Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
861
Views
0
Helpful
18
Replies

Jabber MRA DNS query for collab edge

ShaktiChawla19265
Level 1
Level 1

‎03-18-2024 06:14 AM

Hi, 

We have a MRA deployment in our lab (simulating the internal and external env). We have got the Android, and CSF device working, connected to expressway edge. 

But our IOS devices are not working. Upon investigation we find out the Iphone/Jabber is not sending the DNS query for the collab edge, we don't see it in the wireshark trace, but we do see it when Android/Jabber does it. We checked, our firewalls are open for the ports as android and csf devices on same external network can connect.

Attaching the jabber logs.

Has anyone come across this type of issue anytime ?

Any help is much appreciated.

Thanks!

Labels:
Preview file
370 KB
0 Helpful
18 Replies 18

b.winter
VIP
VIP

‎03-18-2024 07:42 AM

Have you looked in the log file even once yourself?
If yes, you would see, that Jabber tries to resolve all different types of SRV records (_collab-edge, _cisco-uds and _cuplogin) in the domain "cucm150.local", but all lookups are failing.
Just search for those words in the file.

bwinter_1-1710772790338.png

Has the phone a DNS-server configured in the first place?

You can upload the complete ZIP-file here, and let it analyze it:
https://cway.cisco.com/csa-new

 

 

0 Helpful

ShaktiChawla19265
Level 1
Level 1

‎03-18-2024 07:47 AM

Yes, as I mentioned I have looked at the file and its working for android and csf devices.
The cup and uds dns query will fail, as the external dns server should not know about the uds and cuplogin. 

From the looks of the log file, it looks it is sending a dns query for collab edge but we do not see it in the wireshark trace, while we do it for cuplogin and cisco uds, which makes me believe that the logs are lying.

Jabber-iOS-14.3.0.308356-20240314_152610(1).zip
0 Helpful

b.winter
VIP
VIP
In response to ShaktiChawla19265

‎03-18-2024 07:59 AM

You didn't mention, looking at the Jabber logs. You just mentioned, that you only checked Wireshark traces.
Then what about my other question? It doesn't help, if you are just answering half the questions.

Has the phone a DNS-server configured?
What does the tool say?
Is the domain "cucm150.local" even the correct one?

0 Helpful

ShaktiChawla19265
Level 1
Level 1
In response to b.winter

‎03-18-2024 08:04 AM

Sorry, I will try to be clear. 
#1 Yes, the phone is DNS server configured. 
#2 I will post the result here after I run tool. Unable to do it at the moment. 
#3 Yes, it is the domain we created for our lab usage. 

Also, to mention, Jabber/Iphone is able to connect directly to cucm on this domain. (i.e., without MRA) 

 

0 Helpful

ShaktiChawla19265
Level 1
Level 1
In response to b.winter

‎03-19-2024 05:31 AM

Hi @b.winter ,

I ran the tool today, but it seems its only verifying the public DNS server and not the local DNS sever that we have deployed in our lab.
Does the iphone/Jabber only works with public DNS server and not with the local DNS servers ?
Any suggestions ?

Thanks!
Shakti

0 Helpful

Nithin Eluvathingal
VIP
VIP

‎03-18-2024 10:19 PM

Based on the logs, it’s evident that Jabber is attempting to connect locally via _Cisco-Uds and _cuplogin. Upon failure, it defaults to _collab-edge. If the traffic isn’t visible on Wireshark, it’s possible that the DNS settings the phone is using may differ.

 

 



Response Signature


0 Helpful

ShaktiChawla19265
Level 1
Level 1

‎03-19-2024 01:47 AM

Thanks for your reply.
Can you please suggest what dns settings should I be looking to confirm that its using the right settings.

As far as I could see both android and iphone are using same dns server without any proxy.

Thanks in advance!

0 Helpful

Steven L
Spotlight
Spotlight

‎03-19-2024 05:48 AM - edited ‎03-19-2024 05:48 AM

are these mobile devices connected to your internal network?

0 Helpful

ShaktiChawla19265
Level 1
Level 1
In response to Steven L

‎03-19-2024 06:03 AM

Hi @Steven L.,

Within our lab we are simulating an internal and external network.
The iphone devices when connects to this external network doesnt sends the collab edge dns query (as far as we can see in the wireshark trace), while we see the collab edge dns query coming from the android phone when it connects to the same external network.

When this iphone/android phone connects to internal network they are able to connect/register to cucm.

 

0 Helpful

Shalid Kurunnan Chalil
Spotlight
Spotlight
In response to ShaktiChawla19265

‎03-19-2024 06:21 AM

Hi there,

When you mention connecting to the external network, are you using Wi-Fi or your phone's data plan? If you're currently using Wi-Fi, please attempt to connect using mobile data to see if it resolves the issue. If you haven't already tried, please disable Wi-Fi on your iPhone.

Regards

Shalid 

0 Helpful

ShaktiChawla19265
Level 1
Level 1
In response to Shalid Kurunnan Chalil

‎03-19-2024 07:20 AM

Hi @Shalid Kurunnan Chalil ,
As I mentioned in the my earlier post, its a lab simulated - internal and external network, The phones are connected via wifi. We have create 2 wifi connections, 1 for internal and other external network.
Both internal and external dns server are in the lab, our external dns server is not public. 
Does iphone/jabber works with non public dns severs for collab edge ? 

0 Helpful

ShaktiChawla19265
Level 1
Level 1

‎03-19-2024 07:32 AM

Reading this article here:  Cisco Jabber DNS Configuration Guide - How the Client Uses Domain Name Servers [Support] - Cisco
Section: 

How the Client Finds a Name Server

It claims that that the client gets the external name server on the public internet, (which is I think what is happening in my case as well). If so, I am not sure why Jabber/android and CSF devices are sending the collab edge to a non public dns server.

Something very specific to Iphone I assume.

Is my observation correct then, cisco experts ?

0 Helpful

Nithin Eluvathingal
VIP
VIP
In response to ShaktiChawla19265

‎03-19-2024 08:00 AM - edited ‎03-19-2024 08:11 AM

 

The jabber determines whether it is public or internal based on the SRV (Service Record) it resolves.

Have you attempted manually configuring the DNS settings on the IP phone? This issue might be related to iPhones when used on an internal network without internet connectivity.

In our production environment, we haven’t encountered such problems.

Consider adding the DNS manually on the iPhone. There’s an option called WIFI-Assist on Iphone that uses mobile data if the Wi-Fi connection is unreliable or lacks internet access. Try disabling this feature—it could be causing traffic to route through your mobile data when it’s turned on.

Given that you don’t observe any traffic originating from the iPhone, I have reservations about this being the root cause of the problem.

 



Response Signature


0 Helpful

Shalid Kurunnan Chalil
Spotlight
Spotlight
In response to ShaktiChawla19265

‎03-19-2024 08:05 AM - edited ‎03-19-2024 08:05 AM

Hi,

Please check and verify the DNS settings on your iPhone by following these steps:

  • Go to Settings.
    Tap on Wi-Fi.
    Tap the "i" icon next to the connected Wi-Fi network.
    Review the DNS settings displayed.

Regards,

 

0 Helpful
Customers Also Viewed These Support Documents