Cadant® C4™ CMTS Cable Modem Termination System
C4 CMTS User Documentation
Documentation Set Release 4.2, Standard July 2005
ARRIS PROPRIETARY This document contains proprietary information of ARRIS, Inc. and is not to be disclosed or used except in accordance with applicable agreements. © 2005 ARRIS All Rights Reserved 07/05/05
Copyright and Trademark Information Cadant® C4™ G2 IMS™ FlexCAM™ ARRIS® and Arris International are trademarks of ARRIS International, Inc. Cadant C4 CMTS is a registered trademark of ARRIS International, Inc. All other trademarks and registered trademarks are the property of their respective holders. Every attempt has been made to capitalize and spell correctly the trademarked and service marked terms used in this manual. ARRIS does not attest to the accuracy of these terms and their usage. Any misspelling or misuse of a term should not be construed as affecting the validity of its trademark or service mark. All information contained in this document is subject to change without notice. ARRIS reserves the right to make changes to equipment design or program components, as progress in engineering, manufacturing methods, or other circumstances may warrant. The G2 IMS™ product contains copyright material licensed from AdventNet, Inc. http://www.adventnet.com. All rights to such copyrighted material rest with AdventNet. The ARRIS Cadant® C4™ Cable Modem Termination System (CMTS) has been qualified by CableLabs® for DOCSIS®1.1 and by tComLabs for Euro-DOCSIS 1.1. In June, 2004, CableLabs® announced that the C4 CMTS qualified for DOCSIS® 2.0. PacketCable™ is a trademark of Cable Television Laboratories, Inc. Broadcom® is a registered trademark of the Broadcom Corporation, http://broadcom.com.
Patent Information The ARRIS Cadant® C4™ Cable Modem Termination System (CMTS) is protected by U.S. and international patents including: 6,457,978 6,662,368 6,449,249 6,636,482 6,637,033 Additional ARRIS International, Inc. patents pending: 6,457,978; 6,769,132; 6,662,368; 6449,249; 6,636,482; 6,637,033; 6,898,182;
© 2005 ARRIS All rights reserved.
CADANT C4 CMTS – LIMITED WARRANTY 1. SOFTWARE WARRANTY ARRlS International, Inc. ("ARRIS") Warrants that for a period of ninety (90) days from delivery of the Software (the "Software Warranty Period), the Software will perform in substantial conformance with the technical specifications for such Software set forth in the Documentation. Purchaser's sole and exclusive remedy, and ARRIS's sole and exclusive liability under this Section I (Software Warranty) shall be, at ARRIS's option: (i) to use commercially reasonable efforts to correct any reproducible errors identified by Purchaser in writing during the Software Warranty Period which renders the Software non-conforming, (ii) to replace the Software with functionally equivalent Software or (iii) to accept return of the Software from Purchaser, if applicable. ARRlS makes no warranty that the Software will work in combination with any hardware or application software products provided by third parties, that the operation of the Software will be uninterrupted or error free, or that all defects in the Software can be corrected. ARRIS shall not have any obligation or liability with respect to this Section I (Software Warranty) for any errors or any defects in the Software upon expiration of the Software Warranty Period. 2. HARDWARE WARRANTY ARRIS warrants to Purchaser that under normal use and service, for a period of twelve (12) months from the purchase date of the Hardware (the "Hardware Warranty Period"), such Hardware will be free from defects in materials and workmanship. Purchaser's sole and exclusive remedy and ARRIS's sole and exclusive liability under this Section 2 (Hardware Warranty) shall be, at ARRIS's option: (i) to use commercially reasonable efforts to correct any reproducible Hardware errors identified by Purchaser in writing during the Hardware Warranty Period which renders the Hardware non-conforming, (ii) to replace the Hardware or (iii) accept return of the Hardware from Purchaser. ARRIS shall not be responsible for any of Purchaser's or third party software, firmware, information or memory data contained in, stored on, or integrated with any Hardware Products returned to ARRIS pursuant to any Warranty provided under this Agreement. 3. OBTAINING WARRANTY SERVICE To make a return under the Warranty above, the Purchaser must notify the ARRIS in writing by obtaining an ARRIS Return Material Authorization number (RMA) within the relevant Warranty Period. The authorized RMA number the Purchaser receives from ARRIS must be marked on the outside package and sent prepaid and packaged appropriately for safe shipment. ARRIS will use commercially reasonable efforts to ship any repaired or replaced Product will be shipped to Purchaser, at ARRIS' expense, not later than thirty (30) days after ARRIS receives the defective Product. Any repaired or replaced Hardware or Software shall be warranted for the remainder of the unexpired applicable Warranty Period. Notwithstanding the above, if any return is due to errors or defects for which ARRIS is not responsible or otherwise not covered by the Warranty, Purchaser shall be liable for and reimburse ARRIS for shipping and related expenses. 4. DISCLAIMER OF WARRANTY. EXCEPT AS MAY BE AGREED TO IN A SEPARATE WRITING BETWEEN THE PARTIES, THIS WARRANTY IS IN LIEU OF ALL OTHER WARRANTIES WITH RESPECT TO HARDWARE OR SOFTWARE DELIVERED TO PURCHASER HEREUNDER, WHETHER STATUTORY, BY OPERATION OF LAW, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON- INFRINGEMENT, TITLE AND ANY WARRANTIES ARISING OUT OF USAGE OR TRADE. THIS WARRANTY IS APPLICABLE SOLELY TO PURCHASER NAMED IN THE PREAMBLE HERETO AND NOT TO ANY SUCCESSOR IN INTEREST THEREOF OR ANY OTHER THIRD PARTY ON THE DATE HEREOF. NO WAIVER, ALTERATION, OR MODIFICATION OF THIS WARRANTY SHALL BE BINDING AGAINST THE ARRIS UNLESS IN WRITING AS A SEPARATE AMENDMENT HERETO AND SIGNED BY TWO (2) AUTHORIZED EXECUTIVE OFFICERS OF ARRIS. © 2005 ARRIS All rights reserved.
5. WARRANTY LIMITATIONS. ARRIS shall be relieved of all obligations and liability under the Warranty provisions set forth herein, if: a The Hardware or Software is operated with, or the error or defect is due to, any accessory, equipment, software or part not approved by ARRIS; b The Hardware or Software shall not have been installed, operated and maintained in accordance with ARRlS's instructions and Documentation; c The Hardware or Software has been repaired, altered or modified by someone other than ARRlS; d Purchaser does not notify ARRlS in writing of the error or defect within the applicable Warranty Period with sufficient information for ARRIS to identify and reproduce such error or defect or fails to return the defective Hardware or Software in accordance with the terms of this Agreement; or e ARRIS can demonstrate that the alleged error or defect in the Software or Hardware does not exist or was caused by Purchaser's or any third party's misuse, neglect, improper installation or testing, or negligent repair or any other cause beyond the range of the intended use, or by accident, fire, lightening or other hazard or act of God. THE LIMITED WARRANTY, LIMITED REMEDIES, WARRANTY DISCLAIMER AND LIMITED LIABILITY ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN ARRIS AND CUSTOMER. ARRIS WOULD NOT BE ABLE TO PROVIDE THE PRODUCT WITHOUT SUCH LIMITATIONS.
Cadant® C4™ CMTS - Software License Agreement EXCEPT AS SET FORTH IN THE WRITTEN SIGNED AGREEMENT ENTERED INTO BY ARRIS INTERNATIONAL, INC. ("ARRIS") AND PURCHASER ("PURCHASER"), USE OF THE SOFTWARE PROVIDED BY ARRIS IS SUBJECT TO THE FOLLOWING TERMS ("License Agreement"). IF PURCHASER DOES NOT AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE AGREEMENT, RETURN THE SOFTWARE AND ALL ENCLOSED DOCUMENTS OR MATERIALS TO ARRIS INTERNATIONAL, INC. FOR A FULL REFUND. USE OF THE SOFTWARE CONSTITUTES ACCEPTANCE OF THE TERMS HEREOF. 1. LICENSE TERMS Subject to the terms of this License Agreement, ARRIS International, Inc. (“ARRIS”) grants to Purchaser a perpetual, royalty-free, non-exclusive, non-transferable (except as set forth in Section 9.2) non-sub-licensable right and license to use the Cadant® C4™ CMTS Software (the “Software”) in connection with the Cadant family of products (the “System”), in binary object code form only. Purchaser may use any third party software products or modules supplied by ARRIS solely with the Software, unless the licensing terms of the third party software products or modules specify otherwise. Purchaser may not disclose the results of Software performance benchmarks to any third party without ARRIS' prior written consent. Purchasers are forbidden from offering the Software for resale under the terms of this Section. All rights not specifically granted to Purchaser herein are retained by ARRIS. 2. RESTRICTIONS Purchaser shall not, and shall not authorize any third party to; (i) make any copies of the Software, (ii) modify, decompile, disassemble, reverse engineer or otherwise attempt to derive any source code from the Software; (iii) transfer the Software to any third party without the prior written consent of ARRIS; (iv) export the Software or any of its underlying technology in contravention of applicable US and foreign export laws and regulations or (v) use the Software other than in connection with the System.
© 2005 ARRIS All rights reserved.
3. USE The right to use the Software, or any individual feature thereof, may be restricted by a measure of usage of applications based upon the number of devices, subscribers, or some similar measure. An expansion beyond a commercially reasonable usage level may require payment of an additional fee to ARRIS. 4. LIMITATIONS ON LIABILITY NEITHER ARRIS NOR ITS LICENSORS SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, PUNITIVE, CONSEQUENTIAL, EXEMPLARY OR SPECIAL DAMAGES UNDER ANY THEORY OF LIABILITY, WHETHER ALLEGED AS A BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE AND REGARDLESS OF WHETHER SUCH DAMAGES ARE SUFFERED BY PURCHASER OR ANY OTHER USER OF THE SOFTWARE, OR ANY THIRD PARTY, EVEN IF ARRIS AND/OR ITS LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL ARRIS SYSTEM'S TOTAL LIABILITY TO PURCHASER ARISING OUT OF OR PURSUANT TO THIS LICENSE AGREEMENT EXCEED THE AMOUNT PAID BY PURCHASER TO ARRIS FOR THE SOFTWARE. 5. TERM & TERMINATION. This License Agreement will take effect upon Purchaser acceptance of the terms hereof or upon Purchaser first use of the Software and will remain in force until terminated in accordance with this License Agreement. This License Agreement may be terminated by Purchaser at any time effective upon receipt by ARRIS of written notice thereof. ARRIS may terminate this License Agreement upon fifteen (15) days prior written notice based on Purchaser material breach of this License Agreement if such breach is not cured within such fifteen (15) day period. Notwithstanding the foregoing, this License Agreement shall terminate immediately upon Purchaser breach of any of the provisions of Section 2 above. 6. OWNERSHIP. Title, ownership rights, and all intellectual property rights in and to the Software and any accompanying materials or documentation, and any copy of the foregoing, shall remain the sole and exclusive property of ARRIS and/or its licensors. Purchaser agrees to abide by the copyright law and all other applicable laws of the United States. Purchaser acknowledges that the Software contains valuable confidential information and trade secrets of ARRIS and/or its licensors. 7. INDEMNIFICATION. Purchaser agrees to defend, indemnify and hold ARRIS harmless from and against any costs, losses, liabilities and expenses (including reasonable attorney's fees) arising out of or relating to (i) third party claims arising out of or related to Purchaser use of the Software in contravention to the terms of this Agreement, including without limitation, any and all claims, actions, suits, or proceedings alleging, fraud, breach of security, non-compliance with laws, breach of contract or negligence. 8. UNITED STATES GOVERNMENT RIGHTS. The Software provided under this License Agreement is commercial computer software developed exclusively at private expense, and in all respects are proprietary data belonging solely to ARRIS and/or it licensors. 9. MISCELLANEOUS. 9.1 If any term, condition, or provision in this License Agreement is found to be invalid, unlawful or unenforceable to any extent, the remaining terms, conditions and provisions will continue to be valid and enforceable to the fullest extent permitted by law. 9.2 Neither this License Agreement nor any rights under this License Agreement may be assigned or otherwise transferred by Purchaser, in whole or in part, whether voluntary or by operation of law without the prior written consent of ARRIS. Subject to the foregoing, this License Agreement
© 2005 ARRIS All rights reserved.
will be binding upon and will inure to the benefit of the parties and their respective successors and assigns. 9.3 This License Agreement (including any addenda hereto signed by both parties) represents the entire agreement of the parties with respect to the subject matter of this License Agreement and supersedes all previous communications, representations, understandings and agreements, either oral or written, between the parties with respect to said subject matter. 9.4 This License Agreement may not be amended, except in writing, signed by both parties. No terms, provisions or conditions of any purchase order, acknowledgment or other business form that Purchaser may use in connection with the acquisition or licensing of the Software will have any effect on the rights, duties or obligations of the parties under, or otherwise modify, this License Agreement, regardless of any failure of ARRIS to object to such terms, provisions or conditions. 9.5 This License Agreement shall be governed by and construed in accordance with the laws of the State of Georgia. Any suit brought in connection with this Agreement shall be subject to the exclusive jurisdiction of the State Court of Georgia or the Federal Courts for the Northern District of Georgia and Purchaser hereby agree and submit to the personal jurisdiction and venue thereof.
© 2005 ARRIS All rights reserved.
Table of Contents
1
About This Manual Intended Audience
1-1
Prerequisite Skill and Knowledge
1-2
Purpose
1-2
Conventions Used in this Document Admonishments
1-2
Textual Conventions
1-3
How to Contact Us
2
3
1-2
1-4
C4 CMTS Features DOCSIS 2.0 Compliance
2-1
Fault Detection and Recovery
2-2
Interfaces and Protocols
2-3
Security Features
2-3
IP Filtering Options
2-3
C4 CMTS Feature Descriptions by Software Release
2-4
Feature Descriptions
2-8
C4 CMTS Specifications Network Diagram
3-3
C4 CMTS Specifications
3-4
RF Electrical Specifications
3-6
Maximum Density
3-7
Scalability
3-7
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
1
Table of Contents
C4 CMTS
VoIP Call Capacities
4
5
C4 CMTS Power Requirements Components of the Power System
4-1
Power Protection Description
4-3
Installation Requirements Safety Precautions
5-2
Electrical Equipment Guidelines
5-3
Preventing Electrostatic Discharge Damage Installation Checklist
5-3 5-3 5-4
Tools Required
5-4
Items Not Supplied
5-5
Unpacking the C4 CMTS
5-6
Module Protection
5-7
Installation Considerations
5-7
Rack Mounting
5-7
Chassis Placement
5-7
Power Requirements
5-8
Cooling Requirements
5-8
Installing Modules and System Bring-up Introduction
6-2
Main Hardware Components
6-2
Module Types and Chassis Slots—Front View
6-3
Chassis — Rear View
6-4
Recommended Order for Installing Chassis Components
2
5-2
Lifting Safety Electrostatic Discharge (ESD)
6
3-8
6-6
Recommended Chassis Unloading Order
6-7
Grounding the Chassis
6-7
Rack Mounting the C4 CMTS
6-8
Power Conditioning Module (PCM) and Cabling
6-9
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table of Contents
Power Protection Description
6-10
Fan Modules and Cooling
6-12
Air Filter
6-17
Installing Modules in the C4 CMTS
6-17
System Control Module (SCM)
6-21
Fabric Control Module (FCM)
6-28
Overview
6-29
Fast Ethernet Network Access Module (NAM) Overview
6-32
Gigabit Ethernet Network Access Module Overview Overview
6-41 6-42
Cable Access Module (2Dx12U CAM) Overview
6-46 6-47
Initial System Configuration
6-51
Overview
6-51
How to Set the SCM IP Address Using a Terminal Emulator
6-52
7
Clock Synchronization Protocol
8
Host Names, User IDs, and Password Recovery
10
6-34 6-35
Cable Access Module (1Dx8U CAM)
9
6-31
How to Administer the Host Name and User IDs
8-1
How to Add and Delete Users
8-2
Password Recovery
8-4
NAM Configuration Fast Ethernet Network Access Module (NAM) Configuration
9-2
Gigabit Ethernet Network Access Module (GigE NAM) Configuration
9-4
NAM-Side IP Interface Bundling
9-7
Basic CAM Configuration 1Dx8U CAM
Release 4.2, Standard
10-2
ARRIS PROPRIETARY — All Rights Reserved
3
Table of Contents
C4 CMTS
2Dx12U CAM
10-4
Rules and Restrictions for 2Dx12U CAM Configuration
10-4
Basic Command Set for Bringing Up a 2Dx12U
10-7
Migration from 1Dx8U CAMs to 2Dx12U CAMs Measuring SNR in the 2Dx12U CAM Clone Group Configuration
10-23 10-27
Clone Group Configuration Recommendations
10-28
Clone Group Operation Details
10-29
Sample Clone Group Configurations
10-30
Inter-MAC-Domain Clone Groups
10-31
Modulation Profiles Adjusting Channel Settings in Response to Increased CM Scaling FlexCAM™ Hitless CAM Sparing
10-32 10-40 10-41
Overview
10-41
Configure Sparing Groups — Example
10-43
Interface Bundling
11
Control Complex Redundancy
12
Configuring Router Functionality Interface Configuration
10-47
12-1
Common Interface Configuring Commands
12-1
Monitoring Interfaces
12-3
Subinterfaces (Multiple VRIs per VRF)
12-5
Routing Information Protocol, version 2 (RIP2)
12-9
Open Shortest Path First (OSPF) OSPF Graceful Restart
12-15 12-19
Loopback Interfaces for Routing Protocols
12-21
Dynamic Route Redundancy
12-25
Configuring IP Routes
12-26
Route Redistribution
12-27
Multicast Operations in the C4 CMTS IGMP Implementation
4
10-13
ARRIS PROPRIETARY — All Rights Reserved
12-28 12-30
07/05/05
C4 CMTS
13
Table of Contents
IP Packet Filtering, Throttling, and CAR Overview of IP Packet Filtering Subscriber Filters
13-5
Setting Default Filter Groups
13-10
Debug IP Packet Capture
13-15
Packet Throttling
13-17
Committed Access Rate
13-19
Global Rate Smoothing for TCP Traffic Feature
13-23
14
Service Class Names
15
Authentication, Authorization, and Accounting (AAA)
16
13-2
AAA Feature
15-2
Servers and Server Groups
15-5
Secure Shell Protocol (SSH2)
15-14
In-Band Management with ACLs
15-22
Routing to a Null Interface
15-24
Source Verification of Cable-side IP Addresses
15-25
Upstream Load Balancing (ULB)
15-27
DSx DQoS VoIP on the C4 CMTS
15-29
C4 CMTS Advanced CM Configuration File Verification
15-31
PacketCable™ Services PacketCable 1.x Overview
16-1
PacketCable Multimedia Overview
16-5
Configuration Procedures
16-9
IKE and IPSec Configuration
16-10
PacketCable Settings
16-21
PC1.x Electronic Surveillance
16-32
Electronic Surveillance Configuration
16-33
Electronic Surveillance Logging Messages
16-34
Running in a non-PacketCable Compliant Voice Environment
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-35
5
Table of Contents
C4 CMTS
Working with non-ARRIS MTAs in a non-PacketCable Compliant Voice System
16-35
Working with ARRIS MTAs in a non-PC1.x Compliant System
16-36
Converged Services
17
Baseline Privacy Interface (BPI) Baseline Privacy Overview Baseline Privacy Operational Overview Baseline Privacy Setup
18
17-1 17-2 17-4
Initial CMTS Base Table Setup
17-4
BPI Initialized State Configuration Settings.
17-9
Encrypted Multicast Setup
17-10
Digital Certificates (BPI+ Only)
17-14
Provisioning BPI X.509 Certificates Using Import/Export Commands
17-15
Provisioning BPI X.509 Certificates Using CLI Commands
17-17
Baseline Privacy Debugging
17-20
Explanation of BPI Trap Codes
17-24
CLI Commands for Baseline Privacy
17-28
Configure Cable Command
17-28
Show Cable Command
17-29
Configure Interface Cable Command
17-30
Show Interface Cable Command
17-32
DOCSIS Set-top Gateway (DSG) Configuration Overview and Definitions
18-2
Configuration Procedures
18-4
Initial Configuration
18-5
DSG Configuration
18-7
Advanced DSG Configuration
6
16-38
18-9
DS Cable Interface
18-11
DSG Tunnel
18-14
DSG Classifier
18-18
DSG Configuration Scenarios
18-18
Initial Setup for DSG
18-18
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table of Contents
DSG Configuration Only
18-20
Multicast Destination IP to RFC1112 DSG Tunnel MAC
18-20
Multicast Destination IP to non-RFC1112 DSG Tunnel MAC
18-23
Unicast Destination IP
18-25
19
Downstream Cable Parameters
20
Upstream Modulation Parameters and Profiles Differences Between the 1Dx8U and 2Dx12U Default Modulation Profiles
20-10
Modulation Profiles: Default and User-defined
20-11
21
SNMP Configuration with CLI
22
Flash Disk Description
23
Overview
22-1
Virtual System Controller
22-4
File System Administration
22-5
File Transfers
22-7
Hitless Reload/Upgrade Feature
22-9
Logging and the C4 CMTS Event Messages
23-1
How Event Messages Are Routed
23-2
Event Management Subsystems
23-3
Event Message Throttling
23-4
Show Logging Commands
23-5
Configuring Event Throttling
23-9
Configuring Event Routing
23-11
Generating Events and Traps
23-15
SNMP Trap Examples
23-16
Routing Events to Local Volatile and Non-Volatile Logs
23-17
Displaying Events on the System Console
23-18
Routing Events to the Monitor
23-19
Routing Events to the History Log
23-20
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
7
Table of Contents
C4 CMTS
Logging OSPF Event Messages
24
Diagnostics Diagnostic User Interfaces
25
24-2
CLI Overview Access Levels and Modes
25-2
CLI Command Modes
25-2
CLI Syntax Conventions Designating MAC addresses and IP addresses
25-5 25-6
Keyboard Shortcuts
25-6
CLI Command Features
25-7
CLI Help Feature CLI Filtering
25-8 25-15
How to Use CLI Filtering
26
CLI Command Descriptions
27
Standard and Cadant Enterprise MIBs
8
23-21
25-15
CMTS SNMP MIB Variable Descriptions
27-2
Enterprise MIBs
27-3
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
List of Features and Fixes for 4.2
Advanced CM Configuration File Verification (TFTP Enforce) Associate ACL with SNMP Community String
15-31 21-1
CLI - clear crypto sa
26-21
CLI - configure cable dsg client-id-list
26-71
CLI - configure cable dsg tunnel
26-77
CLI - configure cable dsg ds-frequency-list
26-73
CLI - configure cable dsg timer-list
26-75
CLI - configure cable dsg tunnel classifier
26-78
CLI - configure cable dsg vsp-list
26-80
CLI - configure cable filter group index log
26-82
CLI - configure crypto dynamic-map
26-131
CLI - configure crypto dynamic-map ipsec-isakmp match address 26-132 CLI - configure crypto dynamic-map set peer
26-133
CLI - configure crypto dynamic-map set security-association lifetime 26-134 CLI - configure crypto dynamic-map set transform-set 26-135 CLI - configure crypto ipsec security-association lifetime seconds
26-145
CLI - configure crypto ipsec transform-set
26-137
CLI - configure crypto ipsec transform-set authentication
26-138
CLI - configure crypto ipsec transform-set encryption
26-139
CLI - configure crypto ipsec transform-set mode
26-140
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
i
List of Features and Fixes for 4.2
C4 CMTS
CLI - configure crypto isakmp enable
26-141
CLI - configure crypto isakmp key
26-142
CLI - configure crypto isakmp local-address
26-143
CLI - configure crypto isakmp policy
26-144
CLI - configure crypto key export
26-145
CLI - configure crypto key generate
26-146
CLI - configure crypto key import
26-147
CLI - configure crypto key zeroize
26-148
CLI - configure crypto map ipsec-isakmp
26-149
CLI - configure crypto map ipsec-isakmp dynamic
26-150
CLI - configure crypto map ipsec-isakmp match address
26-151
CLI - configure crypto map ipsec-isakmp set peer
26-152
CLI - configure crypto map ipsec-isakmp set security-association lifetime seconds 26-153 CLI - configure crypto map ipsec-isakmp set transform-set
26-154
CLI - configure interface cable / cable downstream dsg dcd-enable
26-176
CLI - configure interface cable / cable downstream dsg ds-frequency-list
26-178
CLI - configure interface cable / cable downstream dsg no
26-179
CLI - configure interface cable / cable downstream dsg timer-list
26-180
CLI - configure interface cable / cable downstream dsg vsp-list
26-183
CLI - configure interface cable / cable dynamic-secret 26-209 CLI - configure interface cable / cable tftp-enforce
26-231
CLI - configure interface fastethernet / ip access-group 26-319 CLI - configure interface gigabitethernet / ip access-group 26-363
ii
CLI - configure ip filter group index log
26-424
CLI - configure ip ssh ciphers
26-433
CLI - configure ip ssh idle-timeout
26-434
ARRIS PROPRIETARY — All Rights Reserved
7/15/2005
C4 CMTS
List of Features and Fixes for 4.2
CLI - configure ip ssh login
26-435
CLI - configure ip ssh max-auth-fail
26-436
CLI - configure ip ssh password-auth
26-437
CLI - configure ip ssh password-auth-req
26-438
CLI - configure ip ssh port
26-439
CLI - configure ip ssh port-forwarding
26-440
CLI - configure ip ssh public-key-auth
26-441
CLI - configure ip ssh public-key-auth-first
26-442
CLI - configure ip ssh public-key-auth-req
26-443
CLI - configure ip ssh restart
26-444
CLI - configure ip ssh shutdown
26-445
CLI - configure packetcable
26-480
CLI - configure packetcable dqos shutdown
26-481
CLI - configure packetcable dqos timer
26-482
CLI - configure packetcable pcmm shutdown
26-489
CLI - configure packetcable pcmm timer t1
26-490
CLI - configure packetcable throttle
26-491
CLI - configure snmp-server community
26-553
CLI - reload hitless
26-620
CLI - show cable dsg
26-642
CLI - show cable dsg client-id-list
26-646
CLI - show cable dsg ds-frequency-list
26-648
CLI - show cable dsg timer-list
26-650
CLI - show cable dsg tunnel
26-653
CLI - show cable dsg tunnel classifier
26-654
CLI - show cable dsg tunnel-group
26-652
CLI - show cable dsg vsp-list
26-655
CLI - show crypto dynamic-map [tag ]
26-727
CLI - show crypto ipsec sa
26-728
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
iii
List of Features and Fixes for 4.2
C4 CMTS
CLI - show crypto ipsec security-association lifetime
26-732
CLI - show crypto ipsec transform-set [tag ]
26-733
CLI - show crypto isakmp
26-734
CLI - show crypto isakmp policy
26-735
CLI - show crypto isakmp sa
26-736
CLI - show crypto map [tag ]
26-738
CLI - show interface cable / cable downstream dsg dcd
26-761
CLI - show interface cable [/] cable downstream dsg
26-758
CLI - show interface cable [/] cable downstream dsg verbose
26-760
CLI - show interface fastethernet / access-group
26-785
CLI - show interface gigabitethernet / access-group
26-786
CLI - show ip ospf interface [brief] (PROD 70427)
26-817
CLI - show ip ssh
26-829
CLI - show ip ssh config
26-830
CLI - show packetcable global
26-864
CLI - show packetcable global dqos
26-866
CLI - show packetcable global pcmm
26-867
CLI - show packetcable transactions
26-868
CLI - show snmp community
26-896
CLI - show ssh host public-key
26-831
CLI - trace logging packetcable
26-965
Configuration File for Combined Voice and Data on the Same Upstream
16-38
Debug IP Packet Capture
13-15
DOCSIS Set-top Gateway
18-1
Measuring SNR in the 2Dx12U CAM
10-23
PacketCable Multimedia Overview
16-5
Power levels for upstream channels on the same physical CAM connector.
10-4
PROD 60544 Sample output of "show cable modem detail" command updated to show CM capability and operation. Needed for DOCSIS 2.0. 17-21
iv
ARRIS PROPRIETARY — All Rights Reserved
7/15/2005
C4 CMTS
List of Features and Fixes for 4.2
PROD 64234 Power levels for upstream channels on the same physical CAM connector.
10-4
PROD 65114 PacketCable Compliance Updated
16-4
PROD 65842 DCDs configured on a per-interface basis, not for entire cable bundle
18-5
PROD 66221 Problem with SCN params and DSG tunnels
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
18-15
v
List of Features and Fixes for 4.2
C4 CMTS
vi
7/15/2005
ARRIS PROPRIETARY — All Rights Reserved
List of Figures
3
4
5
C4 CMTS Specifications Figure 3-1:
The C4 CMTS (front view)
3-2
Figure 3-2:
Typical Cable Data Network Architecture
3-3
C4 CMTS Power Requirements Figure 4-1:
C4 CMTS Front Access Panels
4-2
Figure 4-2:
LED and Power Bus Switches
4-3
Figure 4-3:
C4 CMTS Power Feeds (chassis rear)
4-4
Figure 4-4:
Second Level - Internal Branch Fusing
4-5
Figure 4-5:
Power Control Button
4-6
Installation Requirements Figure 5-1:
6
Internal Air Flow (side view)
5-9
Installing Modules and System Bring-up Figure 6-1:
Front View of C4 CMTS
6-3
Figure 6-2:
C4 CMTS Chassis (rear view)
6-5
Figure 6-3:
Example of Old and New Front Filler Panels
6-6
Figure 6-4:
Location of Grounding Terminals
6-8
Figure 6-5:
Installing the Power Control Module (PCM)
6-10
Figure 6-6:
Cabling the PCM
6-11
Figure 6-7:
Example of Normal Speed Fan Module
6-13
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
1
List of Figures
79
Figure 6-8:
Example of High Speed Fan Module
6-14
Figure 6-9:
Installing the Fan Module
6-15
Figure 6-10: Air Flow Through the Chassis
6-16
Figure 6-11: Installing the System Control Module
6-18
Figure 6-12: Release Locking Latches in Order to Remove Module
6-19
Figure 6-13: System Control Module (SCM) and PIC
6-21
Figure 6-14: View of Pin-out of Rollover Cable
6-26
Figure 6-15: Connecting the Console Port to a PC
6-27
Figure 6-16: Fabric Control Module (FCM) and Filler Panel
6-28
Figure 6-17: FastE NAM and PIC
6-31
Figure 6-18: GigabitEthernet Network Access Module (GigE NAM) and PIC
6-34
Figure 6-19: Gigabit Interface Converters (GBICs)
6-37
Figure 6-20: Installing the GBIC
6-38
Figure 6-21: 1Dx8U Cable Access Module (CAM) and PICs
6-41
Figure 6-22: 2D12U Cable Access Module (CAM) and PIC
6-46
Figure 6-23: Opening a Terminal Session on the C4 CMTS
6-52
Figure 6-24: Sample Bootloader Dialog
6-55
NAM Configuration Figure 9-1:
10
C4 CMTS
Block Diagram of NAM-Side IP Interface Bundling
9-7
Basic CAM Configuration Figure 10-1: One Way to Migrate Two 1Dx6 CAMs onto One 2Dx12U (example)
10-15
Figure 10-2: Migration Example: from 12 Upstreams on Two 1D/6U CAMs to One 2Dx12U 10-16
12
Figure 10-3: Two Examples of Slot Configuration after Migrating to 2Dx12U CAMs
10-17
Figure 10-4: Network Example — Each CM Sees Multiple Downstreams
10-31
Figure 10-5: Example of CAM Sparing Groups
10-43
Configuring Router Functionality Figure 12-1: Example of Packet Flow Using Loopback Interface
2
ARRIS PROPRIETARY — All Rights Reserved
12-23
07/05/05
C4 CMTS
115
List of Figures
Authentication, Authorization, and Accounting (AAA) Figure 15-1: AAA Security Model
16
15-3
PacketCable™ Services Figure 16-1: PacketCable Network Reference Architecture
16-3
Figure 16-2: Foundations of PCMM Architecture
16-6
Figure 16-3: Network Diagram of PCMM Implementation
16-8
Figure 16-4: An Example of Classification for PacketCable 1.x In a Combined Voice and Data Environment 16-40
17
Baseline Privacy Interface (BPI) Figure 17-1: Example of Baseline Privacy Base Table
18
DOCSIS Set-top Gateway (DSG) Configuration Figure 18-1: Logical devices in a DSG system Figure 18-2: Block Diagram of an Advanced DSG Configuration
22
24
18-2 18-10
Flash Disk Description Figure 22-1: Flash Disk Partition Structure
23
17-5
22-2
Logging and the C4 CMTS Figure 23-1: Event Management Subsystems on the C4 CMTS
23-3
Figure 23-2: Show Logging Output Example
23-7
Figure 23-3: Show Logging Throttle Output Example
23-8
Figure 23-4: Show Logging History Output Example
23-8
Figure 23-5: Show Logging History Last 10 Output Example
23-9
Figure 23-6: Help Configure Logging Trap Output Example
23-16
Figure 23-7: Show Logging Local Output Example
23-18
Diagnostics Figure 24-1: C4 CMTS Diagnostic Software
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
24-3
3
List of Figures
4
C4 CMTS
Figure 24-2: CLI Output for Diagnostics
24-12
Figure 24-3: Show Logging History Output Example (partial)
24-13
Figure 24-4: Example of System Output for a Module that Failed Diagnostics
24-14
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
List of Procedures
6
7
Installing Modules and System Bring-up Procedure 6-1
How to Rack Mount the C4 CMTS
6-8
Procedure 6-2
How to Install the Power Conditioning Modules (PCMs)
6-10
Procedure 6-3
How to Cable the PCM
6-11
Procedure 6-4
How to Install the Fan Modules
6-15
Procedure 6-5
How to Install the SCM
6-24
Procedure 6-6
How to Install the SCM Physical Interface Card (PIC)
6-24
Procedure 6-7
How to Cable the SCM
6-26
Procedure 6-8
How to Install the FastE NAM
6-33
Procedure 6-9
How to Install the GigE NAM
6-35
Procedure 6-10 How to Install the GigE NAM Physical Interface Card (PIC)
6-35
Procedure 6-11 How to Install the GBICs
6-38
Procedure 6-12 How to Remove a GBIC
6-39
Procedure 6-13 How to Install the CAM
6-44
Procedure 6-14 How to Install the CAM Physical Interface Card (PIC)
6-44
Procedure 6-15 How to Open the Terminal Emulator Session
6-52
Procedure 6-16 How to Modify Boot Parameters
6-54
Clock Synchronization Protocol Procedure 7-1
How to Configure a Time of Day (TOD) Clock Protocol
7-1
Procedure 7-2
How to Choose Network Time Protocol (NTP) for C4 CMTS
7-2
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
1
List of Procedures
8
9
10
11
2
C4 CMTS
Host Names, User IDs, and Password Recovery Procedure 8-1
How to Configure a Host Name and Logging Host IP Address
8-1
Procedure 8-2
How to Configure Privilege Levels and Authentication
8-2
Procedure 8-3
How to Enable Password Recovery Using Application Dialog
8-4
NAM Configuration Procedure 9-1
How to Configure a Network Access Module
9-3
Procedure 9-2
How to Take a NAM Out of Service and Delete Its Slot
9-4
Procedure 9-3
How to Configure a Gigabit Ethernet Network Access Module
9-5
Procedure 9-4
How to Take a GigE NAM Out of Service and Delete Its Slot
9-6
Basic CAM Configuration Procedure 10-1 How to Create and Enable a 1Dx8U CAM
10-3
Procedure 10-2 Example of Growing and Enabling a 2Dx12U CAM with Logical Channels
10-9
Procedure 10-3 Migrating from a 1Dx8U Chassis to a 2Dx12U Chassis
10-18
Procedure 10-4 How to Align IM Opportunities for Clone Groups
10-29
Procedure 10-5 How to Create and Apply a Modulation Profile to an US Port
10-33
Procedure 10-6 How to Configure an Upstream (US) Channel
10-34
Procedure 10-7 How to Activate a CAM
10-39
Procedure 10-8 How to Take a CAM Out of Service and Delete Its Slot
10-39
Procedure 10-9 Configuring the Two Sparing Groups Shown in the Example
10-43
Procedure 10-10How to Fail Back Manually
10-45
Procedure 10-11How to Delete a CAM Sparing Group
10-46
Procedure 10-12How to Create Interface Bundles
10-47
Procedure 10-13How to Remove Interface Bundles
10-48
Control Complex Redundancy Procedure 11-1 How to Add a Control Complex (Change from Simplex to Duplex)
11-2
Procedure 11-2 How to Change a Control Complex from Duplex to Simplex
11-3
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
12
List of Procedures
Configuring Router Functionality Procedure 12-1 How to Monitor Interfaces
13
Procedure 12-2 How to Enable Single Key Authentication
12-13
Procedure 12-3 How to Enable Multiple Key Authentication (i.e., Key Chains)
12-14
Procedure 12-4 How to Enable OSPF
12-16
Procedure 12-5 How to Disable OSPF for an Interface
12-18
Procedure 12-6 How to Disable OSPF (Globally) on the C4 CMTS
12-18
Procedure 12-7 How to Add/Delete/View a Static IP Route to the C4 CMTS
12-26
Procedure 12-8 How to Enable Multicast on a Cable Interface
12-31
IP Packet Filtering, Throttling, and CAR Procedure 13-1 How to Add Filters to the CMTS
15
23
24
12-3
13-6
Authentication, Authorization, and Accounting (AAA) Procedure 15-1 Setting up SSH on the C4 CMTS
15-17
Procedure 15-2 PuTTY, SSH, Public Key Authentication
15-17
Logging and the C4 CMTS Procedure 23-1 How to Route Events to the Console
23-18
Procedure 23-2 How to Route Events to the Monitor
23-19
Procedure 23-3 How to Configure the History Log
23-20
Diagnostics Procedure 24-1 How to Restore Modules into Service
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
24-4
3
List of Procedures
4
C4 CMTS
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
1. About This Manual
Topics
Page
Intended Audience
1
Prerequisite Skill and Knowledge
2
Purpose
2
Conventions Used in this Document
2
How to Contact Us
4
In response to emerging IP-based data and voice services, ARRIS brings to market a next-generation, carrier-class Cable Data Network Solution — the Cadant C4 Cable Modem Termination System (CMTS). As of April 2005, there were more than 700 C4 CMTSs on four continents supporting 3.7 million subscribers. The C4 CMTS has been designed to meet the needs of the Multiple System Operator (MSO) in terms of system density, wire-speed performance, and reliability. The C4 CMTS enables MSOs to bundle high-speed data, voice, full-motion video, and other multimedia content to residential and business customers.
Intended Audience This document is intended for MSO technical support personnel who are responsible for integrating, operating, and maintaining the C4 CMTS.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
1-1
1 About This Manual
Prerequisite Skill and Knowledge This document serves as an introduction to the C4 CMTS for all administrators and users of cable modem termination systems. Ideally, users of this documentation and equipment should have a basic knowledge of the following: •
RF measuring equipment
•
Provisioning servers
•
Command Line Interface (CLI)
•
RF cable plant and operating methods
Purpose This document provides a comprehensive view of the C4 CMTS including reference and procedural information required to manage and control the C4 CMTS.
Conventions Used in this Document This section presents the textual conventions used in this documentation set.
Admonishments There are three levels of admonishments used in this documentation. The first is a simple note. NOTE Notes are intended to highlight additional references or general information related to a procedure, product, or system. The international symbols, Caution and Warning, appear in this book when you must perform procedures involving risk.
1-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
CAUTION
Cautions indicate risk of dropping traffic, losing data, or damaging equipment. Read the accompanying instructions and proceed with caution.
WARNING The warning symbol represents a risk of bodily injury or serious damage to the equipment. Before you work on any equipment, be aware of the hazards involved with electrical circuitry and fiber optics and follow standard procedures for preventing accidents and serious damage.
Textual Conventions The conventions used in this guide are shown in the following table: Table 1-1: Examples of Textual Conventions Type of text
Description
Example
CLI commands and other user input
Monospaced bold (courier)
configure slot type NAM
Names of chapters and manuals
Italicized text
chapter 1, AboutThis Manual
Menu selections
Plain-faced text
From the File>Set-up menu choose…
System responses and screen display
Monospaced font (courier)
Time since the CMTS was last booted: 12 days, 2: 8: 14
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
1-3
1 About This Manual
How to Contact Us Product Information and Support
If you have questions about the ARRIS C4 CMTS, G2 IMS® software, installation procedures, or this guide, pleases contact your ARRIS account representative. The Technical Support Contact information is summarized in the following table: Table 1-2: Product Technical Support Contacts C4 CMTS Support Information NORTH AMERICA E-mail
[email protected]
Toll Free Phone
1+.888.221.9797 (North America Only)
Worldwide Phone Hours
1+678.473.5656 8 am to 8 pm (08:00 to 20:00) Eastern Standard Time
LATIN AMERICA E-mail
[email protected]
Phone
+56.2.369.5628
Hours
9 am to 6 pm (09:00 to 18:00)
EUROPE E-mail
[email protected]
Phone
+31 23.554.3880 (English, Spanish, French)
Hours
08:30 to 17:30 pm CET
ASIA (except Japan) E-mail
[email protected]
Phone
+81 (0) 3 5371.4142
Hours
9 am to 5 pm (09:00 to 17:00) Tokyo local time
JAPAN - Tokyo Office E-mail
[email protected]
Phone
+81 (0) 3 5371.4142
Hours
9 am to 5 pm (09:00 to 17:00) Tokyo local time
JAPAN - Fukuoka Office
1-4
E-mail
[email protected]
Phone
+81 92 473.2671
Hours
9:30 am to 6 pm (09:30 to 18:00) Fukuoka local time
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Emergency support is available after normal business hours by calling the same numbers listed above. Additional contact information can be obtained from the ARRIS web page at http://www.arrisi.com and clicking on the link to the Customer Center. Training Information
ARRIS Training is the authorized organization for training on voice, data, and provisioning products. Web-based, instructor-led, and customized courses are available at our U.S. training center in Atlanta. On-site training is available.To obtain pricing for on-site training and other training information, visit our web site: http://www.arrisi.com
Comments on this Document
Our goal has been to create a document that best fits your needs. We are interested in your suggestions for improving this document. You may address comments or questions regarding this documentation directly to the Documentation and Training Manager: Jim Morgan ARRIS Customer Documentation and Training Manager PH: 770-622-8760 FX: 678-473-5218
[email protected]
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
1-5
1 About This Manual
1-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
2. C4 CMTS Features
Topics
Page
C4 CMTS Feature Descriptions by Software Release
4
Feature Descriptions
8
This chapter introduces the C4 CMTS and its features, functionality, and components. This chapter contains the following topics: •
Descriptive and reference information
•
Features list
DOCSIS 2.0 Compliance In December, 2004, the Cadant C4 Cable Modem Termination System (CMTS) received DOCSIS® 2.0 requalification by CableLabs® with the new software upgrade designed to support DOCSIS Set-top Gateway (DSG) technology. With this qualification, the Cadant C4 CMTS, configured with the higher density 2Dx12U CAM provides the most reliable and scalable CMTS solution currently available. Using it, MSOs can provide their customers with advanced voice and high-speed data solutions.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
2-1
2 C4 CMTS Features
The Cadant C4 CMTS supports DOCSIS Set-Top Gateway (DSG), allowing operators to transition the signaling, provisioning and control of advanced set-top boxes from proprietary to standards-based protocols. This transition of all services to IP-based standards is expected to streamline operations and lower capital costs for cable operators. The DOCSIS 2.0 standard greatly improves performance in the upstream path of the cable network. The growing demand for peer-to-peer file sharing, interactive gaming, and voice over IP telephony increases the need for upstream bandwidth. The following enhancements are available to CMTSs and CMs that comply with the 2.0 standard while maintaining all the DOCSIS 1.1 and 1.0 functionality: •
Enhanced upstream capacity
•
Greater maximum upstream throughput — up to 30.72 mbps per channel
•
Greater upstream channel width — up to 6.4 Mhz
•
New upstream channel modulation rates: 8QAM, 32QAM, and 64QAM
•
Longer preamble to facilitate synchronization — up to 1536 bits
•
Higher powered preamble — QPSK-1
•
Enhanced noise cancellation and error correction
•
Synchronous-Code-Division Multiple Access (SCDMA) operation along with the standard TDMA and ATDMA techniques for combining CM signals onto a given upstream channel.
Fault Detection and Recovery The C4 CMTS employs: •
Advanced data-path integrity checks (parity, CRC, loopbacks, pings)
•
Continuous system audits
•
Multiple levels of error detection.
