|
|
This chapter describes the default configuration of the Cisco uBR910 series cable data service unit (DSU). With this configuration, the Cisco uBR910 series DSU functions in its "plug and play" DOCSIS-bridging mode, performing as a two-way cable modem, and providing the following minimum set of features:
 |
Note The basic "plug and play" bridging mode does not support features that require the Cisco uBR910 series to operate in routing mode. |
The following sections describe the configuration for "plug and play" DOCSIS bridging:
The DHCP server configuration and DOCSIS configuration file are required for every DOCSIS-compliant cable modem. The Cisco IOS image and configuration files are optional, depending on the needs of the subscribers. The remaining configurations are optional, depending on the subscriber's needs.
The information described in this chapter applies to every Cisco uBR910 series DSU that is used in a DOCSIS-compliant network. Additional configuration steps might be needed, however, to support additional features; see "Advanced Configurations," for details.
The DOCSIS specification (SP-RFI-IO5-991105 or later revision) requires that when a DOCSIS-compliant cable modem powers on or resets, it must connect to a DHCP server to establish temporary IP connectivity with the cable network. This enables a cable modem to download the configuration information it needs to establish a permanent connection with the headend and cable network.
The DHCP server can be a CMTS with DHCP server capabilities (such as the Cisco uBR7200 series universal broadband routers), or it can be a dedicated server located at the headend. The server can be configured manually for each cable modem or it can be part of an automated provisioning system such as Cisco Network Registrar (CNR).
The DHCP server provides the information shown in Table 2-1 to each cable modem.
| Parameter | Description | ||
|---|---|---|---|
IP address for the cable modem's cable interface | This IP address is typically assigned dynamically but the service provider can also statically assign IP addresses on the basis of each modem's MAC address.
| ||
IP subnet mask for the cable modem's cable interface | This subnet mask typically is used for all cable modems using the same downstream, but this depends on the setup of the CMTS network and subscribers' needs. | ||
IP address for the TFTP server | This TFTP server provides the DOCSIS configuration file to the cable modem and is typically a dedicated server located at the headend. | ||
IP address for the DHCP relay agent | A DHCP relay agent is required if the DHCP server is located on a different network than the IP address assigned to the cable modem's cable interface. The DHCP relay agent is also used if the DHCP server is providing IP addresses to the CPE devices connected to the cable modem and the CPE devices are on a different subnet than the cable modem. | ||
Complete filename for the DOCSIS configuration file | This identifies the DOCSIS configuration file that the cable modem should download from the TFTP server. | ||
IP address for one or more time of day (ToD) servers | The cable modem uses the ToD server to get the current date and time so that it can accurately timestamp its SNMP messages and error log entries. | ||
One or more IP addresses for the routers that will forward IP traffic from the cable modem | Typically, the CMTS acts as the default gateway for a cable modem. | ||
One or more IP addresses for System Log (SYSLOG) servers | The cable modem can send its error log messages to the SYSLOG servers, which are optional and typically located at the headend. |
After making a successful DHCP request, the cable modem contacts the ToD server to get the current date and time. It also begins the TFTP download of the DOCSIS configuration file, which is described in the next section, "DOCSIS Configuration File" section.
|
Note At this point in the registration process, the DHCP server provides an IP address only for the cable modem, not for the CPE devices it is connecting to the network. The same DHCP server can provide the IP addresses for the CPE devices after the cable modem goes online, or the cable modem itself can be configured as a DHCP server (see "Routing with DHCP Server" section). |
The DOCSIS specification requires that a DOCSIS-compliant cable modem download a DOCSIS configuration file during its power-on or reset sequence. This file must be in the format described in the SP-RFI-IO5-991105 specification (or later revision) and must contain the information shown in Table 2-2.
