag under "CcmHost" family tag:

member OID="1.3.6.1.4.1.99.1.1.3.28" OIDNAME="vm-ware" CAPTION="VMWare"

Reboot CER or restart Phone Tracking Engine.

UCCX

So far, UCCX has been running on "Cisco OS" 2000/2003, which in fact is Windows 2000/2003. However, UCCX will refuse to install if Cisco specific registry key is missing. Follow instructions on http://www.tek-tips.com/viewthread.cfm?qid=930128&page=1 to add the registry key.

Good news is: VMWare is supported since Cisco OS 2003.1.4. If you're using OS 2003.1.4 or newer, you don't need the registry hack.

Another tips is: if you want to bypass the hard drive/memory requirement check, you may create an empty file named "crstest.ini" on C:\. Then CRS won't require 72G HDD/2G memory to install. Of course, this is for testing purpose.

Root shell on UC appliance

Many of the hacking above requiress the root access to the appliance (CUCM, CER, etc.). Just use Google to find the answer. For example: http://www.blindhog.net/how-to-get-root-access-on-call-manager-56-server/

Virtualize everything!

People in network world should have heard about 'simulators'. A router simulator gives you the command line interface you can practice on.

With more and more network equipments move to open source OS (linux) and x86 platform, the word 'simulator' has another meaning - virtualization. Which means, you can run the software (such as IOS, JUNOS, etc.) on a x86 computer just like it runs on the original hardware.

I still remember the excitment when I discover that I can run JUNOS on a 486 PC back in 1999. I built my first JNICE lab with nine of those PCs ($50 each).

Now, working in Cisco Unified Communication team, one of the challenges I'm facing is the availability of equipments. Sure we have access to IP phones, routers and switches. But getting mobile phones (BlackBerry, Nokia, WinMobile, Android, iPhone) and ASA (Adaptive Security Appliance) for each engineer is not as easy as we thought.

Mobile phones are required to test CUMC (Cisco Unified Mobile Communicator). ASA is required to test CUMA (Cisco Unified Mobility Advantage), Phone Proxy and CUPS Inter-domain Federation.

Fortunately, with simulators, everything can be run on a PC (or a virtual machine).

Below is a BB simulator and ASA simulator running on a VM.


When running a network appliance image (such as JUNOS or ASA) on a PC or VM, one thing to notice is that you cannot use the monitor and keyboard as console. Why? Because a router does not have video card and keyboard. The 'console' port is the serial port.

If you are using a PC, connect the console cable to the COM port.

If you are using a VM, you may direct the serial output to a named piple.


For the VM that running the appliance image (such as JUNOS or ASA), set the 'near end' to 'Server'. Set the 'far end' to 'A Virtual Machine'. You may use any name for 'pipe name'.

For the VM that acting as 'terminal' (such as WinXP or Linux), set the 'near end' to 'Client'. Set the 'far end' to 'A Virtual Machine'. The 'pipe name' needs to match the one you configured above. After this, it's like there's a serial cable connects the terminal VM(WinXP) and the appliance VM (ASA).

It's live - "Ask Expert" on Netpro

If you have questions regarding CUPS/CUPC, presence, OCS/MOC, etc., you may ask questions on Netpro forum. They have a "Ask the Expert" event this week for CUPS and presence.

Link as below:
http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=Unified%20Communications%20Applications&topicID=.ee835d2&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cd34986

Thanks!

UC Appliance Command Line - Part 2

Part 2 - Start, Stop, Restart

utils service list

This command will list all services on an appliance. It's usually used with the parameter 'page', so it'll pause at each page.

utils service stop
utils service start
utils service restart

These commands are used to stop/start/restart services. For example, if you'd like to restart "Cisco Tomcat" service, you type "utils service restart Cisco Tomcat".

utils system shutdown
utils system restart

These commands are used to shutdown or restart the system.

utils system switch-version

This command is used to switch software version (if you have two versions installed). For your information, Cisco Unified Appliance will keep two versions of software on hard drive - one in the root partition, the other one in "PartB" partition. This provides you an option to fall back to an old version.

To see the versions installed, use the commands below:

show version active
show version inactive

Every time you run "utils system switch-version", it'll make the active partition inactive and make the inactive partition active.

Please note that each partition (version) has it's own database, which means they don't share the same database (configuration). If you switched version, you might lose any changes you made in the other version.

UC Appliance Command Line - Part 1

Cisco built many Unified Communication "Appliance" based on Linux, such as CUCM (Communication Manager, a.k.a. CallManager), CUPS (Presence Server), CER (Emergency Responder, a.k.a. e911), etc.

Even though those appliances are built on Linux, Cisco does not give you shell access to the box (if you know about Linux, you know what a "shell" means). This is for security and maintenance purpose.

However, some of the maintenance work needs to be done via command line. Cisco built a customized command line interface (CLI) for UC appliances. Since most of the UC appliances share the same OS, they also share the same sets of CLI commands.

Mastering some of the CLI commands would make your life easier (or you may impress your colleagues or boss by showing off some of the rarely used commands).

Some basics:
0) To get access to the CLI, you need the "OS Administration" credential. "OS Administration" credential is stored in /etc/passwd file, while "Application Administration" credential is stored in database.

1) To access the CLI, you may either go to the sever console or SSH to it. (Telnet is not supported for security reasons).

2) Cisco keeps adding new commands to CLI. Some of the commands are available on new versions (such as CUCM 7.x) but not available on old versions (such as CUCM 6.x).

3) You may always use question mark (?) and tab key to get help.

4) Unlink IOS, UC Appliance CLI doesn't take abbreviations. You'll have to give the full command (either type it yourself or use the tab key).

5) "show" command is to display information

6) "set" and "unset" commands are to change configuration

7) "utils" command is run maintenance utilities (such as system reboot, backup/restore, etc.)

8) "run sql" command is to run SQL query against the database.

Part 1: Getting system info

show status

This command will give you the following information:

• Hostname of the box
• Current date/time on the box
• Current time zone configured on the box
• Current version
• How long the system has been up and running
• CPU/Memory/Hard Disk usage

For example, if you cannot access the web interface of your CUCM box, you open a case. TAC engineer asks you what version is the CUCM. If you can access to the CLI, you may find out the version. This could possibly speed up the resolution.

show hardware

This command would give you the hardware information (such as serial number of the box). If you need to find out the serial number remotely, you may SSH to the box and use this command. Serial number is critical for entitlement and tech support.

show network eth0 detail

This gives you the following information:

• IP address of the box
• MAC address
• DNS
• Gateway

This command is useful if you need to check the MAC address quickly (for licensing purpose).

To see all "show" commands, type "show ?"

"Ask The Expert" on Cisco NetPro Forum

Sorry I didn't post any new article lately.

I'll host a "Ask The Expert" event on Cisco NetPro forum June 8 - June 12.

For those new to the forum, "Ask The Expert" is a periodic event that the subject matter expert (SME) would answer questions on a specific topic (such as licensing, contact center, video conferencing, etc.). Of course, I'll be answering questions on CUPS/CUPC and presence-related questions. Bring your toughest questions! :)

Though I cannot guarantee every question be answered immediately, I'll make sure they get to the right people.

We believe Unified Communication will make our life better (though the process of deploying it might make your life tougher... LOL)