Fault recovery on the C4 CMTS:
2-2
•
Rapidly isolates faults
•
Decreases diagnostic and repair time
•
Reduces the probability of fault propagation
•
Minimizes impact on subscriber services.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Interfaces and Protocols Open interfaces and protocols allow seamless integration with existing network management infrastructures. The primary protocols supported by the C4 CMTS include the following: •
Simple Network Management Protocol (SNMP) — v1, v2c, and v3
•
DOCSIS 1.1, DOCSIS 2.0 and Cadant MIBS
•
Command Line Interface (CLI)
•
File Transfer Protocol (FTP)
•
Telnet
•
Routing Information Protocol (RIPv2)
•
Open Shortest Path First (OSPFv2)
Security Features Unique security measures ensure plant and subscriber integrity through: •
DOCSIS 1.1 BPI+ encryption
•
Administrative isolation by means of a separate physical interface
•
Packet filtering
•
Proxy ARP
•
Password and key authentication for RIP and OSPF
•
Authentication using RADIUS
•
Secure Shell (SSH)
•
Access Control Lists (ACLs)
•
Multi-stage Denial of Service throttling mechanisms in hardware and software
•
TACACS+
•
Protocol throttling
IP Filtering Options The IP filtering feature is dependent on the subscriber management MIB.1
1. For information on the applicable standards, see the appropriate draft documents of the Internet Engineering Task Force at www.ietf.org. Look for the latest version of DOCSIS Subscriber Management MIB.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
2-3
2 C4 CMTS Features
C4 CMTS Feature Descriptions by Software Release The ARRIS C4 CMTS Release 4.2 aggregated Feature Set is comprised of the Baseline Feature Set, plus the features of software Releases 3.0, 3.3, 4.0, 4.1, and 4.2. Baseline Features
The ARRIS C4 CMTS feature set includes: •
Complete DOCSIS 1.1 support
•
Maximum cable interface density per rack unit
•
High scalability
•
Guaranteed Service Level Agreements (SLAs) support
•
IGMPv2 & Multicast Flow Support
•
Carrier-class availability and operation
•
Static Layer 3 Routing
•
Layer 3 Router Functionality including
-
Release 3.0 Features
2-4
Router Information Protocol (RIPv2) Open Shortest Path First (OSPFv2) Equal Cost Multipath Load Balancing (ECMP)
•
FlexCAM™ Technology for CAM sparing (hitless operation for sparing groups up to 7+1)
•
Dynamic Route Redundancy
•
Control Complex Redundancy
The following features were added with Release 3.0: •
GigE Network Access Module (Gig-E NAM)
•
Authentication using RADIUS
•
Secure Shell (SSH)
•
In-Band Management and Access Control Lists (ACLs)
•
Upstream Load Balancing (ULB)
•
Multiple syslog servers
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Release 3.3 Features
The following features or improvements have been added for release 3.3: •
PacketCable Qualification
•
Increased subscriber limits per chassis: 24K CM
•
Increased VoIP Call Capacities
•
Improved Password Recovery
•
Loopback Interface
•
Multiple Subinterfaces per VRF
•
Loopback Interfaces for routing protocols
•
Number of filters in group increased to 31
•
Support for Authentication, Authorization, and Accounting (AAA) [RADIUS & TACACS+]
•
In-Band Management: Access to the SCM via the loopback IP address
•
Support for Packet Cable
•
Automatic System Backup during Upgrade
•
Improved Baseline Privacy Interface (BPI)
•
Domain Name System (DNS) Support for Telnet, Traceroute, and Ping
CLI Improvements:
Release 4.2, Standard
•
Extended ping command
•
show ip interface brief
•
show temperature
•
reset all CMs
•
traceroute CLI command
•
configure authorization
•
COS and 1.0 Modems
•
configure logging priority
•
configure privilege exec level
ARRIS PROPRIETARY — All Rights Reserved
2-5
2 C4 CMTS Features
Release 4.0 Features
The following features or improvements have been added for release 4.0: •
2Dx12U CAM — full DOCSIS 2.0 (A-TDMA and S-CDMA)
•
Proprietary automatic ingress noise cancellation
•
Flash disk re-partitioning
•
Graceful restart with OSPFv2
•
Real-time FFT of upstream (compatible with C3 CMTS MIBs)
•
NAM IP interface bundling
•
Increased subscriber limits per chassis: 32,000 CMs per chassis, and 3,000 CMs per downstream (500 per upstream in 1x6 operation)
•
Preemption of normal calls by new emergency calls when BW is limited
•
Additional audits: FCM, file system, 2Dx12U
•
CM reset clear trap
•
Flap List enhancements:
•
percent of station maintenance ranging opportunities that receive a range request - number of power adjustments exceeding a threshold Number of CRC errors per CM (2D only)
•
Number of bytes dropped per CM (congestion and policing)
•
Virtual System Controller
•
CLI Improvements:
-
show/copy running-config show cable qos profile assign and display in output name/description for each interface
To look up syntax and parameters for individual CLI commands, see Chapter 26, CLI Command Descriptions. Each entry in the alphabetical list of commands is a hyperlink to the appropriate page in the manual. •
Automatic fan speed control
•
Encrypt the MD5 shared secret for routing protocols in CLI output
•
Disable ICMP Unreachables
•
OSPF "point-to-point" interface support
•
Increased AC/DC power solution
•
Voice call requirements:
-
2-6
At least 1,000 MTAs per downstream At least 5,000 BHCAs with completion rate of 99.5% At least 260 half-calls per downstream
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
NOTE The voice call requirements are reduced by one-half in a mixed voice and data environment. Release 4.1 Features
Release 4.2 Features
The following features or improvements have been added for release 4.1: •
Committed Access Rate
•
Global Traffic Shaping for TCP Traffic
•
Remote Query of Cable Modems
The following features or improvements have been added for release 4.2: •
DOCSIS Set-top Gateway (DSG) Agent
•
Associate ACL with SNMP Community String
•
Advanced CM Config File Verification
•
Scalability — 52K CMs per chassis
•
Modify overload control to ensure "older" CMs range/register in reasonable time through overload conditions (chassis reboot, CAM insertion, etc.)
•
"Debug" IP Filter Packet Capture capability (ability to capture packet headers that match IP filters or similar functionality)
•
PacketCable Multimedia
•
Network side ACLs
•
Support for 16 telnet sessions
•
Clear the IP filter counters through the CLI
•
Hitless software update
•
PacketCable 1.x Voice call requirements
-
•
MTAs /downstream (1D) 1000 MTAs/downstream (2D) 1500 MTAs/C4 20000 - Lines/downstream 1800 Lines/C4 24000 - BHCA/downstream 5000 BHCA/C4 66600 - Simultaneous half calls/downstream 260 Programmable unicast request opportunity polling interval
NOTE The voice call requirements specifically assume that only GNAMs are used. If the system contains any FastENAMs, the per-chassis line and MTA limits must be reduced to 1000.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
2-7
2 C4 CMTS Features
Certain features may impact software upgrade procedures. For more information related to upgrades or for non-conformance issues, see the Cadant® C4™ CMTS Software Upgrade Notes. This file is included on the software CD.
Feature Descriptions In addition to the previously described features and functionality, the following section describes the C4 CMTS feature set. This includes: •
Layer 3 Router Functionality including
•
Router Information Protocol (RIPv2) Open Shortest Path First (OSPFv2) Equal Cost Multipath Load Balancing (ECMP) FlexCAM™ Technology for “hitless” CAM sparing (hitless operation for sparing groups up to 7+1)
•
Dynamic Route Redundancy
•
Control Complex Redundancy
•
Secure Shell
•
In-band Management with ACLs
•
Upstream Load Balancing
•
Multiple Syslog Servers
Each feature is explained in the following sections. RIPv2
RIP is a distance vector routing protocol that learns routes dynamically without provisioning. RIP requires little overhead and is easy to implement. The C4 CMTS implements RIPv2. Unlike the original version of RIP, this version supports subnet masks and Message Digest 5 (MD5) authentication. For more information on the standard, see Request For Comments (RFCs) 2453 and 1058.
OSPFv2
OSPF is a dynamic link-state routing protocol developed by the Internet Engineering Task Force and is published as RFC 2328. Rather than counting the number of hops as a metric, OSPF bases its path descriptions on link states that take into account additional network information. OSPF also lets the user assign cost metrics to each interface so that some paths are given preference.
Equal Cost Multipath
2-8
The Equal Cost Multipath (ECMP) feature allows an administrator to route designated traffic across multiple routes while balancing traffic across up to four equal cost routes. If more than four equal cost routes are learned
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
by the C4, then the extra routes are not active. Each IP datagram is examined to determine its route according to the Destination IP address. If multiple equal cost routes are found, the route chosen is based on the source IP address of the packet. Assuming an even distribution of source IP addresses, the load through the equal cost routes is balanced. FlexCAM Sparing
Hitless CAM sparing is an important element of system reliability and greatly reduces subscriber impact and loss of traffic in the event of CAM failure. Hitless sparing occurs when an active CAM goes down and a spare CAM becomes active. The CMs remain on-line and do not have to re-range and re-register. The C4 CMTS supports CAM sparing groups up to 7+1 in size (seven active CAMs backed up by one spare).
Dynamic Route Redundancy
The Dynamic Route Redundancy feature allows the C4 CMTS to dynamically update a specific route in hardware based on a change in the network topology. The update will only occur if a redundant route for a specific IP prefix exists in software.
Control Complex Redundancy
A Control Complex consists of one SCM and one FCM. In a fully equipped chassis there are two Control Complexes, one active and one standby. Control Complex Redundancy (CCR) ensures high reliability for systemwide OAM&P, switching, and routing. The control complex redundancy feature provides 1+1 active/standby redundancy between two pairs of SCM/FCM modules. The failure of an active SCM/FCM pair immediately causes a failover to the standby SCM/FCM pair.
Secure Shell
In-Band Management with ACLs
Release 4.2, Standard
The C4 CMTS Secure Shell protocol version 2 (SSH2) feature provides enhanced privacy and security, including: •
Secure encrypted connection capabilities using an SSH2 server
•
User authentication by internal password
•
External RADIUS password or user digital signatures (public keys)
•
Secure connections to the C4 CMTS CLI and file systems
•
Secure FTP (SFTP)
The C4 CMTS offers enhanced network management with controlled access to the SCM via standard Access Control Lists (ACLs) for CMTS administrators. This feature provides: •
IP connectivity to the SCM through the client cards (NAM, GigE NAM, and CAMs), and
•
The ability to permit or deny access to the SCM via the client cards from specified subnet or host addresses.
ARRIS PROPRIETARY — All Rights Reserved
2-9
2 C4 CMTS Features
Upstream Load Balancing
The Upstream Load Balancing (ULB) feature provides upstream load balancing on registering CMs among upstream channels to which those CMs are physically attached. The automatic decision to load balance is based on a comparison of the cumulative reserved bandwidth of upstream channels at the time a new CM is attempting to perform initial maintenance ranging. The ULB feature is provisionable per cable group, (i.e. a downstream channel and all associated upstream channels that occupy the same physical cable). NOTE This feature should not be activated for cable groups with CMs that are already configured to connect to specific upstream channels.
Multiple Syslog Servers
2-10
The C4 CMTS has the ability to configure and send logging messages to up to eight syslog servers (hosts).
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
3. C4 CMTS Specifications
Topics
Page
Network Diagram
3
C4 CMTS Specifications
4
RF Electrical Specifications
6
Maximum Density
7
Scalability
7
VoIP Call Capacities
8
This chapter introduces the C4 CMTS and its features and functionality. This chapter contains the following topics:
Release 4.2, Standard
•
Descriptive and reference information
•
Physical design information
•
Power and electrical requirements
ARRIS PROPRIETARY — All Rights Reserved
3-1
3 C4 CMTS Specifications
Figure 3-1 illustrates the front view of the C4 CMTS. There are a total of twenty-one slots for modules. There are four main types of modules used to equip the slots in the front. These are sometimes referred to as front cards. Smaller modules, called Physical Interface Cards, or PICs, are inserted in each slot from the rear of the chassis. The PICs provide physical connectors for terminating cables from the subscriber and Internet networks. Between the front and back slots is the midplane of the chassis. Three C4 CMTS chassis can be mounted in a single 19-inch wide, sevenfoot standard rack.
Figure 3-1: The C4 CMTS (front view)
3-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Network Diagram A cable data network system consists of cable modems (CMs) at subscriber premises, a CMTS at the cable plant operations area, a data-over-cable management software suite integrated with the operator's other management systems, and the HFC cabling that connects it all. DOCSIS defines the standard for communication among these elements. The C4 CMTS provides data switching functions as well as the radio frequency (RF) interface to and from the cable plant. It also provides ethernet interfaces to the Internet Service Provider(s). The data-over-cable management system provides both the end-to-end network management solution and the support for subscriber provisioning. Figure 3-2 shows a typical cable data network architecture.
TFTP Server
TOD Server
DHCP Server
10/100 Ethernet Switch
Router
Internet
AC DC Power Converter
CMTS
CATV Network HFC Plant
Cable Modem
CPE
Figure 3-2: Typical Cable Data Network Architecture
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
3-3
3 C4 CMTS Specifications
C4 CMTS Specifications This section is a summary of the C4 CMTS physical characteristics and operating specifications, and information on compliance with regulatory standards. Physical
Power
Safety
Electromagnetic Compatibility
Network Interfaces
3-4
•
Mounting:
19- or 23-inch rack, or stand-alone
•
Dimensions:
Height Width Depth
•
Chassis Weight (fully equipped): 166 pounds
•
Operating voltage: nominal -48 VDC, range -44 to -72VDC Note: Once powered up the C4 CMTS will continue to operate if within this voltage range.
•
Start-up voltage range: -44 to -67.5VDC Note: If powered down, the C4 CMTS will not restart successfully if the voltage is not in the range of -44 to -67.5VDC. This offset from the operating range provides a cushion against multiple possible power cycles. Attempted start-ups at the voltage extremes are subject to power fluctuations that could result in multiple power cycles and damage to the equipment.
•
Chassis Power Consumption: 2800W maximum
•
The -44V guaranteed operating limit translates to a maximum current draw of 64A at 2800W.
24.5" 17.4" 20.0"
(622 mm) (442 mm) (508 mm) (75.5 Kg)
The C4 CMTS meets the following safety standards: •
UL60950 (1999) Third Edition
•
CAN/CSA-C22.2, No. 950-95
•
IEC60950-1 (2001), First Edition
The C4 CMTS meets the following: •
GR-1089-CORE, Issue 3 (FCC - Part 15, Class A)
•
EN 300 386 v1.3.1 (CISPR 22, Class A)
The C4 CMTS is equipped with the following interfaces: •
10 Base-T (SCM Maintenance Port)
•
10/100 Base-T (FastE or GigabitE NAM)
•
1000 Base-TX, 1000 Base-SX, 1000 Base-LLX, 1000 Base-LX (GigabitE NAM)
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Environmental
Thermal — The C4 CMTS meets the following environmental standards: •
NEBS GR-63-CORE, ETS 300 019
-
Operating temperature: Short term: -5 to +55ºC Long term: +5 to +40ºC Non-operating temperature: -40 to +70ºC Operating humidity Short term: 5 to 90%, non-condensing Long term: 5 to 85% Non-operating humidity: 5 to 95%, non-condensing
Mechanical — •
NEBS GR-63-CORE
•
ETS 300 019
-
In-use (Class3.1E) Storage (Class 1.2) Transportation (Class 2.3)
Other — •
NEBS Level 3 Criteria (SR-3580)
•
Acoustic Noise Criteria:
-
Release 4.2, Standard
•
NEBS (GR-63-CORE) ETSI (ETS 300 753) Altitude Criteria (NEBS GR-63-CORE)
•
Illumination Criteria (NEBS GR-63-CORE)
ARRIS PROPRIETARY — All Rights Reserved
3-5
3 C4 CMTS Specifications
RF Electrical Specifications The following table lists the downstream RF electrical specifications. Table 3-1: Downstream RF Electrical Specifications Center frequency range: North America Europe
91 - 857 MHz 112 - 858 MHz
Frequency step size
250 kHz
Modulation types
64QAM, 256QAM
Annex B symbol rates in Msym/sec
64QAM: 256QAM:
5.056941 5.360537
Annex A symbol rate in Msym/sec
64QAM or 256QAM:
6.952
Raw bit rate: Annex B 64QAM 256QAM)
30.342 Mbps 42.884 Mbps
Raw bit rate: Annex A 64QAM 256QAM)
41.712 Mbps 55.616 Mbps
Output signal range
50-61 dBmV
Return loss
< 14 dB in-band
Transmit output power accuracy
Adjustable to within +/-.5 dB
Output impedance
75Ω
The following table lists the upstream RF electrical specifications. Table 3-2: Upstream RF Electrical Specifications Upstream frequency band: North America Europe Japan
5 - 42 MHz 5 - 65 MHz 5 - 55 MHz
RF channel spacing
< 1 kHz Type 4 TLVa: QPSK, 16QAM
Modulation types
Type 5 TLV: QPSK, 8QAM, 16QAM, 32QAM, and 64QAM
Raw bit rate
30.72 Mbps max
Forward error correction
Reed-Solomon (T = 1-16)
a. Type-Length-Value (TLV) 4 or 5 are codes used in UCD messages to indicate DOCSIS 1.x or 2.0 compatibility, respectively.
3-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The following is a list of receiving input levels for upstream channels: Table 3-3: Receiving Input Levels for Upstream Channels Channel Width (kHz)
Symbol Rate (ksm/sec)
Maximum Range (dBmV)
200
160
-16 to +14
400
320
-13 to +17
800
640
-10 to +20
1600
1280
-7 to +23
3200
2560
-4 to +26
6400
5120
-1 to +29
Maximum Density The C4 CMTS supports both small and large scale subscriber deployments. The C4 CMTS chassis supports up to 32 downstream channels and 192 upstream channels. Up to three chassis can be installed in a standard 7-foot high, 19-inch wide frame. A fully configured rack supports a maximum of 96 downstream and 576 upstream channels. Operating ratios of downstream to upstream channels range from 1:1 to 1:12, assuming use of the 2Dx12U Cable Access Module.
Scalability ARRIS offers a number of combinations of downstream to upstream channel ratios to improve scalability. With the ability to accommodate many configurations, the CMTS can grow to meet evolving subscriber traffic considerations along with reducing inter-shelf cabling. This leads to lower cost for installation, operations, and maintenance. Using multiple NAM ports within one CMTS chassis enables use of dynamic route redundancy. This allows an MSO to set multiple routes to a single destination. These routes can be provisioned on different NAM ports with different weights, thus providing a NAM redundancy strategy.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
3-7
3 C4 CMTS Specifications
A fully equipped C4 CMTS chassis offering basic service will provide reasonable performance up to the following suggested subscriber limits: •
52,000 CMs per chassis
•
128,000 ARP cache entries
•
128,000 Destination IP entries (using GigE NAM)
•
3,000 CMs/downstream (whether 1Dx8U or 2Dx12U CAM)
•
Up to 500 CMs for each upstream of a 2Dx12U CAM configured for 1Dx6U service.
VoIP Call Capacities The following Voice over Internet Protocol hardware and call limits apply to C4 CMTSs configured for DSx/DQoS VoIP or PacketCable voice. The Multimedia Terminal Adapter (MTA) is a telephony modem: MTAs per downstream (1D):
1,000
MTAs per downstream (2D):
1,500
MTAs per C4 CMTS:
20,000
Lines per downstream
1,800
Lines per C4 CMTS:
24,000
Busy Hour Call Attempts (peak 60-minute call loads supported) BHCA per downstream:
5,000
BHCA per C4 CMTS:
66,600
Simultaneous half-calls/downstream
260
The assumptions for the call load are: Lines per sub.:
1.2
Centi-Calls per Second (CCS) per line:
5
Hold time:
180 seconds
Call Completion Rate:
99.5%
These limits specifically assume that only GigE NAMs are used. If the system contains any FastE NAMs, the per-chassis line and MTA limits must be reduced to 10,000. These limits also depend on the following:
3-8
•
MTAs/lines are distributed evenly across 4 upstreams per downstream
•
256QAM downstream
•
16QAM upstream
•
3.2 MHz upstream channel width
•
Upstreams 0-5 on MAC domain 0; upstreams 6-11 on MAC domain 1
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
4. C4 CMTS Power Requirements
Topics
Page
Components of the Power System
1
Power Protection Description
3
The C4 CMTS requires two -48V power feeds, named A and B. The source can be an external battery plant or independent AC/DC power supplies. In the event the A or B feed fails or is removed from service for maintenance, the other feed continues to supply power to the C4 CMTS with no interruption in service. NOTE Review the total current consumption of all equipment on the same line before supplying power to the C4 CMTS. Avoid sharing a power source that requires large currents.
Components of the Power System Power is filtered and conditioned by a Power Conditioning Module (PCM) for each feed. The PCM contains the power input connector, main breaker, and all active circuitry for power distribution over a power bus.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
4-1
4 C4 CMTS Power Requirements
The PCM: •
Soft starts the chassis on power up
•
Filters noise and power disturbances from the power feeds
•
Monitors the power draw of the chassis and shuts down a branch circuit in the event of a power fault
Each PCM is removable and can be replaced without interrupting power to the C4 CMTS in a duplex power configuration.
Front Panel Access
Protective panels mounted on the front of the chassis flip open, as illustrated in Figure 4-1. •
The top single panel flips up to reveal the power panel and power LEDs.
•
The mid and lower matching panels flip open to allow access to the ejector clips for the front modules.
•
Another small panel is found beneath the lower matching pane. The chassis slot numbers are printed on it; it flips down to allow access to the air filter.
Access to Power Panel
Power Panel
Access to Modules Modules
Air Filter Fan Modules
Figure 4-1: C4 CMTS Front Access Panels
4-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Figure 4-2 shows the LEDs and power switches for Buses A and B. The system alarm and power indicator LEDs are in the middle of this panel. SYSTEM
ALARMS
CRITICAL
ON
MAJOR
OFF/ FAIL
MINOR
A
B
C
D
ON OFF/ FAIL A
B
C
D
POWER
Figure 4-2: LED and Power Bus Switches
Power Protection Description The C4 CMTS chassis power configuration consists of three levels of protection: •
A and B power feeds controlled by circuit breaker in the PCM
•
Internal chassis branch fuses located in the PCM
•
Fuses located on the front modules (These fuses are not field replaceable)
The C4 CMTS must be installed only by trained service personnel who are familiar with the precautions required when working in a –48V DC power delivery environment. Power requirements are listed in C4 CMTS Specifications on page 3-4.
A and B Power Feeds
Release 4.2, Standard
Power is supplied to the C4 CMTS via A and B feeds located at the rear of the unit. The power feeds are protected by two 70-amp breakers located on the rear of the chassis, shown in Figure 4-3. This is the first level of protection.
ARRIS PROPRIETARY — All Rights Reserved
4-3
4 C4 CMTS Power Requirements
They also serve as the master disconnect switch for the unit. The breakers protect the high current-carrying cables within the C4 CMTS and the power connectors located at the rear of the unit.
POWER CABLE B
Breaker switch for Power Module B
POWER CABLE A
Breaker switch for Power Module A
Figure 4-3: C4 CMTS Power Feeds (chassis rear)
4-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Internal Branch Protection
Each A and B power feed is further divided into four internal chassis distribution branches, A through D. Each of these branches is protected by a 20-amp fuse located in the PCM. These fuses constitute the second level of protection. They are not field replaceable, nor can they be reset. These feeds supply power to the C4 CMTS midplane and to all circuit modules. Power is distributed to the twenty-one slots by the four branches as shown in Figure 4-4. SYSTEM
ALARMS
CRITICAL
ON
MAJOR
OFF/ FAIL
MINOR
A
B
C
ON OFF/ FAIL
D
A
B
C
D
System Control Module (SCM)
9
Fabric Control Module (FCM)
Cable Access Module (CAM)
8
System Control Module (SCM)
Cable Access Module (CAM)
7
Fabric Control Module (FCM)
Cable Access Module (CAM)
6
Network Access Module (NAM)
Cable Access Module (CAM)
5
Network Access Module (NAM)
Cable Access Module (CAM)
4
Cable Access Module (CAM)
Cable Access Module (CAM)
3
Cable Access Module (CAM)
Cable Access Module (CAM)
2
Cable Access Module (CAM)
Cable Access Module (CAM)
1
Cable Access Module (CAM)
Cable Access Module (CAM)
0
Cable Access Module (CAM)
Cable Access Module (CAM)
POWER
10 11 12 13 14 15 16 17 18 19 20
Figure 4-4: Second Level - Internal Branch Fusing If, for example, a damaged module or bent pin causes an electrical short, the fuses protect the power distribution wiring and midplane circuitry from damage. The entire feed for a side is turned on and off by pressing the power control button on the power panel. Each push of the button toggles the power from that feed (one push turns it off, the next push turns it on).
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
4-5
4 C4 CMTS Power Requirements
In the event of a power fault on a branch: •
The electronic breaker for that branch detects the failure and removes power from that branch.
•
A system power alarm is generated.
•
The green power OK LED for that branch is turned off and the corresponding red branch power fault LED is turned on. SYSTEM
ALARMS
CRITICAL
ON
MAJOR
OFF/ FAIL
MINOR
A
B
C
ON OFF/ FAIL
D
A
B
C
D
POWER
Figure 4-5: Power Control Button Module (Board-level) Fuses
4-6
The third level of protection is at the module level. •
Each front module (CAM, NAM, FCM, or SCM) has two fuses that protect its internal circuitry.
•
One fuse is located on the circuit powered by the A bus; and the other on the circuit powered by the B bus.
•
These on-board module fuses are not field replaceable: if the fuse blows the module must be returned for repair.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
5. Installation Requirements
Topics
Page
Safety Precautions
2
Electrostatic Discharge (ESD)
3
Installation Checklist
4
Unpacking the C4 CMTS
6
Installation Considerations
7
This chapter provides the operating precautions and installation requirements for the C4 CMTS. NOTE Do not make any mechanical or electrical modifications to the CMTS equipment. If modified, the C4 CMTS may not meet regulatory compliance.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
5-1
5 Installation Requirements
Safety Precautions This section provides safety precautions for installing the C4 CMTS. When setting up the equipment, please observe the following: •
The C4 CMTS is intended to be installed only in restricted access areas for reasons of security and safety.
•
Follow all warnings and instructions marked on the equipment.
•
Ensure that the voltage and frequency of your power source meets or exceeds the voltage and frequency listed on the equipment’s electrical rating label.
•
Never force objects of any kind through openings in the equipment because dangerous voltages may be present. Foreign objects may produce a short circuit resulting in fire, electric shock, or damage to the C4 CMTS and other equipment.
Lifting Safety A fully-equipped C4 CMTS weighs approximately 166 lbs. The chassis is not intended to be moved frequently. Before installing the C4 CMTS, ensure that your site is properly prepared. When lifting the chassis or any heavy object, follow these guidelines:
5-2
•
Always disconnect all external cables before lifting or moving the chassis.
•
Do not attempt to lift the chassis by yourself: have at least one other person assist you.
•
Ensure that your footing is solid and balance the weight of the object between your feet.
•
Lift the chassis slowly. Never move suddenly or twist your body as you lift.
•
Keep your back straight and lift with your legs, not your back. If you must bend down to lift the chassis, bend at the knees, not at the waist, to reduce the strain on your lower back muscles.
•
Lift the chassis from the bottom, grasping the underside of the chassis exterior with both hands.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Electrical Equipment Guidelines Follow these basic guidelines when working with any electrical equipment: •
Know where the emergency power-off switch is located for the room in which you are working.
•
Disconnect all power and external cables before moving the chassis.
•
Do not work alone if potentially hazardous conditions exist.
•
Never assume that power has been disconnected; always check.
•
Do not perform any action that makes the equipment unsafe or might create a potential danger to people.
•
Examine your work area for possible hazards such as ungrounded power extension cables, missing safety grounds, or wet floors. CAUTION
Be sure to connect the chassis to ground before applying power or inserting modules. An ungrounded chassis may damage components.
Electrostatic Discharge (ESD) The C4 CMTS is designed to operate in an area that is between 5 to 95 percent relative humidity, non-condensing.
Preventing Electrostatic Discharge Damage Electrostatic Discharge (ESD) can damage equipment and impair electrical circuitry. ESD occurs when printed circuit modules are improperly handled. It may result in module failure or intermittent problems. The C4 CMTS contains replaceable, printed circuit modules. Modules are equipped with a metal faceplate that features Electromagnetic Interference (EMI) shielding and lever-action latches. Handle the modules by their latches and avoid touching the printed circuit board and connector pins. Although the metal faceplate helps to protect the printed circuit modules from ESD, wear an antistatic wrist or ankle strap whenever handling the modules or port adapters. Ensure that the anti-ESD device makes good skin contact. The chassis is equipped with four sockets in which you can ground plug-in wrist straps.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
5-3
5 Installation Requirements
Installation Checklist Installation involves mounting the unit in a rack, populating with client Modules and Physical Interface Cards (PICs), attaching cables, and configuring software. Follow the instructions in this section when installing the C4 CMTS for the first time. Table 5-1: Installation Checklist Completed (D)
Task Description Become familiar with component descriptions Unpack the CMTS according to the instructions in
“Unpacking the C4 CMTS” on page 6
Obtain any necessary items not supplied to install the CMTS in your configuration Prepare the site for installation in accordance with placement and electrical considerations Install C4 CMTS in rack Attach the grounding cable. Install the three fan modules Install the two Power Conditioning Modules Install the Physical Interface Modules (PICs) Install the client Modules Attach to DC power (See Chapter 2) Attach cables Attach to an operator console Power up the CMTS Configure the CMTS according to the instructions in
Initial System Configuration, page 6-51.
Tools Required The following tools are required for installation:
5-4
•
#3 Phillips screwdriver for large bolts used for attaching to frame
•
#2 Phillips screwdriver
•
Digital volt meter
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Items
Not Supplied The following items are not included with the C4 CMTS. Obtain these items before installation:
Release 4.2, Standard
•
Appropriate network cables
•
Operator console or PC with asynchronous terminal emulation built in
•
Duplex filter
•
Splitters
•
Coax cables
•
48 Vdc power supply
ARRIS PROPRIETARY — All Rights Reserved
5-5
5 Installation Requirements
Unpacking the C4 CMTS When unpacking the C4 CMTS, use the following steps and checklist: •
Inspect the shipping crate before removing the unit. If there is evidence of damage to the crate upon receipt, request an agent of the carrier to be present before removing the C4 CMTS.
•
Installation is minimally a two-person operation. Ensure the crate is right side up. Open crate and carefully remove the packaged unit inside. Then remove the protective foam from the unit.
•
Remove the remaining contents of the crate. Front modules are shipped in separate cartons.
•
Check the packing slip and verify its contents. If an entire C4 CMTS is ordered, it typically ships with the following items. Use the checklist provided below to verify that the required items are present.
Table 5-2: Hardware Shipment Checklist (D)
Required Items One C4 CMTS chassis One (1) chassis ground cable (green, 4 gauge, approx. 24 inches) Two Power Conditioning Modules Two (2) power cables: one each for power feeds A (red, 6 gauge, approx. 50 ft) and B (blue, 6 gauge, approx. 50 ft) Modules for basic configuration (minimal requirement): •
One System Control Module (SCM) and associated physical interface card (PIC)
•
One Fabric Control Module (FCM)
•
One Network Access Module (FastE NAM) or one Gigabit Ethernet Network Access Module (GigE NAM) and associated PIC
•
One Cable Access Module (either a 1Dx8U or 2Dx12U CAM) and associated PIC
Seventeen (17) front filler panels Eighteen (18) rear filler panels (there is no PIC for the FCM) Three (3) fan modules One (1) air filter (installed) One (1) hardware installation kit One (1) ESD Wrist Strap One (1) rollover cable and adapter for console connection to SCM serial port
5-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
(D)
Required Items (Continued) Documentation: •
CD-ROM (standard)
•
Paper (if ordered)
Module Protection All spare modules are shipped in reusable anti-static shielding bags. If modules are not immediately installed, keep them in these antistatic bags. Do not remove modules from the antistatic bags unless properly grounded. Do not place these bags on exposed electrical contacts or else the modules may short circuit.
Installation Considerations Rack Mounting The C4 CMTS is designed to be mounted in a standard 7-foot by 19-inch equipment rack, compliant with EIA RS-310. A total of three chassis can be installed in this equipment rack. Uneven mechanical loading of an equipment rack can be hazardous. Plan the installation so that the weight of the equipment is evenly distributed across the vertical height of the rack. Depending on the number of modules supported, some C4 CMTS configurations are heavier than others. Place the heaviest units toward the bottom of the rack.
Chassis Placement Installation Area
Release 4.2, Standard
Select an appropriate installation area that is dry, relatively dust free, wellventilated, and air conditioned. Be sure the floor is capable of supporting the combined weight of the rack with the installed equipment.
ARRIS PROPRIETARY — All Rights Reserved
5-7
5 Installation Requirements
CAUTION
The C4 CMTS generates a significant amount of heat. It is important to provide a balanced environment so the C4 CMTS performs properly. Allow enough space around the C4 CMTS for adequate ventilation and do not block the air vents. Inadequate ventilation could cause the system to overheat. Clearance
Allow sufficient clearance around the rack for maintenance. If the rack is mobile, place the C4 CMTS near a wall or cabinet for normal operation and pull it out for maintenance (installing or moving port adapters, connecting cables, and replacing or upgrading components). Be sure there is enough cable length available to pull the C4 CMTS out for repairs or adjustments if necessary.
Power Requirements The C4 CMTS uses dual redundant -48V power feeds to supply electrical power to the system. The system is capable of operating from a single feed in case one of the feeds fails. The system consumes a maximum of 2800W of power when equipped with the maximum number (16) of 2Dx12U CAMs. The supply voltage should be a nominal -48V. The operating range is -44 to -72V. The system will shut down if the voltage exceeds these limits. The -44V guaranteed operating limit translates to a maximum current draw of 64A at 2800W. Circuit breakers on the power feeds should be sized accordingly. The Power Conditioning Modules in the C4 CMTS will limit the startup current to prevent false tripping of the circuit breakers.
Cooling Requirements The C4 CMTS should be installed in a location with adequate ventilation. It is designed for long-term operation at ambient air temperatures ranging from 5-40°C. To determine cooling requirements, assume 2800W for worst-case power dissipation when using 2Dx12U CAMs. These values assume the worstcase cooling requirements when the maximum number of CAMs (16) are used. The C4 CMTS draws cooling air in through the front, sides, and back at the bottom of the unit and expels it out the sides and back at the top of the unit. Clear airflow must be maintained in these areas to ensure adequate ventilation. If the C4 CMTS is installed in a closed or multi-unit rack
5-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
assembly, the inlet air temperature could exceed the room ambient air temperature and/or the air flow may be reduced. In these cases the C4 CMTS requires a reduced maximum operating ambient air temperature. CAUTION
As with all electrical equipment, operation at excessive temperature accelerates the deterioration of components and adversely effects performance. Prevent excessive heat buildup in the rack. Fan Module Description
As shown in Figure 1-1, the fan modules: •
Draw in air through the intake vent at the bottom of the chassis
•
Moves the air across the internal components in order to cool them
•
Moves air out the exhaust vent on the top rear of the chassis
Front of Chassis
Rear of Chassis
Figure 5-1: Internal Air Flow (side view)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
5-9
5 Installation Requirements
NOTE To ensure the proper air flow, make sure blank filler panels are installed in unoccupied chassis slots. It is also important to change the fan filter at least every two to three months, depending on the air quality on site.
CAUTION
Care should be taken when dressing RF cables that they do not obstruct the grillwork at the top rear of the chassis. This grill is the primary heat vent for the chassis. Blocking it can cause overheating and card failure. ARRIS recommends a minimum 6-inch clearance around the top side and rear exhaust grillwork.
5-10
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
6. Installing Modules and System Bring-up
Topics
Release 4.2, Standard
Page
Main Hardware Components
2
Recommended Order for Installing Chassis Components
6
Rack Mounting the C4 CMTS
8
Power Conditioning Module (PCM) and Cabling
9
Installing Modules in the C4 CMTS
17
System Control Module (SCM)
21
Fabric Control Module (FCM)
28
Fast Ethernet Network Access Module (NAM)
31
Gigabit Ethernet Network Access Module
34
Cable Access Module (1Dx8U CAM)
41
Cable Access Module (2Dx12U CAM)
46
Initial System Configuration
51
ARRIS PROPRIETARY — All Rights Reserved
6-1
6 Installing Modules and System Bring-up
Introduction The following section lists the recommended order of installation for rack mounting the C4 CMTS and installing the various modules and components. Please read through this chapter and become familiar with the order of operation before you begin. This chapter also includes procedures necessary for a minimal system configuration and bring-up. The minimal configuration consists of one SCM, one FCM, one FastEthernet NAM or GigabitEthernet NAM, and one 1Dx8U CAM or 2Dx12U CAM.
Main Hardware Components The C4 CMTS base system contains the following components: •
CMTS chassis
•
Two Power Conditioning Modules (PCMs) – Power Feed A & Power Feed B
•
Cable Access Module (1Dx8U or 2Dx12U) and associated Physical Interface Card (PIC)
•
Network Access Module (FastE or GigE) and associated PIC
•
Fabric Control Module (there is no FCM PIC)
•
System Control Module and associated PIC
•
Three fan modules (numbered 0, 1, and 2). Each fan module contains two fans, marked front and rear
•
Air filter (factory installed)
Chassis Configuration
There are various ways to equip a chassis. CAM configurations are dependent on the configuration of the cable plant of the subscriber network. The module faceplate in each slot includes a label stating the module type and multiple LEDs to indicate the module’s status.
LED Description
When operational, the Power On LED is lit, shows a steady green, and the OOS display is off. When out-of-service, the Out-of-Service LED is lit. The OOS LED glows a steady red to indicate failure and flashes red to indicate self-test, diagnostics in progress, or downloading software.
6-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Module Types and Chassis Slots—Front View The C4 CMTS chassis contains twenty-one vertical slots labeled 0-20. These slots are equipped for the following modules (or sometimes referred to as front cards): •
One or two System Control Modules
•
One or two Fabric Control Modules
•
One to four Fast Ethernet Network Access Modules or one or two Gigabit Ethernet Network Access Modules
•
One to sixteen Cable Access Modules (1Dx8U or 2Dx12U)
Following is an illustration of the front of the chassis.
Figure 6-1: Front View of C4 CMTS
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-3
6 Installing Modules and System Bring-up
The chassis example shown in Figure 6-1, Front View of C4 CMTS, on page 3 is equipped with: •
13 CAMs located in slots 0-12
•
Four FastE NAMs located in slots 13-16. (Slot 16 can be equipped only with a FastE NAM or GigE NAM.)
•
Two FCMs in slots 17 and 18 (these slots can be equipped only with FCMs. Slot 17 must be the first equipped.)
•
Two SCMs in slots 19 and 20 (these slots can be equipped only with SCMs. Slot 19 must be the first equipped.)
NOTE Depending on the need, slots 13-15 can be configured for either CAMs or NAMs; slots 14 or 16 or both may be equipped with GigE NAMs.
Chassis — Rear View Physical Interface Cards (PICs)
Smaller modules, called Physical Interface Cards, or PICs, are inserted in each slot from the rear of the chassis. The PICs provide physical connectors for terminating cables from the subscriber and Internet networks and enable the front modules to be replaced without having to remove cables. The FastE NAM and GigE NAM use the same PIC. Also the 1Dx8U CAM and 2Dx12U CAM use the same PIC. If CAM sparing is enabled, each CAM serving as sparing group leader must have a sparing PIC in its slot. All slots in a spare group must be equipped with a PIC. If one of the slots in the sparing group is not equipped with a CAM, it must still be equipped with a PIC in order to maintain connectivity across the sparing group. Figure 6-2 shows the connections from the rear of the C4 CMTS.
6-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Spare PICs illustrating a 4 + 1 Sparing Group
ARRIS PIC-CAM (SPARE)
ARRIS PIC-CAM (SPARE)
ARRIS PIC-CAM (SPARE)
1 2(Future)
D0 -D1
Ethernet Ports:10/100 E 0- E3 E 4 - E 7 (Future)
U 0 -U7
Figure 6-2: C4 CMTS Chassis (rear view) Midplane
Filler Panels
Between the front and back slots is the midplane of the chassis. The midplane connects the power conditioning modules and the client and control modules. The midplane is a necessary point of communication for all modules inserted in the C4 CMTS. •
The power conditioning modules use the midplane to provide power to the rest of the system.
•
The SCMs and FCMs use the midplane to exchange control information and packets.
•
The NAMs, GigE NAMs, and CAMs (client modules) use the midplane to pass packets to the FCM.
•
The FCMs use the midplane to pass packets to the NAMs, GigE NAMs, CAMs and SCMs.
The C4 CMTS has two types of filler panels: •
Front filler panels - used for any unequipped front module slot.
•
Rear filler panels - used for any unequipped rear PIC slot.
All unused module slots, front and rear, must be equipped with filler panels. Filler panels are required for proper EMC emission levels and sufficient airflow to properly cool the C4 CMTS system. With the introduction of the new 2Dx12U CAM, a new front filler panel was required to help with
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-5
6 Installing Modules and System Bring-up
heat dissipation. The new filler panel has enhanced baffles which improve the air flow dynamics inside the chassis. Failure to cover empty slots reduces the air flow through the chassis and could result in overheating.
Old Filler Panel
New Filler Panel
Figure 6-3: Example of Old and New Front Filler Panels
Recommended Order for Installing Chassis Components The following list is the recommended order of installation. 1 Rack mount the C4 CMTS. Once the chassis has been secured in the rack, you must securely ground the green ground cable on the chassis to an appropriate Earth/Safety ground. 2 Attach the green ground wire to the chassis. 3 The Power Conditioning Modules (PCMs) — these are installed in the lower rear section of the chassis. 4 Install the three Fan Modules 5 Physical Interface Cards (PICs) — The PICs should always be loaded in order from left-to-right to avoid damage to the EMI spring gasket that resides on the faceplate of each PIC.
6-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
CAUTION
Before removing or replacing any C4 CMTS modules, obtain and attach the proper ESD protection. 6 Cable Access Modules (1Dx8U or 2D12U) — Start with the CAMS because they have the most connectors to align with the midplane. Load the left CAM slot to be used first and populate to the right. 7 System Control Modules (SCMs) - Populate slot 19 first, then slot 20. 8 Fabric Control Modules (FCMs) - Populate slot 17 first, then slot 18. 9 Network Access Modules (FastE or GigE NAMs). 10 Connect power cables and apply power to the chassis. 11 Cable the PICs.
Recommended Chassis Unloading Order The reverse order of loading applies with the following exceptions: 1 CAMs should always be removed in a right-to-left order. Proceed carefully when inserting or removing modules to avoid damage to connectors. 2 All other front cards should be removed in a left-to-right order to minimize the risk of damage to the components on the wire-side of each module. 3 Rear PICs should be unloaded in a right-to-left order. Avoid damaging the EMI spring gasket mounted on the faceplate of each PIC. Storing Modules
Retain the packaging in which each module was shipped and follow these guidelines for storing modules to avoid damage: •
Store each module in a separate antistatic bag. Ideally, store the item in its antistatic bag within the protective packaging or padded box that the item was shipped.
•
Do not store multiple modules or components in an antistatic bag or container where they can touch other items.
Grounding the Chassis The C4 CMTS chassis must be properly grounded. There are two places you can connect the ground wire to the chassis. One is located on the side of the chassis and the other is located on the rear of the chassis between the PCMs (refer to Figure 6-4). Install the chassis side of the ground wire to either of these locations before installing the chassis into the rack.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-7
6 Installing Modules and System Bring-up
Figure 6-4: Location of Grounding Terminals
Rack Mounting the C4 CMTS The following steps outline how to rack mount the C4 CMTS.
WARNING Ensure that the weight of the chassis does not make the rack unstable.
Procedure 6-1
How to Rack Mount the C4 CMTS 1 Attach the green ground cable to either the side or rear ground locations on the C4 CMTS chassis before placing the chassis in the rack. Free end of ground cable should extend to the back. See Grounding the Chassis on page 6-7. 2 Be sure that the rack is bolted to the floor and secured if using telco-type racks. 3 Position the C4 CMTS in rack. 4 Install rack bolts to secure the C4 CMTS in position. 5 Place the C4 CMTS securely in the rack. 6 Secure free end of green ground cable to an appropriate Earth/Safety ground. End of procedure
6-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Power Conditioning Module (PCM) and Cabling The C4 CMTS requires two -48V power feeds A and B. The source can be an external battery plant or independent AC/DC power supplies. In the event the A or B feed fails or is removed from service for maintenance, the other feed continues to supply power to the C4 CMTS with no interruption in service. NOTE Review the total current consumption of all equipment on the same line before supplying power to the C4 CMTS. Avoid sharing a power source that requires large currents. Power is filtered and conditioned by a Power Conditioning Module (PCM) for each feed. The PCM contains the power input connector, main breaker, and all active circuity for power distribution of a power bus. The PCM: •
Soft starts the chassis on power up
•
Filters noise and power disturbances from the power feeds
•
Monitors the power draw of the chassis and shuts down a branch circuit (see Figure 4-4, Second Level - Internal Branch Fusing, on page 4-5) in the event of a power fault
Each PCM is removable and can be replaced without interrupting power to the C4 CMTS in a duplex power configuration.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-9
6 Installing Modules and System Bring-up
Power Protection Description The C4 CMTS chassis power configuration consists of three levels of protection: •
A and B power feeds controlled by circuit breaker in the PCM
•
Internal chassis branch fuses located in the PCM
•
Fuses located on the front modules (These fuses are not field replaceable)
The C4 CMTS must be installed only by trained service personnel who are familiar with the precautions required when working in a –48V DC power delivery environment. Power requirements are listed inC4 CMTS Specifications on page 3-4.
Slide PCM into chassis and hand-tighten the three screws
Figure 6-5: Installing the Power Control Module (PCM)
Procedure 6-2
How to Install the Power Conditioning Modules (PCMs) Refer to Figure 6-5, Installing the Power Control Module (PCM), on page 6-10 and follow these steps to install the PCMs: 1 Be sure you are wearing an ESD strap when handling modules. 2 Align the PCM on the rails in the rear of the chassis and slide firmly into place. From the rear, the PCM can be inserted on either the left or the right: a
6-10
The Power Conditioning Module on the right side of the chassis is named PCM A. It corresponds to the Bus A power panel LEDs and control switch located on the front of the chassis.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
b
The Power Conditioning Module on the left side of the chassis is named PCM B. It corresponds to the Bus B power panel LEDs and control switch located on the front of the chassis.
3 Hand tighten the three screws on each of the PCMs. End of procedure Power Requirements
The C4 CMTS must be connected to a protected DC power source that meets the following current requirements: •
Input voltage: A and B feed from –44V to -72V
•
Current rating (of each feed): 70 amps
POWER CABLE B
POWER CABLE A
Breaker switch for Power Module B
Breaker switch for Power Module A
Figure 6-6: Cabling the PCM
Procedure 6-3
How to Cable the PCM Refer to Figure 6-6, Cabling the PCM, on page 6-11 and follow the steps below to cable the PCM. 1 Two cables (one red and one blue) are included with the C4 CMTS. One end of each cable is connectorized and keyed for the power connector on the rear of the chassis. See Figure 6-6, Cabling the PCM, on page 6-11.
Release 4.2, Standard
a
Make sure the breaker is in the OFF position before plugging in the power feed cables.
b
Using the connectorized end of the red cable, plug it directly into the PCM Power Feed A.
ARRIS PROPRIETARY — All Rights Reserved
6-11
6 Installing Modules and System Bring-up
c
Using the connectorized end of the blue cable, plug it directly into the PCM Power Feed B.
2 Each cable contains two 6-gauge wires (one red and one white) that must be hard-wired to the DC source by a qualified service electrician. a
Connect the red wire to the negative (-) side of the -48V supply.
b
Connect the white wire to the positive (+) or return side of the -48V supply.
End of procedure
CAUTION
Do not connect the cables to a PCM that is not in a chassis. Be sure to shut the breaker off for the unit and disconnect the -48V power cable before removing the PCM from the chassis.
Fan Modules and Cooling The C4 CMTS contains three fan modules numbered 0, 1, and 2. Each module contains a front and rear fan. There are two types of fan modules, the new high-speed fan module and the normal fan module. A failing fan is easily identified by the System Fault LED on the System Control Module. Maintenance personnel can replace the failed fan module without shutting down the entire system.