|
Note The parameters shown in Table 2-2 are organized according to the categories used in the Cisco DOCSIS Cable Modem Configuration tool, which is available on CCO at http://www.cisco.com/support/toolkit/CableModem. |
| Parameter | Description | ||
|---|---|---|---|
| Radio Frequency Parameters | |||
Downstream Frequency | Specifies the center frequency (in multiples of 62500 Hz) for the downstream channel to be used by the router. (This parameter does not need to be specified in the configuration file because the router will scan the downstream for available frequencies, but typically it is specified to guarantee that the router conforms to the provider's channel plan.) | ||
Upstream Channel ID | Specifies channel ID for the upstream channel to be used by the router. (This parameter does not need to be specified in the configuration file because it can be set dynamically by the CMTS during provisioning.) | ||
Network Access | Determines whether CPE devices attached to the cable modem are allowed access to the cable network. The default is to allow access for CPE devices (which is required for normal operations). | ||
| Class of Service | |||
Class of Service ID | Specifies the ID for this class of service (1 to 16). | ||
Maximum Downstream Rate | Specifies the maximum downstream data rate (in bits/sec) allowed for traffic associated with this class of service. (This is a limit, not a guarantee of service.) | ||
Maximum Upstream Rate | Specifies the maximum upstream data rate (in bits/sec) allowed for traffic associated with this class of service. (This is a limit, not a guarantee of service.) | ||
Upstream Channel Priority | Specifies the priority for upstream traffic (0 to 7, where 7 is highest priority). | ||
Minimum Upstream Rate | Specifies the minimum upstream data rate (in bits/sec) that is guaranteed for traffic associated with this class of service. | ||
Maximum Upstream Channel Burst | Specifies the maximum size of burst traffic to be allowed on this upstream channel. The size is specified in bytes, 0 to 65535, where 0 is no limit. If this field is set to a non-zero value, it should be set to at least 1800 so that it is greater than the maximum Ethernet frame size of 1518 plus the associated packet overhead). | ||
Baseline Privacy Interface (BPI) Enable | Specifies whether BPI encryption should be enabled on traffic associated with this class of service (1 enables BPI encryption, 0 disables BPI encryption). | ||
| Vendor Specific Options | |||
Vendor ID | The three-byte Organization Unique Identifier for the vendor, which is also usually the first three bytes of the cable modem's MAC address. This value is usually expressed as a hexadecimal number. This field should be "00000C" for Cisco Systems equipment. | ||
Vendor-Specific Options | Contains any arbitrary values that are defined by the manufacturer of the cable modem. The Cisco uBR910 series DSU uses this field to identify the Cisco IOS configuration file that should be downloaded (if any). Arbitrary Cisco IOS commands can also be specified in this field. | ||
| SNMP Management | |||
SNMP Write-Access Control and SNMP MIB Objects | Allows the service provider to set arbitrary SNMP attributes on the cable modem. For the Cisco uBR910 series DSU, these two fields are typically used to enable SNMP management of the router because SNMP management is disabled by default.
| ||
| Baseline Privacy Interface Configuration | |||
Authorize Wait Timeout | Specifies the retransmission interval, in seconds, of Authorization Request messages from the Authorize Wait state. Valid values are 2 to 30 seconds. | ||
Reauthorize Wait Timeout | Specifies the retransmission interval, in seconds, of Reauthorization Request messages from the Authorize Wait state. Valid values are 2 to 30 seconds. | ||
Authorization Grace Timeout | Specifies the grace period for reauthorization, in seconds. Valid values are 1 to 1800 seconds. | ||
Operational Wait Timeout | Specifies the retransmission interval, in seconds, of Key Requests from the Operational Wait state. Valid values are 1 to 10 seconds. | ||
Rekey Wait Timeout | Specifies the retransmission interval, in seconds, of Key Requests from the Rekey Wait state. Valid values are 1 to 10 seconds. | ||
TEK Grace Time | Specifies the grace period for rekeying, in seconds. Valid values are 1 to 1800 seconds. | ||
Authorize Reject Wait Timeout | Specifies how long, in seconds, a cable modem waits in the Authorize Reject Wait state after receiving an Authorization Reject. Valid values are 60 to 1800 seconds. | ||
| Customer Premises Equipment | |||
Maximum Number of CPEs | Determines the maximum number of CPE devices that can use the cable modem to connect to the cable network. The default value is 1. In bridging mode, the Cisco uBR910 series DSU supports a maximum number of 254 CPE devices (but the actual number supported depends on the configuration of the headend). See the "MAX CPE Parameter" section for additional information. | ||
CPE Ethernet MAC Address | Configures the cable modem with the MAC addresses for one or more CPE devices that are allowed to connect to the cable network. Entering values in this field is optional because the cable modem can learn the MAC addresses of CPE devices dynamically, up to the maximum allowable number. However, DOCSIS cable modems give priority to the CPE devices whose MAC addresses are in the configuration file. | ||
| Software Upgrade | |||
TFTP Software Server IP Address | Specifies the IP address for the TFTP server that will provide software images. This server does not necessarily have to be the same TFTP server that provided the DOCSIS configuration file. | ||
Software Image Filename | Specifies the fully qualified path name for the software image that the cable modem should be running. If necessary, the cable modem uses TFTP to download this image from the software server. | ||
| Miscellaneous | |||
Concatenation Support | Specifies whether the cable modem supports concatenation of upstream packet requests. | ||
Use RFC2104 HMAC-MD5 | Specifies the algorithm used to compute the CMTS Message Integrity Check (MIC). If yes, the HMAC-MD5 algorithm specified in RFC 2104 is used; otherwise, the algorithm specified by RFC 1321 is used. (The algorithm used must match the one used on the CMTS.)