6-12
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Serial Number of the Fan
Fan Speed Designation
FAN ST ATUS
FR O N T
RE A
Front Fan S tatus Rear Fan Stat us
R
Figure 6-7: Example of Normal Speed Fan Module These fans cool the system components by forcing air from the lower portion of the chassis through all system modules and exhausting it through the upper rear portion of the chassis. High Speed Fan Modules
Increased power consumption creates more heat to dissipate. Given the high density (21 slots) of the C4 CMTS, the additional heat dissipation of the 2Dx12U CAM places the overall cooling requirements beyond the capability of the three fan trays previously used. Those chassis configured with only 1Dx8U CAMs can continue using the existing fan trays. Systems outfitted completely with 2Dx12U CAMs require new high-speed fan trays for increased air flow. The new fan modules are factory-labeled High-Speed Fan Tray. Fan trays may be replaced using the installation guidelines contained in Procedure 6-4, How to Install the Fan Modules, on page 6-15.To maximize air flow, all unused slots should be equipped with the new design front filler panels (Figure 6-3).
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-13
6 Installing Modules and System Bring-up
Chassis of hardware revision B05 or greater were shipped with high-speed fan trays. To verify the fan tray revision, unlock the fan tray and slide it out of its housing in the chassis approximately two inches. The label is visible on the top of the tray. CAUTION
Fan modules should not be mixed. Replace all three fan Modules.
Serial Number of the Fan
Fan Speed Designation (High)
HIGH
S PE E D FAN FA N STATU S
FR ON T
RE A
TRAY
Front Fan S tatus Rear Fan Stat us
R
Figure 6-8: Example of High Speed Fan Module
6-14
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Figure 6-9: Installing the Fan Module
Procedure 6-4
How to Install the Fan Modules Perform the following steps to install fan modules. Refer to Figure 6-9 to identify the location of the fan modules. 1 Align the fan module on the rails and slide firmly into chassis. 2 Hand tighten the screw at the bottom of the module. 3 Repeat steps 1 and 2 for the remaining fan modules. End of procedure
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-15
6 Installing Modules and System Bring-up
Temperature Monitoring
The temperature of equipped chassis slot is monitored at approximately 90-second intervals. Should a slot’s temperature fall below 20 degrees Celsius or exceed 70 degrees Celsius, a TempOutOfRangeNotification SNMP trap is generated for that module. If a slot’s temperature exceeds 85ºC, the card is powered down and a card TempOverHeatNotification SNMP trap is generated. The temperature value read during the last 90-second poll is accessible via both the CLI and SNMP. The show environment CLI command will display the current temperature of each equipped slot. The card Temperature object in the cardTable table in the cadEquipmentMib MIB module contains the current temperature of the associated slot. The C4 CMTS chassis can be configured for automatic control of fan speed. Onboard temperature sensors in the front modules are polled periodically. If enabled, this feature causes fan speed to be raised or lowered by 10% of the maximum speed as needed.
Cooling
Cooling is provided by forced air moving from the lower portion of the chassis through all modules and out through the upper rear grillwork of the chassis as illustrated in Figure 6-10 below.
Front of Chassis
Rear of Chassis
Figure 6-10: Air Flow Through the Chassis
6-16
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Air Filter The C4 CMTS comes equipped with an air filter mounted horizontally just above the fan assemblies and just below the chassis slots (see Figure 4-1, C4 CMTS Front Access Panels, on page 4-2). It is important to change the fan filter at least every two to three months, depending on the air quality on site. Replacement filters may be ordered from ARRIS in kits of four — normally a year’s supply for one chassis. For ordering information contact your ARRIS sales representative. CAUTION
Care should be taken when dressing RF cables that they do not obstruct the grillwork at the top rear of the chassis. This grill is the primary heat vent for the chassis. Blocking it can cause overheating and card failure. The next section outlines how to install each module in the C4 CMTS.
Installing Modules in the C4 CMTS Module Installation Overview
Each module is installed in three basic steps: 1 Use proper ESD precautions before handling modules. 2 Align and insert module into proper slot. Lock ejector levers before proceeding to the next module: red buttons will click audibly if module is completely seated in the slot and latch levers are closed. 3 Install proper PIC or filler panel in the corresponding rear slot of the chassis. (The FCM does not have a PIC; use a filler panel instead.) NOTE If you meet strong resistance when attempting to seat the module, PIC or filler panel, remove it from the chassis and try reinserting it. Be sure that you have aligned the top and bottom edges in the correct matching tracks.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-17
6 Installing Modules and System Bring-up
Installation Diagram
Although Figure 6-11 shows the SCM, the top and bottom latch mechanism will be the same for all modules.
ARRIS
Module
Guide
Figure 6-11: Installing the System Control Module Installation procedures for all modules and their related components follow. Once modules are physically installed, see Initial System Configuration on page 6-51, for provisioning procedures. For specific installation steps, please see the procedures for each modules found later in this chapter.
6-18
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Figure 6-12 illustrates the locking latch mechanism on module faceplates. Once installed the module is locked in place. The red button in each latch must be pushed before the ejector levers can be operated to release the module. Always operate both (top and bottom) ejector levers at the same time when seating or releasing the module.
14
15 Open
Closed
To release latches, push red button of top latch upward. Push button of bottom latch downward. Pull both latch levers at the same time then slide module from its slot. Closed
Open
F ro nt Vie w
Side View
Figure 6-12: Release Locking Latches in Order to Remove Module
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-19
6 Installing Modules and System Bring-up
Provisioning Rules for Slots
Follow these guidelines for mounting the front modules: •
1-16 Cable Access Modules (1Dx8U or 2Dx12U CAMs) located in slots 0-15.
-
•
If you anticipate creating CAM sparing groups in the future, leave at least slots 0 and 8 available for spare CAMs for 1 for 7 sparing. - Note that slots 13-15 can be configured for CAMs or NAMs (see NAM slot info below) Two System Control Modules (SCMs) in slots 19 and 20.
•
These slots can be equipped only with SCMs. Slot 19 must be the first equipped. Two Fabric Control Modules (FCMs) in slots 17 and 18.
•
These slots can be equipped only with FCMs. Slot 17 must be the first equipped. One to four FastE Network Access Modules (NAMs) located in slots 1316.
-
•
Place the first FastE NAM in slot 16 because it can be equipped only with a NAM. Continue population to the left, e.g. slot 16, slot 15, etc. - Slots 13-15 can be configured for either CAMs or FastE NAMs depending on need. One Gigabit Ethernet (GigE) Network Access Modules located in slot 14 or 16, or two GigE NAMs in slots 14 and 16.
-
The slots to the immediate left of GigE NAMs (i.e., 13 or 15) can be CAMs or left blank. The slots to the immediate left (13 and 15) of equipped GigE NAMs cannot be FastE NAMs. The Cadant C4 CMTS can support 2 FastE NAMs plus 1 GigE NAM in slots 13, 14, and 16, respectively; or 1 GigE NAM in slot 14 and 2 FastE NAMs in slots 15 and 16. For all GigE NAM CLI commands, port 0 is the 10/100 port, and port 1 is the GigE NAM port. CAUTION
Before removing or replacing any C4 CMTS modules, obtain and attach an antistatic grounding wrist or ankle strap to protect against damage to components resulting from static electricity.
6-20
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
System Control Module (SCM) Rear
Front
ARRIS
ARRIS ARRIS
PIC-SCM (E)
PIC-SCM (O) PIC-SCM
NETWORK CLOCK
NETWORK CLOCK
Out of Service
OOS
ALARM
Alarm
POWER
Power Active
ACTIVE
Remote Alarms (future)
LED Test
LE D TEST
Network Clock (future)
REMOTE ALARMS
REMOTE ALARMS
ETHERNET
ETHERNET
10 Base-T Port
MAC Address
Act
L in k
Activity Status: Passing data - lit Otherwise - unlit Link Status: Equipped/connected - lit Otherwise - unlit
MAC ADDRESS
E thernet
10 Base-T Port (RJ-45)
RS-232
RS-232 Serial Port
Slot 20
Slot 19
Figure 6-13: System Control Module (SCM) and PIC
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-21
6 Installing Modules and System Bring-up
The System Control Module supports: •
Two maintenance ports
•
One maintenance RS-232 interface which supports Baud rate speeds of 9600, 19200, 38400, 57600, 115200 - One maintenance Ethernet interface One bi-directional fabric port
•
A system maintenance processor
The Ethernet connection requires a 10 baseT, half duplex connection. There is only one port but it can be reached through either one of two RJ45 connectors — one in front and one in back. Only one of these maintenance Ethernet interfaces on the SCM (front or rear) may be used at a time. Slot 19 is reserved for the System Control Module (slot 20 is for its spare). The SCM in slot 19 is paired with a Fabric Control Module (FCM) in slot 17. CAUTION
Removing the SCM in a simplex configuration (one SCM and one FCM) will shut down the C4 CMTS. The SCM provides the ON/OFF power control for all client modules in the C4 CMTS. If the simplex SCM is removed, then the power converters on all client modules are shut off. Primary Software Function
6-22
The primary software function on the System Control Module includes: •
Persistent store management
•
System maintenance control
•
Monitoring the Fabric Control Module
•
Monitoring all client modules
•
SNMP agent
•
System wide data distribution
•
Alarms monitoring and management
•
Overload control
•
Audit control
•
Billing and measurement data
•
Common Operation Administration Maintenance and Provisioning (OAM&P) and infrastructure software functions.
•
Telnet processing
•
SSH processing
•
FTP processing
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
LED Status
•
RADIUS processing
•
TACACS+ processing
•
PacketCable COPS
•
PacketCable IPSec processing
•
PacketCable/VoIP Connection Management
•
PacketCable Gate Control
The LED status descriptions for the System Control Module are listed in Table 6-1 below:
Table 6-1: LED Status Descriptions—System Control Module LEDs
Ethernet
Power
Active
Out of Service
System Alarm
Off
Off
Off
Slot not powered
On
Off
Off
Powered, in-service, but standby
On
Off
On
Off
Powered but out of service and not active
On
Off
On
On
Powered, initializing, or running tests (not passing traffic) and not active, or systemlevel fault detected.
On
On
Off
Link
Activity
Module Status
Powered, functional, and in service (normal operational state) On (green)
Layer 2 connectivity established On (amber) Active traffic being passed
Figure 6-13, System Control Module (SCM) and PIC, on page 6-21 shows an example of the front faceplate of the SCM along with the rear PIC for the SCM. LED Test Button
The SCM provides an LED Test button in order to verify the functionality of all active LEDs in the chassis. Testing the LED functionality on a chassis should be performed upon initialization, and then on a regularly scheduled basis in order to ensure alarms and service changes are duly noted.
SCM PIC Considerations
The SCM PIC in slot 19 comes equipped with a MAC address and a printed label. This MAC serves as the basis for all generated MAC addresses in the chassis. The slot 19 SCM PIC is also equipped with a fan controller. The fan controller is a daughter board that is only visible when the PIC is removed from the slot. The SCM PIC used in slot 20 has neither the fan controller nor the printed MAC address.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-23
6 Installing Modules and System Bring-up
Procedure 6-5
How to Install the SCM Perform the following steps to install the SCM: 1 Wearing an antistatic wrist strap (or foot strap), connect the strap to one of the ESD points on the chassis. 2 If a filler panel is installed in the front module slot, remove the panel. 3 Grasp the front of the module with both hands and align the module between the guides in slot 19. 4 With the ejector levers fully open, slide the module all the way into the slot. Press firmly with equal pressure top and bottom to align the module with the midplane connector. 5 Flip the ejector levers toward each other to close and lock the module in the slot. The teeth of the ejector levers will engage the seating rails and the module will click into place if it is seated correctly. Repeat Steps 3-6 if it does not. 6 For a duplex configuration, insert a second SCM in slot 20. 7 When ready to attach the console management cables, refer to Procedure Procedure 6-7, How to Cable the SCM, on page 6-26. End of procedure
Procedure 6-6
How to Install the SCM Physical Interface Card (PIC) NOTE There are two types of SCM PIC. One is equipped with a daughter board for the fan controller and is labeled PIC SCM (0). This PIC must be installed in slot 19 whether the configuration is simplex or duplex. The other SCM PIC is labeled PIC SCM (E) and should be installed in slot 20. Perform the following steps to install the SCM Physical Interface Card (PIC): 1 If a filler panel is installed in the rear PIC slot, remove the panel. 2 Grasp the front of the module with both hands and align the PIC between the guides in the corresponding slot in the rear of the chassis. 3 To ensure proper seating of the ejector levers, move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot.
6-24
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
4 Slide the PIC all the way into the slot, pressing firmly with equal pressure top and bottom to align the module with the midplane connector 5 Flip the ejector levers toward each other to close and lock the module in the slot. The module will click into place if it is seated correctly. Repeat Steps 2-5 if it does not. End of procedure Connecting the Operator Console
This section gives a detail description of the cabling for the operator console. The operator console is necessary to initially power up and configure the C4 CMTS. Use an asynchronous terminal or a PC with asynchronous terminal emulation software. The front panel connector on the System Control Module (in slot 19) is designed to connect directly to a host device with the supplied cable and adapter. Do not attach the console to any other network interface. The pinouts for the asynchronous serial console port, the RJ-45–to–RJ-45 rollover cable, and the RJ-45–to–DB-9 female DTE adapter is shown in Table 6-2 as follows:
Table 6-2: Cabling and Console Port Signaling Using a DB-9 Adapter
Console Port (DTE)
RJ-45–to–RJ-45 Rollover Cable
RJ-45–to–DB-9 Terminal Adapter (connected to Rollover Cable)
Console Device
Signal
RJ-45 Pin
RJ-45 Pin
DB-9 Pin
Signal
RTS (Request to Send)
Pin 11
Pin 8
Pin 8
CTS (Clear to Send)
DTR (Data Terminal Ready)
Pin 2
Pin 7
Pin 6
DSR (Data Set Ready)
TxD (Transmit Data)
Pin 3
Pin 6
Pin 2
RxD (Receive Data
GND (System Ground)
Pin 4
Pin 5
Pin 5
GND (System Ground)
Pin 5
Pin 4
Pin 5
GND (System Ground)
RxD (Receive Data)
Pin 6
Pin 3
Pin 3
TxD (Transmit Data)
DSR (Data Set Ready)
Pin 7
Pin 2
Pin 4
DTR (Data Terminal Ready)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
GND (System Ground)
6-25
6 Installing Modules and System Bring-up
Table 6-2: Cabling and Console Port Signaling Using a DB-9 Adapter (Continued)
Console Port (DTE)
RJ-45–to–RJ-45 Rollover Cable
RJ-45–to–DB-9 Terminal Adapter (connected to Rollover Cable)
Console Device
Signal
RJ-45 Pin
RJ-45 Pin
DB-9 Pin
Signal
CTS (Clear to Send)
Pin 8a
Pin 1
Pin 7
RTS (Request to Send)
a. Pin 1 is connected internally to pin 8.
Pin 1 is on the left when the RJ-45 connector tab is facing down as shown in the following graphic:
Figure 6-14: View of Pin-out of Rollover Cable
Procedure 6-7
How to Cable the SCM Perform the following steps to cable the operator console. 1 Locate the supplied 8-foot shielded Ethernet, 10 BaseT, RJ-45–to–RJ-45 rollover cable and RJ-45–to–DB-9 female connector. –to2 Using the supplied cable, plug the RJ-45 end into the RS-232 connection on the front of the SMC. 3 Plug the other end of the RJ-45 cable into the RJ-45–to–DB-9 adapter. 4 Plug the adapter into your operator console.
6-26
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
5 When you are ready to begin configuring the C4 CMTS, power on the chassis and boot the software using the procedures in Initial System Configuration on page 6-51. Perform initial setup by entering CLI commands on the operator console. End of procedure The following figure illustrates a console port connection:
RJ-45 to RJ-45 roll-over cable
CMTS
RJ-45 to DB-9 adapter
PC
Figure 6-15: Connecting the Console Port to a PC
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-27
6 Installing Modules and System Bring-up
Fabric Control Module (FCM) Rear Filler Panel
Front
ARRIS
OOS
Out of Service
POWER
Power
ACTIVE
Active
Figure 6-16: Fabric Control Module (FCM) and Filler Panel
6-28
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Overview The Fabric Control Module provides internal communication between all client modules within the C4 CMTS. The FCM shared memory fabric is used to steer all data and control packets between CAM module(s), NAM module(s), the processors on the SCM module(s), and the processors on the FCM module(s). One FCM supports: •
The shared memory fabric
•
Bi-directional fabric ports to
-
all CAM and NAM slots, both the SCM slots, and to the spare FCM slot
Slot 17 is reserved the Fabric Control Module (slot 18 is for its spare). The Fabric Control Module in slot 17 is paired with a System Control Module in slot 19. Together the pair comprise a control complex. In a duplex system, a second control complex is created by adding an SCM to slot 20 and an FCM to slot 18. This second control complex remains in standby mode until a switch-over occurs. Primary Software Function
LED Status
The primary software function on the Fabric Control Module includes: •
FCM control
•
FCM hardware table management
•
Common Operation Administration Maintenance and Provisioning (OAM&P) and infrastructure software functions
•
Routing Protocols (OSPFv2, RIPv2)
•
ARP processing
•
VRF processing
•
IGMP processing
•
DHCP processing
•
ICMP processing
The LED status descriptions for the Fabric Control Module are listed in Table 6-3 below: Table 6-3: Fabric Control Module LED Status Descriptions Front LED
Release 4.2, Standard
Power
Active
Out of Service
Off
Off
Off
Module Status
Chassis or slot not powered
ARRIS PROPRIETARY — All Rights Reserved
6-29
6 Installing Modules and System Bring-up
Table 6-3: Fabric Control Module LED Status Descriptions Front LED
Switch Fabric
Power
Active
Out of Service
On
On
Off
Powered, in-service (normal operational state)
On
Off
Off
Powered, in-service, standby
On
Off
On
Powered, out-of-service, and not active, or initializing.
Module Status
At the core of the C4 CMTS is a high performance 6.4 Gbps shared memory fabric that provides all of the connectivity, forwarding, and Layers 2 and 3 switching and router functions between input and output ports within the chassis. This shared memory fabric resides on the Fabric Control Module. One FCM must be present and operational in either Slot 17 or 18 for the CMTS to function. Each SCM-FCM pairing constitutes a control complex. If only one is to be installed, then slots 17 (FCM) and 19 (SCM) should be equipped first.
FCM and SCM Pairing Considerations
A C4 CMTS must have FCMs and SCMs operational and installed in any one or both of the following two configurations: Table 6-4: Operational FCM and SCM Pairing If FCM is installed and operational in
then SCM should be installed and operational in
Slot 17
Slot 19
Slot 18
Slot 20
Figure 6-16, Fabric Control Module (FCM) and Filler Panel, on page 6-28 shows an example of the front faceplate of the FCM. The FCM does not have a rear PIC. Place a filler panel in this rear slot.
6-30
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Fast Ethernet Network Access Module (NAM) Front
Rear
ARRIS
PIC-NAM
OOS
POWER
Out of Service
Power
(Not supported by FastE NAM)
10/100 Ethernet Ports E0 E1 E2 E3
When the Link LED is green, the link is valid and the port is set to either 100/full, 10/Full, 10/Half or 100/Half. If the Link LED is red, the port is Out of Service. The amber LNK-OTHER indicator is not supported.
The Activity LED indicator is Green during bursts of traffic in either direction.
(Not supported by Fast E NAM)
Figure 6-17: FastE NAM and PIC
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-31
6 Installing Modules and System Bring-up
Overview The Network Access Module (NAM) provides the network interface functionality in various configurations. The NAM is used for command, status, and statistics access into the Ethernet controller chip. There are two basic models: FastE and GigE NAM. One FastE NAM supports four bi-directional 10/100 Base-T ports. Up to four FastE NAMs can be placed in slots 13-16. Primary Function
The primary function of the Network Access Module includes: •
Service-flow management to monitor Quality of Service guarantees
•
Standard EtherLike-MIB and IF-MIB control and monitoring of the four ethernet interfaces The IF-MIB does both monitoring AND control of the interfaces at an abstract level. The EtherLike-MIB is for monitoring only; it is specific to Ethernet or similar interfaces.
• LED Status
Counts collection
The LED status descriptions for the Network Access Module are listed in Table 6-5 below: Table 6-5: Network Access Module LED Status Descriptions Front LEDs Power
Out of Service
Module Status
On
Off
Powered and in normal service state
Flashing
On
Module power is off: either slot is not provisioned or module has been disabled.
On
On
Powered and out of service.
On
Flashing
Downloading data from SCM, initializing or running diagnostics.
Figure 6-17, FastE NAM and PIC, on page 6-31 shows an example of the front faceplate of the NAM along with the rear PIC.
NOTE Both the GigE and the FastE NAM use the same Physical Interface Card (PIC). Refer to Procedure 6-10, How to Install the GigE NAM Physical Interface Card (PIC), on page 6-35
6-32
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 6-8
How to Install the FastE NAM Perform the following steps to install the FastE NAM. 1 Wearing an antistatic wrist strap (or foot strap), connect the strap to one of the ESD points on the chassis. 2 If a filler panel is installed in the front module slot, remove the panel. 3 Grasp the front of the module with both hands and align the module between the guides in slot 15. 4 To ensure proper seating of the ejector levers, move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. 5 Slide the module all the way into the slot, pressing firmly with equal pressure top and bottom to align the module with the midplane connector. 6 Flip the ejector levers toward each other to close and lock the module in the slot. The module will click into place if it is seated correctly. Repeat Steps 3-6 if it does not. End of procedure
NOTE Both the GigE and the FastE NAM use the same Physical Interface Card (PIC). Refer to Procedure 6-10, How to Install the GigE NAM Physical Interface Card (PIC), on page 6-35
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-33
6 Installing Modules and System Bring-up
Gigabit Ethernet Network Access Module Front
Rear
Gigabit Ethernet Ports:
OOS
POWER
Out of Service
Power
ARRIS
PIC-NAM
The GigE port status indicator is green if the link is true. If red, the port is considered Out of Service due to either a broken connection or a disabled port.
GBIC0
(Not supported by GigE NAM)
10/100 Ethernet Ports
E0
(Not supported by GigE NAM)
When the Link LED is green, the link is valid and the port is set to 100/full. When the Link LED is green/red (amber), the link is valid and the port is set to either 10/full, 10/half, or 100/half. If the Link LED is red, the port is Out of Service.
The Activity LED indicator is Green during bursts of traffic in either direction.
Figure 6-18: GigabitEthernet Network Access Module (GigE NAM) and PIC
6-34
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Overview The Gigabit Ethernet Network Access Module (GigE NAM) provides the C4 CMTS with a Gigabit Ethernet Network Side Interface (NSI). This interface functions logically in the same manner as the 10/100 Ethernet interfaces provided by the FastE NAM, but has a single port (GBIC1) and works at 1G baud. The GigE NAM also provides a single 10/100 Ethernet (E0) interface. GigE NAMs can be placed only in slots 14 and 16. The slot to the immediate left of a GigE NAM (slots 13 and 15) must either remain empty or be occupied by a CAM. No other module type is allowed in those slots.
Procedure 6-9
How to Install the GigE NAM Perform the following steps to install the GigE NAM. 1 Wearing an antistatic strap, connect the strap to one of the ESD points on the chassis. 2 If a filler panel is installed in the front module slot, remove the panel. 3 Grasp the front of the module with both hands and align the module between the guides in slot 14 or 16. 4 To ensure proper seating of the ejector levers, move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. 5 Slide the module all the way into the slot, pressing firmly with equal pressure top and bottom to align the module with the midplane connector. 6 Flip the ejector levers toward each other to close and lock the module in the slot. The module will click into place if it is seated correctly. Repeat Steps 3-6 if it does not. End of procedure
Procedure 6-10
How to Install the GigE NAM Physical Interface Card (PIC) NOTE The GigE NAM and the FastE NAM both utilize the same PIC. Perform the following steps to install the GigE NAM PIC. 1 Wearing an antistatic wrist strap (or foot strap), connect the strap to one of the ESD points on the chassis.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-35
6 Installing Modules and System Bring-up
2 If a filler panel is installed in the rear PIC slot, remove the panel. 3 Grasp the front of the module with both hands and align the PIC between the guides in the corresponding slot (either 14 or 16). 4 To ensure proper seating of the ejector levers, move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. 5 Slide the PIC all the way into the slot, pressing firmly with equal pressure top and bottom to align the module with the midplane connector. 6 Flip the ejector levers toward each other to close and lock the module in the slot. The module will click into place if it is seated correctly. Repeat Steps 3-6 if it does not. 7 Once the PIC has been installed, install the Gigabit Interface Converter (GBIC). End of procedure
6-36
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Gigabit Interface Converter (GBIC)
Install the GBICs after the GigE NAM and PIC are installed. Installation procedures for all GBICs are the same. The following list describes the four different configurations currently supported by the C4 CMTS:
1550 nm Single mode GBIC
1310 nm Single mode GBIC
850 nm Multi-mode GBIC
1000 Base-T Active Copper GBIC
Figure 6-19: Gigabit Interface Converters (GBICs) •
LLX GBIC Module (Long Haul - 70 KM) - The LLX GBIC transceiver has a long wavelength (1550 nm) laser and is used with 9µ (micron diameter) single-mode fiber than can extend up to 60km. This transceiver has a Duplex-SC style connector.
•
LX GBIC Module (Medium Haul - 10 KM) - The Single-Mode LX GBIC transceiver has a Long Wavelength (1310 nm) laser and is used either with 9µ (micron diameter) single-mode fiber that can extend up to 10km or with 50µ or 62µ multi-mode fiber that can extend up to 550m. This transceiver has a duplex-SC style connector.
•
SX GBIC Module (Short Haul - 550 Meters) - A multi-mode SX GBIC transceivers has a short wavelength (850nm) laser and is used with 50µ (micron diameter) or 62µ multi-mode fiber than can extend up to 550m. This transceivers has a duplex-SC style connector.
•
TX GBIC Module (up to 100 Meters) - The TX GBIC Module is a 1000Base-T Copper GBIC Transceiver and is used with Cat 5e cable extending up to 100 meters. It has an RJ45 style connector.
NOTE GBIC support for the Gigabit Ethernet NAM (GNAM) has the following caveat: When using the TX GBIC Module (1000Base-T Copper GBIC), the port duplex configuration needs to be set to full. This GBIC itself performs auto-negotiation and the far end device must be set to auto-negotiation.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-37
6 Installing Modules and System Bring-up
ARRIS
PIC-NAM
Figure 6-20: Installing the GBIC
NOTE Do not remove the protective plugs from the GBIC until you are ready to attach the appropriate fiber-optic cable.
Procedure 6-11
How to Install the GBICs Follow these steps to install the GBIC into the GigE NAM PIC: 1 Wearing an antistatic wrist strap (or foot strap), connect the strap to one of the ESD points on the chassis. 2 Remove the GBIC from its protective packaging. 3 Grip the sides of the GBIC with your thumb and forefinger and insert it into the top GBIC slot on the rear GigE NAM pic. The GBIC is keyed to prevent incorrect insertion.
6-38
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
4 Slide the GBIC through the flap covering the opening and into the slot until it clicks and locks into place. End of procedure
WARNING Do not look directly into fiber optic cables or ports. The laser radiation used in these facilities is not visible and may cause permanent damage, especially to the eye.
Procedure 6-12
How to Remove a GBIC Follow these steps to remove a GBIC from the GigE NAM PIC: 1 Disconnect the cable from the connector on the GBIC. 2 Release the GBIC from the slot by simultaneously squeezing the two tabs (one on each side of the GBIC). 3 Slide the GBIC out of the slot. A flap drops down to protect the internal connector. 4 Return the GBIG to its protective package. End of procedure
GBIC Port Cabling
Table 6-6 lists the GBICs and their respective cable lengths and types.
Table 6-6: GBIC Port Cabling Specifications GBIC
Wavelength
SX-GBIC Multi-mode
LX-GBIC Single-mode LLX-GBIC Single-mode
Release 4.2, Standard
850 nm
1310 nm
1550 nm
Fiber Type
Core Size, microns
Modal Bandwidth, MHz • km
Cable Distance in feet (meters)
MMF
62.5 62.5 50.0 50.0
160 200 400 500
722 ft (220 m) 902 ft (275 m) 1640 ft (500 m) 1804 ft (550 m)
MMF
62.5 50.0 50.0
200 400 500
1804 ft (550 m) 1804 ft (550 m) 1804 ft (550 m)
SMF
9
--
32,808 ft (10 km)
SMF
9
N/A
43.5 miles (70 km)
ARRIS PROPRIETARY — All Rights Reserved
6-39
6 Installing Modules and System Bring-up
NOTE When using the LX GBIC with MMF that is 62.5 microns in diameter, ARRIS recommends installing a mode-conditioning patch cord between the GBIC and the MMF cable on both the transmit and receive ends of the link. Recommended Cabling for 1000Base-T Applications
The 1000Base-T Copper GBIC transceiver has an RJ45 style connector. If Category 5 cable is already installed, then the existing Cat5 cabling should be verified to ensure that performance meets the minimum recommendations of TSB95 prior to attempting to support the Gigabit Ethernet protocol. [TIA/EIA/TSB95 = “Additional Transmission Performance Guidelines for 4-pair 100 W Category 5 Cabling,” Sept. 1999]. If installing new Category 5 cabling, then ARRIS strongly recommends the use of enhanced Category 5 cabling (Cat5e) that meets the requirements of Addendum 5 to ANSI/TIA/EIA-568-A. This addendum defines the Cat5e additional performance requirements, including those for the minimum equal level far-end crosstalk (ELFEXT) loss and return loss. This cabling will provide additional headroom and more flexibility for supporting 1000baseT applications.
6-40
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Cable Access Module (1Dx8U CAM) Front
Rear
ARRIS
PIC-CAM (E)
OOS
POWER
Downstream: Port 0 - available Port 1 - not available Out of Service
ARRIS ARRIS
PIC-CAM PIC-SCM (O) PIC-SCM
D0
D0
D1
D1
ARRIS
PIC-CAM SPARE
U0
Power
U0 U1 U1
U2 DOW N TES T (- 30 dV)
Downstream Test Upstream: Port 0-7 - available
U3 U3 U4 U4 U5 U5 U6 U6 U7 U7
Even
Odd
Spare
Figure 6-21: 1Dx8U Cable Access Module (CAM) and PICs
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-41
6 Installing Modules and System Bring-up
Overview The Cable Access Module provides subscriber-side interface functionality and control of the CMTS downstream power and frequency in various configurations. One Cable Access Module supports: •
One 30-42 Mbps downstream cable IF channel with integrated upconverter
•
Eight 0.32-10.24 Mbps upstream channels (numbered 0-7)
All Cable Access Modules support software selectable output from 91-857 MHz center frequency for the downstream channel. Slots 0 through 12 are reserved for the Cable Access Module (CAM) only. Slot 13, 14 and 15 can be used for a CAM or a NAM. Primary Software Function
The primary software function on the Cable Access Module includes: •
CM Ranging and Registration
•
MAC Address Learning
•
DOCSIS Functionality: Packet Classification, Service Flows, Dynamic Signaling (DSx), Baseline Privacy Interface (BPI+), CM Upstream Bandwidth Scheduling (MAPs), Payload Header Suppression (PHS), Packet defragmentation, packet de-concatenation, and counts collection.
•
Upstream and Downstream Policing
•
Operations, Administration, Maintenance & Provisioning (OAM&P) including initialization and fault recovery code.
•
Connection Admission Control (CAC)
•
PacketCable DSx processing
CAC is a proprietary means of controlling set-up and distribution of service flows across the shared resources in a cable data network. Downstream Test Ports in CAM Faceplate
6-42
The CAM faceplate test points are meant to verify the presence of a downstream signal. They provide a power level that is 30 dB (± 3 dB) less than the configured downstream signal strength. These test points are not meant to be used for signal calibration or for detecting signal spurs. Downstream testing at these points does not interfere with CAM functionality. When the test ports are not in use, 75 Ohm terminations should be in place.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
LED Status
The LED status descriptions for the CAM are listed in Table 6-7 below: Table 6-7: 2Dx12U Cable Access Module LED Descriptions Front LEDs
Physical Interface Cards
Power
Out of Service
Module Status
On
Off
Powered and in normal service state
Flashing
On
Flashing = 1.6 second period. Module power is off: either slot is not provisioned or module has been disabled.
Persistent Fast Flashing
On
Fast flashing = 6 times/second. Normal when card is first powered or restored. If fast flashing persists for more than 2 seconds, there is a serious power problem.
On
On
Powered and out of service.
On
Flashing
Downloading data from SCM, initializing or running diagnostics.
There are three types of CAM PICs: Even, Odd, and Spare. The two basic variations of the Physical Interface Card for the CAM are illustrated in Figure 6-21, 1Dx8U Cable Access Module (CAM) and PICs, on page 6-41. One is intended for even-numbered slots; the other for odd. These PICs have offsetting upstream connectors in order to facilitate cabling. Order any system upgrades with this even/odd pairing in mind. A third type of PIC used behind CAMs is the CAM sparing PIC. It is required only for those CAMs acting as spares in a sparing group.
CAM PIC LED Status
The LED status descriptions for the CAM PIC are listed in Table 6-8 below: Table 6-8: CAM PIC LED Descriptions If CAM PIC LED Is…
On (green) On (amber) Off CAM Sparing PIC LED Status
Release 4.2, Standard
Then F-Connector Supports…
active downstream channel active upstream channel no active channel
All three types of CAM PICs are equipped with a Sparing LED at the bottom of the faceplate. These LEDs show which CAM in a sparing group has failed and which CAM is its group leader. Under normal conditions all Sparing LEDs will be off. When a CAM in a sparing group fails, traffic is transferred to its sparing group leader. In this case, the Sparing LEDs of the PICs of the failed CAM are and its group leader CAM are on.
ARRIS PROPRIETARY — All Rights Reserved
6-43
6 Installing Modules and System Bring-up
Procedure 6-13
How to Install the CAM Perform the following steps to install the CAM: 1 Wearing an antistatic wrist strap (or foot strap), connect the strap to one of the ESD points on the chassis. 2 If a filler panel is installed in the front module slot, remove the panel. 3 Grasp the front of the module with both hands and align the module between the guides of the desired slot. 4 With the ejector levers open, slide the module all the way into the slot, pressing firmly with equal pressure top and bottom to align the module with the midplane connector. 5 Flip the ejector levers toward each other to close and lock the module in the slot. The module will click into place if it is seated correctly. Repeat Steps 3-5 if it does not. End of procedure
NOTE There are different CAM PICs for even and odd numbered slots and for the spare group leader. The RF connectors are offset on the even and odd PICs to allow for easier cabling. The CAM sparing PIC must be used in any slot in which you provision a CAM sparing group leader.
Procedure 6-14
How to Install the CAM Physical Interface Card (PIC) 1 Wearing an antistatic wrist strap (or foot strap), connect the strap to one of the ESD points on the chassis. 2 If a filler panel is installed in the rear PIC slot, remove the panel. 3 Grasp the front of the module with both hands and align the PIC between the guides in the corresponding rear slot. 4 To ensure proper seating of the ejector levers, move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. 5 Slide the PIC all the way into the slot, pressing firmly with equal pressure top and bottom to align the module with the midplane connector.
6-44
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
6 Flip the ejector levers toward each other to close and lock the module in the slot. The module will click into place if it is seated correctly. Repeat Steps 3-6 if it does not. End of procedure
NOTE Repeat Procedures 6-13 and 6-14 for additional Cable Access Modules.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-45
6 Installing Modules and System Bring-up
Cable Access Module (2Dx12U CAM) Front
Rear
ARRIS PIC-CAM (E)
OOS
POWER
Out of Service
Downstream: Port 0 - available Port 1 - available
ARRIS ARRIS
ARRIS
PIC-CAM PIC-SCM (O) PIC-SCM
D0
D0
D1
D1
PIC-CAM SPARE
U0
Power
U0 U1 U1
U2
D1
DOW N TES T (- 30 dV )
D2
Downstream Test
Upstream: Port 0-7 - available
U3 U3 U4 U4 U5 U5 U6 U6 U7 U7
Even
Odd
Spare
Figure 6-22: 2D12U Cable Access Module (CAM) and PIC
6-46
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Overview The 2Dx12U Cable Access Module provides full DOCSIS 2.0 functionality including ATDMA and SCDMA plus PHY-layer ingress cancellation and a number of other key features. This new functionality enables the use of parts of the spectrum previously unavailable due to noise. It also provides improved spectral efficiency (bits/Hz) in upstream carriers. Each 2Dx12U CAM supports: •
Two 30-42 Mbps downstream IF channels with integrated upconverters, with configurable downstream center frequencies from 91857 (North America) or 112-858 (Europe) MHz
•
Eight upstream physical connectors (numbered 0-7)
•
Up to twelve 0.32-30.72 Mbps physical upstream channels (numbered 0-11)
•
Range of upstream frequencies configurable for North America, Japan, or Europe:
•
5-42 MHz (DOCSIS) 5-55 MHz (Japan) 5-65 MHz (EuroDOCSIS) Multiple logical channels per physical upstream channel
If desired, each physical upstream channel can be subdivided into two logical upstream channels (numbered 0 and 1). They are subchannels that dynamically share the upstream channel’s bandwidth using time division multiplexing. The share of upstream bandwidth allocated to each of the two logical channels changes according to the requests made by the modems on each logical channel. •
Four channel types are supported: TDMA, ATDMA, SCDMA, and TDMA&ATDMA. Typically, one logical upstream channel would be SCDMA and the other would be configured for either TDMA, ATDMA, or TDMA&ATDMA
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-47
6 Installing Modules and System Bring-up
Primary Software Function
The primary software function on the Cable Access Module includes: •
CM Ranging and Registration
•
MAC Address Learning
•
DOCSIS Functionality: Packet Classification, Service Flows, Dynamic Signaling (DSx), Baseline Privacy Interface (BPI+), CM Upstream Bandwidth Scheduling (MAPs), Payload Header Suppression (PHS), Packet defragmentation, packet de-concatenation, and counts collection.
•
Upstream and Downstream Policing
•
Operations, Administration, Maintenance & Provisioning (OAM&P) including initialization and fault recovery code.
•
Connection Admission Control (CAC)
•
PacketCable DSx processing
CAC is a proprietary means of controlling set-up and distribution of service flows across the shared resources in a cable data network. Downstream Test Ports in CAM Faceplate
The CAM faceplate test points are meant to verify the presence of a downstream signal. They provide a power level that is 30 dB (± 3 dB) less than the configured downstream signal strength. These test points are not meant to be used for signal calibration or for detecting signal spurs. Downstream testing at these points does not interfere with CAM functionality. When the test ports are not in use, 75 Ohm terminations should be in place.
LED Status
The LED status descriptions for the CAM are listed in Table 6-9 below: Table 6-9: 2Dx12U Cable Access Module LED Descriptions Front LEDs
Physical Interface Cards
6-48
Power
Out of Service
Module Status
On
Off
Powered and in normal service state
Flashing
On
Flashing = 1.6 second period. Module power is off: either slot is not provisioned or module has been disabled.
Persistent Fast Flashing
On
Fast flashing = 6 times/second. Normal when card is first powered or restored. If fast flashing persists for more than 2 seconds, there is a serious power problem.
On
On
Powered and out of service.
On
Flashing
Downloading data from SCM, initializing or running diagnostics.
There are three types of CAM PICs: Even, Odd, and Spare.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The two basic variations of the Physical Interface Card for the CAM are illustrated in Figure 6-22, 2D12U Cable Access Module (CAM) and PIC, on page 6-46. One is intended for even-numbered slots; the other for odd. These PICs have offsetting upstream connectors in order to facilitate cabling. Order any system upgrades with this even/odd pairing in mind. A third type of PIC used behind CAMs is the CAM sparing PIC. It is required only for those CAMs acting as spares in a sparing group. CAM PIC LED Status
The LED status descriptions for the CAM PIC are listed in Table 6-10 below: Table 6-10: CAM PIC LED Descriptions If CAM PIC LED Is…
On (green) On (amber) Off
Then F-Connector Supports…
active downstream channel active upstream channel no active channel
CAM Sparing PIC LED Status
All three types of CAM PICs are equipped with a Sparing LED at the bottom of the faceplate. These LEDs show which CAM in a sparing group has failed and which CAM is its group leader. Under normal conditions all Sparing LEDs will be off. When a CAM in a sparing group fails, traffic is transferred to its sparing group leader. In this case, the Sparing LEDs of the PICs of the failed CAM are and its group leader CAM are on.
Advanced Spectral Analysis
Although not a function of the DOCSIS standard, the ARRIS 2Dx12U CAM provides channel utilization statistics that can help operators characterize the noise on an HFC plant. This can help determine which frequencies, modulation rates, and multiplexing techniques deliver the best signal-tonoise ratios. Upon entry into the 2Dx12U CAM, the entire available spectrum of each upstream input port is digitized. Digital signal processing techniques are used to measure SNRs with increased accuracy and to report on problems at the channel and even CM levels. Expected in release 5.x, these techniques will be the basis for channel optimization and frequency agility features.
2Dx12U Ingress Noise Cancellation
The 2Dx12U Ingress Cancellation feature provides administrative control over certain proprietary capabilities of the Broadcom BCM3140 dualchannel burst receiver. The BCM3140 has an ingress cancellation block that analyzes the noise environment of an upstream channel. It then suppresses narrow-band ingress or adjacent-channel interference. NOTE Ingress cancellation technology benefits cable operators by improving the immunity of upstream carriers to normal plant noise. It is not capable of providing perfect immunity and should not be considered a substitute for practical HFC plant maintenance activities.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-49
6 Installing Modules and System Bring-up
This feature enables the CMTS operator to perform the following tasks: •
Enable or disable ingress cancellation on a per-receiver basis
•
Control the amount of bandwidth allocated to ingress canceller operation
•
Monitor processing gain attributed to ingress cancellation
By default ingress cancellation is disabled because it consumes bandwidth. It can be enabled for any upstream channel using QPSK or QAM 8, 16, 32, or 64. Analysis only occurs during unused burst intervals. These bursts have an SID that is not assigned to any service flow. The results of any given analysis are applied to every burst up to the next unused burst. This implies that the potential accuracy of the canceller is directly proportional to the frequency of unused bandwidth allocations. Depending on the nature of the noise, however, an increase in potential accuracy does not necessarily result in a proportional increase in processing gain. Since real-world ingressors are static over relatively long intervals (ranging from milliseconds to minutes), analysis rates that are smaller than the average ingress duration have little effect. On the other hand, if the frequency of ingress analysis bursts is set too high, this could have a negative impact on throughput.
6-50
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Initial System Configuration Overview To properly configure the C4 CMTS, you should have completed the installation steps provided in the beginning of this chapter. The installation sequence ends upon successful boot-up of the C4 CMTS to its base configuration. C4 CMTS Base Configuration
The C4 CMTS ships with a configuration database that contains all data required to initialize the C4 CMTS. The base configuration database is present in the System Control Module (SCM) persistent memory — the flash disk. The base configuration is the minimum data needed to initialize and configure the C4 CMTS. When the C4 CMTS initializes from the base configuration database, the SCM and Fabric Control Module (FCM) become active. Configuration procedures begin once the SCM and FCM are active. The next section of this chapter contains the procedure for initially setting the system clock, the SCM’s IP address, and other parameters to customize the C4 CMTS for use in your LAN and time zone. After this procedure is completed, technical support personnel will be able to administer the C4 CMTS using either the ethernet (telnet) port or serial port of the SCM.
Local and Remote Access to the SCM
The SCM serial port is necessary for booting up the system. After that, a system administrator can access the SCM through the ethernet port from any locally connected host. Remote management from any Internetconnected host is supported once In-Band Management is enabled. When management through a Network Access Module (NAM) interface is enabled, system administrators can manage the C4 CMTS remotely, accessing the SCM through any NAM interface. If users choose to enable remote management, they should also enable Access Control Lists (ACLs) for security. If the ACL feature is enabled, all packets to the SCM are dropped except those whose source IPs are approved by the ACL. When remote SCM access is enabled, the next-hop gateway is redefined to the internal ethernet port of the Fabric Control Module (FCM). Consequently, local access to the SCM is restricted to any host on the local subnet associated with the SCM ethernet interface. System administrators who are connected through a local network router will no longer be able to access the SCM through the SCM ethernet port.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-51
6 Installing Modules and System Bring-up
How to Set the SCM IP Address Using a Terminal Emulator The following procedure outlines how to set up a command window using a terminal emulator application such as TeraTerm or Microsoft’s HyperTerm. For help with the emulator of your choice, please consult the vendor-specific documentation. After setting the IP addresses through the serial port of the SCM, you can telnet in to the C4 CMTS system via the SCM ethernet port.
Procedure 6-15
How to Open the Terminal Emulator Session Perform the following steps in their proper sequence. 1 Connect the cable (supplied) from a serial port of a PC (COM1 or COM2) to the lower connector (type RS232) on the faceplate of the SCM. The upper connector, type RJ45, is an ethernet port. The two ports are clearly labeled on the faceplate.
RJ-45 to RJ-45 roll-over cable
CMTS
RJ-45 to DB-9 adapter
PC
Figure 6-23: Opening a Terminal Session on the C4 CMTS
NOTE The PCs at your site may be equipped with operating systems and application software different from the ones chosen here as examples. Locations of files may also differ.
6-52
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
2 Open the terminal emulator application. You may be asked to give the session a name, for example, c4link. 3 Specify a serial port (usually COM1 or COM2) to be used in this connection. 4 Configure the serial port using these settings: Bits per second Data bits Parity Stop bits Flow control
9600 baud (default) 8 None 1 Xon/Xoff
5 The C4 CMTS is already set to echo entries. If your emulator gives you the option to echo typed characters locally, turn it off. 6 Save your terminal emulator. End of procedure
Enhanced Baud Rates
The following enhanced baud rates are available for the serial port: •
9600 (default)
•
19200
•
38400
•
57600
•
115200
The baud rate can be changed using the following command: configure line console 0 speed In-band Versus Out-of-band Management
Management consists of tasks related to configuration, accounting, security, and performance, in other words, system administration. Users must decide whether to use in-band or out-of-band management. •
In-band — management traffic is carried on the same network as subscriber traffic. It supports access to management protocols via the loopback IP address through any CAM or NAM port.
•
Out-of-band — management traffic is carried on a physically or logically separate network. The administrative terminal is physically connected to the Front Ethernet Port (FEP); therefore, management packets to all destinations are routed through the FEP.
Management traffic, as opposed to subscriber traffic, carries system and subscriber management information. It uses some or all of the following protocols: telnet, FTP, SNMP, RADIUS, SYSLOG, TACACS+, COPS, NTP, and SSH.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-53
6 Installing Modules and System Bring-up
Configuring IP Addresses for Out-Of-Band Management
The following series of commands provides an example of how to configure the IP addresses of the SCM modules for out-of-band management. configure interface ethernet 19/0 ip address 10.0.0.19 255.255.255.0 configure interface ethernet 20/0 ip address 10.0.0.20 255.255.255.0 configure interface ethernet 19/0 active ip 10.0.0.21 255.255.255.0 configure interface ethernet 20/0 active ip 10.0.0.21 255.255.255.0 configure ip route vrf management 0.0.0.0 0.0.0.0 10.0.0.1
Procedure 6-16
How to Modify Boot Parameters Use this procedure to set customize parameters on the C4 CMTS for use in your LAN. Connect to the C4 CMTS using the terminal you created in Procedure 6-15. NOTE In the step that follows, you will power cycle the chassis. The system bootloader script with its default parameters scroll rapidly across the screen. The initialization screen pauses to give you a chance to enter modify mode. See Figure 6-24, Sample Bootloader Dialog, on page 6-55. 1 Power cycle the C4 CMTS. The chassis modules go out of service. 2 When you see the To change any of this… line, press m within five seconds and then follow the prompts to enter Modify mode. Once in Modify mode, you are prompted to accept the default values or modify the following parameters:
6-54
•
Password recovery (second dialog only)
•
Enable ethernet port of the SCM (default = disabled)
•
Change IP address of the SCM ethernet port
•
Change subnet mask for the above IP address
•
Specify a default gateway router and its IP address
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
3 Change bootloader parameters to suit your site and application. End of procedure
Look for this line
Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0.0.0 Subnet mask for the above IP address: 0.0.0.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0.0.0.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset, start-up code will wait 5 seconds ------------------------------------------------------------------################################################################## ################################################################## To change any of this, press and key within 5 seconds ################################################################## ################################################################## m (M)odify any of this or (C)ontinue? [M]
Figure 6-24: Sample Bootloader Dialog
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
6-55
6 Installing Modules and System Bring-up
6-56
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
7. Clock Synchronization Protocol
Introduction
If desired, you may operate the C4 CMTS on local clock without synchronizing it to a network. If you choose to synchronize the C4 CMTS to a network time server, you must choose either Time of Day (TOD) or Network Time Protocol (NTP) as your synchronization protocol. If you intend to enable PacketCable, you must use NTP.
Procedure 7-1
How to Configure a Time of Day (TOD) Clock Protocol The TOD server provides the time of day to cable modems and other customer premises equipment (CPE) devices connected to the Cadant C4 CMTS cable interfaces. The cable modem uses the ToD server to get the current date and time to accurately time-stamp its Simple Network Management Protocol (SNMP) messages and error log entries. 1 Configure the TOD server IP address and protocol for Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) commands: configure tod server {tcp|udp} 2 Configure the C4 CMTS to use the TOD time synchronization protocol: configure clock network tod 3 Confirm the current clock network protocol as well as the local time using the following command: show clock detail End of procedure
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
7-1
7 Clock Synchronization Protocol
Procedure 7-2
How to Choose Network Time Protocol (NTP) for C4 CMTS The purpose of this procedure is to configure the C4 CMTS as an NTP client. This means that the C4 CMTS clock is synchronized to the NTP server. NOTE PacketCable requires the use of NTP for network synchronization. Use step 1 if the NTP client is unicast; otherwise, go to step 2. 1 Configure the NTP client: configure ntp server [burst] [prefer] [minpoll ] [maxpoll ] [version ] Where
4-11 are exponents of 2. In other words, the possible values are 24, 25, 26 … 211, which equal 16, 32, 64 … 2048.
The C4 CMTS becomes an NTP unicast client of the remote server at ipaddress. The remote server distributes time synchronization to the C4 CMTS, but does not synchronize itself to the C4 CMTS. This is the most common NTP configuration for the C4 CMTS.
The optional burst parameter forces the C4 CMTS to send a sequence of time sync messages over a short period at each poll interval. This reduces the amount of time the C4 CMTS needs to synchronize its local clock. The optional prefer parameter designates the association with this server as the preferred time sync source unless the server is unreachable. The optional minpoll, maxpoll, and version parameters can be used to override the default parameters set by the config ntp minpoll | maxpoll | version commands on a per server basis if necessary. 2 Use one of the following commands to configure the C4 CMTS as an NTP client listening to a broadcast or multicast server, or if is to be part of an NTP manycast group: configure ntp server broadcast configure ntp server multicast configure ntp server manycast 3 Set the NTP re-synchronization timer: configure ntp minpoll configure ntp maxpoll
7-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Where
4-11 are exponents of 2. In other words, the possible values are 24, 25, 26 … 211, which equal 16, 32, 64 … 2048.
These commands are used to set the default values for NTP minpoll, maxpoll, and version parameters that will be assumed by subsequent configure ntp server | peer commands. Default for minpoll is 6, maxpoll is 10, and version is 4. PacketCable requires that the maximum interval between consecutive attempts to synchronize the C4 CMTS local time of day clock must not exceed one hour. Therefore, NTP.MAXPOLL must not exceed 11 (that is 211 or 2048 seconds, which equals approximately 34 minutes). The CLI command configure ntp maxpoll has a default value of 10. Also, the new CLI command configure ntp minpoll sets the default minimum polling interval in the same way, where minpoll is strictly less than or equal to maxpoll. 4 Configure the time zone: When no parameter is given (or invalid input is detected), this command enters interactive mode. In interactive mode, a list of available canonical time zone (TZ) names is displayed based on a given country name or ISO3166 country code. The local TZ name may then be selected by line number from the displayed list of TZ names for that country. In the example given below the time zones for the USA are requested. C4 clock timezone Enter country name or 2 letter code: US 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22.
US US US US US US US US US US US US US US US US US US US US US US
+404251-0740023 +421953-0830245 +381515-0854534 +364947-0845057 +394606-0860929 +382232-0862041 +411745-0863730 +384452-0850402 +415100-0873900 +450628-0873651 +470659-1011757 +394421-1045903 +433649-1161209 +364708-1084111 +332654-1120424 +340308-1181434 +611305-1495401 +581807-1342511 +593249-1394338 +643004-1652423 +515248-1763929 +211825-1575130
America/New_York Eastern Time America/Detroit Eastern Time - Michigan - most locations America/Louisville Eastern Time - Kentucky - Louisville area America/Kentucky/Monticello Eastern Time - Kentucky - Wayne County America/Indianapolis Eastern Standard Time - Indiana - most locations America/Indiana/Marengo Eastern Standard Time - Indiana - Crawford County America/Indiana/Knox Eastern Standard Time - Indiana - Starke County America/Indiana/Vevay Eastern Standard Time - Indiana - Switzerland County America/Chicago Central Time America/Menominee Central Time - Michigan - Wisconsin border America/North_Dakota/Center Central Time - North Dakota - Oliver County America/Denver Mountain Time America/Boise Mountain Time - south Idaho & east Oregon America/Shiprock Mountain Time - Navajo America/Phoenix Mountain Standard Time - Arizona America/Los_Angeles Pacific Time America/Anchorage Alaska Time America/Juneau Alaska Time - Alaska panhandle America/Yakutat Alaska Time - Alaska panhandle neck America/Nome Alaska Time - west Alaska America/Adak Aleutian Islands Pacific/Honolulu Hawaii
Please select a time zone location by line number:(122) 9
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
7-3
7 Clock Synchronization Protocol
Chicago is selected. By requesting CLI help on the command you can see that you can also configure the time offset using Greenwich Mean Time: configure clock timezone ? WORD country name/zone location e.g. America/Chicago, or GMT offset e.g. GMT-6 Use the following command to set the time zone offset in hours (and minutes, if applicable) from Greenwich: configure clock timezone GMT[+|-hh[:mm]] Use the no form of the command to disable the time zone setting: configure clock [no] timezone Use the following command to display the clock configurations and the time: show clock detail 2004 August 4 09:53:39 CDT (DST) Network time sync protocol is TOD TOD Server IP Address: 10.50.28.3 connection type: tcp These commands select the local TZ and DST rules based on canonical or GMT offset. The TZ and DST adjustments are made automatically whenever the local time is displayed or logged (see show clock detail or show log history command). When a canonical is given, the built-in local TZ and Daylight Saving Time (DST) rules for that time zone location name are activated. This includes automatic adjustment of local time for TZ & DST and setting of the time zone abbreviation according to the rules. Examples of canonical TZ names are Europe/Paris, America/Chicago, or Asia/Hong_Kong. When a GMT offset is given, the local TZ is set accordingly, but no DST adjustments are made when local time is displayed or logged. 5 Configure the C4 CMTS to use NTP network synchronization: configure clock network ntp 6 Confirm the NTP configuration: show ntp Where:
7-4
associations displays the status of NTP associations defaults displays default settings for NTP minpool, maxpool, and version
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
For example: show NTP defaults minpoll=6 maxpoll=10 ver=4 End of procedure
Show Clock Commands
Use the following commands to view NTP status: show clock show clock detail show clock GMT show ntp These commands display the local date and time in one-second resolution when the TOD client is active and in 1 millisecond resolution when the NTP client is active. The output of show clock detail also shows the TZ abbreviation and the current DST/STD time status. If you wish to see the time expressed as Greenwich Mean Time, use show clock GMT.
Manually Adjusting the C4 CMTS Internal Clock
If there is an active network time protocol, you must first disable it before adjusting the clock on the C4 CMTS. 1 Use the following command to disable network synchronization: config clock no network 2 Manually set the C4 CMTS internal clock: config clock set yyyy:mm:dd:hh:mm:ss
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
7-5
7 Clock Synchronization Protocol
7-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
8. Host Names, User IDs, and Password Recovery
Topics
Page
How to Administer the Host Name and User IDs
1
How to Add and Delete Users
2
Password Recovery
4
How to Administer the Host Name and User IDs Before configuring the modules and remaining equipment and interfaces, configure the preferred hostname and logging host for your C4 CMTS. The following procedure outlines steps required for these features.
Procedure 8-1
How to Configure a Host Name and Logging Host IP Address The host name is used in command prompts and system messages. The logging host receives and stores logging messages. 1 Configure a hostname for the C4 CMTS you wish to define: configure hostname
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
8-1
8 Host Names, User IDs, and Password Recovery
Where
name = a user-defined host name between 1 and 255 characters in length. It can contain any character.
2 The C4 CMTS does not route event messages to a syslog server unless the IP address of that server is configured. Use the following command to configure the logging host (syslog server): configure logging host Where ip address represents the IP address of the syslog server. End of procedure
How to Add and Delete Users Each user must have a unique system login account in order to gain access to the C4 CMTS and to the command line interface (CLI). Add or Delete Users
Use the following command to add new users. This command can also be used to modify the password for an existing C4 CMTS user. configure username password NOTE If spaces are required in either the password or username string, the entire string must be enclosed in quotation marks. Use the following command to add a user name and password that includes spaces: configure username KatyTech password mohawk_lily Use the following command to delete a user from the C4 CMTS: configure no username
Procedure 8-2
How to Configure Privilege Levels and Authentication For security reasons users may configure CLI command authentication. In this procedure authentication is set to local and a privilege level is assigned to certain CLI commands. This procedure is meant as an example that
8-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
users may follow according to their needs for authentication and authorization. For more information, see Configuring Passwords and Privileges, page 25-11. 1 Create the password and set the privilege level required to use the password in order to access privileged commands: configure enable password privilege Where privilege is a number 0-15. If you select level 7, for example, then levels 0-7 must all use the password to access privileged commands. 2 To set the authentication method to the local list of users and passwords: configure authentication testlist1 local Where testlist1 is an example of a name for this method list 3 Configure the telnet and console access to use the authentication method above for login and enable access: configure line console 0 1 authentication testlist1 login-authentication enable-authentication configure line vty 0 6 authentication testlist1login-authentication enable-authentication 4 (Example) Set the privilege level to 8 for the configure command: configure privilege exec level 8 configure 5 (Example) To set the privilege level to 9 for all configure interface cable commands, enter the following three commands: configure privilege exec level 9 configure configure privilege exec level 9 configure interface configure privilege exec level 9 configure interface cable 6 Confirm your changes: show privilege exec configure 7 If desired, use the following command to review privilege levels for other commands: show logging End of procedure This ends the pre-configuration section. The next chapter outlines the sequence and procedures for configuring the modules, modulation profiles, and interfaces on the C4 CMTS.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
8-3
8 Host Names, User IDs, and Password Recovery
Password Recovery In certain situations a system user may be prevented from logging in because a previous user has changed the password or something in the configuration. Rebooting the SCM does not help if the previous user has executed the write mem command. The password recovery option enables you to access the CLI at the console without having to supply a user ID or password. After performing password recovery you also have access to all the CLI commands without having to supply the enable password. You can then change the configuration to your liking and reboot the SCM one more time to restore the lab to its normal state with required user authentication. NOTE Password recovery is allowed only through the console.
Procedure 8-3
How to Enable Password Recovery Using Application Dialog The sample system output (Sample Bootloader Dialog for Password Recovery, pages 8-5 to 8-7) consists of excerpts from the bootloader and application dialogs. There are six basic steps in this procedure. Note the bold text in blue which refers to the password recovery steps. The numbered callouts, also in blue, refer to the first five numbered steps in this procedure.
1 Allow the bootloader dialog to run once and to finish. You must wait for the dialog to run a second time. 2 In the second bootloader dialog, when prompted to modify or continue, type M for Modify. 3 At the prompt “Enable Password Recovery?” type Y. 4 You are now in password recovery mode. The bootloader dialog again prompts you to Modify or Continue. Type c to continue. You have full CLI access. 5 The CMTS warns you that authentication has been disabled. When you have finished making changes, reboot the SCM to enable authentication. 6 The SCM has rebooted and is in-service. Once you have the console command prompt, create a login (username) and a password. Finally, execute the write memory command to save your changes.
8-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Sample Bootloader Dialog for Password Recovery
Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0.0.0 Subnet mask for the above IP address: 0.0.0.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0.0.0.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset, start-up code will wait 5 seconds ------------------------------------------------------------------################################################################## ################################################################## To change any of this, press and key within 5 seconds ################################################################## ################################################################## SCM BOOT1 image built Mon Jun 21 11:12:11 CDT 2004 version: CMTS_BOOT1
1
Release 4.2, Standard
• • Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0.0.0 Subnet mask for the above IP address: 0.0.0.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0.0.0.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset, start-up code will wait 5 seconds
ARRIS PROPRIETARY — All Rights Reserved
8-5
8 Host Names, User IDs, and Password Recovery
2
------------------------------------------------------------------################################################################## ################################################################## To change any of this, press and key within 5 seconds ################################################################## ################################################################## m (M)odify any of this or (C)ontinue? [M]m For each of the following questions, you can press to select value shown in brackets, or you can enter a new value
3
PASSWORD: Enable Password Recovery ? [No] yes User will be automatically authenticated upon boot FRONT ETHERNET INTERFACE PARAMETERS: • • Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application PASSWORD Password recovery is enabled. FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0.0.0 Subnet mask for the above IP address: 0.0.0.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0.0.0.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset, start-up code will wait 5 seconds ------------------------------------------------------------------################################################################## ################################################################## To change any of this, press and key within 5 seconds ################################################################## ##################################################################
4
(M)odify any of this or (C)ontinue?
[M]c
SCM card software version CMTS_V04.00.01.xx, built on Tue Jul 6 22:01:48 CDT 2004 • •
8-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
5
Please wait for 5 seconds until initialization completes Warning: Authentication has been disabled for console access. Reboot this SCM to enable authentication
End of procedure
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
8-7
8 Host Names, User IDs, and Password Recovery
8-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
9. NAM Configuration
Topics
Page
Fast Ethernet Network Access Module (NAM) Configuration
2
Gigabit Ethernet Network Access Module (GigE NAM) Configuration
4
NAM-Side IP Interface Bundling
7
NOTE Only the Cable Access Module, Gigabit Ethernet Network Access Module, and the Network Access Module require customer configuration. If you want Control Complex Redundancy, that must also be configured. Before Using CLI Commands
If you are unfamiliar with the Command Language Interface (CLI), read Chapter 25, CLI Overview It provides an introduction to CLI access modes, command syntax, and shortcuts.
Service States of Modules
The following procedures use the show linecard status command to verify that modules return to normal. The following is a list of the possible service states with a brief description for each. Table 9-1: Module Service State Descriptions Operational States IS
Release 4.2, Standard
Description In service
ARRIS PROPRIETARY — All Rights Reserved
9-1
9 NAM Configuration
Table 9-1: Module Service State Descriptions Operational States
Service States of Ports
Description
IS-INIT
In service — undergoing initialization
OOS-MAN
Out of service — shutdown manually
OOS-FLT
Out of service — faulted
OOS-DGN
Out of service — undergoing diagnostics
OOS-DNLD
Out of service — undergoing software download
OOS-PUMP
Out of service — FPGAs are being distributed
The following list of possible port states. These are displayed using the show port status command. Table 9-2: Port Service State Descriptions Port Operational State IS
Description Port is in service
OOS-MAN
Port out of service — shut down manually
OOS-AUTO
Port is out of service for some reason other than manual: it was not shut down manually
Fast Ethernet Network Access Module (NAM) Configuration Introduction
The following procedure provisions a chassis slot for a FastE NAM and then puts that module into service. NOTE See the Guidelines for NAM and GigE NAM Configuration, page 9-5 for additional provisioning information. The Network Access Module (NAM) provides the network interface functionality in various configurations. The NAM is used for command, status, and statistics access into the Ethernet controller chip. There are two basic models: FastE and GigE NAM. One FastE NAM supports four bi-directional 10/100 Ethernet ports.
9-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 9-1
How to Configure a Network Access Module Use the following procedure to configure a slot and activate a NAM in the C4 CMTS. 1 Slots 13-15 can be configured for use by either a NAM or a CAM, depending on need. Slot 16 is reserved for NAM modules. Configure a slot for the NAM using the following command: configure slot type NAM Where:
valid slots are 13-16 for the NAM.
2 Put the NAM in service: configure interface fastEthernet no shutdown Normally, it takes the NAM about 30 seconds to boot. If the FPGAs need to receive a new software load, it may take several minutes to boot. 3 Verify status of NAM: show linecard status The following is a sample of the system response showing the line that pertains to the NAM:
14 NAM (4FE)
Where:
Up
IS
Simplex
02251CBE0001 ENAM-01040W/G02 NAM/NAM
14 = the slot number in this example NAM (4FE) = type of module (NAM with 4 FastEthernet ports) Up = the Administrative State IS = In Service operational state Simplex = NAM redundancy is not enabled 02251CBE0001 = the serial number of the board ENAM-01040W/G02 = the hardware revision of this board NAM/NAM = the slot provisioning / type of card detected
4 Configure the IP address on the fastEthernet port: configure interface fastEthernet / ip address 5 Put NAM ports in service: configure interface fastEthernet / no shutdown Where:
0-3 is the valid port range for the NAM.
6 Verify status of NAM ports: show port status
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
9-3
9 NAM Configuration
The NAM port configured in the previous step should be IS (in service). 7 By default, the NAM fastEthernet ports are set to auto-negotiate. If desired, set operating mode to full or half duplex: configure interface fastEthernet / duplex [full | half | auto] Where:
valid port range is 0-3.
8 Repeat steps 1 through 6 as necessary for additional NAM ports. End of procedure
Procedure 9-2
How to Take a NAM Out of Service and Delete Its Slot 1 Take the NAM out of service: configure interface fastEthernet shutdown Where:
slot is a value from 13-16
2 Verify module status: show linecard status The system response should confirm that the module is out of service. 3 Delete the slot: configure no slot Where:
slot is a value from 13-16
End of procedure
Gigabit Ethernet Network Access Module (GigE NAM) Configuration The GigE NAM provides the C4 CMTS with a Gigabit Ethernet Network Side Interface (NSI). This interface functions logically in the same manner as the 10/100 Ethernet (Fast Ethernet) interfaces provided by the FastE NAM, but has a single port (GBIC1) and works at 1 gigabaud. The GigE NAM also provides a single 10/100 Ethernet (E0) interface. GigE NAMs can only be configured in slots 14 and 16. The slot to the immediate left of a GigE NAM (slots 13 and 15) must either remain empty or be occupied by a CAM. No other module type is allowed in those slots. For more details, see Provisioning Rules for Slots, page 6-20
9-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The Gigabit Ethernet Network Access Module is provisioned in much the same way as FastE NAM. This includes the configuration of the interface, status commands (show port status, show linecard status), and any protocol support that is NAM-interface based. The basic CLI command for GigE NAM configuration is: configure interface gigabitEthernet / [duplex | ip | proxy arp | [no] shutdown | speed] For information on these parameters, see List of CLI Commands to find the config interface gigabitEthernet commands. Guidelines for NAM and GigE NAM Configuration
Procedure 9-3
There are restrictions involving the simultaneous equipage of the GigE NAM and FastE NAM. The following guidelines apply to NAM and GigE NAM configuration: •
For all GigE NAM CLI commands, port 0 is the fastEthernet 10/100 port, and port 1 is the GigE NAM port.
•
Configure either slots 14 or 16, or both 14 and 16, with a GigE NAM depending on need.
•
If slots 14 and 16 are both equipped with GigE NAMs, then slots 13 and 15 can be used for CAMs or left empty.
•
The slot to the immediate left of a GigE NAM cannot be equipped with a FastE NAM.
•
The C4 CMTS can support 2 FastE NAMs plus 1 GigE NAM in slots 13, 14, and 16 respectively; or 1 GigE NAM in slot 14 and 2 FastE NAMs in slots 15 and 16.
How to Configure a Gigabit Ethernet Network Access Module Use the following procedure to configure a slot and activate a GigE NAM in the C4 CMTS. 1 Configure a slot for the GigE NAM using the following command: configure slot type GNAM Where valid slots are 14 and 16 for the GigE NAM. 2 (optional) To configure the FastEthernet 10/100 port (14/0 or 16/0), use steps 4 to 6 of How to Configure a Network Access Module, page 9-3. 3 Put the GigE NAM module in service: configure interface gigEthernet no shutdown Normally, it takes the GigE NAM about 30 seconds to boot, but may take several minutes if a new software load must be distributed to the FPGAs.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
9-5
9 NAM Configuration
4 Verify status of GigE NAM: show linecard status 5 Configure the IP address on the GigE NAM: configure interface gigabitEthernet /1 ip address 6 Put GigE NAM ports in service: configure interface gigEthernet /1 no shutdown Where valid slots are 14 and 16 and 1 is the valid port for the GigE NAM. 7 Verify status of GigE NAM ports: show port status The GigE NAM port configured in the previous step should be IS (in service). 8 Repeat steps 1 through 6 if a second GigE NAM is desired. End of procedure
Procedure 9-4
How to Take a GigE NAM Out of Service and Delete Its Slot Use this procedure to take a GigE NAM and the slot it resides in out of service. 1 Take the GigE NAM out of service: configure interface gigEthernet shutdown Where:
slot = 14 or 16 for the GigE NAM.
2 Verify module status: show linecard status The system response should confirm that the module is out of service. 3 Delete the slot: configure no slot Where:
slot = 14 or 16 for the GigE NAM.
End of procedure
9-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
NAM-Side IP Interface Bundling This feature is similar to CAM interface bundling in that it bundles NAM IP interfaces. The purpose is to create bridging functionality for links connecting the C4 CMTS to a Network-Based Call Signaling Gateway (NCSG). In the C4 CMTS this has to be done at layer 3. The bundling includes NAM interfaces on the CMTS side, redundant ethernet links to the NCSG, and the duplex processor and multiple media cards on of the NCSG. There are no switches or other equipment between the CMTS and the gateway platform. This application permits MSOs to offer advanced PSTN services using VoIP over packetized networks such as an HFC plant. The two redundant ethernet links operate in an active/standby mode. The duplicated gateway processor cards share a single IP address and support from 1-16 media modules (cards). Each of the media modules has its own IP address and must be reachable from either processor, depending on which one is active. See Figure 9-1. Depending on different failure scenarios, the C4 CMTS IP bundle must accept an IP address that moves to a new MAC address. This IP address may also move to a new ethernet interface. It must also accept an IP/MAC binding that stays the same while moving to a new ethernet interface. In each of these cases, the gateway assists the CMTS by sending at least three gratuitous ARPs after reconfiguring its interfaces. Since the bundling consists of layer 2 interfaces below layer 3 interfaces, all IP functionality (OSPF, RIP, multiple VRFs, etc.) operate properly with a NAM bundle.
CPU 1
M1
CPU 2
NCSG (GATEWAY)
MEDIA 1-16
GIG-E 1
GIG-E 2
GNAM
GNAM
M 16
C4 CMTS
Figure 9-1: Block Diagram of NAM-Side IP Interface Bundling
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
9-7
9 NAM Configuration
CLI Commands for NAM-Side IP Bundling
To display information on configured IP interface bundles, enter the following command: show ip bundle To configure IP interface bundles for a fastE NAM: configure interface fastethernet /[.subif#] no ip bundle To configure IP interface bundles for a GigE NAM: configure interface gigabitethernet /[.subif#] no ip bundle To show the IP interfaces for all the client cards, and the bridge group leaders of IP interface bridge groups, and the MAC addresses of the individual interfaces in the IP bundles, use the following command: show ip interface NOTE IP packets leaving an IP interface bundle all show the same MAC address. Thus, the show ip interface command displays an unused MAC address for all NAM interfaces that are in the bundle but are not the master.
9-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
10. Basic CAM Configuration
Topics
Page
1Dx8U CAM
2
2Dx12U CAM
4
Migration from 1Dx8U CAMs to 2Dx12U CAMs
13
Clone Group Configuration
27
Modulation Profiles
32
FlexCAM™ Hitless CAM Sparing
41
Interface Bundling
47
This section provides basic examples of slot equipage and CAM configuration for the two models of CAM. It also provides more detailed procedures for CAM configuration, as well as examples of procedures for migrating to denser configurations, creating clone groups, customizing modulation profiles, enabling CAM sparing groups, and creating interface bundles.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-1
10 Basic CAM Configuration
1Dx8U CAM Short Example of 1Dx8U CAM Configuration
The following series of commands is meant as an example. In this example slot 1 is configured for a 1Dx8U CAM. The downstream and upstream 0 are provisioned. When you create a CAM, all the upstream and downstream channels associated with it are added with default settings. configure slot 1 type 1D8U configure interface cable 1/0 cable downstream frequency 321000000 The default modulation type is 64QAM. In this example the downstream is configured to use 256QAM. configure interface cable 1/0 cable downstream modulation 256qam The default power-level is 500. configure interface cable 1/0 cable downstream power-level 550 configure interface cable 1/0 cable upstream 0 frequency 18000000 configure interface cable 1/0 cable upstream 0 modulation-profile 1 configure interface cable 1/0 cable upstream 0 power-level 0 configure interface cable 1/0 ip address 10.10.10.1 255.255.255.0 configure interface cable 1/0 cable upstream 0 no shutdown configure interface cable 1/0 no shut configure interface cable 1 no shutdown configure interface cable 1/0 cable bundle master configure interface cable 1/0 cable helper-address 10.11.12.13
10-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 10-1
How to Create and Enable a 1Dx8U CAM 1 Configure a slot for the CAM using the following command. configure slot type 1D8U Slots 13-15 can be configured for use by either a NAM or a CAM. Provision other slots (0-15) individually as needed. 2 Verify that the slots are provisioned as desired: show linecard status The following output text provides an example of the system response to the show linecard status command:
Slot Description 0 1 2
CAM (1D, 8U) CAM (1D, 8U) CAM (1D, 8U)
Admin State Up Up Up
13 14 15 16
CAM NAM CAM NAM
Up Up Up Up
(1D, 8U) (1GE, 1FE) (1D, 8U) (4FE)
Oper State IS IS IS
Duplex State Standby Active Active
Serial Number 02321CBD0047 HKD10068 02321CBD0010
HW Version CAM-01081N/J04 8400002G01/G06 CAM-01081N/J03
Prov/Det Type CAM/CAM CAM/CAM CAM/CAM
IS IS IS IS
Active Simplex Active Simplex
03051CBD0027 002201CBG001 3163100499 3123100438
CAM-01081N/L05 GNAM-GB010W/B13 8400002G01/G06 ENAM-01040W/F04
CAM/CAM NAM/NAM CAM/CAM NAM/NAM
End of procedure
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-3
10 Basic CAM Configuration
2Dx12U CAM The guidelines and procedures in this section are specific to the 2Dx12U CAM.
Rules and Restrictions for 2Dx12U CAM Configuration Before growing and configuring a 2Dx12U CAM with its downstreams, upstreams, and, if desired, logical channels, please consider the following rules and restrictions. Slot Provisioning
The 2Dx12U must be grown in a CAM slot provisioned for a 2Dx12U. If inserted in a slot configured for a 1Dx8U, it remains OOS. CAM sparing can only be done by like cards: a 1Dx8U can spare for a group consisting only of 1Dx8Us and a 2Dx12U can spare only for a group consisting of 2Dx12Us. No mixing is allowed in the sparing groups.
Upstream (US) Channel to Physical Connector Mapping
Guidelines for mapping upstream channels to physical connectors: •
Any upstream or all of the upstreams can be connected to any one of the physical upstream connectors
•
There are 8 physical connectors and 12 upstream channels on the 2Dx12U. If all channels are enabled then at least one physical connector will receive more than one upstream channel
•
There must be no frequency overlap among the upstream channels using the same connector.
•
Upstream channels connected to a single physical connector may vary according to channel width and power levels according to the values accepted by the user-configured attenuation level, either 12 or 28 dB. See Table 10-1 for valid upstream channel power levels when the attenuator is set to 12 dB, and Table 10-2 for valid values when the attenuator is configured for 28 dB. The C4 CMTS displays the following error message when the user attempts to change an upstream power level to a value that is not valid for that attenuator configuration: Upstream channel power level conflict with another channel using the same connector.
Table 10-1: US Power Levels Attenuated to 12 dB (approx.)
10-4
200 kHz
400 kHz
800 kHz
1.6 MHz
3.2 MHz
6.4 MHz
Atten. dBa
-16
-13
-10
-7
-4
-1
12
-15
-12
-9
-6
-3
0
12
-14
-11
-8
-5
-2
1
12
-13
-10
-7
-4
-1
2
12
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table 10-1: US Power Levels Attenuated to 12 dB (approx.) 200 kHz
400 kHz
800 kHz
1.6 MHz
3.2 MHz
6.4 MHz
Atten. dBa
-12
-9
-6
-3
0
3
12
-11
-8
-5
-2
1
4
12
-10
-7
-4
-1
2
5
12
-9
-6
-3
0
3
6
12
-8
-5
-2
1
4
7
12
-7
-4
-1
2
5
8
12
-6
-3
0
3
6
9
12
-5
-2
1
4
7
10
12
-4
-1
2
5
8
11
12
-3
0
3
6
9
12
12
-2
1
4
7
10
13
12
-1
2
5
8
11
14
12
NOTE: All upstream Rx (receive) values are measured in dBmV.
a. Power after attenuation may vary slightly from one CAM to another. Table 10-2: US Power Levels Attenuated to 28 dB (approx.) 200 kHz
400 kHz
800 kHz
1.6 MHz
3.2 MHz
6.4 MHz
Atten. dBa
0
3
6
9
12
15
28
1
4
7
10
13
16
28
2
5
8
11
14
17
28
3
6
9
12
15
18
28
4
7
10
13
16
19
28
5
8
11
14
17
20
28
6
9
12
15
18
21
28
7
10
13
16
19
22
28
8
11
14
17
20
23
28
9
12
15
18
21
24
28
10
13
16
19
22
25
28
11
14
17
20
23
26
28
12
15
18
21
24
27
28
13
16
19
22
25
28
28
14
17
20
23
26
29
28
NOTE: All upstream Rx (receive) values are measured in dBmV.
a. Power after attenuation may vary slightly from one CAM to another.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-5
10 Basic CAM Configuration
Upstream to MAC Domain Mapping
Logical Channels
Guidelines for mapping upstream channels to MAC domains (downstreams): •
Any or all of the 12 upstream channels (numbered 0–11 in CLI syntax) can be associated with either downstream
•
Changing the upstream parameters of a channel or channels on MAC 0 does not affect the channels on MAC domain 1, and changing the upstream parameters of a channel or channels on MAC 1 does not affect the channels on MAC domain 0.
These are the restrictions on logical channels: •
The 2Dx12U supports two logical channels per upstream, a total of 24 per CAM
•
Both logical channels on the same physical receiver, that is, the same upstream channel, must have the same channel width and map size
•
Channel numbering in UCD messages uses these conventions:
•
Channel IDs 1–12 for the logical channels numbered 0.0–11.0 Channel IDs 13–24 for the logical channels numbered 0.1–11.1 There are four types of logical upstream channels:
-
•
Type 1 = TDMA (DOCSIS 1.x) Type 2 = TDMA & ATDMA mixed (DOCSIS 1.x and 2.x mixed) Type 3A = ATDMA only (DOCSIS 2.x) Type 3S = SCDMA only (DOCSIS 2.x) If logical channels are to be used, ARRIS recommends that one of the two be Type 1, 2, or 3A, and the other one be Type 3S.
NOTE If an upstream channel is configured for only Type 3A or 3S, then any DOCSIS 1.x modems assigned to that path will not register.
10-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Basic Command Set for Bringing Up a 2Dx12U The set of commands provided in Table 10-3 is the bare minimum for turning up a 2Dx12U CAM in a given slot. You are not required to use the same values for these commands. The values chosen are meant as a useful example.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-7
10 Basic CAM Configuration
Table 10-3: Example of Basic Command Sequence for Turning up a 2Dx12U in Slot 8 Command
Purpose Configure the Slot Provision slot 8 as a 2Dx12U slot.
configure slot 8 type 2D12U
Configure the Downstream Frequencies configure interface cable 8/0 cable downstream frequency 321000000
Set downstream frequency to 321 MHz for slot 8 mac domain 0 (downstream 0).
configure interface cable 8/1 cable downstream frequency 333000000
Set downstream frequency to 333 MHz for slot 8 mac domain 1 (downstream 1).
Configure the Upstream Frequencies and Connectors configure interface cable 8/0 cable upstream 0 connector 0
Assign upstream channel 0 of CAM 8, mac domain 0, to connector 0.
configure interface cable 8/0 cable upstream 0 frequency 12000000
Configure upstream channel 0 of CAM 8, mac domain 0, to use frequency 12 MHz.
configure interface cable 8/1 cable upstream 6 connector 6
Assign upstream channel 6 of CAM 8, mac domain 1, to connector 6.
configure interface cable 8/1 cable upstream 6 frequency 12000000
Configure upstream channel 6 of CAM 8, mac domain 1, to use frequency 12 MHz.
Assign IP and Helper Addresses to CAM configure interface cable 8/0 ip address 10.21.2.1 255.255.255.128
Configure primary IP address for CAM 8.
configure interface cable 8/0 ip address 10.21.2.129 255.255.255.128 secondary
Configure secondary IP address for CAM 8.
configure interface cable 8/0 cable helper-address 10.50.102.3
Configure the CAM helper address for CAM 8.
Set up the Cable Bundle configure interface cable 8/0 cable bundle master
Designate slot 8, port 0, as cable bundle master.
configure interface cable 8/1 cable bundle 8/0
Add mac-domain 8/1 to cable bundle 8/0.
Put CAM in Service configure interface cable 8/0 cable downstream no shutdown Restore port 8/0 to service. configure interface cable 8/1 cable downstream no shutdown Restore port 8/1 to service. configure interface cable 8/0 no shutdown mac-port
Restore mac domain 8/0 (that is, slot 8, downstream 0) to service.
configure interface cable 8/1 no shutdown mac-port
Restore mac domain 8/1 to service.
configure interface cable 8/0 cable upstream 0 no shutdown
Restore upstream channel 0 of CAM 8, mac domain 0, to service.
configure interface cable 8/1 cable upstream 6 no shutdown
Restore upstream channel 6 of CAM 8, mac domain 1, to service.
configure interface cable 8 no shutdown
Restore module in slot 8 to service.
show interface cable 8
Confirm channel settings for slot 8. See example below.
10-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable 8 DS 8/0 8/1 US 8/0/U0
Oper Annex Freq(Hz) Mod Power Clone Spare State Type (.1dBmV) Enable Group IS B(US) 321000000 q64 500 true IS B(US) 333000000 q64 500 true Conn Oper Chan State Type 0 IS tdma
Freq(Hz) Channel Mini Mod Power Cable Width Slot Prof (dBmV) Group 12000000 3200000 4 2 0 -
Table 10-4 shows the commands to restore default values for a number of upstream and downstream parameters. These are the settings which most users will choose for basic configuration. In each command the default values can be replaced as needed. Table 10-4: Accepting Default Parameters for Cable Downstream and Upstream Channels Command
Purpose
configure interface cable cable downstream annex B
Accept default annex for downstream and associated upstreams. Default = DOCSIS (North American) frequency ranges.
configure interface cable cable downstream modulation 64qam
Accept default downstream modulation type.
configure interface cable cable downstream power-level 500
Accept default downstream power level. Default = 500, in tenths of dBmV. Range = 500-610.
configure interface cable cable upstream 0 modulation-profile 2
Accept default modulation profile. Default = 2.
configure interface cable cable upstream 0 channel-type tdma
Accept default upstream channel type. Default = tdma.
configure interface cable cable upstream 0 channel-width 3200000
Accept default channel width. Default = 3.2 MHz.
configure interface cable cable upstream 0 power-level 0
Accept default upstream power level. Default = 0. Power range varies with channel width selection. Range = -4 to 26 dBmV if channel width is 3.2 MHz.
Procedure 10-2
Example of Growing and Enabling a 2Dx12U CAM with Logical Channels By default all 2Dx12U upstreams are set to modulation profile 2 (TDMA, QPSK).
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-9
10 Basic CAM Configuration
NOTE Those users who do not wish to implement logical channels can use this procedure but should ignore all steps that add or provision upstream n.1. 1 Choose the upstream frequency range that corresponds to North America, Japan, or Europe: configure cable freq-range | no Where:
no = no frequency range override
In other words, this command is disabled and the upstream frequency range is determined by the Annex setting. See configure interface cable cable downstream annex. Annex B (North America) is the default. 2 (optional) Use the following command to display help text regarding preconfigured modulation profiles: configure cable modulation-profile 100 ? Where:
100 is an arbitrary mod profile ID number
Sample system response: C4-8# configure cable modulation-profile 100 ? atdma - Use preconfigured iuc - IUC type scdma - Use preconfigured tdma - Use preconfigured tdma-1d8u - Use preconfigured tdma-atdma - Use preconfigured
ATDMA modulation profile SCDMA modulation profile 2D12U CAM TDMA modulation profile 1D8U CAM TDMA modulation profile TDMA-ATDMA modulation profile
You may use these ready-made modulation profiles or use them as the starting points for creating your own customized profiles. 3 Configure a desired modulation profile ID number, channel type, and modulation: configure cable modulation-profile 37 scdma qam-64 4 Configure a second modulation profile ID number, channel type, and modulation: configure cable modulation-profile 6 tdma qam-16 5 Provision slot (15 is used in this example) for a 2D CAM: configure slot 15 type 2D12U
10-10
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
6 Assign a downstream frequency to MAC domain 0 in that slot: configure interface cable 15/0 cable downstream frequency 357000000 7 Assign a downstream frequency to MAC domain 1: configure interface cable 15/1 cable downstream frequency 369000000 The two commands that follow can be entered as one single command as in step 8. configure interface cable 15/0 cable upstream 0 configure interface cable 15/0 cable upstream 0 connector 0 8 Assign an upstream to MAC 0 and to a physical connector: configure interface cable 15/0 cable upstream 0 connector 0 9 Assign an upstream to MAC 1 and to a physical connector: configure interface cable 15/1 cable upstream 6 connector 6 10 Set the upstream frequency for 15/0 upstream 0: configure interface cable 15/0 cable upstream 0 frequency 8400000 11 Set the upstream frequency for 15/1 upstream 6: configure interface cable 15/1 cable upstream 6 frequency 14800000 Perform step 12 only to set channel-type and mod-type to values other than the defaults. Step 12 assigns modulation profile 6 to the .0 logical channels and profile 37 to the .1 logical channels. 12 Assign modulation profiles to the logical channels of the of the two upstreams you provisioned: configure interface cable 15/0 cable upstream 0.0 modulation-profile 6 configure interface cable 15/0 cable upstream 0.1 modulation-profile 37 configure interface cable 15/1 cable upstream 6.0 modulation-profile 6 configure interface cable 15/1 cable upstream 6.1 modulation-profile 37
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-11
10 Basic CAM Configuration
13 Enable upstream logical channel 0 on 15/0: configure interface cable 15/0 cable upstream 0.0 no shutdown 14 Enable logical upstream channel 1 on 15/0: configure interface cable 15/0 cable upstream 0.1 no shutdown 15 Enable logical upstream channel 6.0 on 15/1: configure interface cable 15/1 cable upstream 6 no shutdown 16 Enable logical upstream channel 6.1 on 15/0: configure interface cable 15/0 cable upstream 6.1 no shutdown 17 Enable the downstream in 15/0: configure interface cable 15/0 cable downstream no shutdown 18 Enable the mac-port in 15/0: configure interface cable 15/0 no shutdown mac-port 19 Enable the downstream in 15/1: configure interface cable 15/1 cable downstream no shutdown 20 Enable the mac-port in 15/1: configure interface cable 15/1 no shutdown mac-port NOTE If you have not configured IP addresses for the CAM, modems will range but not register. 21 If not done already, assign IP address and mask to 15/0: configure interface cable 15/0.0 ip address 10.134.64.1 255.255.224.0 22 If not done already, assign IP helper address to 15/0: configure interface cable 15/0.0 cable helper-address 10.50.34.3 23 Assign IP address and mask and helper address to 15/1 as in steps 21 and 22 above.
10-12
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
24 Enable the CAM in slot 15: configure interface cable 15/0 cable downstream no shutdown 25 Verify that the slots are provisioned as desired: show linecard status End of procedure The following output text provides an example of the system response to the show linecard status command: 0 1 2 3
CAM CAM CAM CAM
(2D, (2D, (2D, (2D,
12U) 12U) 12U) 12U)
14 15 16 17 18 19 20
NAM CAM NAM FCM FCM SCM SCM
(1GE, 1FE) (2D, 12U) (1GE, 1FE) A B A B
2Dx12U Ingress Noise Cancellation
Up Up Up Up
IS IS IS IS
Standby Active Active Active
04211CMD0018 04261CMD0032 04121CMD0005 04051CMD0013
CAM-01122W/F05 CAM-01122W/F06 CAM-01122W/E06 CAM-01122W/D15
CAM/CAM CAM/CAM CAM/CAM CAM/CAM
Up Up Up Up Up Up Up
IS IS IS IS IS IS IS
Simplex Active Simplex Active Standby Active Standby
03181CBG0021 04051CMD0012 02201CBG0013 03121CBR0023 03121CBR0044 02231CBM0018 03031CBM0049
GNAM-GB010W/D04 CAM-01122W/D16 GNAM-GB010W/B10 FCM-30640W/E06 FCM-30640W/E06 SCM-00440W/G06 SCM-02440W/B02
NAM/NAM CAM/CAM NAM/NAM FCM/FCM FCM/FCM SCM/SCM SCM/SCM
The following CLI command is used to enable ingress cancellation: configure interface cable / cable upstream ingress-cancellation [ interval ] [ size ] For more information, see 2Dx12U Ingress Noise Cancellation, page 6-49.
Migration from 1Dx8U CAMs to 2Dx12U CAMs The illustration in Figure 10-1 shows an example of how to migrate the upstreams from two 1x6 CAMs onto a single 2Dx12U CAM. Only six connectors of the 2Dx12U CAM are used. Two upstreams with different frequencies are placed on each used connector. The original frequency is denoted f1. Those channels that must change frequency are shown with the notation f1=>F2. RF cable connectors 3 and 7 are left as spares.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-13
10 Basic CAM Configuration
Advantages: •
Uses all 12 upstream receivers in 2D:12U
•
Same arrangements for D0 and D1 upstreams in 2D:12U
•
Supplies 2 upstream logical channels to every Fiber Node
•
2 spare F connectors on 2D:12U CAM
•
Utilizes ULB (upstream load balance)
Disadvantages: •
10-14
Requires 2:1 combiners on existing cables
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
1x6 CAMs used 34 MHz for all upstreams. 2Dx12U CAMs use 38 MHz for 2nd channel of each combiner. f1 = 34 MHz; F2 = 38 MHz
D0 = 781 Mhz D1 = 781 Mhz
F connectors Blade 1
1x6 --- D0
Node #1
+
f1
/
0
+
Node #2
f1=>F2
/
DS 1
+
Node #3
f1
/ +
Node #4
f1=>F2
/
1
+
Node #5
f1
/ +
Node #6
/
f1=>F2
Blade 2
1x6 --- D0
+
f1
/
Node #8
4
+
f1=>F2
/
Node #9 Node #10 Node #11
+
Crossbar
2 3 spare
Node #7
DS 0
M ulti US Fre q pe r M AC Dom ain
U0 = 34 Mhz U1 = 38 M hz U2 = 34 Mhz U3 = 38 M hz U4 = 34 Mhz U5 = 38 M hz U6 = 34 Mhz U7 = 38 M hz U8 = 34 Mhz U9 = 38 M hz U10 = 34 Mhz U11 = 38 M hz
(configurable)
RF 0
f1 F2
U0
RF 1
f1 F2
U2 MAC Domain U3 0
RF 2
f1 F2
U4
RF 3 f1 F2
RF 5
f1 F2
f1=>F2
/
U8 MAC Domain U9 1
+
f1
/
Node #12
+
RF 6
f1 F2
U10
/
f1=>F2
U6 U7
5
+
U5
RF 4 f1
/
U1
6
RF 7
U11
7 spare
Figure 10-1: One Way to Migrate Two 1Dx6 CAMs onto One 2Dx12U (example) Figure 10-2 shows the same migration example. Instead of showing a network diagram it shows the slot configuration before and after.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-15
10 Basic CAM Configuration
0
1
2
3
4
SLOTS
D0
0
R
U0
D1
C
0 1
N U2
N E
U3
C
U4
2
O
4 5
U6
R
6
U7
S
7
Two CAMs 1D/6U KEY:
3
4
U0 U1 U2 U3 U4 U5
3
T U5
2
D0
F
O
U1
1
U6 U7 U8 U9 U10 U11
One 2Dx12U CAM — 12 Upstreams Upstream at 34 MHz
MAC DOMAIN 0
Upstream at 38 MHz
MAC DOMAIN 1
Figure 10-2: Migration Example: from 12 Upstreams on Two 1D/6U CAMs to One 2Dx12U Figure 10-3 provides two more examples of slot equipage and upstream channel utilization when migrating from a 1Dx8U chassis to a chassis equipped with 2Dx12U CAMs. In the upper example, a total of 32 upstreams are migrated to four 2Dx12U CAMs. In the lower example a total of 12 upstreams are migrated onto two 2Dx12U CAMs. In this case each mac domain (downstream) is left with four upstreams to preserve the network topology.