| ||
CMTS Authentication | Specifies an authentication string to be used between the provisioning server (which creates the configuration files) and the CMTS. It allows the CMTS to authenticate the CM provisioning with a central authentication service, such as a RADIUS server. This field is typically used only for one-way cable modems that use telco-return. | ||
The DOCSIS specification requires that the headend set and enforce the MAX CPE parameter, which specifies the maximum number of CPE devices that can connect to the cable network through a particular cable modem. However, because the Cisco uBR910 series DSU does not connect to CPE devices directly but instead connects to the subscriber network through an access router, the MAX CPE parameter behaves somewhat differently than with standard DOCSIS cable modems.
When the access router is configured as an IP router, it puts its own MAC address as the source address for all outgoing packets. Because the MAX CPE parameter distinguishes CPE devices by MAC address, a value of 1 for the MAX CPE parameter is sufficient for any number of computers in the subscriber network because the same MAC address is used for all CPE devices in that network.
The MAX CPE parameter is enforced, though, when both the Cisco uBR910 series DSU and access router are operating in IP bridging mode. In this situation, outgoing packets are transmitted with the CPE devices' original MAC addresses. Therefore, the MAX CPE parameter must be set to a high enough value to allow access for all CPE devices on the subscriber network; if MAX CPE is set too low, some devices on the subscriber network will not be able to access the cable network.
The DOCSIS configuration file contains the filename for the software image that the Cisco uBR910 series DSU should be running. If this filename does not match the software image that is currently installed, the Cisco uBR910 series uses the TFTP protocol to download the new image from the server specified in the DOCSIS configuration file.
After the new software image has been downloaded, the Cisco uBR910 series DSU resets itself and repeats the power-on and provisioning process. This includes downloading the DOCSIS configuration file again. However, because the software image is stored in non-volatile Flash memory, the Cisco uBR910 series does not have to download it again---the software download occurs only when the service provider specifies a new software image filename in the DOCSIS configuration file.
If the Cisco uBR910 series DSU cannot download the new image, it retries the download, up to a maximum of 16 attempts. If the Cisco uBR910 series still cannot download the image, it falls back to its previous software image and attempts to go online with that image.
The service provider can also force the Cisco uBR910 series DSU to download new software by putting a new image filename in the DOCSIS configuration file and resetting the Cisco uBR910 series. This should be done only after warning the customer that the modem will be offline for several minutes.
|
Note Because it can take several minutes for this download to be accomplished and for the Cisco uBR910 series DSU to repeat its power-on sequence, the provider can also install the desired software image on the Cisco uBR910 series prior to delivery to the subscriber. In this case, the DOCSIS configuration files for each Cisco uBR910 series should also be updated with the proper filename. |
The DOCSIS configuration file uses the Vendor-Specific Information Field to specify that the Cisco uBR910 series DSU should download a Cisco IOS configuration file. The console port is automatically disabled as part of this process to prevent users at the remote site from reconfiguring the system.
The Vendor-Specific Information Field can also be used to specify that one or more CLI commands should be executed at system start-up, after the cable interface comes online. This option can be repeated to give multiple commands.
|
Note The Vendor-Specific Information Field options are optional but Cisco recommends that they be used to automate the configuration of the serial interface. Otherwise, a network administrator must manually configure the Cisco uBR910 series each time it reboots. |
Table 2-3 shows the values that would be entered in the Vendor-Specific Options field to download a Cisco IOS configuration file and automatically disable the console port.
| Field | Value |
|---|---|
Subtype | 128 |
Length | Number of characters in the filename |
Filename | Complete filename, including path, for the Cisco IOS configuration file on the TFTP server specified in the DOCSIS configuration file. In the C isco DOCSIS Cable Modem Configurator tool (which is available on CCO at http://www.cisco.com/support/toolkit/CableModem), the filename is entered as decimal ASCII digits. |
Table 2-4 shows the values that would be entered in the Vendor-Specific Options field to specify a CLI command that should be executed after the Cisco uBR910 series processes the DOCSIS configuration file and comes online the cable interface.