10-16
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
SLOTS 0
1
2
3
4
5
SLOTS
RF Numbers 6
7
8
9
D0
0
1
2
3
4
5
6
7
8
9
6
7
8
9
D0 D1
U0
U0
U1
U1
U2
U2
U3
U3
U4
U4
U5
U5
U6
U6
U7
U7
Eight (8) 1Dx8U CAMs
0
1
2
3
4
5
6
7
D0
Four (4) 2Dx12U CAMs
8
9
0
1
2
3
4
5
D0 D1
U0
U0
U1
U1
U2
U2
U3
U3
U4
U4
U5
U5
U6
U6
U7
U7
Three (3) 1Dx8U CAMs
Two (2) 2Dx12U CAMs
Figure 10-3: Two Examples of Slot Configuration after Migrating to 2Dx12U CAMs
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-17
10 Basic CAM Configuration
Procedure 10-3
Migrating from a 1Dx8U Chassis to a 2Dx12U Chassis This procedure assumes that your chassis and PICs are of the minimum required hardware revision and that you are replacing all 1Dx8U CAMs in the chassis with 2Dx12U CAMs. 1 Shutdown the first of the 1D Cams: configure interface cable shutdown Where is the lowest numbered CAM. 2 Repeat the step above for each remaining CAM until all have been shut down. 3 Degrow 1D slots: configure no slot 4 Repeat step 3 for each remaining CAM slot. 5 Write memory write memory 6 Physically remove all 1D CAMs. 7 Insert 2Dx12U CAMs into the desired slots. 8 Verify that each 2Dx12U CAM has the correct PIC. Sparing group leaders must be equipped with sparing PICs. 9 Re-cable downstream and upstream channels as needed. 10 Configure the first 2Dx12U CAM and its downstream and upstream channels using the following commands: configure slot type 2D12U configure interface cable /0 no shutdown mac-port configure interface cable /0 cable downstream frequency 321000000 configure interface cable /0 cable downstream no shutdown configure interface cable /1 no shutdown mac-port configure interface cable /1 cable downstream frequency 321000000
10-18
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
configure interface cable /1 cable downstream no shutdown configure interface cable /0 cable upstream 0 configure interface cable /0 cable upstream 0 modulation-profile 2 configure interface cable /0 cable upstream 0 frequency 12000000 configure interface cable /0 cable upstream 0 connector 0 configure interface cable /0 cable upstream 0 no shutdown configure interface cable /0 cable upstream 1 configure interface cable /0 cable upstream 1 modulation-profile 2 configure interface cable /0 cable upstream 1 frequency 16000000 configure interface cable /0 cable upstream 1 connector 0 configure interface cable /0 cable upstream 1 no shutdown configure interface cable /0 cable upstream 2 configure interface cable /0 cable upstream 2 modulation-profile 2 configure interface cable /0 cable upstream 2 frequency 12000000 configure interface cable /0 cable upstream 2 connector 1 configure interface cable /0 cable upstream 2 no shutdown configure interface cable /0 cable upstream 3 configure interface cable /0 cable upstream 3 modulation-profile 2 configure interface cable /0 cable upstream 3 frequency 16000000
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-19
10 Basic CAM Configuration
configure interface cable /0 cable upstream 3 connector 1 configure interface cable /0 cable upstream 3 no shutdown configure interface cable /0 cable upstream 4 configure interface cable /0 cable upstream 4 modulation-profile 2 configure interface cable /0 cable upstream 4 frequency 12000000 configure interface cable /0 cable upstream 4 connector 2 configure interface cable /0 cable upstream 4 no shutdown configure interface cable /0 cable upstream 5 configure interface cable /0 cable upstream 5 modulation-profile 2 configure interface cable /0 cable upstream 5 frequency 16000000 configure interface cable /0 cable upstream 5 connector 2 configure interface cable /0 cable upstream 5 no shutdown configure interface cable /1 cable upstream 6 configure interface cable /1 cable upstream 6 modulation-profile 2 configure interface cable /1 cable upstream 6 frequency 12000000 configure interface cable /1 cable upstream 6 connector 4 configure interface cable /1 cable upstream 6 no shutdown configure interface cable /1 cable upstream 7 configure interface cable /1 cable upstream 7 modulation-profile 2 configure interface cable /1 cable upstream 7
10-20
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
frequency 16000000 configure interface cable /1 cable upstream 7 connector 4 configure interface cable /1 cable upstream 7 no shutdown configure interface cable /1 cable upstream 8 configure interface cable /1 cable upstream 8 modulation-profile 2 configure interface cable /1 cable upstream 8 frequency 12000000 configure interface cable /1 cable upstream 8 connector 5 configure interface cable /1 cable upstream 8 no shutdown configure interface cable /1 cable upstream 9 configure interface cable /1 cable upstream 9 modulation-profile 2 configure interface cable /1 cable upstream 9 frequency 16000000 configure interface cable /1 cable upstream 9 connector 5 configure interface cable /1 cable upstream 9 no shutdown configure interface cable /1 cable upstream 10 configure interface cable /1 cable upstream 10 modulation-profile 2 configure interface cable /1 cable upstream 10 frequency 12000000 configure interface cable /1 cable upstream 10 connector 6 configure interface cable /1 cable upstream 10 no shutdown configure interface cable /1 cable upstream 11 configure interface cable /1 cable upstream 11 modulation-profile 2
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-21
10 Basic CAM Configuration
configure interface cable /1 cable upstream 11 frequency 16000000 configure interface cable /1 cable upstream 11 connector 6 configure interface cable /1 cable upstream 11 no shutdown configure interface cable /0 no shutdown mac-port configure interface cable /1 no shutdown mac-port configure interface cable 1 no shutdown 11 Repeat the commands in step 10 for each remaining 2Dx12U CAM. 12 Grow the ip addresses for the first CAM and configure it as the cable bundle master. configure interface cable /0.0 ip address 10.10.0.1 255.255.0.0 configure interface cable /0.0 ip address 10.10.32.1 255.255.0.0 secondary configure interface cable /0.0 cable helperaddress 10.50.28.3 configure interface cable /0.0 cable dhcp-giaddr policy configure interface cable /0 cable bundle master 13 Write memory write memory 14 Reload commit reload commit End of procedure
10-22
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Measuring SNR in the 2Dx12U CAM For the upstream channel Signal-to-Noise Ratio (SNR), there are two independent measurement sources, TDMA Average Long Term Signal Symbol Slicer Error and SCDMA Average Long Term Signal Symbol Slicer Error. The former is used for TDMA/ATDMA upstream channels while the latter is used only for SCDMA channels. TDMA Average Long Term Signal Symbol Slicer Error and SCDMA Average Long Term Signal Symbol Slicer Error are implemented as two 16-bit registers in the upstream PHY chip, BCM3140. The names of these registers are T_LT_SLCR_ERR and C_LT_SLCR_ERR, respectively. The SNR reading for a TDMA/ATDMA upstream logical channel is derived from the value in the T_LT_ SLCR_ERR register while the SNR reading for an SCDMA upstream logical channel is derived from the value in the C_LT_ SLCR_ERR register. A separate method is used to measure the SNR of the individual cable modem (CM). Two parameters are used to calculate the SNR for a CM -the Accumulated Symbol Slicer Error and the Accumulated Burst Count. For each upstream SID, there is an associated MIB table residing in SDRAM 0 that is assigned to the BCM3214 chip. The 32-bit MIB snrcnt stores the Accumulated Symbol Slicer Error and snracc stores the Accumulated Burst Count. The SNR reading for the CM is derived from the ratio (snrcnt/snracc) of these two counts taken from the primary SID of the CM. Each time that a user reads the SNR from an upstream channel, the current reading of the T_LT_SLCR_ERR or C_LT_SLCR_ERR directly determines the value of the SNR. Similarly, the ratio of snrcnt/snracc from a primary SID directly determines the SNR reading of the CM. In order to understand how the SNR is calculated, it is important to know that what was accumulated in these registers and how time averaging affects the accumulations. Both registers, T_LT_SLCR_ERR and C_LT_SLCR_ERR, have their own programmable time averaging windows in terms of the number of upstream decoded signal symbols. In the current C4 CMTS implementation, both registers are set to have time averaging windows of 10,000 symbols. This setting effectively filters out the rapid jumping of the average slicer errors between the upstream bursts. If this average window size is too small, then the SNR reading becomes unstable because of the rapid jumping in its average slicer errors. The average slicer error is the result of the demodulation of the upstream burst. We are looking for SNR here not the quality of demodulation. Setting the average time window too small would give a confusing result. If this time averaging window is set to too large, then it may filter out the noise spikes. At this time, the settings of time averaging windows are hard coded: there is no MIB to change the current symbol size setting.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-23
10 Basic CAM Configuration
The initial value of the T_LT_SLCR_ERR register is 0. It starts to accumulate the slicer error as soon as there is a demodulated upstream burst. The actual reading is not available until enough symbols are accumulated. Once that happens the register reading no longer equals zero, and the reading is updated as more and more upstream bursts arrive. It becomes the continually updated window averaging of 10,000 symbols. Each time it reads the register; it returns the average slicer error of the past 10,000 symbols up to the last burst received. If the last burst received was ten minutes ago, then the reading of this register actually reflects the upstream noise condition ten minutes ago. No noise is detected if the ingress occurs while there is no upstream burst present in the channel. The SNR of a traditional analog channel is calculated differently, because the analog upstream carrier is a constant signal. The initial value of the C_LT_SLCR_ERR register is 1 instead of 0, which means that the initial SNR reading of an SCDMA channel has a maximum value of 43.1 dB. It reflects the true slicer error once it accumulates enough symbols. For an SCDMA upstream channel, the time averaging window is set to 10,000 symbols, just as it is with its TDMA counterpart. If an upstream burst is of type TDMA/ATDMA, then its average slicer error (1 to 32768) gets accumulated into register T_LT_SLCR_ERR. Additionally the average slicer error for all ranging bursts of type SCDMA gets accumulated in this register. As long as there are some modems registered on the TDMA/ATDMA channel, this register is continuously updated because ranging messages are occurring on the channel all the time. If an upstream burst is of type SCDMA, then only some of its average slicer errors (1 to 32768) get accumulated into register C_LT_SLCR_ERR. The slicer errors of SCDMA data bursts (IUC = 8, 9, and 10) go into C_LT_SLCR_ERR, while the slicer errors of the SCDMA ranging bursts (IUC = 3, and 4) go into T_LT_SLCR_ERR. This implies that we measure the SNR for payload data bursts for an SCDMA channel only. It also implies that the SNR reading may stay constant for a long period of time if there is no data traffic. For instance, an upstream channel with DOCSIS Set-top Gateway (DSG) only may not see any upstream activities once they are registered. Therefore, the SNR reading may stay the same a time during DSG registration. The upstream channel SNR in the C4 CMTS measures the noise condition when data traffic is present on the upstream channel, not when the upstream channel is idle. Please note that when you read the upstream channel noise using SNMP or the show... commands of the CLI interface of the C4 CMTS, the SNR reading is 0.00 dB when: The logical upstream channel is not in service (IS state), or
10-24
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
No modem is registered on the logical upstream channel. The slicer errors of ranging bursts (IUC = 3 and 4) are also included in the MIB variables, snrcnt and snracc, of the primary SID. However, no slicer errors of any data bursts are used for CM SNR measurements. The snrcnt and snracc are straight accumulators with no time averaging function. The C4 CMTS software starts to calculate this SNR once the snracc is greater than 20 bursts. Since station maintenance has a long interval, on the order of ten seconds, the SNR readings for a cable modem change slowly. In the course of normal operations, SNR readings truly reflect upstream channel conditions. There are a few shortcomings, most of which have already been covered above. Under some conditions, the SNR readings can vary greatly from the expected range. For example, initial ranging bursts on the upstream channel are not subject to power control. The modem can transmit its RNG-REQ at all possible power levels allowed for in the DOCSIS specification. This may cause the SNR readings to jump around. Furthermore, the initial ranging messages are subject to collisions when two or more modems try to transmit at the same time. If a collision occurs, the slicer error can become huge. The collision of 50% of the bursts of the initial ranging message can cause more than a 10dB drop in the SNR readings. This can happen for a short period of time (a couple of minutes) if hundreds of cable modems are trying to register simultaneously. The SNR reading may hover around 15dB for a few minutes then gradually rise. The SNR will return back to normal level once the burst collision rate comes down to less than 10%. Therefore, a sudden drop of SNR could be an indication that all or some of the modems have fallen off the upstream channel and are all attempting to re-range. You can verify this by looking up the upstream channel MIB for IUC3 collisions. Please note that such SNR degradations do not apply to SCDMA channels. Their SNR measurement are based on data bursts with established power control and are free from burst collisions. However, under some rare conditions, the SNR reading may go down all the way to less than 10 dB, which indicates that the upstream channel is not operational at all. This low SNR reading does not necessarily reflects the real condition of the upstream channel. It could be the result of an error or lockup condition of the upstream PHY chip. For example, the US channel frequencies may overlap; or the symbol FIFO in the upstream PHY chip may overflow, or its pointer may be off by a couple of positions. It is also possible that the demodulator is out of sync with the symbol clock, and so on. Once the PHY chip gets into such critical error state, its symbol slicer error estimation malfunctions and it generates a huge value, which leads to an unreal SNR level. Various fault tolerance functions have been implemented
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-25
10 Basic CAM Configuration
in the C4 CMTS to monitor and detect these known critical error conditions. The proper response functions are also implemented to bring the upstream receiver back to normal working state. Besides the SNR measurement, the C4 CMTS uses FEC counters to provide additional information to describe the condition of an upstream channel. The CLI command show cable noise… lists these FEC counts along with the SNR reading for each logical upstream channel. Please see the CLI output below: show cable noise cable 13/0 CAM/DS/US SNR(dB) MicroReflection FEC_Unerrored FEC_Corrected FEC_Uncorrected --------------------------------------------------------------------------------13/0/0.0 37.0 0 5140 0 0 13/0/1.0 37.6 0 5328 0 0 13/0/2.0 37.6 0 6002 0 1 13/0/3.0 40.1 0 5708 0 1 13/0/4.0 40.1 0 4566 0 1 13/0/5.0 40.1 0 5338 0 3
NOTE The MicroReflection column is shown in the table, but is not supported in release 4.x. The SNR column lists the average SNR reading from the past 10,000 upstream signal symbols up to the last burst received. The FEC_Unerrored column lists the total FEC code blocks received without error since last CLI command. Similarly, the FEC_Corrected and FEC_Uncorrected columns list, since the last CLI command, the FEC code blocks counts that were corrected and not corrected by the RS decoder, respectively. In an upstream channel in good working condition, the SNR should be generally higher than 35 dB and there should be no errors counted in the FEC_Corrected and FEC_Uncorrected columns. As the channel becomes nosier, the SNR reading starts to go lower. When it reaches approximately 30 dB, the count in the FEC_Corrected column may start to increase. As long as there are no counts in the FEC_Uncorrected column, the upstream channel is still in good shape because the RS decoder has been able to correct all FEC errors. There should be no dropped data packets in the upstream direction as long as the count of the FEC_Uncorrected column is zero. When the SNR reading goes down to below 25 dB, the FEC_Uncorrected count may start to increase. Under this condition, the pre-MAC block in the CAM drops packets with uncorrected FEC blocks.
10-26
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
In general, an upstream channel requires the SNR level of at least 15 dB to see some upstream bursts. If the SNR column shows a single-digit reading, there may be an error or lockup condition in the PHY or MAC module in the CAM. Under such conditions, the FEC counts (corrected and uncorrected) may make no sense. You should ping a modem on that upstream channel to verify the channel condition and correct the error.
Clone Group Configuration It is common practice for cable operators to deploy a plant topology that uses clone groups. Clone groups are used when the set of upstream channels associated with the same downstream channel are split into different cable groups. Clone groups result in different physical upstream paths for upstream channels that share the same downstream. They can also be used to share a single upstream path among multiple downstreams. Cable operators may use clone groups to control the number of subscribers per cable group. Another reason to use clone groups is that there may be a limited number of good upstream frequencies available in a cable group. Terminology
MAC Domain — A downstream channel and its associated upstream channels. An upstream channel is associated with a single downstream channel that carries its UCD and MAP messages to the cable modems. Cable Group — A cable group is a physical cable containing one or more downstream channels and one or more associated upstream channels. It is possible to have the downstream channels from two different CAMs in the same cable group, but it is not recommended. Channel frequencies must be unique: they must not overlap or be reused within the cable group. Clone Group — A clone group is a set of upstream channels in a MAC domain (associated with the same downstream channel) that are split into different cable groups. DOCSIS® recommends that the upstreams in the clone group be configured with the same frequency. One disadvantage of clone groups is the potential for upstream RF interference if the clone groups are improperly configured. This will be discussed in the sections to follow. Inter-MAC-Domain Clone Groups — (formerly known as InterCAM Clone Groups) A network topography in which multiple downstream channels from the C4 CMTS are combined onto the same facility. The modems in that cable group receive multiple downstreams but can only transmit to a limited number of upstream receivers. An example is given in Figure 10-4, page 10-31.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-27
10 Basic CAM Configuration
This feature does not require that all 1-12 upstreams on a given CAM be clones of one another: they can have different frequencies and channel widths, for example. It is recommended that the set of upstream channels of each CAM sharing this downstream facility be cloned. For example, U0 of the first CAM in the downstream grouping has the same parameters as the other U0 channels in the downstream grouping. All the U1 channels will be configured the same, and so on. In such a topography the cable modems can lock onto any downstream during ranging, but can only transmit onto a single physical upstream. Thus it sometimes happens that an initializing modem can lock onto one downstream in the group, but send its range requests to an upstream channel of a different CAM. See Inter-MAC-Domain Clone Groups, page 10-31, for a more complete description of how the C4 CMTS directs the modem to listen to the correct downstream channel.
Clone Group Configuration Recommendations NOTE Clone groups must be comprised of all 1Dx8U or all 2Dx12U CAMs. Do not mix CAM types. Guidelines for Inter-MACDomain Clone Groups
Inter-MAC-Domain (formerly known as InterCAM) Clone Groups must work across all homogeneous groups of downstream channels, and must work across 2D downstream channels belonging to the same CAM. Homogeneous in this context means that the downstream channels are all either 2Dx12U downstreams or all 1Dx8U downstreams. For DOCSIS 2.0 applications using Multiple Logical Channels there are additional clone group guidelines: •
When using Multiple Logical Channels, there are separate Initial Maintenance opportunities for each logical channel.
•
For Clone Group purposes, the C4 will align the Initial Maintenance start times for all logical channel zeroes, and similarly for all logical channel ones.
•
Thus the user should provision the logical channels across clone groups such that the logical channel zeroes are cloned, and the logical channel ones are cloned.
ARRIS recommends the following procedure to ensure proper clone group behavior to avoid upstream RF interference.
10-28
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 10-4
How to Align IM Opportunities for Clone Groups 1 Enable clone group operation on the downstream configure interface cable cable downstream clone-group-enable Where:
true = aligned (default: this is required for clone groups) false = not aligned.
When set to true, this will align the start of the Initial Maintenance regions across all of the upstreams associated with the downstream. 2 Configure all the upstream channels in the clone group with the same values for the following parameters:
-
frequency modulation-profile channel-width mini-slot-size
End of procedure
By following these recommendations the following is achieved: •
The Initial Maintenance regions will start at the same time, will be the same duration, and will be at the same frequency across all the cloned upstreams. This will avoid interference with other upstream data.
•
The upstream receiver will be able to properly decode an Initial Range Request even if the modem selected a different upstream’s UCD. The CMTS will indicate the proper upstream Channel ID to the modem in the Range Response. The modem can then switch to the correct UCD and MAPs and continue the initialization process. This provides faster Initial Ranging and Registration of modems.
Clone Group Operation Details When a clone group exists, the DS carries Upstream Channel Descriptors (UCDs) and Upstream Bandwidth Allocation (MAP) information to all cable groups for all US channels in the MAC domain. A cable modem attempting to initialize does not know which cable group it is in. It may randomly respond to the UCD and MAP of channel U0 when it is physically connected to U1. The CMTS will hear this initial Range Request through channel U1 (provided the clone group is configured as
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-29
10 Basic CAM Configuration
recommended above). The CMTS does not know if the CM has responded to the wrong UCD, but the CMTS will respond with a Range Response indicating upstream U1. At this point the CM recognizes the upstream channel mismatch and begins using the UCD and MAP for the correct channel, U1. The CM can continue with Station Maintenance and Registration on channel U1. If the clone group configuration recommendations are not followed, then the CM’s initial Range Request may interfere with other legitimate traffic at the frequency of the selected UCD. Additionally it may take longer for the modems to complete initial ranging. The modem may have to continue trying initial Range Requests until it selects the UCD matching its physically connected channel.
Sample Clone Group Configurations There are many possible configurations involving clone groups for a 1Dx8U MAC domain. In each example all the upstream channels in a clone group are configured with the same frequency, modulation-profile, channelwidth, and mini-slot-size. The downstream clone-group-enable flag is set to true. Here are a few examples of recommended configurations: •
Eight Cable Groups each having one upstream channel. The eight upstream channels belong to one clone group.
•
Four Cable Groups each having two upstream channels. The upstream channels are divided into two clone groups. Each clone group has four upstream channels, one per cable group.
•
Two Cable Groups each having four upstream channels. The upstream channels are divided into four clone groups. Each clone group has two upstream channels, one per cable group.
The following example is possible but not recommended: •
Two Cable Groups, one with five upstream channels, one with 3 upstream channels. The upstream channels are divided into five clone groups each with unique frequencies. In cable group 1 the five upstreams each belong to a clone group. In cable group 2, the three upstreams are assigned to three of the five clone groups. The remaining two clone groups in cable group 2 do not have upstreams. However, the frequencies for these remaining two clone groups should NOT be used for other services in cable group 2.
If multiple MAC domains (downstream channels) are included in a cable group, the operator should keep the US channel frequencies separate between the MAC domains. This is required because Clone Groups are not supported for upstream channels from different MAC domains.
10-30
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Inter-MAC-Domain Clone Groups If the C4 CMTS is not properly configured for downstream clone groups, the cable modems will be slow to range and register. Some modems that are not fully DOCSIS-compliant may not register at all. Inter-MAC-Domain Clone groups are used in topologies such as the one illustrated in Figure 10-4. Because the modems see multiple downstreams they can lock onto the wrong one. Since their upstreams are physically separated from their downstreams they transmit on the correct upstreams while listening to the wrong downstream. Once the C4 CMTS is properly configured, it recognizes when a modem is listening to an incorrect downstream and instructs it to tune to the correct downstream frequency.
Node
CMs
Node
CMs
D0 U0 US Receiver U7 CAM 0 D0 U0 US Receiver U7 CAM 1
Figure 10-4: Network Example — Each CM Sees Multiple Downstreams
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-31
10 Basic CAM Configuration
Feature Requirements
The Inter-MAC-Domain Clone Group feature requires certain configurations: •
Clone-group-enable must be set to true
•
Users must comply with the recommendations for clone groups (See Clone Group Configuration Recommendations, page 10-28)
•
Initial Maintenance (IM) opportunities must be aligned across all downstreams (The insertion-interval and max-round-trip-delay parameters must be the same for all downstreams).
This alignment of IM opportunities in the MAPs sent by all downstream channels is made possible because the client card timestamps and the standby SCM are all synchronized to the active SCM clock. The C4 CMTS includes a unique Downstream Channel ID in each UCD. The modems relay this DS Channel ID when they send their RNG-REQ (range request) messages. If the Downstream Channel ID included in the range request does not match the downstream associated with the receiver, the C4 CMTS knows that this modem is listening to the wrong downstream. When the C4 CMTS realizes that a modem is listening to the wrong downstream, it responds with a downstream frequency override in the Range Response message it sends to the ranging modem. This forces the modem to switch to the downstream frequency specified in the Range Response message and re-range.
Modulation Profiles The pre-defined modulation profiles discussed in this section are used as a means to define the values of the several parameters needed to configure an upstream (US) channel. These modulation profiles are each given an ID number. They can be modified or used as a starting point to create other modulation profiles for upstream channel definitions that better suit the customers’ applications and environments. Default Modulation Profiles
10-32
There are two default modulation profiles. Number 1 is used with 1Dx8U CAMs; number 2 is used with 2Dx12U CAMs. For information on upstream parameters, a comparison of the default profiles, and on using canned profiles to create new profiles, see chapter 20, Upstream Modulation Parameters and Profiles.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 10-5
How to Create and Apply a Modulation Profile to an US Port This procedure can be used to modify existing modulation profiles or to add new ones. Modulation profiles must be created and then associated with specified upstream ports. Table 10-5: Existing or New Modulation Profile IF YOU SPECIFY AN
THEN THE PROCEDURE WILL
existing modulation profile ID
change an existing modulation profile
unused modulation profile ID
add a new modulation profile
1 Use the following command to alter an existing modulation profile or create a new one (default modulation-profile id = 1 or 2): configure cable modulation-profile iuc [mod ] [pre-len ] [diff ] [fec-tbytes ] [fec-len ] [seed ] [burst-len ] [last-cw ] [scrambler ] [guard-time-size ] [int-depth ] [int-blocksize ] [pre-type ] [tcm ] [int-stepsize ] [spreader ] [subframe-code ] [channel-type ] NOTE Default values for the various modulation profile parameters may change according to the IUC is selected. See chapter 20, Upstream Modulation Parameters and Profiles for a complete listing.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-33
10 Basic CAM Configuration
2 Use the following command to apply an existing modulation profile to an upstream port. Do not enter a range of ports; the command must be repeated for each upstream port. configure interface cable / cable upstream modulation-profile The C4 CMTS confirms the creation (or modification) of the modulation profile: Modulation profile id set to n Where:
n = the number of the modulation-profile created or modified.
3 Verify the parameters of the new (modified) modulation profile: show cable modulation-profile The system response is similar to the following output: Modulation profile 1 Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--- Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod ---------------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 2 8 F T - 3 initialRanging tdma qpsk 128 F 5 34 338 0 48 F T - 4 periodicRanging tdma qpsk 128 F 5 34 338 0 48 F T - 5 shortData tdma qpsk 72 F 6 75 338 12 8 T T - 6 longData tdma qpsk 80 F 8 220 338 0 8 T T - -
End of procedure
Procedure 10-6
How to Configure an Upstream (US) Channel Perform this procedure for US channel 0 and repeat as necessary for channels 1–11 on this CAM. (Valid range for US channels = 0–11.) Some steps are optional. By not executing the optional steps, default settings are applied.
Valid Center Frequencies
10-34
In the first step, set the center frequency of the upstream channel. The range of valid center frequencies varies according to the channel width selected. The overall upstream bandwidth in North America is from 5–42 MHz. The first valid center frequency in Hertz is 5,000,000 plus ½ (channel width). The last valid frequency is 42,000,000 minus ½ (channel width).
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The 2Dx12U CAM supports the extended Annex B upstream bandwidth used in Japan: from 5–55 MHz. It also supports Annex A (EuroDOCSIS), which is 5–65 MHz. These are the overall upstream range of frequencies. To calculate valid center frequencies refer to Table 10-6, Range of Valid Center Frequencies for DOCSIS and EuroDOCSIS Upstream Channels, on page 10-35. NOTE The Command Line Interface (CLI) supplies meaningful error messages for some but not all invalid combinations of channel width and frequency. If the CLI has no error message to give, a generic SNMP-level message is displayed. See Table 10-6. Table 10-6: Range of Valid Center Frequencies for DOCSIS and EuroDOCSIS Upstream Channelsa And the last valid center frequency is…
If channel width is…
Then first valid center frequency is…
DOCSIS (N. America)
DOCSIS (Japan)
EuroDOCSIS (Europe)
200000
5100000
41900000
54900000
64900000
400000
5200000
41800000
54800000
64800000
800000
5400000
41600000
54600000
64600000
1600000
5800000
41200000
54200000
64200000
3200000
6600000
40400000
53400000
63400000
6400000b
8800000
38800000
51800000
61800000
a. Overall upstream frequencies in DOCSIS range from 5–42 MHz; in Japan from 5–55 MHz; in EuroDOCSIS from 5–65 MHz. b. Only DOCSIS 2.0 channels can use the 6.4 MHz width.
1 (Required) Set the center frequency of the US port in Hertz (default = 12000000): configure interface cable / cable upstream frequency Where 5100000 to 41900000 is the range of valid center frequencies in Hz in North America. Center frequencies range from 5100000 to 64900000. In Japan the range is from 5100000 to 54900000. 2 If desired, set US channel width in Hertz (default = 3200000): configure interface cable / cable upstream channel-width {200000 | 400000 | 800000 | 1600000 | 3200000 | 6400000} Where 200000, 400000, 800000, 1600000, 3200000, and 6400000 represent the valid values for channel bandwidth in Hz.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-35
10 Basic CAM Configuration
NOTE If the channel type is set to SCDMA, then the channel width must be set to 1600000, 3200000, or 6400000 Hz. Setting the Rx Power Levels
The C4 CMTS is shipped with its receive power levels set to a default of 0 dBmV. This level may prove unsuitable for operation for a given cable plant. If, for example, the loss on a given node were so great that the CMs could not transmit a strong enough signal to reach the C4 CMTS at 0 dBmV, then you would want to lower the expected receive power level. 3 If desired, change the input Rx power to any level from -16 to 29 dBmV (default = 0 dBmV). As shown in Table 10-7, the valid range varies according to the upstream bandwidth. configure interface cable / cable upstream 0 power-level If the width of a channel is changed and the receive power level is no longer valid, the C4 CMTS automatically adjusts the receive power to the nearest valid value. Table 10-7: Rx Power Ranges for US Channel Widths US Channel Width in kHz
Valid Rx Power Range (dBmV)
200
-16 to 14
400
-13 to 17
800
-10 to 20
1600
-7 to 23
3200
-4 to 26
6400
-1 to 29
NOTE Resetting the receive power level in a single step from minimum to maximum in a given power range may prevent CM range requests from being received. For example, if the US channel bandwidth is 3200 kHz and the power level is reset from -4 to 26 dBmV, then the CMs might not register. The C4 CMTS avoids this by resetting the power in one or more steps according to the max-power-adj parameter found in the C4 CMTS cable upstream provisioning file. 4 If desired, change the maximum power adjustment parameter using the following command (range = 1–48; default = 24 units, which equals 6 dBmV): configure interface cable / cable upstream max-power-adj
10-36
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Where:
power adjustment = Maximum size of the CMTS range response power adjustments in 1/4 dBmV units.
5 If desired, set the start and end values for databackoff parameter (default = 2-8): configure interface cable / cable upstream databackoff - Where:
the first is the valid range for the start value the second is the valid range for the end value. The start value must be less than or equal to the end value.
6 If desired, enable or disable equalizer coefficient for this port. configure interface cable / cable upstream pre-eq-enable Where:
true = enabled and false = disabled.
7 If desired, select modulation profile ID (default = 1 or 2): configure interface cable / cable upstream modulation-profile Where:
= the modulation profile numeric identifier
8 If desired, set US power levels (default = 0): configure interface cable / cable upstream power-level 9 If desired, set the start and end values for range backoff parameter (default = 2-7): You must enter the start and end values separated by a dash. configure interface cable / cable upstream rangebackoff - Where:
the first is the valid range for the start value the second is the valid range for the end value. the start value must be less than or equal to the end value.
10 If desired, put US port in service: configure interface cable / cable upstream no shutdown CAC Overload Thresholds
Release 4.2, Standard
The following step allows you to change upstream Connection Admission Control (CAC) thresholds. The immediate effects of these thresholds are listed in Table 10-8. CAC thresholds affect all cable groups and persist even
ARRIS PROPRIETARY — All Rights Reserved
10-37
10 Basic CAM Configuration
if no cable groups are configured. CAC thresholds can be used by Upstream Load Balancing, Packet Cable, and other features to prevent overallocation of bandwidth. Table 10-8: Overload Threshold Defaults and their Effects Threshold
Default Value
Effect As soon as min. reserved bandwidth exceeds this level
Level 1
80%
a log message is generated.
Level 2
95%
a log message is generated.
Level 3
1000%
new service flows are denied and a log message is generated.
CAUTION
Changing CAC threshold settings will affect the performance of all cable groups and can have an impact on Upstream Load Balancing, Packet Cable, and any other features configured to use these settings. 11 If desired, change the overload threshold levels: configure interface cable / cable upstream level{1|2|3}-threshold 12 If desired, modify some or all of the following parameters for this US channel: •
map-size (default = 4)
•
mini-slot-size (default = 4)
•
threshold-power-offset (default = 24).
configure interface cable / cable upstream [map-size ] [mini-slot-size ] [threshold-power offset ] 13 Repeat this procedure as needed for the remaining US ports, 1–11, on this CAM. End of procedure
10-38
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 10-7
How to Activate a CAM 1 The following command brings the CAM online: configure interface cable no shutdown Where:
slot = the number of the slot, 0-15.
2 Restore (bring up) the downstream channel: configure interface cable / cable downstream no shutdown 3 Bring up the upstream channel: configure interface cable / cable upstream no shutdown 4 Repeat step 3 as needed for additional upstream channels. 5 Restore the mac-port: configure interface cable / mac-port no shutdown End of procedure
Procedure 10-8
How to Take a CAM Out of Service and Delete Its Slot This procedure is used to remove a CAM and the slot it resides in out of service. 1 Take the CAM out of service: configure interface cable shutdown 2 Verify module status: show linecard status The system response should confirm that the module is out of service. 3 Remove the slot from service: configure no slot End of procedure
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-39
10 Basic CAM Configuration
Adjusting Channel Settings in Response to Increased CM Scaling Table 10-9 presents recommendations for channel parameters with respect to cable modem scaling and feature loads. Table 10-9: Recommended Settings as Cable Modem Scaling Increases Cable Modems per CAM
Ranging Backoff
Insertion
Ranginga
BPI?
CAM Sparing
Up to 1000b
2-5
10-40
2400
OK
Yes
Any
None
1000-2000c
3-7
20-40
1500-2400
OK
Yes
Any
None
2000-3000
5-9
40
1500
OK
Yes
Any
None
3000-4000 2D-12U
5-9
40
1500
OK
Yes
Any
None
4000-5000 2D-12Ud
5-9
40
1500
OK
Yes
Any
None
5000-6000 2D-12Ue
5-9
40
1500
No
Yesf/No
Priority 0
Interval in Centisecs
Service Flow BW/Data Upstream Rate Priority Restrictions
≤ 1 packet per second
a. If CAM Sparing is not configured, the Ranging Interval can be left at the default value of 2400 centiseconds. Reducing the Ranging Interval is done for the purpose of improving CAM Sparing results on larger scale systems b. If BPI+ is enabled on modems, use 40 centisecond insertion interval when supporting 500-1000 modems. c. If BPI+ is enabled on modems, use 40 centisecond insertion interval. d. No logical channels. e. No logical channels and no load balancing over 5400 CMs/CAM. f. CAM sparing is not robust above 5400 CMs.
10-40
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
FlexCAM™ Hitless CAM Sparing Overview CAM sparing minimizes traffic loss and customer impact in case of a board failure. When an active CAM in a spare group fails, the spare CAM takes over — almost seamlessly. The cable modems that were connected to the upstream and downstream channels on the failed CAM are immediately connected to the spare CAM. Cable modems do not have to re-range or reregister, and they incur minimal data loss. Failback from the spare CAM to a recovered CAM can be set to take place automatically or manually. CAM sparing is an important element of system reliability. It greatly reduces customer impact and loss of traffic in the event of CAM failure. The spare CAM is used until the failed module is diagnosed, repaired, or replaced. The service outage is minimized because intervention by maintenance personnel is not required. When a failover occurs, the C4 CMTS automatically reconfigures the spare CAM to take over the functions of the failed module. This includes configuration of downstream and upstream channels and port administrative status. Depending on how you configure the C4 CMTS, the spare CAM remains the active module or automatically switches back to the original active CAM once that CAM comes back online. Definitions
Failover — Active CAM fails and the spare CAM takes over Failback— The recovered CAM becomes active, taking over for the spare. NOTE If a CAM has failed over to the sparing CAM, the C4 CMTS does not accept the command to remove the failed CAM from the sparing group. You must first fail back to the original CAM, then you can remove it from the sparing group.
Benefits of Hitless CAM Sparing
A great benefit of Hitless CAM Sparing is the minimal subscriber impact upon CAM failure. When an active CAM goes down, the CMs remain online. They do not have to re-range and re-register, and they sustain minimal subscriber impact. Other benefits of hitless CAM sparing include:
Release 4.2, Standard
•
Uninterrupted service to the subscriber if a CAM goes down in the middle of a session where the end user is sending or receiving data
•
System administrators can take active CAMs out of service without serious impact
•
Reduces the amount of down time in the event of CAM failure
ARRIS PROPRIETARY — All Rights Reserved
10-41
10 Basic CAM Configuration
The goal of CAM sparing is to preserve data flows such as UGS, UGS/AD, voice calls, best effort, and other subscriber services. Guidelines for CAM Sparing Groups
A sparing group consists of one spare CAM (the sparing group leader) and one to seven active CAMs protected by the sparing group leader. •
A sparing group must be homogenous: it must contain either all 1Dx8U or all 2Dx12U CAMs. A 1D CAM can spare only for 1D CAMS; a 2D CAM can spare only for other 2D CAMs.
•
The sparing group leader is not a different type of 1D or 2D CAM. Any CAM can be used as sparing group leader, but it must be the first CAM added to the group, and the group must be homogenous. The sparing leader CAM must be in the lowest numbered (left most, as seen from the front of the chassis) slot of the spare group.
•
The sparing group is named for the lowest slot in the group — the slot of the sparing group leader.
•
All protected members of the sparing group must be in consecutive slots to the right of the sparing leader. In other words, CAMs from two different sparing groups can not be interspersed. The presence of a Gigabit Ethernet NAM in slot 14 does not prevent a CAM in slot 15 from being added to a spare group to the left of the GigE NAM. See Figure 10-5, page 10-43.
Calculating Signal Loss during Failover
•
The sparing group leader must have a special Physical Interface Card called a sparing CAM PIC. If you decide to turn a sparing CAM into an active one, you must replace the sparing PIC with a regular PIC.
•
All slots between the spare CAM and the last or right most member of its sparing group must have rear PICs installed. (The GigE NAM PIC in slot 14 serves this function if a CAM is present in slot 15.)
•
CAMs are not required to be part of a sparing group.
When failover occurs the RF signal to the failed CAM is rerouted from the PIC of the failed CAM through the intervening PICs and backplane to the PIC of the now-active spare CAM. This longer path produces some signal loss. Although station maintenance begins immediately and compensates for the loss, there is a period of at least a few seconds, depending on the number of modems supported, that the signal is weakened. For the upstream signal, there is roughly a .1 dB loss per slot. Consider the case of a sparing group consisting of a spare in slot 0 and CAMs 1-7. If CAM 7 failed, there would be 7 x 0.1 dB additional loss in the upstream. The downstream signal experiences approximately .8 dB for the first slot, plus .5 dB for every other intervening slot. If CAM 7 failed, the loss would be .8 + (6 x 0.5), or a total of 3.8 dB.
10-42
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
These calculations of upstream and downstream loss are based on a worst-case scenario. This takes into account board-to-board variation and operation at the highest available frequency. Lower frequencies experience less loss. Finally, if the sparing group includes a CAM in slot 15 with a NAM in slot 14, as seen in Figure 10-5, then slot 14 must be included in the loss calculation.
Configure Sparing Groups — Example Figure 10-5 is a representation of two N+1 CAM sparing groups. This arrangement is meant as an example only. It features 7+1 and 6+1 sparing in a fully loaded chassis using Gigabit Ethernet NAMs. Many other configurations are possible. You may choose not to provide redundancy for one or more CAMs, or to create several smaller sparing groups. SPARING GROUP 1 1Dx8U
S P A R E C A M
SPARING GROUP 2 2Dx12U
C A M
C A M
C A M
C A M
C A M
C A M
C A M
1D
1D
1D
1D
1D
1D
1D
1D
0
S P A R E C A M
C A M
C A M
C A M
C A M
C A M
2D
2D
2D
2D
2D
9
10
11
12
G I G E N A M
C A M 2D
G I G E
C O N T R O L C O M P L E X
N A M
2D
1
2
3
4
5
6
7
8
13
14
15
16
...
Figure 10-5: Example of CAM Sparing Groups
Procedure 10-9
Configuring the Two Sparing Groups Shown in the Example Use this procedure to create the CAM sparing groups shown in the example shown in Figure 10-5.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-43
10 Basic CAM Configuration
1 The sparing group leader must be the first CAM added to a new sparing group. The interface (slot) must be shut down in order to add the leader to the group. If necessary, shut down slot 0: configure no shut slot 0 2 Create sparing group 0 by adding the CAM in slot 0 as the spare: configure interface cable 0 spare-group 0 [manual|auto] Where manual or auto indicates the failback mode chosen. Manual fallback requires a user to enter a CLI command to switch service from the spare CAM back to a restored or replaced CAM. Auto fallback switches service back automatically as soon as there is a CAM in service in the slot that failed. 3 At the rear of the chassis verify that slot 0 is equipped with a sparing leader, and that slots 1-7 are equipped with regular CAM PICs. 4 Add the CAM in slot 1 to sparing group 0: configure interface cable 1 spare-group 0 5 Add the CAM in slot 2 to sparing group 0: configure interface cable 2 spare-group 0 6 Add the CAM in slot 3 to sparing group 0: configure interface cable 3 spare-group 0 7 Add the CAM in slot 4 to sparing group 0: configure interface cable 4 spare-group 0 8 Add the CAM in slot 5 to sparing group 0: configure interface cable 5 spare-group 0 9 Add the CAM in slot 6 to sparing group 0: configure interface cable 6 spare-group 0 10 Add the CAM in slot 7 to sparing group 0: configure interface cable 7 spare-group 0 11 Grow slot 0 in order to return it to service: configure slot 0 type CAM 12 Display the sparing groups to confirm the creation of the sparing group 0: show spare-group 13 (If necessary) shut down slot 8: configure no shut slot 8 14 Create sparing group 8 by adding the CAM in slot 8 as its sparing leader: configure interface cable 8 spare-group 8 [manual|auto]
10-44
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Where:
manual or auto is the failback mode chosen.
15 At the rear of the chassis verify that slot 8 is equipped with a sparing leader PIC, and that slots 9-13 and 15 are equipped with regular CAM PICs. 16 Add the CAM in slot 9 to sparing group 8: configure interface cable 9 spare-group 8 17 Add the CAM in slot 10 to sparing group 8: configure interface cable 10 spare-group 8 18 Add the CAM in slot 11 to sparing group 8: configure interface cable 11 spare-group 8 19 Add the CAM in slot 12 to sparing group 8: configure interface cable 12 spare-group 8 20 Add the CAM in slot 13 to sparing group 8: configure interface cable 13 spare-group 8 21 Slot 14 in this example is occupied by a Gigabit Ethernet NAM. Add the CAM in slot 15 to sparing group 8: configure interface cable 15 spare-group 8 22 Grow slot 8 in order to return it to service: configure slot 8 type CAM 23 Display the sparing groups to confirm the creation of the sparing group 8: show spare-group End of procedure
Procedure 10-10
How to Fail Back Manually If you have configured a CAM sparing group for manual failback, user traffic is handled by the spare CAM until it is manually forced back to the original CAM. 1 Verify that the original CAM is in-service: show linecard status The original CAM must be IS (in-service).
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-45
10 Basic CAM Configuration
2 Restore user traffic to the original CAM: configure interface cable slot shutdown Where:
slot = the slot number of the sparing group leader
3 Restore the CAM sparing leader to service: configure interface cable slot no shutdown Where:
slot = the slot number of the sparing group leader
End of procedure
Procedure 10-11
How to Delete a CAM Sparing Group There is no one-step command for deleting a CAM Sparing Group. 1 Delete a member of the sparing group: configure interface cable no spare-group Repeat this command for each of the remaining CAMs in the sparing group. 2 Take the sparing group leader out of service: configure interface cable shutdown 3 Delete the sparing group leader: configure interface cable no spare-group 4 Display the sparing groups to confirm the deletion of the desired group: show spare-group End of procedure
10-46
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Interface Bundling Introduction
Interface bundling enables the same Layer 3 IP Subnet information to be used across multiple CAMs. This feature conserves IP addresses and reduces administration and configuration effort. NOTE The CAMs in an interface bundle do not have to be of the same type. The bundle may contain both 1Dx8Us and 2Dx12Us.
Procedure 10-12
How to Create Interface Bundles To configure an interface bundle, ensure the C4 CMTS has at least two CAMs available. 1 Configure a cable interface as the master for this interface bundle. The cable bundle master must be provisioned, but it does not have to be physically present in the slot. configure interface cable / cable bundle master 2 Configure a second cable interface to be a part of the previously created bundle number by entering the following command: configure interface cable / cable bundle / Where: / designate the master cable interface defined in the first step. 3 Confirm that the cable bundle has been created: show cable bundle End of procedure
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10-47
10 Basic CAM Configuration
Procedure 10-13
How to Remove Interface Bundles To remove interface bundles, follow the steps below. 1 Remove the cable interface from the bundle master by entering the following command: configure no interface cable cable bundle master Where is the interface assigned to the bundle master in previous procedure. 2 Unassign the master cable interface from the interface bundle by entering the following command: configure no interface cable / cable bundle master 3 Remove the IP address from the cable bundle by entering the following command: configure no interface cable / ip address 4 Show the cable bundle to ensure no cable bundles are configured. show cable bundle End of procedure
10-48
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
11. Control Complex Redundancy
A control complex consists of one SCM and its associated FCM. The SCM in slot 19 and the FCM in slot 17 make up the control complex in a simplex system. In order to have control complex redundancy (CCR) the C4 CMTS must be a duplex system. In a duplex C4 CMTS both control complexes are equipped; one is active the other is standby. The standby control complex is usually the SCM in slot 20 and its associated FCM in slot 18. CCR ensures high reliability for system-wide OAM&P, switching, and routing. The control complex redundancy feature provides 1+1 active/standby redundancy between two pairs of SCM/FCM modules. The failure of an active SCM/FCM pair immediately causes a failover to the standby SCM/FCM pair. Key characteristics of control complex redundancy include: •
Little or no customer impact on any SCM or FCM failure (hardware or software)
•
Hot standby SCM/FCM pair with complete replication of configuration and customer data
•
Fault correlation between active and standby SCM/FCM pairs
•
Software infrastructure support for replication of software components between active and standby SCM/FCM pairs
CCR IP Address Definitions
When using CCR, first assign the SCM IP addresses. These are identified as static (stationary) or loopback IP addresses. Each is explained in relationship to the CCR system configuration.