| Field | Value |
|---|---|
Subtype | 131 |
Length | Number of characters in the command |
CLI Command | The ASCII characters of one CLI command, as you would type it at the CLI prompt. To specify multiple commands, use this option once for each command. |
For example, to download a file named "ios.cfg" and to disable the console port, enter the following sequence of bytes into the vendor specific field in the Cisco DOCSIS Cable Modem Configurator tool:
128.7.105.111.115.46.99.102.103
|
Note For more information about CLI commands and the Cisco IOS configuration file, see "Using Cisco IOS Software." |
The following shows a typical Cisco IOS configuration for a Cisco uBR910 series DSU that is operating in "plug and play" DOCSIS-compliant bridging mode:
Version 12.1 service config no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption service internal ! hostname uBR910 ! clock timezone - 4 ip subnet-zero no ip routing ! ! interface Serial0 description ...to access router, PPP half-bridge no ip directed-broadcast encapsulation ppp no ip route-cache no keepalive clockrate 8000000 no cdp enable ppp bridge ip bridge-group 59 bridge-group 59 spanning-disabled ! ! interface cable-modem0 ip address dhcp no ip directed-broadcast no ip route-cache bridge-group 59 bridge-group 59 spanning-disabled ! ip classless no ip http server ! ! no cdp run ! line con 0 transport input none line vty 0 4 ! end
This configuration shows the following requirements for DOCSIS-compliant bridging:
Before the Cisco uBR910 series DSU can transmit traffic between its serial and cable interfaces, the serial interface must be configured. The configuration of the serial interface must match the configuration of the serial interface on the access router that is acting as the gateway for the customer's local area network.
|
Note The cable interface does not need to be manually configured because it is automatically configured during the provisioning process, using the parameters in the DOCSIS configuration file. |
Configuring the serial interface can be done in the following ways:
At the minimum, the following tasks must be done to configure the serial interface when the Cisco uBR910 series is operating in DOCSIS-bridging mode:
|
Note The Smart Serial synchronous serial interface supports a maximum data rate of 8 Mbps (V.35 mode). The maximum usable clock rate, however, depends on the capabilities of the access router and the serial interfaces being used, as well as the distance between the two units. |
The following table shows the commands that can be given to configure the serial interface when the Cisco uBR910 series DSU is in DOCSIS-bridging mode.
| Command | Purpose | |||
|---|---|---|---|---|
Step 1 | uBR910(config)#int s 0 | Enter interface configuration mode for the serial interface. | ||
Step 2 | uBR910(config-if)# description string | Optionally enter an arbitrary description up to 80 characters for this interface. | ||
Step 3 | uBR910(config-if)# ip address ip-address mask | Enter the IP address and subnet mask for the serial interface (these must be the same as those assigned to the cable interface for DOCSIS bridging).
| ||
Step 4 | uBR910(config-if)# no ip directed-broadcast | Disable the forwarding of directed-broadcasts on the serial interface. | ||
Step 5 | uBR910(config-if)# encapsulation serial-protocol | Specify the serial protocol to be used on this link: ppp or hdlc (default). | ||
Step 6 | uBR910(config-if)# no ip route-cache | Disable the high-speed switching caches used for IP routing. | ||
Step 7 | uBR910(config-if)# no keepalive | Disable keepalive messages sent to the interface by the Cisco IOS software. | ||
Step 8 | uBR910(config-if)# clockrate bps | Enter the clock rate in bits per second (bps)---the possible values are in the range from 300 to 8000000 bps, but you must enter a speed supported by the serial interfaces being used on the Cisco uBR910 series and the access router. | ||
Step 9 | uBR910(config-if)# no cdp enable | Disable the Cisco Discovery Protocol (CDP) on the serial interface. (CDP is a proprietary protocol for the discovery of Cisco routers running protocols other than TCP/IP; because DOCSIS cable data networks are primarily TCP/IP networks, CDP is not necessary on the Cisco uBR910 series DSU.) | ||
Step 10 | uBR910(config-if)# ppp bridge ip | (Optional, if using the PPP serial protocol) Enable half-bridging of IP packets on the serial interface, so that the Cisco uBR910 series DSU can function as an Ethernet bridge for the customer's private network.
| ||
Step 11 | uBR910(config-if)# bridge-group bridge-group | Assign the serial interface to the same bridge spanning group (1 to 63) that is used for the cable interface. | ||
Step 12 | uBR910(config-if)# bridge-group bridge-group spanning-disabled | Disable the spanning tree on the serial interface. | ||
Step 13 | uBR910(config-if)# exit | Exit the interface configuration mode for the serial interface. | ||
Step 14 | uBR910(config)# Ctrl-z | Return to privileged EXEC mode. | ||
Step 15 | uBR910# copy running-config startup-config | Save the configuration to Flash memory. | ||
Step 16 | uBR910# show startup-config | Display the configuration file that was just created. |
The access router is the router acting as the gateway for the customer's local area network. It must provide a serial interface that connects to the serial interface on the Cisco uBR910 series DSU.