Static
Static IP addresses are assigned to the SCMs in slots 19 and 20.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
11-1
11 Control Complex Redundancy
Use the following command to configure the SCMs in slots 19 and 20s: configure interface ethernet 19/0 ip adress configure interface ethernet 20/0 ip adress Gateway
To configure the IP address of the default virtual router, the gateway, use the following command: configure ip route 0.0.0.0 0.0.0.0 vrf management
SCM Loopback Interface
When in a duplex configuration, the C4 CMTS requires a third SCM IP address. This IP address, called the SCM loopback interface, is used to access the active SCM, no matter which slot it resides in. Use the following command to assign an IP address to the SCM loopback interface: configure interface loopback ip address Where 0-15 is the number of the loopback interface. Typically 0 is used for the SCM. Before creating an active/standby relationship between control complexes, you must convert a simplex chassis to a duplex chassis. Use the procedure How to Add a Control Complex (Change from Simplex to Duplex), page 11-2.
Procedure 11-1
How to Add a Control Complex (Change from Simplex to Duplex) Use this procedure to add a redundant control complex. This procedure assumes that the original control complex (i.e. the SCM in slot 19 and the FCM in slot 17) are in service. 1 Configure a second SCM slot: configure slot 20 type SCM 2 Configure a second FCM slot: configure slot 18 type FCM 3 Put the SCM in slot 20 in service: configure interface system-controller 20 no shutdown
11-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
4 Put the FCM in slot 18 in service: configure interface fabric 18 no shutdown 5 Insert an SCM in slot 20. 6 Insert an FCM in slot 18. 7 Configure the IP address of the second SCM in slot 20: configure interface ethernet 20/0 ip adress NOTE When the C4 CMTS is equipped with a duplex control complex, the active SCM cannot be reached directly. You must telnet into the loopback IP in order to enter commands for the active SCM. If necessary you may access the standby SCM using its static IP address. This is the one assigned to the SCM in slot 19 or 20, whichever slot is inactive. 8 Assign an IP address to the SCM loopback interface. The SCM loopback IP address allows administrative functions and telnet sessions to learn only one IP address. If a failover occurs to the standby SCM, an active telnet session would have to be restored, but it would use the same SCM loopback IP address for the active SCM. configure interface loopback ip address Where 0-15 is the number of the loopback interface. Typically 0 is used for the SCM. 9 Save the duplex configuration to memory: write memory 10 Reset the chassis: configure reset system End of procedure
Procedure 11-2
How to Change a Control Complex from Duplex to Simplex Use this procedure to change your system back to a simplex configuration. 1 Take the FCM in slot 18 out of service: configure interface fabric 18 shutdown
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
11-3
11 Control Complex Redundancy
2 Take the SCM in slot 20 out of service: configure interface system-controller 20 shutdown 3 Physically remove the FCM from slot 18. 4 Physically remove the SCM from slot 20. 5 Take slots 18 and 20 out service: configure no slot 18 configure no slot 20 6 Save the simplex configuration to memory: write memory 7 Reset the chassis: configure reset system End of procedure
11-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
12. Configuring Router Functionality
Topics
Page
Interface Configuration
1
Routing Information Protocol, version 2 (RIP2)
9
Open Shortest Path First (OSPF)
15
Loopback Interfaces for Routing Protocols
21
Dynamic Route Redundancy
25
Multicast Operations in the C4 CMTS
28
This section outlines the basic configuration tasks required to implement routing (layer 3) functionality in the C4 CMTS. The C4 CMTS supports 1024 IP addresses in the routing tables.
Interface Configuration Common Interface Configuring Commands This section describes common interface commands which support IP address and helper syntaxes for the Cable Access Module in the C4 CMTS.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-1
12 Configuring Router Functionality
How to Configure CAM Interface for DHCP Policy
The following command is accepted only for provisioned CAM slot/port combinations in the system. This command assigns an IP address to the CAM interface and determines its DHCP policy. configure interface cable ip address [secondary] [dhcp-giaddr] Secondary IP addresses become candidates for the dhcp-giaddr field if and only if the keywords secondary and dhcp-giaddr are both used. The command in the example below assigns an IP address of 10.10.1.1 to the 5/0 CAM interface. It enables DHCP policy for this interface — secondary IP addresses are candidates for the dhcp-giaddr field. configure interface cable 5/0 ip address 10.10.1.1 255.255.255.0 secondary dhcp-giaddr
Configure the Helper (DHCP) Addresses
The following command defines the cable-helper information for a CAM slot/port. This command assumes the default route table. configure interface cable cable helperaddress [cable-modem|host|any] If no host type is specified, this command defaults to a value of any.
Configure DHCP Relay Agent Mode for CAM Port
The DHCP Relay Agent needs to be enabled for each CAM port as follows: config interface cable cable dhcp-giaddr {primary | policy} Primary Operation — When the DHCP Relay Agent is defined for Primary operation on a specific CAM physical interface, the Primary IP address of the interface is used to populate the gi_addr field of all DHCP messages originating from either CMs or Hosts (CPEs). Policy Operation — When the DHCP Relay Agent is defined for Policy operation on a specific CAM physical interface, the Primary IP address of the interface is used to populate the gi_addr field of all DHCP messages originating from CMs. For Hosts (CPEs), a designated secondary IP address of the interface is used. If multiple secondary IP addresses are defined for dhcp-giaddr support, then the DHCP Relay Agent uses roundrobin selection, choosing the next entry in the list with each new DHCP transaction. End of procedure
12-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Monitoring Interfaces After configuring the C4 CMTS interfaces, the system is ready to route traffic. Once traffic is generated, you may view the counters for these interfaces by using the procedures in this section.
Procedure 12-1
How to Monitor Interfaces Execute the following steps from the SCM prompt to verify traffic is being routed through the C4 CMTS. 1 To display information about the virtual interfaces in the system, including data counts: show ip interface The output will look similar to the following (only a portion of output is shown):
cable 1/0, VRF: default, IP Address: 10.108.0.1/19 Secondary IP Address(es): 10.108.64.1/19 ACL(s): 1 Physical Address: 00:01:5c:00:03:c2 MTU is 1500 DHCP Policy mode is enabled DHCP Server Helper Address(es): 10.50.8.3 for Traffic Type "any" Directed Broadcast is disabled ICMP unreachables are always sent Multicast reserved groups joined: None Source-verify is disabled InOctets = 1806792717 OutOctets = 1806887391 InUcastPkts= 89728067 OutUcastPkts= 89728076 InDiscards = 0 OutDiscards = 0 InErrors = 1 OutErrors = 0 fastEthernet 14/0, VRF: default, IP Address: 10.58.64.2/26 Secondary IP Address(es): No Secondary Addresses ACL(s): 1 Physical Address: 00:01:5c:00:03:e4 MTU is 1500 Directed Broadcast is disabled
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-3
12 Configuring Router Functionality
ICMP unreachables are always sent Multicast reserved groups joined: 224.0.0.9 InOctets = 1871861709 OutOctets = 3785434150 InUcastPkts= 3927416868 OutUcastPkts= 22518478 InDiscards = 0 OutDiscards = 0 InErrors = 13931 OutErrors = 0 2 To display all interface information about the physical ports in the system, including byte and packet counts: show interface The counts displayed will be the same as those described below except that each count represents the data for one physical interface (only a portion of output is shown): C4# show interface cable 5/0 mac-port AdminState:Up OperState:IS Physical Address: 0001.5c22.49ca MTU is 1500 InOctets = 4047 OutOctets = 5606 InUcastPkts = 20 OutUcastPkts= 23 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0 InFiltered = 1 ProtThrottle: DHCP = 0 ARP = 0 fastEthernet 13/0 AdminState:Up OperState:IS Physical Address: 0001.5c22.49e0 MTU is 1500 InOctets = 7098 OutOctets = 5738 InUcastPkts = 67 OutUcastPkts= 44 InDiscards = 0 OutDiscards = 0
Type:
Type:100 BaseT
3 To display information about active and inactive routes: show ip route detail The output will look similar to the following:
12-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
C4# show ip route detail VRF Name ======== default default default default default default default
IP Route Dest. ============== 0.0.0.0 0.0.0.0 10.70.64.0 10.70.192.0 10.120.192.0 10.120.224.0 224.0.0.0
IP Route Mask ============= 0.0.0.0 0.0.0.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 240.0.0.0
Act === No Yes No Yes Yes Yes Yes
PSt === OOS IS OOS IS IS IS
Next Hop ======== 10.70.64.1 10.70.192.1 10.70.64.2 10.70.192.2 10.120.192.1 10.120.224.1 224.0.0.0
Dist ==== 20 10 0 0 0 0 0
Protocol Route Age ======== ============ netmgmt 0 00:00:00 netmgmt 0 00:00:00 local 0 00:00:00 local 0 00:00:00 local 0 00:00:00 local 0 00:00:00 local 0 00:00:00
Interface ========= fastE 13/0 fastE 15/0 fastE 13/0 fastE 15/0 cable 1/0 cable 1/0
End of procedure
NOTE For more detailed information on the output for these and other monitoring commands, See chapter 23, Logging and the C4 CMTS.
Subinterfaces (Multiple VRIs per VRF) A subinterface is a Virtual Router Interface (VRI), a logical layer 3 interface. In previous software releases they were associated with one and only one VRF (Virtual Routing and Forwarding). Multiple subinterfaces may be defined on a single CAM interface and associated with the same VRF. Multiple subinterfaces may be defined per physical port and associated with the same VRF such that there is a many-to-one relationship between subinterfaces and VRFs, per cable-side physical interface. The C4 system administrator must also be allowed to change the association between a subinterface and a VRF. The default VRF is the global VRF that is always present in the C4. It can neither be created nor destroyed. Note that upon creation of a subinterface, it is implicitly associated with the default VRF. An additional CLI command is used to reassign it to a non-default VRF. The relationship of a subinterface to a VRF is many-to-one when viewed from the perspective of a single CAM physical interface or cable bundle. Each ingress cable-side IP packet must classify to one and only one subinterface, and as a consequence to a single VRF. This classification to a subinterface will be based solely on the source IP address and source physical port of the packet. For broadcast DHCP packets that have a source IP address of 0.0.0.0, the following rules apply: If the DHCP packet is sourced from a CM, then the packet will classify to the lowest numbered
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-5
12 Configuring Router Functionality
subinterface that has a DHCP-Server defined. If the DHCP packet is sourced from a CPE, then the packet must be classified to the subinterface of the CPE’s associated CM. Rules of Operation and Guidelines for Subinterfaces
•
The import/export rules with respect to VRFs will be followed for subinterfaces. In particular, these rules apply to the primary and secondary IP addresses associated with each subinterface. The rules state that all subinterface IP addresses associated with the default VRF will automatically be exported to all other non-default VRFs and all subinterface IP addresses defined for non-default VRFs will be automatically imported into the default VRF.
•
The C4 CMTS supports up to 150 subinterfaces
•
The subinterface will be associated with the default VRF upon creation.
•
A secondary command is required to move a subinterface to a nondefault VRF.
•
There is a limit of 8 VRFs per C4 CMTS.
•
The sum of all subinterface ip addresses for all the VRFs may not exceed the total C4 system limitation of 1023 IP addresses. The 1023 limit represents all primary and secondary IP addresses associated with each subinterface.
•
The following items may be provisioned per subinterface:
-
12-6
IP addresses, both primary and secondary DHCP Relay Agent including: primary/policy mode selection, secondary dhcp-giaddr identification, DHCP lease Query (cable source verify) functionality and DHCP Server IP address definitions IP filter groups Directed broadcast support RIP and OSPF IGMP IRDP SCM access.
•
The DHCP Relay Agent supports the definition of 10 DHCP Server IP addresses per subinterface.
•
The DHCP Relay Agent classifies ingress CM DHCP packets to the lowest numbered subinterface associated for each unique DHCP Server IP address.
•
When the DHCP Relay agent is forwarding a packet originating from a CPE, it will forward the packet using for its giaddr the primary or a secondary address, depending on the dhcp-giaddr mode of the
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
subinterface, that is, of the subinterface associated with the CM that the CPE is behind. The packet will be forwarded to each unique DHCP server IP address for CPEs provisioned on that subinterface. •
If there are no DHCP servers for CPEs defined for the subinterface associated with the CM that a CPE is behind, then the DHCP Relay agent will forward a packet originating from a CPE to each unique DHCP server IP address for CPEs using for its giaddr the primary address or a secondary address, depending on the dhcp-giaddr mode of the subinterface, in other words, the lowest numbered subinterface provisioned with that server address. This allows MSOs to provide a service where different CPEs behind a single cable modem could be serviced by different ISPs on different subinterfaces. It would require the CMTS to be provisioned so that the CMs and CPE would be on different subinterfaces. In addition, it provides a mechanism where different giaddrs could be sent to different DHCP servers by defining those DHCP servers on different subinterfaces. The subinterfaces for CMs would be provisioned with DHCP servers marked for use with CMs only, and the subinterfaces for CPEs would be provisioned with DHCP servers marked for use with CPEs only (although DHCP server addresses could be the same values). Example: If the command config router rip network 10.0.0.0 has been executed, then all net10 interfaces are running RIP and will automatically advertise interface (10.x.x.x) IP addresses associated with any subinterface that is moved into the default VRF.
•
Subinterfaces can not be defined for SCM ports. They can be defined for the following C4 physical interface types:
-
Cable FastE NAM GigE NAM
Subinterfaces may be used to create a network topology in which the MSO can offer subscribers a choice of ISPs with unique subnet ranges for each ISP. For example, DHCP servers from the ISP are used to hand out the IP addresses for CPEs, whereas the MSO’s DHCP server is used for CMs. Note that each cable-side subnet range is unique from the perspective of the C4. It is also assumed that the MSO does not wish to define multiple VRFs. Multiple subinterfaces can be associated with the same cable bundle and VRF. Each of the subinterfaces may have a unique CM and CPE IP filter group association. Per-subscriber ISP determination is based on a mapping between the CM’s MAC address and the ISP. When the CM initiates a DHCP transaction, the DHCP packets will classify to the slot/port.0 subinterface, since it is the lowest subinterface with a defined DHCP Server address. The slot/port.0 subinterface should be viewed as
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-7
12 Configuring Router Functionality
the interface used for all unmapped traffic. As such, only CM initiated DHCP messages that have the source IP address set to 0.0.0.0 should map to this subinterface. Note that a /30 subnet mask is used for the primary IP address and no secondary IP addresses is present. The DHCP server never provides an IP address to a CM for this subnet. The sole purpose of this subinterface to help facilitate CM initialization. Upon completion of the DHCP transaction, the CM will be assigned an IP address based its ISP association. For ISP1 the 10.10.0.0/16 subnet is used and for ISP2 the 10.20.0.0/16 subnet is used. When a CPE starts a DHCP transaction, the C4 CMTS classifies the transaction to a particular subinterface based on the CPE’s CM. When DHCP policy is active for the subinterface, then the giaddr used to identify the C4 is based on the secondary IP address of the subinterface. The C4 system administrator still has the ability to identify secondary IP addresses within a subinterface as candidates for DHCP giaddr use. Based on CPE classification, the DHCP Relay Agent will forward the northbound DHCP messages to only the DHCP Servers defined for the subinterface. In particular, the message is sent only to the ISP DHCP Server, with the implication that the MSO DHCP Server definition is defined for CM use only.
Table 12-1: CLI Commands for Subinterface Command
Purpose
configure interface /[.] Where subif# is a range of values from 0-254 Defines a subinterface for a given slot and port. configure interface /[.] ip vrf forwarding Associates the subinterface with a VRF. show ip interface Shows subinterfaces with byte and packet counts in and out.
12-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Routing Information Protocol, version 2 (RIP2) Overview
RIP is a distance vector routing protocol. Because it learns routes dynamically without provisioning. RIP requires little overhead and is easy to implement. It remains a popular routing protocol, especially for small networks. RIP uses a single criterion for determining the best available route — hop count. Each route in a RIP routing table is assigned a hop count of 1-16. A value of 15 hops is the longest route permitted; once the hop count value reaches 16 the route is considered unreachable. Entries in the RIP routing tables are updated as needed. As the topology of a network changes some routes become invalid. RIP uses aging algorithms to eliminate invalid routes from its tables. RIP version 2 (RIP2) is used by the C4 CMTS. Unlike the original version it supports subnet masks and Message Digest 5 (MD5) authentication. For more information on the standard, see RFCs 2453 and 1058.
RIP-related CLI Commands
The following commands are grouped for convenience. This is not a stepby-step procedure. Enabling RIP on the C4 CMTS — By default, RIP is disabled on the C4 CMTS. Enter the following command to enable RIP globally. configure ip rip RIP has been enabled Disabling RIP on the C4 CMTS — Use the following commands to disable RIP: configure ip no rip RIP has been disabled Validate RIP status: show ip vrf Virtual Router Details: Name Index =============== ========== default 1
OSPF ==== no
RIP === yes
Enabling RIP for a Network — By default, RIP is disabled for all networks. Enabling RIP for a network does not affect the global enable/disable state on the C4 CMTS.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-9
12 Configuring Router Functionality
To enable RIP for a network, enter the following command: configure router rip network Where is the IP prefix of the desired network. Confirm that RIP is enabled for the network: show ip rip The output should look something like the following: RIP Interfaces Interface VRF 10.71.0.2 default 10.71.64.2 default
Df Met Auth Mode 1 disabled 1 disabled
Auth Key
State active disabled
In this instance, an interface with an IP address 10.71.0.2 is actively running RIP. This interface is part of a network which was enabled (10.71.0.0, for example). Disabling RIP for a Network — Use the following command to disable RIP for the network: configure router rip no network Where represents the IP prefix of the desired network. RIP disabled Confirm that RIP is disabled for the network: show ip rip SCM# show ip rip RIP Interfaces Interface VRF Df Met Auth Mode Auth Key 10.71.0.2 default 1 disabled 10.71.64.2 default 1 disabled RIP Timers VRF default: Update interval is set to 30 seconds. VRF default: Route invalidation interval is set to 180 seconds. VRF default: Route flush interval is set to 120 seconds. SCM#
State disabled disabled
In this instance, an interface with an IP address 10.71.0.2 is not running RIP. This interface is part of a network which was disabled (10.71.0.0 for example). End of example
12-10
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Passive RIP Operation
In order for an interface to receive and process RIP messages but not advertise its routes, system administrators can set an interface to operate in passive RIP mode. Configuring RIP passive mode on an interface — Enter the following command: configure router rip passive-interface Where is the slot and port of the physical interface on which to set passive RIP operations. RIP interface set passive Confirm that RIP is running in passive mode on an interface: show ip rip The output should look similar to the following: RIP Interfaces Interface VRF 10.71.0.2 default 10.71.64.2 default
Df Met 1 1
Auth Mode disabled disabled
Auth Key
State passive disabled
In this instance, an interface with an IP address 10.71.0.2 is running RIP in passive mode. Disabling RIP on this passive interface — Use the following command to disable the RIP passive interface previously set: configure router rip no passive-interface RIP interface disabled Default Route Processing
By default, each interface running RIP advertises an available default route, static or learned via RIP, with a metric of 1. Because default route propagation must be controlled carefully, system administrators can set the metric to be used for default route advertisements on a per interface basis. If the default route metric is set to 0, the default route is not advertised. Setting the default route metric — Use the following command to set the default route metric: configure interface ip rip default-metric Where
0-16 are default metrics available
Default metric is 1 Verify the default metric is changed to match the value entered: show ip rip
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-11
12 Configuring Router Functionality
RIP Interfaces Interface VRF 10.71.0.2 default disabled 10.71.64.2 default
Df Met
1
Auth Mode
Auth Key 1 disabled
disabled
State
disabled
End of example RIP Authentication
RIP authentication may be enabled for each active or passive interface running RIP in order to add security to RIP communication. By default it is disabled on each interface. Two different types of RIP authentication are available:
Plain Text Authentication
•
Plain text password
•
MD5 digest with either single or multiple keys.
This section contains CLI commands used to set RIP authentication. Enabling plain text authentication — Enter the following command to enable plain text authentication for a given interface: configure interface ip rip authentication mode text Authentication mode is plain text Creating the plain text password — Enter the following command to set authentication. configure interface ip rip authentication key Authentication key is testkey1 Where testkey1 is a 1-16 character text string used for authentication. The key can be up to 16 characters long. Every RIP message sent on this interface contains this key and every incoming message received is validated based on it having this key. Confirm that the interface is set up to do plain text authentication: show ip rip RIP Interfaces Interface VRF 10.71.0.2 default 10.71.64.2 default
Df Met 1 1
Auth Mode text disabled
Auth Key testkey1
State active disabled
End of example
12-12
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
MD5 Digest Authentication
Message Digest 5 (MD5) authentication allows a System Administrator to encrypt RIPv2 packets based on an interface-specific key. This key is used to generate an MD5 hash which is appended to all outgoing RIP packets originating from the C4 CMTS. Routers that receive these encrypted RIPv2 packets must have the same key associated with the incoming interface. The key is used to verify the MD5 has of each encrypted packet. Similarly, all RIPv2 packets that are received by the C4 CMTS interfaces for which MD5 is enabled, must have the key associated with that interface applied to all RIPv2 packets. These encrypted packets allow the C4 CMTS to communicate securely with other routers in the network. If a router or host attempts to provide the C4 CMTS with RIP information and it does not have the correct MD5 hash, the packet is dropped and an error message is logged. NOTE The C4 CMTS uses its system time as the MD5 message sequence number. As a result, take care when changing the system time to an earlier time. If the C4 CMTS is running RIPv2 with MD5 authentication and the system time is changed to an earlier time, communication with peer routes cease until either the system time reaches it previous point, or all the RIP routes age out of the routing tables on the C4 CMTS. RIP routes sent by the C4 CMTS to adjacent peer routers age out five minutes after the last authenticated RIP message was received. For RIP with MD5 to interoperate with other routers, the external router must be set up to send and receive either using one key or multiple keys. The next section discusses single key authentication.
Single Key Authentication
For single key MD5 authentication, the system administrator can define a single key for a specified physical interface. This interface uses an infinite send and receive lifetime key and, therefore, never ages out. In this configuration, the key ID associated with the key must be set to 0 on all peer routers. If a router receives a RIP message with a non-matching key, it identifies the authentication mismatch and drops the message.
Procedure 12-2
How to Enable Single Key Authentication Use this procedure to configure single key MD5 authentication. 1 Set the single key authentication node on the physical interface: configure interface ip rip authentication mode md5
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-13
12 Configuring Router Functionality
Authentication mode is keyed MD5 digest 2 Create the MD5 key: configure interface ip rip authentication key Authentication key is testkey2 where testkey2 is a 1-16 character text string used for the key id. The key can be up to 16 characters long. Every RIP message sent on this interface contains a digest and every incoming message received is validated based on its digest. 3 Confirm that the interface is set up to do MD5 digest authentication: show ip rip RIP Interfaces Interface VRF 10.71.0.2 default 10.71.64.2 default
Df Met 1 1
Auth Mode md5 disabled
Auth Key testkey2
State active disabled
End of procedure Multiple Key Authentication
In order for RIP to support multiple keys, a key chain must have been previously configured with at least one key. Otherwise the MD5 functionality works as described in the single key mode. For MD5 to interoperate, the keys in the C4 CMTS key chain must match the keys in the external router.
Procedure 12-3
How to Enable Multiple Key Authentication (i.e., Key Chains) Use this procedure to enable multiple key authentication. 1 Create a key chain and key: configure key chain key keystring Where
key chain name = a text string up to 16 characters long key id = number between 0 and 255 and key = a text string up to 16 characters long.
To remove a key chain and all its keys: configure no key chain 2 Enable MD5 digest authentication with multiple keys for a given interface: configure interface ip rip authentication mode md5
12-14
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
3 Enable the key chain (created in step 1) on the same interface: configure interface ip rip authentication keychain Where is the name of the key chain to use. The key chain can be up to 16 characters long and determines which key is used for sending and receiving. 4 Confirm that the interface is set-up for MD5 digest authentication: show ip rip RIP Interfaces Interface VRF 10.71.0.2 default
Df Met Auth Mode 1 md5
Auth Key testkeychain
State active
5 If desired, disable RIP authentication: configure interface no ip rip authentication key-chain End of procedure
Open Shortest Path First (OSPF) Overview
OSPF is a dynamic link state routing protocol developed by the Internet Engineering Task Force (IETF). OSPF: •
Supports Classless Inter-Domain Routing (CIDR)
•
Provides for routing update authentication
•
Uses IP multicast when sending/receiving the updates
•
Responds quickly to topology changes with a smaller amount of routing protocol traffic
The OSPFv2 specification is published as Request For Comments (RFC) 2328. Link State Routing Protocol Description
Release 4.2, Standard
The OSPF routing protocol maintains a link state database of all subnets available on the network. This includes details about which routers are attached to the links. If a link goes down, the router that is directly attached to it immediately sends a Link State Advertisement (LSA) to its neighbor routers. Information about the link state propagates throughout the network. Each router reviews its database and re-calculates the routing table independently.
ARRIS PROPRIETARY — All Rights Reserved
12-15
12 Configuring Router Functionality
Routing Metrics
A router learns multiple paths to a particular destination network and chooses the path with the best metric in its routing table. Different routing protocols use different types of metrics. Rather than counting the number of hops as a metric, OSPF bases its path descriptions on link states that take into account additional network information. OSPF also lets the user assign cost metrics to each interface so that some paths are given preference. OSPF uses a user-defined cost for each interface. This cost is added together for each hop when calculating the cost of a route. This metric could be the same as number of hops if each interface along the route uses a cost of 1. The cost of the route displayed by the show ip route command is the sum of the interface costs.
ECMP
OSPF also has the concept of ECMP (Equal Cost MultiPath) routes. These are routes to the same destip (destination IP address) and prefix which use different next hop IPs but the same cost. The C4 can distribute packets across at most 4 ECMP routes. ECMP routes can also be used with static routes. The C4 bases its choice of best route first on route type (local, netmgmt, OSPF, RIP), and secondly on route cost.
Configuring for OSPF
This section outlines the tasks required to configure a network and C4 CMTS for OSPF. The procedures and commands in this section assumes that IP addresses have already been configured for the network and OSPF interfaces. The sequence includes: 1 Reviewing a network diagram for interface information and architecture 2 Enabling OSPF globally 3 Configuring the network according to standard configuration parameters (set router id) 4 Verifying OSPF is running as configured. It is beyond the scope of this User Guide to supply recommendations for reviewing network architecture for all OSPF configuration possibilities; however, the following sections identify the CLI commands required for basic OSPF configuration on the C4 CMTS.
Procedure 12-4
How to Enable OSPF Use this procedure to enable OSPF on the C4 CMTS.
12-16
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
1 Enter the following command to give the default router an identification number: configure router ospf vrf default router-id 1.1.1.1 where
1.1.1.1 is the router id
2 By default, OSPF is disabled on the C4 CMTS. Enter the following command to enable OSPF: configure router ospf vrf default enable The output should indicate the following: OSPF has been enabled 3 By default, OSPF is disabled for all interfaces. Enabling OSPF for an interface does not affect the global enable/disable state on the C4 CMTS. Enter the following command to enable OSPF for an interface: configure router ospf vrf default network area Where and can be specified as either a decimal value or as an IP address. 4 Enter the following command to advertise routes for the locally connected interfaces (i.e. CAMs) and to redistribute the default ospf route based on metric-types, tags, and subnets: configure router ospf vrf default redistribute connected metric metric-type tag subnets Where the values and defaults are as follows:
-
metric (optional) is the metric used for redistributed route. Values 0-4294967295. Default is 0. - metric-type (optional) is the external link type associated with the default route advertised into the OSPF routing domain. Values are 1 (internal route) or 2 (external route). Default is 2; - tag (optional) is the 32 bit decimal value that OSPF attaches to the external route. Default is 0; - subnets (optional) is used for redistributing routes into OSPF, the scope of redistribution for the specified protocol. 5 Validate OSPF status: show ip ospf The output should indicate as follows: Router VRF default with ID 255.255.255.255 Only cost is used when choosing among multiple ASexternal-LSAs Exit overflow interval 0 seconds Number of external LSA 0. Checksum 0x0 Number of new originated LSAs 2
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-17
12 Configuring Router Functionality
Number of received LSAs 5 6 Confirm that OSPF is enabled for the interface: show ip ospf interface End of procedure
Procedure 12-5
How to Disable OSPF for an Interface 1 Use the following command to disable OSPF for an interface: configure router ospf no network area Where
is the IP prefix of the desired network interface is the IP address type mask that includes “don’t care bits” and is the area that is to be associated with the OSPF address range.
The output should confirm the following: OSPF disabled 2 Confirm that OSPF is disabled for the network: show ip ospf The output should be similar to the following: Router VRF default with ID 255.255.255.255 (disabled) End of procedure
NOTE For more information regarding logging OSPF event messages, see chapter 23, Logging and the C4 CMTS.
Procedure 12-6
How to Disable OSPF (Globally) on the C4 CMTS 1 Use the following commands to disable OSPF: configure router ip no ospf enable
12-18
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
OSPF has been disabled 2 Validate OSPF status: show ip ospf The output should indicate as follows: Router VRF default with ID 255.255.255.255 (disabled) End of procedure
OSPF Graceful Restart Graceful restart is an enhancement to the OSPF routing protocol that enables compliant routers to forward data even during restarts. It is based on the separation of control and forwarding tasks by the router. The C4 CMTS separates traffic and control data: hardware processes the user traffic and the FCM processor handles the control data. In the C4 CMTS OSPF graceful restart is on by default and will always send a grace-LSA. This feature builds upon the capabilities of the Control Complex Redundancy (CCR) feature and existing OSPF functionality. NOTE Only a duplex C4 CMTS can enter graceful restart. The C4 CMTS enters a graceful restart session in response to a CCR failover. Initialization does not cause the CMTS to enter graceful restart. With graceful restart enabled the C4 CMTS checkpoints to the standby FCM, and all learned OSPF IP routes are copied to the standby FCM. In keeping with RFC3623 a new type of LSA, called grace-LSA, is defined. This LSA is the primary signal to all adjacent neighbors that an OSPF graceful restart session is beginning. Grace-LSAs are in fact special opaque LSAs. Routers capable of graceful restart must continue to forward data even while their control processors reset or restart. According to RFC 3623, “OSPF protocol presents a problem to graceful restart whereby, under normal operation, OSPF intentionally routes around a restarting router while it rebuilds its link-state database. OSPF avoids the restarting router to minimize the possibility of routing loops and/or black holes caused by lack of database synchronization.” Without graceful restart, OSPF causes routers to avoid a restarting router by requiring its neighbors to reissue their Link State Advertisements (LSAs), while ignoring all links to the restarting router.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-19
12 Configuring Router Functionality
To achieve complete graceful restart within the OSPF domain, all neighbor routers adjacent to the C4 CMTS must support RFC 3623. If this RFC is not supported by all routers, a CCR failover event may be viewed as a restart of the protocol, causing a network-wide topology change. The following events indicate a network topology change and imply an exit from the graceful restart state: •
C4 CMTS OSPF known local interface state change
•
C4 CMTS route redistribution change (new/changed type 5/7 LSA)
•
C4 OSPF provisioning change (e.g. new OSPF interface)
•
Receipt of an LSA not consistent with its pre-start router LSA (restart router only)
NOTE Graceful restart as defined by RFC 3623 is not the same as the Cisco proprietary feature called “Nonstop Forwarding”. The usefulness of graceful restart in the C4 CMTS is limited to those routers that support RFC 3623. The OSPF enhancements for graceful restart are as follows:
Related CLI Commands
•
A router attempting a graceful restart originates link-local OpaqueLSAs (called Grace-LSAs from this point on) announcing its intention to perform a graceful restart within a specified amount of time.
•
During the grace period, the router's neighbors continue to announce the restarting router in their LSAs as if it were fully adjacent (i.e., OSPF neighbor state Full), but only if the network topology remains static. In this period these routers are in a sort of “helper mode.”
Use the following commands to enable graceful restart, set the timeout, and view the ospf settings, respectively: configure interface [cable|fastEthernet | gigabitEthernet] ip ospf graceful-restart-timeout [no] show ip ospf int
12-20
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Loopback Interfaces for Routing Protocols This section deals with the FCM-based loopback interface that may be used by OSPF. This interface has all the characteristics of a physical interface IP address, including packet counts, admin provisioning, socket-layer accessibility, and so on. This new interface type has a presence on the SCM when in-band management is enabled. Automatic import of the loopback interface into the SCM protocol stack is consistent with existing in-band management functionality. Currently, all FCM-based interface IP addresses are imported into the SCM to allow SCMbased applications to process traffic destined for one of the C4 interface IP addresses. Packet redirection from the FCM to the SCM is a hardware decision based on the IP packet type. NOTE The in-band management feature must define the default route to route over a particular loopback interface. This will ensure that the floater IP address is not used as the source for SCM-originated IP datagrams. If this is not done, then in the best case asymmetrical routing back to the SCM may occur. At worst, application servers will not be able to respond to the C4, because the FCM will not route floater IP traffic to the SCM. Definitions
Loopback interface — A logical IP interface that is not associated with any one physical interface. It must be reachable via any active physical interface. Active IP address — The IP address that is associated with the FEP of the active SCM, formerly called the floater IP. The active IP address is the one given to the FEP of the active SCM. It must be used for out-of-band SCM management only. When in-band management is enabled, the FCM will not route IP datagrams destined for the active IP address to the SCM. Abbreviations: FEP Front Ethernet Port FCM Fabric Control Module SCM System Control Module ECMP Equal Cost Multi-Path AS Autonomous System LSA Link State Advertisement
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-21
12 Configuring Router Functionality
Characteristics of the Loopback Interface
Observe the following guidelines when configuring and administering loopback interfaces: •
The C4 CMTS supports 16 unique loopback interfaces, ranging from 0-15.
•
The subnet mask may be /32; this implies a host address.
•
Upon creation of a loopback interface, it will be associated with the default VRF.
•
If the loopback is taken down, no physical interface is taken OOS.
•
If OSPF is enabled on the loopback interface, the network associated with the loopback address must be advertised in a router LSA. The existing ospf command must be used: network area .
•
Like physical interfaces, a loopback may reside in only one area.
•
Routing protocols (RIPv2 or OSPFv2) will not advertise the active IP address.
•
The active IP address will not have a presence on the FCM.
•
When in-band management is enabled, loopback interfaces associated with the default VRF are imported into the SCM’s protocol stack.
•
If multiple loopback interfaces exist, the lowest value loopback interface is used as the source IP address for SCM-originated IP datagrams.
Figure 12-1, Example of Packet Flow Using Loopback Interface, on page 12-23, depicts a network configuration where a loopback interface is defined for in-band management. In this figure the “floater” IP address is used for out-of-band management. This network topology shows the loopback interface used as the “forwarding address” of OSPF Type-7 LSAs that advertise CAM-side prefixes. Since the loopback interface IP address was previously announced in a Router LSA and is part of the OSPF AS, ECMP is available, from the 6509 to the C4, for packets destined for RIP advertised networks.
12-22
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
LS Age Options | LS Type List State ID Advertising Router LS Sequence Number
0
192.9.1.0 C4s Router ID
Network Mask Metric
OSPF-NSSA ECMP available
0x80000001
LS CheckSum Length
Switch
N/P (Type-7-LSA)
36
FCM
GigEthernet 10.80.0.2/19
Bridge
GigEthernet 10.80.32.2/19
SCM 1 10.80.64.2/19
SCM 1 10.80.64.1/19
255.255.255.0 E=0 (Type 1 metric), TOS 0, cost 1
Forwarding Address
10.100.10.1
External Route tAG
0
Loopback 10.100.10.1
OSPF Client/Server SCM Apps
RIPV2 RIP Route Redistribution into OSPF
Loopback 10.100.10.1
SCM In-band Management FCM Interface / loopback IP Addresses Out-of-band Management SCM Interface or floater IP Address
RIP Pa v2 CM cke ts
2 Pv RI ets CM ac k P
CAM 3/0
CAM 5/0 Cable Bundle Master: 3/0 10.130.0.1/19 192.9.1.1/24
CM+Router 10.130.0.20
CM+Router 10.130.0.10
CPE 192.9.1.20
CPE 192.9.1.10
Figure 12-1: Example of Packet Flow Using Loopback Interface
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-23
12 Configuring Router Functionality
Table 12-2: CLI Commands for Active and Loopback Interface Command
Purpose
configure interface ethernet /0 active ip [] Defines the active (floater) IP address on the SCM. Valid slot numbers are 19 and 20, either one may be used to define the active IP address. If the IP mask is not provided, then it will default to the mask of the SCM interface ip address. configure interface ethernet /0 no active ip [ []] Removes the active IP address associated with the SCM FEP. The IP address and mask are not required configure interface loopback [ ip address ] [shutdown] [no] Defines the syntax to assign an IP address to a loopback interface and admin state (shutdown or restored to service). configure interface loopback ip vrf forwarding Moves a loopback interface to the VRF specified. configure interface loopback ip ospf cost Defines the OSPF cost to reach the loopback interface. No other OSPF parameters are configurable. show ip ospf interface [brief] Shows all loopback interfaces that have OSPF enabled. show ip interface Shows loopback interfaces with byte and packet counts in and out. show ip route [detail] Shows loopback interfaces as local routes with no physical interface defined.
12-24
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Dynamic Route Redundancy The Dynamic Route Redundancy (DRR) feature allows the C4 CMTS to dynamically update a specific route in hardware based on a change in the network topology. The update only occurs if a redundant route for a specific IP prefix exists in software. These redundant routes may be set up to ensure that a NAM card failure does not prohibit the C4 CMTS from continuing to pass data. This implies that the next-hop associated with a redundant route must be associated with a network that is defined on a second NAM card. The following events cause the C4 CMTS to recalculate the least cost route and potentially update the hardware forwarding engine. •
The cost of an active route is updated and as a consequence it is no longer the least cost route. The C4 CMTS installs the least cost route from a pool of redundant routes to the specific IP prefix.
•
The physical interface associated with a route is taken out of service. All routes over the physical interface are marked as inactive and are replaced by a redundant route for each IP prefix assuming one exists.
•
RIP or OSPF network topology change may cause the C4 CMTS to pick an alternative route if the protocol running determines that a route it advertised is no longer reachable.
•
Equal Cost Multi-Path (ECMP) Load Balancing, as it is implemented in the C4 CMTS, is a natural extension to Dynamic Route Redundancy. This feature allows the C4 to load balance traffic on an IP prefix basis across four unique routes. Load balancing is achieved by examining the source IP address of the IP datagram when determining which of several routes to use. Note that the unique routes must be of the same cost. The cost of a route is determined by the protocol type and metric. Load balancing can be done on any NAM or CAM interface, but most users will opt to use it on the NAM interfaces. If multiple routes to a specific prefix exist with different metrics or protocol types, then only the least cost routes are considered. In this case the C4 defaults to the previously described DRR functionality, where sub-optimal routes are only used if the least cost route(s) become inactive. This first piece of information that must be considered when determining the cost of a route is the protocol type. It takes precedence over the metric value. Local routes have the greatest precedence when determining a least cost route. RIP routes have the least. Protocol precedence is not changeable within the C4. Here are the protocol rankings: 1. Local 2. Static 3. OSPF 4. RIP
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-25
12 Configuring Router Functionality
Configuring a NAM Interface
This section outlines commands required to configure a NAM to route traffic to network routers. This assumes that the all network IP addresses have been configured previously and in accordance to a network diagram or site survey. To configure a NAM onto the C4 CMTS, use the following command: configure interface fastethernet ip address This command line may be repeated for as many NAM cards to be configured on the C4 CMTS (configurable only in slots 13 through 16).
Configuring a Route From the NAM to a Router
Once all of the NAM cards have been configured, the next step is to route the NAMs to the respective router. Use the following command to configure a route: configure ip route [metric] End of example
Configuring IP Routes
Procedure 12-7
How to Add/Delete/View a Static IP Route to the C4 CMTS 1 To add an IP Route: configure ip route [metric ] Where the value assigned to the metric parameter defines the weight or cost of the route. 2 To delete an IP Route: configure no ip route 3 To display the IP Routes: show ip route End of procedure
12-26
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Route Redistribution Route redistribution is defined as the ability to import and export IP routing information from one routing protocol domain to another. The C4 CMTS currently supports two unique routing protocols: RIPv2 and OSPF. In addition, Local (C4 interface networks) and Static (Net Management) routes may be imported into a protocol domain. Both dynamic routing protocols, RIPv2 and OSPF, may be run at the same time. This feature supports route redistribution at the following levels: •
From static to RIPv2
•
From connected (local) to RIPv2
•
From static to OSPF
•
From connected (local) to OSPF
•
From RIPv2 to OSPF
This feature supports different types of distribution lists (filtering):
CLI Commands
•
RIP input (per interface or global)
•
RIP output (per interface or global)
•
Route redistribution RIPv2 to OSPF
Use the following command to display IP routes: show ip route RIPv2 Commands — The redistribution commands are second level. You must first enter the correct mode using the following command: configure router rip The system displays config-router-rip at the command line prompt. Use the following command to configure a RIP distribution list: configure router rip distribute-list Use the following command to redistribute routes from a static or connected domain to a RIP domain: configure router rip redistribute
OSPF Commands — Use the following command to enter the command mode for OSPF: configure router-ospf The system displays config-router-ospf at the command line prompt.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-27
12 Configuring Router Functionality
Use the following command to redistribute routes from a static, connected, or RIP domain to an OSPF domain: configure router ospf redistribute For information on CLI command syntax and parameters, see chapter 26, CLI Command Descriptions. End of procedure
Multicast Operations in the C4 CMTS This section describes the C4 CMTS implementation of multicasting as it relates to the handling and forwarding of IP multicast traffic. What is IP Multicast?
IP Multicast is an Internet technology that permits a sender to send data (either clear or encrypted) simultaneously to many hosts. Unlike unicasting, multicasting does not send the same data as many times as there are recipients. And unlike broadcasting, it does not flood a network by sending packets to all the hosts when they are meant only for some. Multicasting sends the data only to those interfaces on which there are hosts that have requested it. In order to receive a multicast service, hosts must join a multicast group. This multicast group has an associated group address. The source of this multicast traffic sends data to this group address. Any host belonging to the group processes the multicast data. Hosts that do not belong to the group do not process this data. The sender is not required to belong to the group: a multicast server can transmit to the group without belonging to it.
Application Scenarios
For example, a subscriber is web-surfing and clicks on an on-demand video that she wants to view. Her PC becomes a member of the multicast group by sending an Internet Group Management Protocol (IGMP) join message to the C4 CMTS. The join is then proxied on a proxy interface, which sends an IGMP join message to the next hop router that is set up to be an IGMP querier. The virtual path between the requesting subscriber and the sender is then set up by the next hop router. Then the subscriber begins to receive the multicast video she clicked on. Another example of this application would involve a cable broadband subscriber. While using an Internet browser, he might click on an icon or online advertisement to receive real-time news updates or to listen to an online music concert. In this case the icon or ad contains embedded data containing the correct group address and code to tell the C4 CMTS to add this host to the group.
12-28
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Multicasting suits applications in which the same data must be communicated to many hosts in a timely and efficient manner. Some examples:
Multicast in the Cable Data Industry
•
Colleges use it for distance learning — college courses or training delivered to anyone having a reliable Internet connection
•
Large companies with multiple campuses use it for employee training and corporate addresses
•
Groups can use it for teleconferencing (if combined with VoIP)
•
Hotels and other chains use it to download software updates from headquarters to hundreds of reservations terminals simultaneously
•
Retailer chains use it to update price lists quickly and simultaneously at all their locations.
Multicast traffic is often used for network equipment communication protocols. Network protocols such as Internet Group Management Protocol (IGMP), Routing Information Protocol (RIP), and Open Shortest Path First (OSPF) all communicate via multicast. Traffic sent to a multicast group can be received by multiple interfaces. An interface may belong to any number of multicast groups. As explained in RFC 1112, the membership group does not list the IP addresses of the individual hosts: It is important to understand that an IP host group address is not bound to a set of IP unicast addresses. The multicast routers do not need to maintain a list of individual members of each host group. For example, a multicast router attached to an Ethernet need associate only a single Ethernet multicast address with each host group having local members, rather than a list of the members' individual IP or Ethernet addresses. (from RFC 1112, Host Extensions for IP Multicasting, Aug. 1989, S. Deering) In order for IGMP multicast to work on the C4 CMTS, IGMP must be enabled for each interface that uses multicast. Once IGMP is enabled on an interface, it starts querying hosts for information on their multicast memberships. If the multicast group is not directly connected to the server, then a proxy interface is needed. One of the ethernet ports on the NAM must be designated as an IGMP proxy interface. Membership groups must be assigned a Class D address. The range is stated in the next paragraph, which is taken from RFC 1112:
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-29
12 Configuring Router Functionality
In Internet standard “dotted decimal” notation, host group addresses range from 224.0.0.0 to 239.255.255.255. The address 224.0.0.0 is guaranteed not to be assigned to any group, and 224.0.0.1 is assigned to the permanent group of all IP hosts (including gateways). This is used to address all multicast hosts on the directly connected network. There is no multicast address (or any other IP address) for all hosts on the total Internet. The addresses of other well-known, permanent groups are to be published in “Assigned Numbers”. (from RFC 1112, Host Extensions for IP Multicasting, Aug. 1989, S. Deering) Addresses in the range from 224.0.0.0 to 224.0.0.255 are reserved for protocol use and can not be joined by hosts. Nor can traffic be forwarded between interfaces. Proxy Interface
Any one, but only one, of the NAM ports on the C4 CMTS can be designated to proxy IGMP traffic for one or more interfaces. The proxy interface must have IGMP enabled. Once an interface becomes a proxy interface, it performs the following functions: •
Stops querying hosts for multicast membership information
•
Becomes a host member for all active group memberships on the interfaces for which it is the proxy
•
Forwards all multicast traffic going to or coming from joined multicast hosts on the C4 CMTS proxied interfaces.