The access router's configuration depends on its available features and the type of services it can provide. For example, if the PCs on the customer's LAN do not have world-wide unique IP addresses, and if the Cisco uBR910 series DSU is not providing NAT/PAT services, the access router must provide these services. At the minimum the access router must be configured so that its serial interface matches the configuration of the serial interface on the Cisco uBR910 series DSU:
The following example shows a sample configuration file when the access router is a Cisco access router such as the Cisco 1720 router; this configuration matches the one shown for the Cisco uBR910 series DSU in Sample Configuration for DOCSIS-Compliant Bridging:
Version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname cisco-1720 ! ! memory-size iomem 25 ip subnet-zero no ip domain-lookup ! ! interface Serial0 no ip address no ip directed-broadcast shutdown ! interface Serial1 no ip address no ip directed-broadcast shutdown ! interface Serial2 description ...to uBR910: IP routing with PPP half-bridge ip address 10.1.4.222 255.255.255.0 no ip directed-broadcast encapsulation ppp no keepalive no fair-queue no cdp enable ppp bridge ip ! interface FastEthernet0 ip address 192.168.1.1 255.255.255.0 no ip directed-broadcast no keepalive ! router rip version 2 network 10.0.0.0 network 192.168.0.0 ! ip classless ip http server ! ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 login ! end
|
Note This configuration is an example only. The actual configuration for a Cisco access router depends on the interfaces installed, the routing features being used, and the capabilities of the Cisco IOS image that is installed on the router. |
In its "plug-and-play" bridging mode, the Cisco uBR910 series DSU does not normally need any additional configuration to support the PCs or other CPE devices that will access the Internet through the cable network. However, if the service provider is providing the IP addresses for the PCs on the private network, those PCs must be configured to support DHCP allocation of IP addresses.
Each computer and CPE device performs this configuration differently. In Windows 95, for example, open the Start>Settings>Control Panel menu and double-click on the Network control panel; select the computer's TCP/IP Ethernet adapter; and set the IP address configuration to "Obtain and IP address automatically." See your computer's documentation for more details.
To reconfigure the Cisco uBR910 series DSU to support DOCSIS-compliant bridging after it has been configured for routing, log in to the Cisco uBR910 series DSU, enter global configuration mode, and enter the commands shown in the following table:
| Command | Purpose | |
|---|---|---|
Step 1 | uBR910(config)#no ip routing | Disable IP routing on the Cisco uBR910 series DSU. |
Step 2 | uBR910(config)#int e 0 | Enter interface configuration mode for the Ethernet interface. |
Step 3 | uBR910(config-if)# no ip address | Remove the IP address from the Ethernet interface. |
Step 4 | uBR910(config-if)# no ip route-cache | Remove the high-speed switching caches for IP routing. |
Step 5 | uBR910(config-if)# bridge-group bridge-group | Assign the Ethernet interface to a bridge spanning group (choose an arbitrary integer from 1 to 63). |
Step 6 | uBR910(config-if)# bridge-group bridge-group spanning-disabled | Disable the spanning tree on the Ethernet interface. |
Step 7 | uBR910(config-if)# exit | Exit the interface configuration mode for the Ethernet interface. |
Step 8 | uBR910(config)# int c 0 | Enter interface configuration mode for the cable interface. |
Step 9 | uBR910(config-if)# no ip address | Remove the IP address from the cable interface. |
Step 10 | uBR910(config-if)# no keep alive | Disable keepalive messages on the cable interface. |
Step 11 | uBR910(config-if)# no ip route-cache | Remove the high-speed switching caches for IP routing. |
Step 12 | uBR910(config-if)# cable modem compliant bridge | Enable DOCSIS-compliant bridging. |
Step 13 | uBR910(config-if)# bridge-group bridge-group | Assign the cable interface to the same bridge spanning group used for the Ethernet interface. |
Step 14 | uBR910(config-if)# bridge-group bridge-group spanning-disabled | Disable the spanning tree on the cable interface. |
Step 15 | uBR910(config-if)# exit | Exit interface configuration mode. |
Step 16 | uBR910(config)# Ctrl-z | Return to privileged EXEC mode. |
Step 17 | uBR910# copy running-config startup-config | Save the configuration to nonvolatile RAM. |
Step 18 | uBR910# show startup-config | Display the configuration file that was just created. |
|
Note If necessary, reconfigure the access router with a matching configuration. |
Posted: Fri Jul 21 12:41:26 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.