IGMP Implementation Internet Group Management Protocol (IGMP) is a IP protocol for managing multicast groups on the Internet. For an overview of standards related to IGMP, see RFCs 2236 and 2933. DOCSIS® Compliance for IGMP
The DOCSIS® Specifications (SP-RFIv1.1-106-001215 and SP-OSSIv2.0I01-011231, Annex E) describe IGMP DOCSIS® 1.1 requirements as either Passive or Active operation modes. The C4 CMTS operates in active mode. It also complies with DOCSIS 2.0.
Encryption
The C4 CMTS can add encryption and authorization to multicast data over a DOCSIS® cable interface. The encryption may be added statically (provisioned) or dynamically. Static operation operates with modems in either BPI or BPI+ mode. The dynamic operation operates only on modems running in BPI+ mode. A thorough description of BPI+ encryption as performed by the C4 CMTS is given in chapter 17, Baseline Privacy Interface (BPI). See Encrypted Multicast Setup, page 17-10.
12-30
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 12-8
How to Enable Multicast on a Cable Interface This procedure serves to enable multicast on a given cable interface and to designate its proxy interface. The use of CAM slot 6 and port 0 for the cable interface, and of NAM slot 14 and port 0 for the proxy interface, are meant as examples. Other slot/port combinations will also work. 1 Enable multicast for the cable interface: configure interface cable 6/0 ip igmp 2 Enable multicast for the IGMP proxy interface: configure interface fastethernet 14/0 ip igmp 3 Assign the proxy interface for the cable interface: configure interface cable 6/0 ip igmp proxy-interface 14/0 End of procedure Table 12-3, Multicast CLI Commands, on page 12-32 lists the commands that are directly related to the multicast feature. A brief explanation of the purpose of each command is included.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
12-31
12 Configuring Router Functionality
Table 12-3: Multicast CLI Commands Purpose
CLI Command
Add a cable privacy multicast authorization. Only static SAIds use authorizations. [no] Remove a cable privacy multicast authorization
configure interface cable cable privacy multicast [no] authorization
Add a cable privacy multicast static SA mapping. The service flow associated with this group map is des56 encrypted by configure interface cable cable privacy default. If 'none' is set, the service flow is non-encrypted multicast [no] map and the SAId value is unused. [des56 | none] [no] Remove a cable privacy multicast SA mapping configure interface fastethernet [/port.[.subif#]] ip [no] igmp
Enable IGMP on the interface [no] Disable IGMP on the interface
configure interface gigabitethernet [/port.[.subif#]] ip igmp
Set the last member query interval Default = 10 seconds. Range = 0-255.
configure interface cable ip igmp lastmember-query
Set the proxy interface (must be a NAM interface) [no] Remove the proxy interface
configure interface cable ip igmp [no] proxy-interface
Set the query interval Default = 125 seconds. Range = 0 to (232 - 1).
configure interface cable ip igmp queryinterval
Set the query max response time Default = 1 seconds. Range = 0-255.
configure interface cable ip igmp query-maxresponse-time
Set the robustness Default = 2. Range = 1-255.
configure interface cable ip igmp robustness
Display the cable privacy multicast authorization information
show interface cable / cable privacy multicast-authorization
Display the cable privacy multicast group/key mappings
show interface cable / cable privacy multicast map
Show the IGMP multicast group membership status
show ip igmp groups [slot/port]
Show the IGMP interface configurations
show ip igmp interfaces [slot/port]
12-32
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
13. IP Packet Filtering, Throttling, and CAR
Topics Overview of IP Packet Filtering
Page 2
Setting Default Filter Groups
10
Debug IP Packet Capture
15
Packet Throttling
17
Committed Access Rate
19
Global Rate Smoothing for TCP Traffic Feature
23
Filtering out packets destined for infrastructure components allows an MSO to reduce the risk of outside break-ins and to reduce the risk of denial-of-service-attacks. Separate configuration files referencing different filter groups could be used as part of a multiple ISP application.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-1
13 IP Packet Filtering, Throttling, and CAR
Overview of IP Packet Filtering The IP Filtering feature as it is implemented in the C4 CMTS is a proprietary extension of IP filtering. The C4 CMTS supports 1,023 filter groups each containing up to 31 filters. Cable modem configuration files refer to a filter group number from 0-1023. The number 0 means that no filter group applies; numbers 1-1023 pertain to defined filter groups. IP filter — A provisionable software mechanism which examines the header of each TCP-IP packet and looks to match the contents of any or all of the fields listed below. If there is a match, the C4 CMTS increments the counts for this filter, and, depending on how the filter is configured, passes, drops, or captures the packet. IP filters are configured in groups. The filters in each group are kept in a prioritized list. All IP filters in a group are tested for a match in priority order, and the first one to satisfy the matching requirements is used as the one and only match. When an IP filter matches an incoming frame, a match count for this IP filter is incremented and the frame is passed or dropped depending on the action programmed for this IP filter. All IP filter fields and groups work the same for US and DS flows, and individual MAC domains. The 1Dx8U and 2Dx12U both keep match counts for packets that match each filter, but the 2Dx12U also increments a byte count for each match. IP filters can be provisioned to match the following: •
Source IP address (32 bits) (maskable)
•
Destination IP address (32 bits maskable)
•
Transmission Control Protocol (TCP) flags (6 bit) (bit-maskable)
•
Upper Layer Protocol (8 bits)
•
Ethernet Type (16 bits)
•
Type Of Service (TOS) (8 bits) (bit-maskable)
•
Source Port (16 bits)
•
Destination Port (16 bits)
Every filter in a filter group is identified by a number from 1-31. This number is called its index and is necessary to add, delete, or modify an individual filter of a filter group. The index numbers also specify the order in which the filters of a filter group are applied, starting with index number one and ending with number thirty-one.
13-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
When a CM is registered, filter groups are assigned for that cable modem. Each modem is assigned four separate filter groups: •
upstream traffic from the modem
•
downstream traffic to the modem
•
upstream traffic for CPEs behind the modem
•
downstream traffic to the CPEs behind the modem.
When a modem registers, two sets of data are used to determine if IP filtering is to be applied to the modem. First, the modem configuration file can have TLVs in it that instruct the CMTS to set up IP filtering for that modem. If these TLVs are not present, then the system-wide parameters specifying default filter groups are examined. If these parameters specify filter groups, then these filter groups are used for the modem. A packet matches a filter if all of the values of the filter fields match the values in the corresponding packet fields. The syntax of the filter command is… configure ip filter group index [parameter name ]
Common Upper Layer Protocol Filters
The following table provides name and description for common IP, ULP, and port filtering parameters. Table 13-1: Common ULP Filters Name
Release 4.2, Standard
Description
src-addr 0.0.0.0
any host source
src-mask 0.0.0.0
any host source
dest-addr 0.0.0.0
any host destination
dest-mask 0.0.0.0
any host destination
ulp 1
ICMP
ulp 6
TCP
ulp 17
UDP
ulp 256
any protocol
ulp 257
UDP and TCPa
port 23
telnet
port 25
SMTP
port 68
bootpc
port 67
bootps
ARRIS PROPRIETARY — All Rights Reserved
13-3
13 IP Packet Filtering, Throttling, and CAR
Table 13-1: Common ULP Filters Name
Description
port 69
tftp
port 137
Microsoft SMB
port 138
Microsoft SMB
port 139
Microsoft SMB
port 2301
Compaq Insight Manager
port 206
Apple Ethertalk
port 65536
any port
all ports listed in /etc/services on any UNIX system all protocols listed in /etc/protocols on any UNIX system a. To enable both UDP and TCP filtering in the same filter, use the following command and then define the desired filter: configure operation mode enbudptcpfltr Default IP Filters
The C4 CMTS is configured by hardware design to drop certain ranges of IP addresses. These default filters do not depend on the IP filters created in software. The following ranges of source and destination IP addresses are dropped: •
0.0.0.0/8 (0 addresses)
•
127.0.0.0/8 (loopback)
•
240.0.0.0/4 (experimental)
The following ranges of source IP addresses are dropped:
How to Re-enable Default for Directed Broadcasts
•
224.0.0.0/4 (multicast)
•
255.255.255.255 (mask)
The C4 CMTS drops all directed broadcasts by default. If this feature has been disabled, use the following command to re-enable the default in order to drop directed broadcasts: configure interface no ip directed-broadcast However, DHCP traffic with destination IP address 255.255.255.255, source port 68, and destination port 67 is allowed to pass to the DHCP relay agent.
13-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Subscriber Filters Subscriber IP Filter Parameters
The C4 CMTS has the ability to block unwanted subscriber traffic, the following parameters apply: •
Modems must reregister or be enabled (per modem) in the MIB in order to use the filter
•
Filters are applied after a valid SID (Service IDentification) is assigned
•
Filters can be modified with new rules applied dynamically
NOTE If a filter group has been applied to a registered modem and a new filter index is added to that group, the modem does not have to re-register for that filter index to be enabled. Source, Type of Service, and Destination Parameters
The optional parameters controlled by this command for a particular filter are listed below. The command syntax for each parameter is in the column to the right: •
Source IP address
[src-addr ]
•
Source IP mask
[src-mask ]
•
Destination IP address
[dest-addr ]
•
Destination IP mask
[dest-mask ]
•
Type of service
[tos ]
•
Type of service mask
[tos-mask ]
•
TCP flag
[tcp-flag ]
•
TCP flag mask
[tcp-flag-mask ]
•
Source port
[src-port ]
•
Destination port
[dest-port ]
•
Filter action: drop or accept
[action ]
•
Upper level protocol (ULP)
[ulp ]
The source and destination port fields of a filter can be given the value of 65536, which acts as a match-all or wildcard. If the source port field, for example, of the filter is set to 65336, then any value in a source port fields of the packets is considered a match. The match-all value for the ULP field is 256. If the ULP field in the filter is set to 256, then all packet ULP values are considered a match. The filters (indexes) in a filter group are applied in order starting with the lowest index number and proceeding to the highest. Once a matching filter is found for a packet, the filter action is applied to that packet. In other words, the packet is dropped or accepted by the first matching filter; the remaining filters in that group are not applied to the packet.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-5
13 IP Packet Filtering, Throttling, and CAR
Upper Layer Protocol Traffic Policing
In order to filter on UDP and TCP traffic using the same filter, a bit field (enbudptcpfltr) has been added to an object (cadSysSpOperMode) in the CADANT-CMTS-SYSTEM-MIB. This bit is used to enable and disable the ability to filter on UDP and TCP messages with the same filter. If the bit is set, combined UDP and TCP filtering is enabled; otherwise it is cleared. To enable/disable this bit, use the following command: configure [no] operation mode enbudptcpfltr The default for this command is On. Use the following command to show the current states of the ULP operation modes: show operation mode The output is similar to the following sample:
C4-8# show Enabled : Enabled : Enabled : Disabled : Enabled : Enabled : Disabled : Enabled : Enabled : Enabled :
operation mode (dqossf10cms) Allow 1.0 CMs in DocsQosServiceFlowEntry (adjrxpwrctl) Allow adjustment of rx power control by mod type (enbudptcpfltr) Allow combining of Udp and Tcp messages in same filter (upce) Enable Upstream Packet Classification Enforcement (cmstatusoperational) Allow modem status at the CMTS to reach operational(8) (cpeNacksForceCmReset) Force CM reset upon receiving 3 consecutive CPE NACKs (docsis20test) DOCSIS 2.0 Testing (pocoUpstreamFifoFullFatal) Force card recovery on poco upstream fifo full error (broadcomPktReadyFullFatal) Force card recovery on broadcom packet ready full error (spiLockupFatal) Force card recovery on spi lockup error
End of Example
Procedure 13-1
How to Add Filters to the CMTS Use the following procedure to add filters using the CLI. 1 Add a filter to drop packets destined for a given destination address: configure ip filter group 1 index 1 dest-addr a.b.c.d dest-mask 255.255.0.0 action drop The system responds: IP packet filtering rule has been specified for group 1, index 1
13-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
NOTE All IP filter parameters that are not specified are set to match-all. 2 Add a filter to drop a given source address: configure ip filter group 1 index 2 src-addr a.b.c.d src-mask 255.255.0.0 action drop 3 Add a filter to drop IP packets with a TOS value of 4: configure ip filter group 1 index 3 tos 4 tos-mask action drop Where: allowed)
4 = the tos value (00-ff is the range of hexadecimal values
4 Add a filter to drop TCP/UDP packet with a Source Port of 100: configure ip filter group 1 index 4 src-port 100 action drop 5 The command in this example is used to add a filter to accept TCP packets. It is based on the values of the TCP flags fields: tcp-flag and tcp-flag-mask. The tcp-flag is a subset of tcp-flag-mask. Values of the associated flags are added together to determine the value of the tcp-flag-mask. The command syntax requires hexadecimal values. The decimal and binary equivalents are added for your convenience: urgent = 80 (hex) = 128 (decimal) = 10000000 (binary) ack
= 40 (hex) = 64 (decimal) = 01000000 (binary)
push = 20 (hex) = 32 (decimal) = 00100000 (binary) reset = 10 (hex) = 16 (decimal) = 00010000 (binary) syn
= 08 (hex) = 8 (decimal) = 00001000 (binary)
fin
= 04 (hex) = 4 (decimal) = 00000100 (binary)
A value of 132 (decimal) designates packets with urgent (128) and fin (4) flags, respectively. This value must be entered in hex in the command line. configure ip filter group 1 index 5 ulp 6 tcp-flag 80 tcp-flag-mask 84 action accept Where
80 is in hex code = 128 (decimal) 84 is in hex code = 132 (decimal)
6 Add a filter to drop UDP packets with a destination port of 50,000: configure ip filter group 1 index 20 ulp 17 dest-port 50000 action drop Where
Release 4.2, Standard
ulp 17 is the Upper Layer Protocol (packet type) for UDP
ARRIS PROPRIETARY — All Rights Reserved
13-7
13 IP Packet Filtering, Throttling, and CAR
7 Add a filter to drop all TCP packets from a given source port and to a given destination port: configure ip filter group 1 index 1 ulp 6 src-port nnn dest-port nnn action drop Where:
nnn is the number of a port ulp 6 is the Upper Layer Protocol (packet type) for TCP
8 Add a filter to drop all UDP packets meant for a given destination port: configure ip filter group 1 index 1 ulp 17 dest-port nnn action drop Where
nnn is the number of a port ulp 17 is the Upper Layer Protocol (packet type) for UDP
9 Display setup information for a given IP packet filter: show ip filter group index If the group and index numbers are valid, the system responds with information about the filter in question. Example of a Filter
The series of commands below creates a filter designed to drop netbios traffic and allow all other traffic from a CPE with a 24. address
configure ip filter group 2 index 1 dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 135 dest-port 135 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 2 dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 136 dest-port 136 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 3 dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 137 dest-port 137 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 4 dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 138 dest-port 138 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 5 dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 139 dest-port 139 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 6 dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 445 dest-port 445 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 7 src-addr 24.0.0.0 src-mask 0.0.0.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 256 tos 0 tos-mask 0 action accept Confirm your results with the following command: show ip filter group 2
13-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
System response: C4# show ip filter group 2 Grp Idx Source ---- --- -----------------2 1 0.0.0.0/0 2 2 0.0.0.0/0 2 3 0.0.0.0/0 2 4 0.0.0.0/0 2 5 0.0.0.0/0 2 6 0.0.0.0/0 2 7 24.0.0.0/0
Destination -----------------0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0
ULP --257 257 257 257 257 257 256
TOS ----00/00 00/00 00/00 00/00 00/00 00/00 00/00
SPort DPort TCP Action ----- ----- ----- -----135 135 00,00 drop 136 136 00,00 drop 137 137 00,00 drop 138 138 00,00 drop 139 139 00,00 drop 445 445 00,00 drop , accept
Matched ------0 0 0 0 0 0 0
The following command displays the settings for filter index 1 of group 2 in verbose mode: show ip filter group 2 index 1 verbose IP Filter Group For Group 2 Index 1 Source address: 0.0.0.0 Source mask: 0.0.0.0 Destination address: 0.0.0.0 Destination mask: 0.0.0.0 ULP: 257 TOS: 00 TOS mask: 00 Action: drop Number of times rule was matched: 0 Source Port: 135 Destination Port: 135 TCP Flag Value: 0x00 End of procedure
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-9
13 IP Packet Filtering, Throttling, and CAR
Setting Default Filter Groups Default filter groups are used when no groups are specified in the TFTP file. Defaults apply to all parameters if not specified in the cable modem config file. Setting a default group to “0” means no filter group applies. Use the following command to turn CPE control on or off: configure subscriber [default-cpe-control ] Filters and filter groups may be created in advance, but not applied, if the default-cpe-control is set to off. Once default-cpe-control is turned on, filters are applied to modems as they range and re-register. Filters may also be enabled in the MIB. Set Defaults and Enable Packet Filtering
Use the following commands to set defaults for registering modems: configure subscriber The default parameters are described in Table 13-2. If modems are registered before IP filtering is enabled, their packets will not be affected by the packet filters. Any modems that register or re-register after packet filtering is enabled are affected by the filters. If packet filtering is turned off (default-cpe-control = off), the show cable modem interfaces cpe-ip command does not work. It is used to show the IP address of a CPE.
Table 13-2: Default Settings for IP Filtering Parameter
Purpose
configure subscriber … Enables or disables IP filtering. Default = off. When enabled, the
… default-cpe-control {on|off} configure subscriber default-[name] filter groups go into effect upon the next registration of a modem. Recommended setting: on.
… default-max-cpe
Defines maximum number of IP addresses allowed behind the CM.
… default-cpe-ip-learn {on|off} Enables or disables learning of CPE IP addresses. Identifies the default filter group assigned to downstream traffic going to
… default-sub-grp-down CPEa. … default-sub-grp-up
Identifies the default filter group assigned to upstream traffic from CPE hosts.*
… default-cm-grp-down
Identifies the default filter group assigned to downstream traffic going to CMs.*
… default-cm-grp-up
Identifies the default filter group assigned to upstream traffic from CMs.*
a. A value of 0 in the field indicates no filter group applies.
13-10
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
IP Packet Filtering Configuring Example
This scenario assumes that the CAM is in-service and that its RF parameters have been set. Use the following sequence of commands (or scripting) as an example of filter group configuration:
Command Sequence (Script)
# = Management Subnet Network Address # = Management Subnet Network Mask # Turn on ULP 257 mode config operation mode enbudptcpfltr # Assign default-sub-grp-down to filter group 1 config subscriber default-sub-grp-down 1 # Assign default-sub-grp-up to filter group 2 config subscriber default-sub-grp-up 2 # Assign default-cm-grp-down to filter group 3 config subscriber default-cm-grp-down 3 # Assign default-cm-grp-down to filter group 4 config subscriber default-cm-grp-up 4 # Turn on filtering configure subscriber default-cpe-control on # Turn on filtering configure subscriber default-cpe-ip-learn on #filter group 1 for default-sub-grp-down #drop microsoft netbios transport config ip filter group 1 index 1 ulp 257 src-port 65536 dest-port 137 action drop config ip filter group 1 index 2 ulp 257 src-port 65536 dest-port 138 action drop config ip filter group 1 index 3 ulp 257 src-port 65536 dest-port 139 action drop #drop compaq insight manager config ip filter group 1 index 4 ulp 17 src-port 65536 dest-port 2301 action drop #drop apple ethertalk config ip filter group 1 index 5 ulp 17 src-port 65536 dest-port 206 action drop #allow icmp to management subnet config ip filter group 1 index 6 src-addr srcmask dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 1 action accept #allow udp from management net config ip filter group 1 index 7 src-addr srcmask dest-addr 0.0.0.0 dest-mask 0.0.0.0 ulp 17 action accept #drop all other bootp
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-11
13 IP Packet Filtering, Throttling, and CAR
config ip filter group 1 index 8 ulp 17 src-port 65536 dest-port 67 action drop config ip filter group 1 index 9 ulp 17 src-port 65536 dest-port 68 action drop #drop 10.x.x.x 192.168.x.x and 172.16.x.x addresses config ip filter group 1 index 10 src-addr 10.0.0.0 srcmask 255.0.0.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0 action drop config ip filter group 1 index 11 src-addr 172.16.0.0 src-mask 255.240.0.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0 action drop config ip filter group 1 index 12 src-addr 192.168.0.0 src-mask 255.255.0.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0 action drop #filter group 2 for default-sub-grp-up #drop microsoft netbios transport config ip filter group 2 index 1 ulp 257 src-port 65536 dest-port 137 action drop config ip filter group 2 index 2 ulp 257 src-port 65536 dest-port 138 action drop config ip filter group 2 index 3 ulp 257 src-port 65536 dest-port 139 action drop #drop compaq insight manager config ip filter group 2 index 4 ulp 17 src-port 65536 dest-port 2301 action drop #block apple ethertalk config ip filter group 2 index 5 ulp 17 src-port 65536 dest-port 206 action drop #allow bootp config ip filter group 2 index 6 src-addr 0.0.0.0 srcmask 0.0.0.0 dest-addr 255.255.255.255 dest-mask 255.255.255.255 ulp 17 src-port 68 dest-port 67 action accept #allow bootp to mgmt net config ip filter group 2 index 7 src-addr 0.0.0.0 srcmask 0.0.0.0 dest-addr dest-mask ulp 17 src-port 65536 dest-port 67 action accept #allow icmp to mgmt net config ip filter group 2 index 8 src-addr 0.0.0.0 srcmask 0.0.0.0 dest-addr dest-mask ulp 1 action accept #allow dns to mgmt net config ip filter group 2 index 9 src-addr 0.0.0.0 src-
13-12
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
mask 0.0.0.0 dest-addr dest-mask ulp 17 src-port 65536 dest-port 53 action accept #drop all other traffic to mgmt net config ip filter group 2 index 10 src-addr 0.0.0.0 srcmask 0.0.0.0 dest-addr dest-mask action drop #drop 10.x.x.x 192.168.x.x and 172.16.x.x addresses config ip filter group 2 index 11 src-addr 10.0.0.0 srcmask 255.0.0.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0 action drop config ip filter group 2 index 12 src-addr 172.16.0.0 src-mask 255.240.0.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0 action drop config ip filter group 2 index 13 src-addr 192.168.0.0 src-mask 255.255.0.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0 action drop #filter group 3 for default-cm-grp-down #allow all from mgmt net config ip filter group 3 index 1 src-addr srcmask dest-addr 0.0.0.0 dest-mask 0.0.0.0 action accept #drop rest config ip filter group 3 index 2 action drop #filter group 4 for default-cm-grp-up #allow upd to mgmt net config ip filter group 4 index 1 src-addr 0.0.0.0 srcmask 0.0.0.0 dest-addr dest-mask ulp 17 action accept #alow icmp to mgmt net config ip filter group 4 index 2 src-addr 0.0.0.0 srcmask 0.0.0.0 dest-addr dest-mask ulp 1 action accept #drop rest config ip filter group 4 index 3 action drop Per-Interface / Per-VRF Filtering
Release 4.2, Standard
This feature enhances the ability of MSOs to filter out malicious data, especially from subscribers who have tampered with cable modem software in order to disable IP packet filtering. The IP packet filtering described above duplicates the functions of the DOCSIS® cable management MIB, but is actually provided by the subscriber management MIB. The subscriber management MIB provides a more secure mechanism because the network operator controls the physical access to the CMTS. Per-interface / per-VRF packet filtering can be used to ensure that packets from a malicious user who has hacked into the CM software will not be given access to the network infrastructure.
ARRIS PROPRIETARY — All Rights Reserved
13-13
13 IP Packet Filtering, Throttling, and CAR
In a multiple subinterface (currently, each subinterface is paired one-toone with a VRF) environment, modems on each subinterface could be assigned modem configuration files that specify filter groups that are specific for that subinterface. This capability exists today in any system compliant with DOCSIS® 1.1. The provisioning system identifies which subinterface each modem resides on, which it must do to assign the IP address. It then uses the modem to which the CPE is attached to determine the CPE’s subinterface. An enhancement added to the per-subinterface (VRF) IP filtering feature is the ability to assign default IP filter groups based on the subinterface, and derived from the IP address of the CM or CPE. If per-subinterface filter groups have been assigned, they are used in place of the system-wide default filter groups. However, the per-subinterface filter groups are not used if filter groups are assigned in the modem configuration file. For CPEs, the assignment using these new subinterface level filter group parameters would take place when an IP address is assigned by DHCP, in addition to when the CPE is learned, since CPE assignment to a subinterface would take place when it gets its IP address. If a CPE doesn't have an IP address when it is first learned (i.e. it is doing DHCP), it initially uses the CPE filters associated with the modem's subinterface. Once it obtains an IP address, the CPE's filter group will change if the CPE is in a different subinterface than the modem and that subinterface has default values that are different from the modem’s. The following CLI commands assign default filters for a sub-interface: config interface cable /[.] subscriber default-sub-grp-down config interface cable /[.] subscriber default-sub-grp-up config interface cable /[.] subscriber default-cm-grp-down config interface cable /[.] subscriber default-cm-grp-up
13-14
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Debug IP Packet Capture The IP Packet Capture feature allows the user to select an existing IP filter and add an attribute (sets a debug_capture flag bit in hardware) to capture information about incoming frames that are matching this particular filter. If an IP filter with the appropriate matching parameters is not currently in the filter group, then a new IP filter can be created which does the matching and capturing. If the first filter in a group to satisfies the matching conditions then it is the one and only one to match. Functionality is identical for both US and DS IP filters. NOTE Exercise caution when adding new IP filters: they may affect the actions of existing IP filters. When a new IP filter is added to the front of the group, it has priority over the filters listed behind it. So whenever a packet matches the new filter, the action of that filter will override the actions of those behind it. Likewise, if a filter is added to the end of the list in a group, it can only match and take action if none of the filters above it find a match. Any number of IP filters can be set to capture information about the frames they are matching. All of the frame information for all of the IP filters set to collect information is aggregated in the capture buffer. Obviously if too many IP filters are enabled to capture frame data and there is heavy traffic load, some of the capture data is discarded. The capturing of frame data occurs whenever an IP filter matches and its debug_capture hardware flag is set. This is true regardless of how the IP filters Drop/Pass action is set. The information captured by hardware and stored in a First In First Out (FIFO) buffer for each packet is called a capture entry. A capture entry contains the following: •
A capture entry header containing some information specific to this packet
•
Up to the first 100 Bytes of the captured packet
This capture entry is read out of the FIFO by software so it can be parsed and reformatted to display as much or as little of the gathered information as desired. Capturing the first 100 bytes of a packet provides sufficient information about sources, destinations and protocols. The capture entry header reveals where the match physically occurred, and can be used to reference count information associated with the IP filter and group that matched. It also provides Trigger function type, Channel ID, and other pertinent information.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-15
13 IP Packet Filtering, Throttling, and CAR
There is no limit in software to the number of IP filters that can be enabled for packet capture, i.e., have the debug_capture bit asserted. All IP filters could be triggering packet captures. There is however a practical limit as to how many flows can be monitored and how much traffic can be passed from the hardware up to the software. This limit is difficult to define since it is based on several variables. The Debug IP Packet Capture utility has been designed to be non-interfering. Though it is possible to configure IP filters that capture huge numbers of packets, the hardware and software that gather the packets only allow as many through as can currently be processed. System performance and throughput will not suffer even if IP filters capture too many packets. In the case where a packet capturing filter matches so many packets that the hardware and software cannot process them, then these packets will be dropped from the log. The log keeps a counter that shows how many packets were dropped from the log. This does not mean that the packets were prevented from reaching their destinations; it simply means that these packet captures were not included in the log. CLI Commands
Use the following command to enable an IP filter to capture packets and send them to the capture FIFO: configure {cable|ip} filter group index log Use the No version of the previous command to disable IP packet capture for a particular filter: configure [no] {cable|ip} filter group index log To disable packet capture on all filters, use the following command: configure no {cable|ip} filter log The logging of captured packets is turned on with the following commands: configure [no] logging debug ip packet brief [slot ] The command above uses the brief option. It logs the interface on which the packet was received, including the direction, if appropriate. It also logs the source of the capture, i.e. IP filter group/index), and the SIP, DIP, and ULP. configure [no] logging debug ip packet detail [slot ]
13-16
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The second version of the command, which corresponds to the detail option, logs the contents of the packet, limited to the length that the hardware supports in the capture FIFO. Use the following command to display provisioning for filters, including whether packet capture is enabled: show {cable|ip} filter
Packet Throttling Packet throttling prevents or limits the impact of denial of service (DoS) attacks. The C4 CMTS has the ability to throttle the rate at which packets are forwarded to the SCM modules. Packet throttling for the SCM is indiscriminate: you can throttle the overall packet rate but not individual packet types. To configure protocol throttling for the SCM, use the following command: configure slot 19 proto-throttle-rate Where
slot number = 19 or 20 packets = (packets per second), valid range = 0-65535 0 = “allow none”.
Sample system response: List Elements - Protocol (arp,dhcp,icmp,ospf,rip,igmp,other) Not specifying will set the global throttle rate FCM Protocol Policing
This feature is also known as Improved Denial-of-Service Attack Protection. This feature allows the C4 to select and police packets destined for the FCM processor according to packet protocol type. By selectively throttling undesired protocol packets, the C4 can continue to function as a router during malicious attacks. This alleviates the impact of various denial of service (DOS) attacks because critical packets continue to be processed by the C4. Use the following command to set global or protocol-specific packet throttling for the FCM: configure slot proto-throttle-rate {igmp|dhcp|arp|rip|ospf|other} Where
Release 4.2, Standard
slot number = 17 or 18 for the FCM packets per second = a valid range of 0-65535 0 = “allow none”.
ARRIS PROPRIETARY — All Rights Reserved
13-17
13 IP Packet Filtering, Throttling, and CAR
If none of the optional protocol types are specified, the command serves to set the global throttle rate (total of all packet types) allowed through the FCM. Use the following command to display protocol-throttling settings and counts: show proto-throttle-rate The following is a example of the system output: Protocol Throttle Rates ----------------------FCM global packet rate: ARP packet rate: DHCP packet rate: ICMP packet rate: OSPF packet rate: RIP packet rate: IGMP packet rate: FCM other packet rate: SCM global packet rate:
13-18
900 700 500 100 100 100 100 0 900
packets/second packets/second packets/second packets/second packets/second packets/second packets/second packets/second packets/second
Protocol Received Counts -----------------------FCM global packets passed: FCM global packets dropped: ARP packets passed: ARP packets dropped: DHCP packets passed:
401 0 2 0 0
packets packets packets packets packets
DHCP packets dropped: ICMP packets passed: ICMP packets dropped: OSPF packets passed: OSPF packets dropped: RIP packets passed: RIP packets dropped: IGMP packets passed: IGMP packets dropped: FCM other packets passed: FCM other packets dropped:
0 0 0 399 0 0 0 0 0 0 0
packets packets packets packets packets packets packets packets packets packets packets
Protocol Sent Counts -------------------FCM global packets: ARP packets: DHCP packets: ICMP packets: OSPF packets: RIP packets: IGMP packets:
326 47 0 0 0 279 0
packets packets packets packets packets packets packets
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Committed Access Rate Committed Access Rate (CAR) is a rate-limiting feature for policing traffic. It enables you to classify packets using policies based on physical port, source or destination IP address, application port, IP protocol type, or other criteria specifiable by access lists or extended access lists. After a packet has been classified, traffic matching that classification can be rate limited. The C4 CMTS must be equipped with one or more GNAMs to enable this feature. The rate-limiting feature of CAR manages the access bandwidth policy for a network by ensuring that packets falling within specified rate limits are sent, while packets that exceed the acceptable limits are dropped. Specifically, the rate-limiting function of CAR does the following: •
Allows control over the maximum rate of traffic sent or received on an interface.
•
Provides the ability to define Layer 3 aggregate or granular incoming or outgoing (ingress or egress) bandwidth rate limits and to specify traffic handling policies when the traffic either conforms to or exceeds the specified rate limits.
Aggregate bandwidth rate limits match all of the packets on an interface. Granular bandwidth rate limits match a particular type of traffic based on precedence, IP address, or other parameters. CLI Commands and Examples
The Committed Access Rate feature is configured with the following CLI command: configure interface {gigabitEthernet | fastEthernet} / rate-limit {input | output} [access-group acl-index] bps burst-normal burst-max conform-action action exceed-action action This command is supported for GNAM interfaces only. This command can be entered multiple times for an interface. Each time it is entered a new set of rate limit constraints is added to the end of a list of rate limits. Use the following command to delete all rate limiting information for an interface with the following CLI command: configure interface {gigabitEthernet | fastEthernet} / no rate-limit {input | output} This command above removes the rate limiting information; it does not remove any ACLs that are referred to by the rate limiting commands. Use the following command to display the rate limits on the specified interface: show interface gigabitethernet / rate-limit
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-19
13 IP Packet Filtering, Throttling, and CAR
Sample output: gigabitEthernet 14/1 Input matches: access-group 101 params: 20000000 bps, 24000 limit, 32000 extended limit conformed 3 packets, 189 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes last cleared 00:03:59 ago matches: access-group 102 params: 10000000 bps, 24000 limit, 32000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes last cleared 00:03:59 ago matches: all traffic params: 8000000 bps, 16000 limit, 24000 extended limit conformed 5 packets, 315 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes last cleared 00:03:59 ago Output matches: all traffic params: 15000000 bps, 2812500 limit, 2812500 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes last cleared 00:03:59 ago Use the following command to display the rate limits counts on the specified interface: show interface gigabitEthernet 14/1 rate-limit counts Slot/ Port 14/1 14/1 14/1 14/1
Dir Access Group In 101 In 102 In All Out All
Rate Limit bps 20000000 10000000 80000000 150000000
-----Conform-----packets bytes 3 189 0 0 5 315 0 0
-----Exceed------packets bytes 0 0 0 0 0 0 0 0
Use the following command to provision a standard ACL: configure access-list acl-index {deny | permit} source [source-wildcard] Where the acl-index = 1-99.
13-20
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Use the following command to provision an extended ACL: configure access-list acl-index {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence][tos tos] [fragments] Where the acl-index = 100-199. When an ACL is used for rate limiting, if a packet matches a permit entry, then rate limiting is applied to the packet and processing stops. If a packet matches a deny entry, classification for that ACL stops and the packet is not policed for that ACL. If no matches are found, then the packet passes without any rate limiting. CAR supports protocol values in an extended access list of the following protocols: •
ip
•
tcp
•
udp
•
icmp
•
igmp
•
or an integer in the range from 0 to 255 representing an Internet protocol number.
Use the following commands to create a extended access list. configure access-list {{protocol-ip } | {tcp } | {udp } | {icmp [type [code]]} | {igmp [type]} | {num }} The full command is used to assign the extended ACL index in the range of 100-199, to configure the action (permit or deny policing, or to make a remark), and to configure the desired protocol. See the CLI Command Reference Manual for command syntax. If an access list is not present, the rate-limit command acts as if no access list is defined and all traffic will be rate limited accordingly. If the protocol value in an extended access list is tcp, the C4 CMTS supports the additional optional parameter string [operator [port]] after both the source- and destination-wildcard options, and the additional optional parameter [established].
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-21
13 IP Packet Filtering, Throttling, and CAR
If the protocol value in an extended access list is udp, the C4 CMTS supports the additional optional parameter string [operator [port]] after both the source- and destination-wildcard options. If the protocol value in an extended access list is icmp, the C4 CMTS supports the additional optional parameter string [icmp-type [icmpcode]]. ICMP packets can be filtered by ICMP message type. The type is a number from 0 to 255. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. The code is a number from 0 to 255. If the protocol value in an extended access list is igmp, the C4 CMTS supports the additional optional parameter string [igmp-type]. IGMP packets can be filtered by IGMP message type. A message type is a number from 0 to 15. Use the following command to delete all rate-limiting information for an interface: configure no access-list acl-index Use the show access-list command to display an access-list and its options. The GNAM supports a total of 64 access list entries per interface in each direction, and a total of 128 access list entries per GNAM in each direction. The number of access list entries for an interface is the sum of the number of access list entries in each access group assigned to an interface for rate limiting. Multiple rate limits can be specified for a single interface. The GNAMs support classification actions on matching packet of pass, drop, or police. Use the clear counters {gigabitEthernet | fastEthernet} / command the clear the rate limit counters for the specified interface. The interface rate limiting policers of the GNAMs are based on a leaky bucket function with a programmable leak rate specified in bits per second. The range extends up to 1 Gbps, and a programmable maximum burst in kBytes (max burst), with a range of 0 to 375,000,000. The GNAMs support separate actions for conforming traffic (packets when the leaky bucket depth is less than the max burst size) and exceeding traffic (packets when the leaky bucket depth is greater than the max burst size). The GNAMs count the number of packets and bytes that conform to the rate limit and the number of packets and bytes that exceed to the rate limit.
13-22
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Global Rate Smoothing for TCP Traffic Feature This feature applies to both models of CAM, the 1Dx8U and the 2Dx12U. In previous releases under certain conditions the interaction between the policing algorithm of the C4 CMTS and Transmission Control Protocol (TCP) produced undesirable effects in the downstream flow, reducing throughput. The chief causes of this reduction are the following: 1 The rate sent over a flow can go from zero to full rate instantly. TCP then assumes a fast pipe is available and it increases its rate very quickly. 2 When the max rate limit is reached, several packets in a row are usually dropped. TCP then essentially halts until the dropped packets are retransmitted. 3 The nature of the upstream channel causes TCP ACKs to bunch together. This causes data transmissions to come in clusters, increasing the damage done by reason number 2. In the upstream direction, the cable modem and the mapper effectively shape the traffic. This type of traffic control already is very effective in maximizing the TCP throughput; so the upstream is not susceptible to these three effects. Global Rate Smoothing reduces the adverse effects of the standard policer on downstream TCP traffic. Aggregate Rate Smoothing — This function slowly ramps up the rate of the aggregate throughput of the downstream pipe, minimizing the TCP fast-ramp reaction when a file transfer is started. It forces TCP into a slow rate of growth and guides the TCP rate smoothly to the desired max rate, minimizing dropped packets. An algorithm calculates the average aggregate rate over a one second period. At the end of the averaging period, the aggregated rate is compared to the preset rates and the new aggregate rate is set at the closest step above the measured rate. The aggregate rate is calculated at every packet arrival. It is used in algorithms to control the length of the idle period following each packet. Another algorithm is used to determine maximum rate throttling and is similar to the aggregate rate smoothing algorithm, but it is not calculated in the same way. Basically the maximum rate is selected: it is the maximum rate detected in the one second interval. All TCP flows are throttled, not policed, using the same rate. Early Drop Mechanism — This function drops a packet when the rate has climbed over the maximum, but before hard rate limiting kicks in. This gives an early feedback to TCP, causing it to throttle back.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
13-23
13 IP Packet Filtering, Throttling, and CAR
These two mechanisms, Aggregate Smoothing and Early Drop, are used for TCP traffic only. Non-TCP packets are always policed to the max rate, meaning all violating packets are dropped and all non-violating packets are passed. End of procedure Recommended Settings for Throttle Control
The following are recommended proto-throttle-rate settings for various router configurations. Use the following commands for simplex router configuration: configure slot 17 proto 2000 configure slot 19 proto 100 Use the following commands for simplex router configuration with IGMP enabled: configure slot 17 proto 750 configure slot 19 proto 100 Use the following commands for CCR router configuration: configure slot 17 proto 2000 configure slot 18 proto 2000 configure slot 19 proto 100 configure slot 20 proto 100 Use the following command for CCR router configuration with IGMP enabled: configure slot 17 proto 750 configure slot 18 proto 750 configure slot 19 proto 100 configure slot 20 proto 100 End of Examples
13-24
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
14. Service Class Names
Introduction
Service Class Names (SCNs) are names that serve as handles for Quality of Service (QoS) parameter sets that can be used to simplify configuration. SCNs identify the QoS parameter sets that are stored in the C4 CMTS. The SCNs are referenced by configuration files when defining service flows. Service Flows (SFs) contain classifiers which determine which packets are included in the SF. The QoS parameter set determines how the packets in the SF are treated. NOTE If there are parameters defined in the config file but also defined in an SCN referenced by that config file, the config file parameters override those found in the SCN. The config files use this information as part of setting up the service flows that govern the levels of service awarded to cable modems. Service Class Names are intended to be visible to external Operations Support Systems (OSSs). They impact billing operations because they identify SF counters that are used in the MIBs and in the billing records. From a subscriber’s perspective, service classes refer to different levels of service, each with minimum and maximum guaranteed data rates, priorities, and billing rates. An MSO might choose to offer its subscribers three classes of service and call them, for example, gold, silver, and bronze. Subscribers opting for Gold Service would pay a premium and would be given priority over others. They would benefit from higher bandwidth even during peak access times. Bronze subscribers would pay a minimum rate. Their upstream and downstream rates would be much lower. Depending on how the MSO sets it up, Bronze Service might be satisfactory for mail but not for web surfing. Silver would be fine for most subscribers: it would be much faster and more reliable than dial-up service.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
14-1
14 Service Class Names
NOTE The service class names used in this section are provided as an example only. The MSO may name and configure service class names according to their preference or standard. A Service Class Name (SCN) is an ASCII string associated with a predefined set of Quality of Service (QoS) parameters provisioned in the C4 CMTS. The SCN is named in the configuration file. When a cable modem registers, its configuration file causes a service flow to be created using the QoS parameters defined by its SCN. A Service Class Name: •
Enables billing and other Operations Support Systems (OSSs) to distinguish service flows by SCN
•
Simplifies the CM configuration file
•
Simplifies the TFTP configuration file
•
Allows higher-layer applications to create a service flow by Service Class Name; these SCNs typically correspond to advertised levels of subscriber service
•
Has a maximum length of 15 characters and is case-sensitive.
The Service Class Name is expanded to its defined set of QoS parameters at the time the C4 CMTS successfully admits the service flow. The QoS MIB defines the parameters listed in Table 14-1, QoS Parameters Included in a Service Class Name, on page 14-3. For greater detail on these parameters, refer to CableLabs’ Radio Frequency Interface Specification, SP-RFIv1.1I07-010829, Section 8 and Appendix C. NOTE SCNs may be configured in the C4 CMTS via SNMP using a CM management system. This CM management system would define SCNs and define CM configurations as part of a service-level definition process. SCN Example
The following examples illustrate scenarios in which service class names are assigned into tiered services – for example Gold, Silver and Bronze. Gold Example — This service class may be structured as follows:
14-2
•
GoldUp—Scheduling Type = 7 (BE), Traffic Priority = 5, a high-priority flow
•
GoldDown—Scheduling Type = 7 (BE), Traffic Priority = 5, a highpriority flow
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Silver Example — This service class may be structured as follows: •
SilverUp—Scheduling Type = 7 (BE), Traffic Priority = 3, a mediumpriority flow.
•
SilverDown—Scheduling Type = 7 (BE), Traffic Priority = 3, a mediumpriority flow.
Bronze Example — This service class may be structured as follows:
Additional SCN Examples
•
BronzeUp—Scheduling Type = 7 (BE), Traffic Priority = 1, a lowpriority flow.
•
BronzeDown—Scheduling Type = 7 = (BE), Traffic Priority = 1, a lowpriority flow.
Extra service flows could be added using the following service class examples: •
VoIPup—Scheduling Type = 5 (UGS-AD), a strict priority flow configured for G.711 voice.
•
VoIPdown—Scheduling Type = 0, Traffic Priority = 7, a strict priority flow.
•
MPEGup—Scheduling Type = 4 (rtPS), a strict priority flow. Each tiered service could have flow parameters adjusted to provide greater throughput for higher tiers.
•
MPEGdown—Scheduling Type = 0, Traffic Priority = 6, a strict priority flow.
•
FTPup—Scheduling Type = 3 (nrtPS), a WRR flow. This could have a Traffic Priority = 2.
•
FTPdown—Scheduling Type = 0, Traffic Priority = 2, a WRR flow.
Table 14-1: QoS Parameters Included in a Service Class Name Parameter
Keyword Syntax
Purpose
All Flows ServiceClassName (SCN)
name
A predefined Quality of Service that is applied to cable modems by a configuration file and used to encode a Service Flow according to the parameter values found in the SCN. This name is case sensitive; maximum length = 15 characters.
Priority
[priority ]
Allows service flows to be given priority for delay and buffering. The C4 CMTS uses this field to assign traffic priorities, which are implemented using a queuing system.
MaxTrafficRate
[max-tr-rate ]
This parameter is the rate parameter R of a token-bucket-based rate limit for packets. R is expressed in bits per second. This rate expresses an upper boundary, not a guarantee that the rate is available.
MaxTrafficBurst
[max-tr-burst ] Specifies the token bucket size B (in bytes) for this Service Flow.
MinReservedRate
[min-res-rate ]
Release 4.2, Standard
Specifies the minimum rate, in bits/sec, reserved for this Service Flow. If CM requests less bandwidth than this minimum, the C4 CMTS may reallocate the excess.
ARRIS PROPRIETARY — All Rights Reserved
14-3
14 Service Class Names
Table 14-1: QoS Parameters Included in a Service Class Name (Continued) Parameter
Keyword Syntax
Purpose
MinReservedPkt
[min-res-pkt ]
Specifies an assumed minimum packet size (in bytes) for which the Minimum Reserved Traffic Rate will be provided.
ActiveTimeout
Specifies the maximum duration resources remain unused on an active Service Flow. If [active-tmout ] there is no activity on the Service Flow within this time interval, the CMTS MUST change the active and admitted QoS Parameter Sets to null.
AdmittedTimeout dir
[adm-tmout ]
Specifies the duration that the C4 CMTS MUST hold resources for a Service Flow’s Admitted QoS Parameter Set while they are in excess of its Active QoS Parameter Set. Indicates direction: 1 = downstream 2 = upstream
Upstream Flow Only Parameters
MaxConcatBurst
[max-burst ]
Specifies the maximum concatenated burst (in bytes) which a Service Flow is allowed. This parameter is calculated from the FC byte of the Concatenation MAC Header to the last CRC in the concatenated MAC frame.
SchedulingType
[type ]
Specifies which upstream scheduling service is used for upstream transmission requests and packet transmissions. If this parameter is omitted, then the Best Effort service MUST be assumed.
NomPollInterval
[poll-int ]
Specifies the nominal interval (in units of microseconds) between successive unicast request opportunities for this Service Flow on the upstream channel. This parameter is typically suited for Real-Time and Non-Real-Time Polling Service.
TolPollJitter
[poll-jitter ]
Specifies the maximum amount of time that the unicast request interval may be delayed from the nominal periodic schedule (measured in microseconds) for this Service Flow.
UnsolicitGrantSize
[grant-size ]
Specifies the unsolicited grant size in bytes.
[grant-int ]
Specifies the nominal interval (in units of microseconds) between successive data grant opportunities for this Service Flow. Required for UGS and UGS/AD
[grant-jitter ]
Specifies the maximum amount of time (in microseconds) that the transmission opportunities may be delayed from the nominal periodic schedule for this Service Flow. Required for UGS and UGS/AD
[grants-per-int ]
For UGS, the value of this parameter indicates the actual number of data grants per NominalGrant Interval. For UGS/AD, the value of this parameter indicates the maximum number of Active Grants per Nominal Grant Interval. This is intended to enable the addition of sessions to an existing UGS Flow via the Dynamic Service Change mechanism, without negatively impacting existing sessions.
[and-mask ] [or-mask ]
IP Type of Service overwrite. Enables CMTS to overwrite original Type of Service (ToS) byte with new value.
[req-policy ]
Specifies which IUC opportunities the CM uses for upstream transmission requests and packet transmissions for this Service Flow, whether requests for this Service Flow may be piggybacked with data and whether data packets transmitted on this Service Flow can be concatenated, fragmented, or have payload headers suppressed.
NomGrantInterval
TolGrantJitter
GrantsPerInterval
TosAndMask TosOrMask
RequestPolicyOct
Downstream Flow Only Parameters MaxLatency
14-4
[max-lat ]
Maximum downstream latency — a service commitment by CMTS to forward a packet received on a network side interface to the RF interface within the specified number of microseconds.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table 14-2 compares typical throughputs of sample service classes. Each advertised subscriber service should have a corresponding Service Class Name. These SCNs are called on by the configuration files used to register CMs and by the C4 CMTS to build Service Flows for subscribers. Table 14-2: Examples Tiered Services and Bit Rates
Commands for Adding Service Class Names (VoIP Example)
Name
Direction
Maximum Traffic Rate in Kbps
GoldUp
upstream
192
GoldDown
downstream
1024
SilverUp
upstream
128
SilverDown
downstream
512
BronzeUp
upstream
64
BronzeDown
downstream
256
Use the following CLI commands to add a VoIP Service Class conforming to the G.711 standard. configure qos-sc name VoIPG711 min-res-pkt 0 configure qos-sc name VoIPG711 grant-size 109 configure qos-sc name VoIPG711 grant-int 10000 configure qos-sc name VoIPG711 grant-jitter 1000 configure qos-sc name VoIPG711 grants-per-int 1 configure qos-sc name VoIPG711 max-lat 0 configure qos-sc name VoIPG711 active-tmout 0 configure qos-sc name VoIPG711 adm-tmout 200 configure qos-sc name VoIPG711 type 6 configure qos-sc name VoIPG711 req-policy 000001ff configure qos-sc name VoIPG711 and-mask 00 configure qos-sc name VoIPG711 or-mask 28 configure qos-sc name VoIPG711 dir 2
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
14-5
14 Service Class Names
14-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
15. Authentication, Authorization, and Accounting (AAA)
Topics
Release 4.2, Standard
Page
AAA Feature
2
Servers and Server Groups
5
Secure Shell Protocol (SSH2)
14
In-Band Management with ACLs
22
Routing to a Null Interface
24
Source Verification of Cable-side IP Addresses
25
Upstream Load Balancing (ULB)
27
DSx DQoS VoIP on the C4 CMTS
29
C4 CMTS Advanced CM Configuration File Verification
31
ARRIS PROPRIETARY — All Rights Reserved
15-1
15 Authentication, Authorization, and Accounting (AAA)
AAA Feature The AAA feature enhances the authentication, authorization, and accounting capabilities of the C4 CMTS through the introduction of the RADIUS and TACACS+ protocols. These protocols not only standardize the interface to a network element’s AAA capabilities, but also enable centralized administration of security policies across a network of heterogeneous elements. AAA allows a customer to:
Definitions and Abbreviations
•
Maintain a central database of user IDs, user groups, passwords, and authentication policies.
•
Customize access policies for the C4 command set.
•
Maintain standardized, centralized security accounting records.
authentication — the process of identifying an individual, usually based on a username and password. authorization — the process of granting individuals access to system resources or functions based on the level of service assigned to them. accounting — the process of tracking an individual's activity while accessing a system’s resources, including the amount of time spent on the system, the services accessed, and amount of data transferred. line — a point of origin for CLI sessions. The C4 supports a single console line (the SCM serial port), and several virtual terminal lines (telnet sessions). RADIUS — Remote Authentication Dial-In User Service TACACS+ — Terminal Access Controller Access Control System Plus vty — Virtual terminal
The AAA Model
15-2
The AAA security model is an architectural framework for the implementation and management of common security functions within a network of heterogeneous elements. The model distinguishes authentication (verification of a user’s identity) from authorization (verification that a user’s actions are permissible) and offers accounting services with respect to both. Moreover, the model separates security policy from policy enforcement thereby enabling a distributed security scheme with centralized policy management for each independent function. Figure 15-1 provides a network-level illustration.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
login attempt
Router
Authentication Servers
Authorization Servers login attempt
command xyz
C4 CMTS
Accounting Servers
Figure 15-1: AAA Security Model In Figure 15-1, the C4 CMTS and the Router are AAA clients that defer login authentication and command authorization responsibilities to remote servers. Information regarding each authentication or authorization exchange is forwarded to accounting servers where historical records of user activity are maintained. Note that the AAA model itself does not demand a distributed security scheme but simply offers enough flexibility to accommodate it. Any or all of the AAA functions can be administered locally at an element. For example, an element can defer login authentication to a remote authority but authorizes each command locally based on element-specific policy such as the user’s privilege level. Similarly, an element can authenticate locally (e.g., from a password file) but defers authorization to an external server on a per-command basis. AAA Protocols
Release 4.2, Standard
Several protocols are available for client/server communications in an AAA security implementation including TACACS+ and RADIUS. TACACS+ is a TCP-based protocol supporting distinct request/response transactions for authentication, authorization, and accounting. RADIUS is more complex and is based on UDP protocol. It supports request/response transactions for authentication and accounting only. With RADIUS, simple authorization is included as part of the authentication process. TACACS+ supports full payload encryption via Message Digest version 5 (MD5). RADIUS supports only MD5-based encryption of transmitted passwords.
ARRIS PROPRIETARY — All Rights Reserved
15-3
15 Authentication, Authorization, and Accounting (AAA)
Both RADIUS and TACACS+ offer authentication for a wide variety of user services including login, PPP, SLIP, privilege-level change (e.g., entering enable mode), and password change. Both employ an unbounded, servercontrolled challenge-response mechanism in which the server may issue any number of challenges to a user prior to accepting or rejecting a service request. If the server rejects a service request, the client drops the connection. Otherwise, the client establishes the service parameters (e.g., session timeout, idle timeout, privilege level) as directed by the server and initiates the service. RADIUS supports authorization indirectly through the parameterization of the user session at the conclusion of successful authentication. Only TACACS+ directly supports authorization for user activities via independent request/response transactions. With TACACS+, the client forwards each user command along with any associated arguments to the server where the accept/reject decision is made. On acceptance, the server may add additional arguments to the command line or may even override the entire argument list. The client is responsible for executing the accepted command with the server-supplied argument additions or overrides. TACACS+ supports both shell and command accounting, while RADIUS supports shell accounting only. Both protocols employ a similar mechanism in which the client autonomously forwards start-of-service and end-ofservice information to an accounting server. This information can include the number of bytes or packets transmitted or received, the elapsed time in seconds, the reason for termination, etc. For shell accounting, successful authentication represents the start of service and session termination represents the end of service. For command accounting, successful authorization represents the start of service and command completion represents the end of service. Line Interfaces
Login and enable services are available via telnet sessions over the SCM maintenance ethernet interface and via the SCM console. Since each interface offers a different level of physical security, each may require a different level of AAA services or possibly none at all. Cisco refers to these interfaces as “lines” and provides AAA configuration capabilities on a perline basis. The line interface is also the target of non-AAA configuration parameters such as data rate, session timeout value, idle timeout value, pagination, and line password. Cisco’s line interface model is included as part of this feature.
AAA Functions Supported by the C4 CMTS
The initial introduction of AAA security in the C4 CMTS includes the AAA security model itself and the RADIUS and TACACS+ protocols. Since the C4 CMTS does not support network-based services such as PPP or SLIP,
15-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
only login and enable services are considered for authorization. Only command services are considered for authorization for similar reasons. Key capabilities include: •
Configuration of login authentication methods on a per-line basis
•
Configuration of enable authentication methods on a per-line basis
•
Line-based authentication
•
Enable-based authentication
•
Local authentication
•
Authentication via TACACS+
•
Authentication via RADIUS
•
Configuration of authorization methods on a per-interface basis
•
Local authorization
•
Authorization via TACACS+
•
Shell and command accounting via TACACS+
•
Shell accounting via RADIUS
Servers and Server Groups RADIUS Servers and Server Groups
Release 4.2, Standard
RADIUS uses UDP/IP for all client/server communication and requires MD5-based encryption of any transmitted user password. A RADIUS client must therefore be provisioned with server-specific parameters such as IP address, port numbers, and shared secret. Some network architectures may require multiple servers for reliability purposes. Other architectures may require independent RADIUS servers (or server clusters) for each supported AAA function.
ARRIS PROPRIETARY — All Rights Reserved
15-5
15 Authentication, Authorization, and Accounting (AAA)
The C4 CMTS supports six independently configurable RADIUS servers. The current implementation of RADIUS has the following characteristics:
TACACS+ Servers and Server Groups
•
Configuration information must include the server’s IP addresses, authorization port number, accounting port number, shared secret, timeout value, and retransmission limit.
•
Support for two independently configurable RADIUS server groups. Configuration information must include the group name and a list of RADIUS servers belonging to the group.
•
A single RADIUS server may be assigned to multiple server groups. This facilitates support of backup servers.
•
Server and server group configuration information persists across system reboots and power-cycles.
•
By default no RADIUS servers exist; the skeleton database does not contain RADIUS server configuration information.
•
By default no RADIUS server groups exist; the skeleton database does not contain RADIUS server group configuration information.
TACACS+ uses TCP/IP for all client/server communication and requires payload encryption via MD5. A TACACS+ client must therefore be provisioned with server-specific parameters such as IP address, port number, and shared secret. Some network architectures may require multiple servers for reliability purposes. Other architectures may require independent TACACS+ servers (or server clusters) for each AAA function. The C4 CMTS supports six independently configurable TACACS+ servers. The current implementation of TACACS+ has the following characteristics:
15-6
•
Configuration information must include the server’s IP addresses, port number, shared secret, and timeout value.
•
Support for three independently configurable TACACS+ server groups. Configuration information must include the group name and a list of TACACS+ servers belonging to the group.
•
A single TACACS+ server may be assigned to multiple server groups (multiple TACACS+ server groups may share common backup servers).
•
All TACACS+ server and server group configuration information must persist across system reboots and power-cycles.
•
By default no TACACS+ servers exist; the skeleton database does not contain TACACS+ server configuration information.
•
By default no TACACS+ server groups exist; the skeleton database does not contain TACACS+ server group configuration information.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Authentication Method Lists
The authentication function may be assigned to one or more TACACS+ server groups, to one or more RADIUS server groups, or to any of several local methods including the line password, the enable password, or the local user/password file. Moreover, authentication may be assigned to several of these methods in order of preference such that method n is employed if method n-1 is not available. This ordered list of methods is referred to as an authentication method list. The C4 CMTS supports six independently configurable authentication method lists. The system must be capable of maintaining unique parameter values for at least six authentication method lists. This provides four independent lists for console and vty login and enable authentication, plus two additional lists for testing configuration changes. The authentication method lists have the following characteristics:
Authorization Method Lists
•
Configuration information must include the list’s name and an ordered list of authentication methods (TACACS+, RADIUS, local password file, line password, enable password, and none).
•
By default, no authentication method lists exist; the skeleton database does not contain authentication method list configuration information.
•
Authentication method list configuration information persists across system reboots and power-cycles.
The authorization function may be assigned either to one or more TACACS+ server groups or to the privilege level associated with the current user ID. As with authentication, authorization may be assigned to multiple methods in order of preference such that method n is employed if method n-1 is not available. This ordered list of methods is referred to as an authorization method list. The C4 CMTS supports three independently configurable authorization method lists. The authorization method lists have the following characteristics:
Accounting Method Lists
Release 4.2, Standard
•
Configuration information must include the list’s name and an ordered list of authorization methods (TACACS+, local, and none). (two independent lists for console and vty authorization, plus one additional list for testing configuration changes).
•
By default, no authorization method lists exist; the skeleton database does not contain authentication method list configuration information.
•
Authorization method list configuration information persists across system reboots and power-cycles.
The accounting function may be assigned to one or more TACACS+ server groups, to one or more RADIUS server groups, or to the local logging function of the C4 CMTS. As with authentication and authorization, accounting
ARRIS PROPRIETARY — All Rights Reserved
15-7
15 Authentication, Authorization, and Accounting (AAA)
may be assigned to multiple methods in order of preference such that method n is employed if method n-1 is not available. This ordered list of methods is referred to as an accounting method list. The C4 CMTS supports six independently configurable accounting method lists. The accounting method lists have the following characteristics:
Lines
•
Configuration information must include the list’s name and an ordered list of accounting methods (TACACS+, RADIUS, local, and none) (four independent lists for console and vty shell and command accounting, plus two additional lists for testing configuration changes).
•
By default, no accounting method lists exist; the skeleton database does not contain authentication method list configuration information.
•
Accounting method list configuration information persists across system reboots and power-cycles.
A line is any point of origin for a CLI session. The C4 currently supports two types of lines: console lines and vty (virtual terminal) lines. A console line is a CLI session over the SCM’s console port, while a vty line is a CLI session over telnet. All lines are independently configurable. This allows an operator to modify the configuration of a given line without affecting the configuration of other lines of the same type. For example, a user logged in on vty 0 may disable/enable pagination without disturbing the state of pagination on vty 1 through vty 6. The following points are a summary of the provisioning of the line interfaces: •
15-8
The C4 CMTS supports eight independently configurable lines: one console line and seven vty lines. Configuration information must minimally include session timeout, idle timeout, pagination mode, and password.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The system must be capable of maintaining unique parameter values for one console line and seven vty (telnet) lines numbered 0 through 15. The session timeout provides the maximum session length in seconds. A value of zero (default) indicates no timeout. The idle timeout provides the maximum idle time in seconds. A value of zero (default) indicates no timeout. The pagination mode provides the number of lines of consecutive output to display before pausing and prompting. A value of zero (default) indicates no pagination. The password provides the line password used for authentication if line-based authentication is active. By default, the line password is undefined. •
The console line’s data rate is configurable.
•
The configuration of login authentication, enable authentication, authorization, shell accounting, and command accounting services are supported on a per-line basis.
•
By default, one console line exists. Since console 0 is the new-start configuration port and is physically secure, it exists by default (i.e., as part of the skeleton database).
•
By default, no vty lines exist. Vty lines are not new-start configuration ports and are not necessarily physically secure. They exist only if they are manually configured. This implies that telnet services are not available on the C4 by default.
•
By default, login authentication is disabled on all lines. Until authentication is manually configured, access to any of the configured lines is granted without challenge.
•
By default, enable authentication is disabled on all lines. Until enable authentication is manually configured, access to enable mode on any of the configured lines is granted without challenge.
•
By default, authorization is disabled on all lines. Until authorization is manually configured, any command may be entered on any line without challenge. Note that this does not include the “enable” command. The enable command represents a change of privilege level; therefore, it is subject to authentication rather than authorization.
•
By default, accounting is disabled on all lines. Until accounting is manually configured, no authentication or authorization activities may generate accounting records.
•
All line configuration information persist across system reboots and power-cycles. This includes line-specific parameters (e.g., time-outs, baud rate), authentication information, authorization information, and accounting information.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-9
15 Authentication, Authorization, and Accounting (AAA)
Common CLI Commands for AAA
Use the following command to configure RADIUS servers and server groups. Each server may be configured with an IP address, shared secret, authorization port number, accounting port number, timeout value, and retransmission limit. Each group may be configured with a group name and one or more RADIUS servers. All servers are automatically assigned to the RADIUS server group named default.
configure radius [no] { group string host ipAddress | host ipAddress [key string] [hidden] [auth-port integer] [acct-port integer] [timeout integer] [retransmit integer] } Consider the following examples: configure radius host 10.9.8.7 key hostRadKey configure radius host 10.9.8.6 key hostRadKey configure radius host 10.9.8.5 key hostRadKey timeout 2 retransmit 5 configure radius group group1 host 10.9.8.7 configure radius group group1 host 10.9.8.6 This sequence defines three RADIUS servers - 10.9.8.7, 10.9.8.6, and 10.9.8.5 – all of which use the same shared secret (hostRadKey). Servers 10.9.8.7 and 10.9.8.6 use the default timeout and retransmit values of 5 and 3, while server 10.9.8.5 uses a timeout value of 2 and a retransmit value of 5. All severs are members of the default RADIUS server group, while servers 10.9.8.7 and 10.9.8.6 are assigned to RADIUS server group group1. Use the following command to display all configured RADIUS server groups, the members of each group, and the operational parameters of each group member. If the detail keyword is added, then utilization and performance measurements are also displayed for each RADIUS server. show radius [detail] Use the following command to configure TACACS+ servers and TACACS+ server groups. Each server may be configured with an IP address, shared secret, TCP port number, and timeout value. Each group may be configured with a group name and one or more TACACS+ servers. All hosts are automatically assigned to the TACACS+ server group named default. configure tacacs [no] { group string host ipAddress | host ipAddress [key string] [port integer] [timeout integer] [single-connection]}
15-10
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Consider the following examples: configure tacacs host 10.9.8.7 key hostTacKey configure tacacs host 10.9.8.6 key hostTacKey configure tacacs host 10.9.8.5 key hostTacKey timeout 40 configure tacacs group group1 host 10.9.8.7 configure tacacs group group1 host 10.9.8.6 This sequence defines three TACACS+ servers - 10.9.8.7, 10.9.8.6, and 10.9.8.5 – all of which use the same shared secret (hostTacKey). Servers 10.9.8.7 and 10.9.8.6 use the default timeout value of 0 which implies no timeout, while server 10.9.8.5 uses the timeout value of 40. All severs are members of the default TACACS+ server group, while servers 10.9.8.7 and 10.9.8.6 are assigned to TACACS+ server group group1. Use the following command to display all configured TACACS+ server groups, the members of each group, and the operational parameters of each group member. If the detail keyword is added, then utilization and performance measurements are also displayed for each TACACS+ Server. show tacacs [detail] Keywords specifying authentication methods may appear in any order, and they may be repeated. The order of keywords specifying authentication methods is significant in that method n is applied if and only if method n1 is unavailable.
configure [no] authentication listName [line] [enable] [local] [radius {groupName | default}] [tacacs {groupName | default}] [none] The following commands are valid examples: configure authentication list1 tacacs tac_default local configure authentication list2 radius group1 tacacs group2 line none They define two authentication method lists: list1 and list2. The first list specifies two authentication methods: the default TACACS+ server group and the local user/password file. The second list specifies four authentication methods: RADIUS server group group1, TACACS+ server group group2, the line password, and finally no authentication. configure [no] authorization listName [local] [tacacs {groupName | default}] [none]
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-11
15 Authentication, Authorization, and Accounting (AAA)
As with authentication, the keywords specifying authorization methods may appear in any order, and they may be repeated. The order of keywords specifying authorization methods is significant in that method n is applied if and only if method n-1 is unavailable. Use the following command to configure accounting method lists: configure [no] accounting listName [local] [radius {groupName | default}] [tacacs {groupName | default}] As with authentication and authorization, the keywords specifying accounting methods may appear in any order, and they may be repeated. The order of keywords specifying accounting methods is significant in that method n is applied if and only if method n-1 is unavailable. The following commands are valid examples: configure accounting list1 tacacs default local configure accounting list2 radius group1 tacacs group2 They define two accounting method lists: list1 and list2. The first list forwards accounting records to the default TACACS+ group or to the local log if the default TACACS+ group is unavailable. The second list forwards accounting records to RADIUS group1 or to TACACS+ group2 if RADIUS group1 is unavailable. Use the following command to configure lines, either consoles or virtual terminals (VTYs): configure line { console | vty } startLine [endLine] [no] [session-timeout integer] [idle-timeout integer] [length integer] [password [hidden] string] ] [speed integer] [authentication [login | enable] authenticationList] [authorization authorizationList] [accounting {shell | command integer} [stop-only] accountingList]
Since the C4 currently supports a single console port and up to seven telnet sessions, the commands shown in Table 15-1 are possible: Table 15-1: Examples of Commands for Configuring Console Port and Telnet Sessions Command
Purpose
configure line console 0
To configure the SCM console port
configure line vty 0 15
To configure all telnet sessions
configure line vty 1
To configure the second telnet session only Each of these commands should cause the CLI to enter line configuration mode where any of the remaining parameters may be set or unset.
15-12
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Use the following command to view the status of the active lines: show line [detail] Enabling CLI Password Control for Privileged Commands
Use the following command to set a password or encrypted password for granting access to privileged commands. See configure enable in chapter 26, CLI Command Descriptions, for details. configure enable password Use the following command to add a local user password: configure user password
RADIUS Defaults
The following table lists default values for the RADIUS configuration commands.
Table 15-2: RADIUS Default Values Command Keyword
Description
Default Value
Group
RADIUS Server Group Name
default
Host
IP address of RADIUS Server
None
Key
Shared Secret
None
[hidden]
Specifies whether the specified key is encrypted.
Auth-port
RADIUS server’s UDP port number for authentication
1812
Acct-port
RADIUS server’s UDP port number for accounting
1813
Timeout
Time, in seconds, that the C4 CMTS will wait for a response from the server before attempting a retransmission
5
Number retransmissions before C4 CMTS declares server unreachable
3
Retransmit TACACS+ Defaults
The following table lists default values for the TACACS configuration commands.
Table 15-3: TACACS+ Default Values Command Keyword
Description
Default Value
Group
TACACS Server Group Name
default
Host
IP address of TACACS Server
None
Key
Shared Secret
None
Port
TACACS server’s TCP port number
49
Time, in seconds, that the C4 CMTS waits for a response from the server before aborting a TACACS transaction.
3
Timeout
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-13
15 Authentication, Authorization, and Accounting (AAA)
Table 15-3: TACACS+ Default Values Command Keyword
Single-connect
Description
Default Value
If true, indicates that the server supports multiplexing multiple TACACS+ sessions over a single connection.
false
Secure Shell Protocol (SSH2) The Cadant C4 CMTS Secure Shell protocol version 2 (SSH2) feature provides enhanced privacy and security, including:
Setting up the SSH Server
•
Secure encrypted connection capabilities using an SSH2 server
•
User authentication by internal password
•
External RADIUS authentication, TACACS+ authentication, or user digital signatures (public keys)
•
Secure connections to the Cadant C4 CMTS CLI and file systems.
You may use the following commands to enable SSH: configure crypto key generate dsa configure ip ssh no shutdown Finally, use show processes | include ssh to verify that the ssh daemon has started. Look for the line beginning with ipssh.
Feature Description
15-14
SSH is a secure user authentication and connection protocol that operates over TCP/IP. The following characteristics apply to the Cadant C4 CMTS implementation of SSH2: •
SSH can work with insecure legacy remote connection protocols such as Telnet and FTP, or can be configured to replace them
•
SSH clients connect to SSH servers using TCP port 22
•
SSH multiplexes multiple sessions over a single TCP port. UDP is not supported.
•
SSH uses encryption to secure all traffic in the connection
•
Connection cipher is auto-negotiated from a list of candidates such as 3DES, Arcfour, Blowfish, etc.
•
Diffie-Hellman key exchange establishes the transmission key for the SSH session
•
SSH can use passwords or user public keys to authenticate users
•
The Cadant C4 CMTS SSH2 server supports secure CLI login and FTP services only.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
NOTE Secure CLI will look and perform the same as existing CLI. Users must enter an enabling password to execute configuration commands. After successful user authentication, the SSH2 server creates a CLI shell process. Secure FTP (SFTP) is not available with Release 4.2. SSH2 Security Highlights and Compatibility
CLI Commands
SSH2 allows for the following security features: •
User passwords may be authenticated via RADIUS
•
Users can be authenticated via user public keys (instead of only passwords)
•
User passwords and enabling authorizations may be authenticated via TACACS
•
SSH2 is not backward compatible with SSH1
•
The Cadant C4 CMTS supports SSH protocol version 2 (SSH2) only
•
SSH2 clients include openSSH for Unix, and PuTTY, Secure CRT & SecureFX for Windows.
CLI commands are provided to configure, operate, and maintain the SSH2 server. Management Commands — Use the following command to display active SSH sessions: show ip ssh Use the following command to display the SSH server configuration: show ip ssh config
Starting an SSH2 server
Use the following command to start the SSH2 server configure ip ssh no shutdown NOTE This will fail if no server host keys have been installed. To generate the DSA public and private keys, use the configure crypto key generate dsa command. Use the following command to restart the SSH2 server after a configuration change: configure ip ssh restart The default settings will change only when the SSH2 server restarts. All existing sessions are terminated on a restart; login is available after restart is complete (generally under 1 second).
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-15
15 Authentication, Authorization, and Accounting (AAA)
NOTE Use the configure ip ssh shutdown command carefully. If the SSH2 server is shutdown, you will not be able to use the SSH2 client to issue the restart command. Configuring Server Commands
The commands in this section are used to change the SSH server's default settings. Use this first command to change the default port from 22 to another port number: configure ip ssh port Use the following command to set the time in minutes the session can remain idle before it will timeout. The default is zero, which stands for unlimited — no amount of idle time will cause the session to timeout: configure ip ssh idle-timeout Use the following command to list the available ciphers. The default is all ciphers: configure ip ssh [aes] [blowfish] [cast] [arcfour] [3des] Use the following command to allow or disallow password authentication: configure ip ssh [no] password-auth Use the following command to allow or disallow user digital signature (public key) authentication. configure ip ssh [no] public-key-auth
Managing User Public Keys
To add a user public key to the Cadant C4 CMTS, follow these steps: 1 Only a DER-encoded key is supported by the C4 CMTS. Openssh and SSH2/IETF key formats are not supported in software release 4.2. DER-encoded keys must be in PEM format. 2 Upload the user's DSA format PEM-encoded public key file into the following location on the C4 CMTS: /system/sec/ssh/user. 3 The user public file must have the following naming convention: .pem where the User Name is the user’s login name. 4 Use legacy FTP to upload the user's public key file only — do not upload the private key file!
Verification of SSH and PuTTY Setup
15-16
Use the following to procedures to set up SSH on the C4 CMTS and to use the PuTTy utility for public key authentication.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Procedure 15-1
Setting up SSH on the C4 CMTS 1 Create the directory /system/sec/ssh/server 2 Execute the command: configure crypto key generate dsa 3 Execute the command: configure ip ssh no shutdown 4 Execute the command: configure ip ssh restart End of procedure
Procedure 15-2
PuTTY, SSH, Public Key Authentication Follow this procedure if you wish to connect securely to the C4 CMTS using PuTTY and SSH with public key authentication: 1 Telnet to a Unix machine which is configured with openSSL crypto and sshkeygen utilities. login: serial pwd: serial 2 Execute the command: ssh-keygen -t dsa -f id_dsa.pem The file id_dsa.pem will be the private key file. If id_dsa.pem already exists, overwrite it. 3 You will be prompted for a pass phrase. If you want to be prompted for this pass phrase when you authenticate to the C4 CMTS, enter one. If not, you can hit enter twice. The pass phrase is the SSH password; it must be at least 4 characters long. 4 Execute the command: openssl dsa -in id_dsa.pem -outform PEM -pubout -out .pem Replace with the desired username, for example, C4. If you entered a pass phrase when the key was created, you will be prompted to enter it again.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-17
15 Authentication, Authorization, and Accounting (AAA)
5 A file will be created called ".pem". This is this user's public key file and must be FTP'd to the C4 CMTS running SSH. Place the file in /system/sec/ssh/user. You may have to create the /user directory. 6 At the C4 CMTS, restart the SSH server: configure ip ssh restart 7 From your PC, run PuTTYgen. PuTTYgen can be downloaded from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html 8 On the menu bar select Conversions --> import key. Open the private key file you created above called id_dsa.pem. If you entered a pass phrase when the key was created you will be prompted to enter it again. 9 Click the "Save private key" button to save the private key file with a ".ppk" extension; call it .ppk or something that correlates it with the username you entered above. This is PuTTY's private key file format and is different from OpenSSH and ssh.com (IETF SECSH). 10 From your PC, open PuTTY. Create a profile for connecting to the SSH server. On the left side of the PuTTY window you will see a pane called “Category”. Select Connection --> SSH --> Auth, and in the “Private key file for authentication” browse to the public key file (the .ppk file you converted with PuTTYgen). Go back to 'Sessions'. Enter the IP address, SSH, Name of 'Saved Session' file and save your profile. 11 Connect to the C4. Login with , whatever filename you called the .pem public key file you FTP’d to the C4 CMTS. If you entered a pass phrase you will be prompted to enter this as well. Proceed to login to the C4 CMTS in the same way as with telnet. End of procedure Storing Server Private Keys
To store a private key to the Cadant C4 CMTS follow these steps: 1 Only a DER-encoded key is supported by the C4 CMTS. Openssh and SSH2/IETF key formats are not supported in software release 4.2. DER-encoded keys must be in PEM format. 2 Update the server DSA format PEM encoded public and private key files into any location on the C4 CMTS. 3 Import the keys into the MIB tables for use during CCR soft-switches with the following commands: configure crypto key import public-key {path}/{filename} configure crypto key import private-key {path}/{filename} 4 Use legacy FTP to upload the server’s private key file.
15-18
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Feature Dependencies
No alarms are associated with the C4 CMTS SSH feature. No performance monitoring is provided with the C4 CMTS SSH feature. No new hardware is needed to support this feature. If the SSH server's host public/private DSA key pair is not recovered after a system outage, then a new key pair must be generated before the SSH server can be started.
Table 15-4: SSH Server Operating Parameters Parameter
CLI Command (config)
Comment
TCP port
ip ssh port
Default is port 22.
Session idle timeout (minutes)
ip ssh idle-timeout
Default is 0 (unlimited). Note well that CLI time is in minutes but SSH2 server time is in seconds.
Max SSH clients
ip ssh max-clients
Default is 0 (unlimited).
Choice of cipher set (choose any or all)
ip ssh ciphers [aes] [blowfish] [cast] [arcfour] [3des]
Available ciphers are aes, blowfish, cast, arcfour, and 3des. Default is all ciphers are available.
Allow/Disallow password authentication
ip ssh password-auth ip ssh no password-auth
Password authentication is allowed. If disallowed, any password authentication from the client is rejected. If both password and public key authentications are disallowed then all client authentication requests will be rejected. Default is allowed.
Allow/Disallow user public key authentication
ip ssh public-key-auth ip ssh no public-key-auth
User public key authentication is allowed. If disallowed then any public key authentication from the client is rejected. If both password and public key authentications are disallowed then all client authentication requests will be rejected. Default is allowed.
Require/Do Not Require password authentication
ip ssh password-auth-req ip ssh no password-auth-req
The server requires password authentication before a client is considered logged in. password-auth must be allowed, otherwise this command has no effect. If not required, the client can choose whether or not to use password authentication. Default is not required.
Require/Do Not Require public key authentication
ip ssh public-key-auth-req ip ssh no public-key-auth-req
The server requires public key authentication before a client is considered logged in. Public-key-auth must be allowed, otherwise this command has no effect. If not required, the client can choose whether or not to use public key authentication. Default is not required.
Require/Do Not Require public key authentication first
ip ssh public-key-auth-first ip ssh no public-key-auth-first
If both password and public key authentications are required, this command requires public key authentication to be performed first. If it is not required then the client can choose in which order to authenticate. Default is Not Required.
Max number of client authentication failure
Server rejects a client authentication if the number of failed ip ssh max-auth-fail authentication attempt exceeds this number. This counter is for both public key and password authentication failures. Default is 3.
Allow/Disallow secure CLI login sessions
ip ssh login ip ssh no login
Secure CLI login sessions are allowed. If disallowed, then no CLI sessions are available. Default is allowed.
Allow/Disallow secure port forwarding
ip ssh port-forwarding ip ssh no port-forwarding
Port forwarding is allowed. If disallowed, then no port forwarding is available. Default is allowed.
Allow/Disallow legacy Telnet connections
ip telnet ip no telnet
Legacy Telnet sessions on port 23 are allowed. If disallowed, port 23 is closed and Telnet connection requests are rejected. This command takes effect immediately. Default is allowed.
Allow/Disallow legacy FTP connections
ip ftp ip no ftp
Legacy FTP control connections on port 21 are allowed. If disallowed, port 21 is closed and FTP control connection requests are rejected. This command takes effect immediately. Default is allowed.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-19
15 Authentication, Authorization, and Accounting (AAA)
NOTE If the TACACS server is configured for enable authorization, the user will have the configure privilege level upon logging in. Also, if a Control Complex failover or switchover occurs, the SSH console sessions will be lost and must be reestablished. SSH Server — Host Key Generation Commands
These commands are used to manage the SSH server’s host public/private key pairs. The SSH2 server requires a DSA format key pair. The DSA host private keys are maintained in the C4 CMTS file system and are accessible to privileged users only.
Table 15-5: CLI Commands for Generating SSH Server Host Key CLI Command
Description Generate the host private/public key pair for the C4 CMTS SSH server. Specify dsa format for the SSH2 server. When this command completes, the host public key is copied to file /ssh/id_dsa.pub. The DSA host public key may be distributed to clients before an SSH session is started. To maintain security, the host private key should never be copied off the C4 CMTS.
configure crypto key generate dsa
Note well that this command does not start the C4 CMTS SSH server daemon process (see CLI command configure ip ssh no shutdown). Also, the SSH server’s host public/private key pair(s) must be created before the SSH server is started. This means the DSA key pair must be created for the SSH2 server. This command does not appear in the show running config command output. Prerequisites: the C4 CMTS hostname and domain name SHOULD be set before using this command (see configure hostname and configure ip dns domain-name). The string “
[email protected]” will embedded as a comment in the generated key pair(s). A warning will be issued if the DNS domain name is not set. Delete the SSH server’s host public/private key pair(s). This command also removes the public key copy in /ssh/id_dsa.pub .
configure crypto key zeroize dsa
If the SSH2 server is running and the DSA key pair is deleted, the server will terminate immediately. Prerequisites: it is desirable to use the configure ip ssh shutdown command to stop the SSH server before deleting any of its host key pairs.
show ssh host public-key dsa
Displays the SSH server’s host public key. Specify dsa format. This could be used to cut and paste the public key into an SSH client via a terminal session. DSA public keys are for SSH2 clients Note that the SSH server’s host public keys are also available for download at /ssh/id_dsa.pub .
configure ip dns domain-name
SSH Server Configuration Commands
15-20
Sets the domain name for this C4 CMTS. This command provides optional information for host key generation. See configure crypto key generate.
These commands set the parameters for the SSH server the next time it runs. If the server is already running, then restart the server with configure ip ssh restart.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table 15-6: CLI Commands for SSH Server Configuration CLI Command
SSH2 Server Parameter
Comment
configure ip ssh port
TCP port
Default is port 22.
configure ip ssh idle-timeout
Session idle timeout
Default is 0 (unlimited). Note well that CLI time is in minutes but SSH2 server time is in seconds.
configure ip ssh max-clients
Max SSH clients
Default is 0 (unlimited).
configure ip ssh ciphers [aes] [blowfish] [cast] [arcfour] [3des]
Choice of cipher set (choose any or all)
Available ciphers are aes, blowfish, cast, arcfour, and 3des. Default is all ciphers are available.
Allow/Disallow password configure ip ssh [no] password-auth authentication
Password authentication is allowed. If disallowed, then any password authentication from the client is rejected. If both password and public key authentications are disallowed then all client authentication requests will be rejected. Default is allowed.
configure ip ssh [no] password-auth-req
The server requires password authentication before a client is considered logged in. password-auth must be allowed, otherwise this command has no effect. If not required, the client can choose whether or not to use password authentication. Default is not required.
Require/Do Not Require password authentication
Allow/Disallow user public configure ip ssh [no] public-key-auth key authentication
User public key authentication is allowed. If disallowed then. any public key authentication from the client is rejected. If both password and public key authentications are disallowed then all client authentication requests will be rejected. Default is allowed.
configure ip ssh [no] public-key-auth-req
Require/Do Not Require public key authentication
The server requires public key authentication before a client is considered logged in. public-key-auth must be allowed, otherwise this command has no effect. If not required, the client can choose whether or not to use public key authentication. Default is not required.
configure ip ssh [no] public-key-auth-first
Require/Do Not Require public key authentication first
If both password and public key authentications are required, this command requires public key authentication to be performed first. If it is not required then the client can choose in which order to authenticate. Default is Not Required.
configure ip ssh max-auth-fail
Max number of client authentication failures
Server rejects a client authentication if the number of failed authentication attempt exceeds this number. This counter is for both public key and password authentication failures. Default is 3.
configure ip ssh [no] login
Allow/Disallow CLI login sessions
CLI login sessions are allowed. If disallowed, then no CLI access is available. Default is allowed.
configure ip ssh [no] port-forwarding
Allow/Disallow secure port forwarding
Port forwarding is allowed. If disallowed, then no port forwarding is available. Default is allowed.
configure ip [no] telnet
Allow/Disallow legacy Telnet connections
Legacy Telnet sessions on port 23 are allowed. If disallowed, port 23 is closed and Telnet connection requests are rejected. Default is allowed.
configure ip [no] ftp
Allow/Disallow legacy FTP connections
Legacy FTP control connections on port 21 are allowed. If disallowed, port 21 is closed and FTP control connection requests are rejected. Default is allowed.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-21
15 Authentication, Authorization, and Accounting (AAA)
SSH Server Operation and Maintenance Commands
These commands start, stop, and monitor the C4 CMTS SSH server and its running sessions.
Table 15-7: CLI Commands for SSH Server Operation and Maintenance Command
configure ip ssh no shutdown
Description
Starts the SSH server’s daemon process ipssh. This command will fail if the SSH2 server’s DSA host key pair is not available.
Stops the SSH server’s daemon process ipssh. All active SSH sessions are killed. configure ip ssh shutdown
Use the configure disconnect ssh command to terminate individual running SSH sessions.
configure ip ssh restart
Stops the SSH server’s demon process, kills all SSH sessions, and automatically restarts the SSH daemon process. May be used to restart the SSH server from within an SSH session (which will be killed). This is the equivalent of configure ip ssh shutdown followed by configure ip ssh no shutdown.
show ip ssh
View all running SSH sessions. This command displays the connection id, the user id, the client IP address), Authentication method (password or public key), encryption algorithm, MAC algorithm, and the client software version.
show ip ssh config
View the SSH2 server operating parameters. This command displays the settings for the bind address, port number, idle time, max clients, max shells, supported encryption and MAC algorithms, service terminal, port forwarding, password allowed, password required, public key allowed, public key required, public key first, and max number of authentication failures.
configure disconnect ip ssh Kills a running SSH session identified by connection id.
In-Band Management with ACLs Introduction
15-22
The Cadant C4 CMTS offers enhanced network management with controlled access to the SCM via standard Access Control Lists (ACLs) for CMTS administrators. This feature provides: •
IP connectivity to the SCM through the client cards (NAM and CAM)
•
The ability to permit or deny access to the SCM via the client cards from specified subnet or host addresses.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Feature Description
CLI Commands
In-Band Management with ACLs provides network administrators the following functionality: •
Access to the SCM via the SCM loopback IP address or any network interface. This is controlled per VRF.
•
Standard Access Control Lists (ACLs) restrict access to the SCM based on source IP address or subnet.
•
When enabled, all packets to the SCM are dropped by default. An ACL must be applied to an ingress interface with “permit-access” functionality to allow access to the SCM.
•
ACLs are CIDR based, not an ordered list.
•
SCM access via the Front Ethernet Port is restricted to locally connected hosts when this feature is active and at least one network interface is in-service.
This section lists the CLI commands provided in support for the In-Band Management and ACL features. The following command allows SCM access to be enabled per VRF. The directed broadcast option allows directed broadcasts to be routed to the SCM. The default is to deny directed broadcast packets to the SCM. configure [no] ip scm access vrf [vrf name] [directedbroadcast] Use the following command to permit or deny, and define a standard ACL: configure access-list {permit | deny} {{ []} | {host } | any} NOTE The access list number must be in the range of 1-99 with filtering based on source IP address only. Use this command to apply an ACL to a specific physical interface. If an ACL is applied to a physical port, it is active for all virtual routes associated with that physical port: configure interface [fastE|cable|GigE] slot/port ip scm access-group access-list-number Use this command to display ACLs defined by a parameter given, or to show all with no parameters: Show access-list [access-list-number]
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-23
15 Authentication, Authorization, and Accounting (AAA)
Protocols and Services Supported
In-Band Management supports the following clients: •
telnet
•
FTP
•
TFTP
•
RADIUS
•
SYSLOG
•
SNMP (traps)
•
TACACS+
•
NTP
•
DNS
•
ping
•
traceroute
•
PacketCable event messaging
•
PacketCable CALEA CD.
The following servers are accessible by any interface address through any NAM or CAM interface, provided the ACLs are set up to allow access to them and the desired service is running: •
telnet
•
FTP
•
SSH
•
SNMP
•
COPS without IPSec
•
COPS with IPSec.
Routing to a Null Interface A null interface is a pseudo-interface that can neither receive nor forward packets. Any packets routed to a null interface are dropped. Routing to a null interface is a way to filter traffic that is simpler than using Access Control Lists. It functions like a global ACL since a single entry in the routing table applies to all ingress interfaces. With this feature enabled, the C4 CMTS system administrator can define a route in the C4 CMTS routing table to a null interface. A CIDR match with this defined route on the destination IP address of an ingress IP datagram results in the dropping of the packet.
15-24
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Routing to a null interface can be used to discard certain IP prefixes in order to remove the potential for routing loops. By default the packets routed to the null interface are discarded silently, but the C4 CMTS can be configured to return an ICMP “destination unreachable” error to the source IP. The cost of the route is zero by default, but it can be increased by user command. CLI Commands
To enter the config-null-interface mode: configure interface null 0 The system displays the config-null prompt. To enable or disable ICMP destination unreachable error messages (user must be in the config-null-interface mode): ip [no] unreachables The result is global. To add a route to the null interface: configure ip route [destination ip] [destination mask] null 0 To display IP routes: show ip route
Source Verification of Cable-side IP Addresses The C4 CMTS Cable Source Verify feature is intended to eliminate hostinitiated corruption of the layer 2 and layer 3 address spaces on the cable network. The feature adds a source IP address verification phase to the IP address learning process of the C4 CMTS. Each unknown source address received in an IP or ARP packet on a cable-side interface is subjected to a configurable series of address validation checks prior to learning. If any check fails, the address remains unlearned and all IP and ARP packets sourced from that address are dropped. The C4 CMTS examines source addresses of directly connected hosts to verify that their IP addresses do not belong to other hosts. Currently source verification of indirectly connected hosts is not supported. If source verification is turned on for an interface, traffic from indirectly connected hosts on that interface will be inhibited. In a future software release this feature will inhibit the traffic of an indirectly connected host if the return route to that address is not via the cable modem that originated the packet.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-25
15 Authentication, Authorization, and Accounting (AAA)
Source Verify via Internal Database — The C4 CMTS maintains an internal database (MAC DB) of CPE source IPs (SIPs), MAC addresses, and associated CMs. The database is populated through DHCP snooping for dynamically assigned CPE IP addresses or through either MAC learning or DOCSIS® pre-provisioning for statically assigned CPE IP addresses. This database along with the routing tables serves as the default authority for SIP verification. Source Verify via DHCP Server — This facility allows the C4 CMTS to query a DHCP server for the CM MAC address associated with a given SIP when that SIP is not present in the MAC DB of the C4 CMTS. It does this using a DHCP LEASEQUERY message. Source Verify via Authoritative DHCP Server — With authoritative DHCP lease query, any indication returned by the DHCP server that indicates that the server has no knowledge of the address results in denial of packet forwarding. This implies that all CPE IP addresses (whether directly attached or not) must be either dynamically assigned by the DHCP server or statically reserved at the DHCP server. CLI Commands
The following command enables source verification for all packets for the specified slot and downstream port: configure interface cable < slot / port [vrf]> [no] cable source-verify [dhcp [authoritative]] Where:
15-26
slot =
Slot number of the module on which cable source verification is to be enabled port = Downstream port number vrf = VRF name (Optional) dhcp = Enables source verification via DHCP lease query authoritative = Enables authoritative DHCP lease query
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Upstream Load Balancing (ULB) Introduction
The goal of this feature is to perform upstream load balancing on registering CMs among upstream channels to which those CMs are physically attached. The decision to load balance is based on a comparison of the cumulative reserved bandwidth of upstream channels at the time a new CM is attempting to do initial maintenance ranging. This feature is provisionable per cable group, which is a downstream channel and all associated upstream channels that occupy the same physical cable. NOTE The Upstream Load Balancing feature is provisionable and should not be activated for cable groups with CMs that are already configured to connect to specific upstream channels. See Table 15-8, ULB and CM Config File Interactions, on page 15-28 for more information.
Related Features
See also CAC Overload Thresholds, page 10-37. NOTE CAC values are independent of ULB. They are also used in other features and applications, such as Packet Cable, to prevent over allocation of channel bandwidth. ULB uses only levels one and two of the three configurable CAC levels. CAC values affect all cable groups.
Feature Description
DOCSIS® specifications do not mandate upstream load balancing. Upstream Load balancing is implemented in order to improve channel bandwidth efficiencies. Specifically, this implementation is a result of noticing that some upstream channels have a large percent of the bandwidth reserved to provide subscribers with minimum guaranteed bandwidth, while other upstream channels have small percentages of the bandwidth reserved. New feature functionality includes the dynamic updates of CAC thresholds via CLI or MIB.
Important Feature Dependencies
Release 4.2, Standard
Deactivate ULB for cable groups where the CM config file specifies an upstream channel.
ARRIS PROPRIETARY — All Rights Reserved
15-27
15 Authentication, Authorization, and Accounting (AAA)
CAUTION
The following interactions may occur when Upstream Load Balancing is activated and conflicts with a modem's TFTP configuration file: Table 15-8: ULB and CM Config File Interactions IF
THEN
ULB is activated and a CM registers on a channel (as specified in config file) but that channel is oversubscribed (compared to CAC levels of others in the cable group)…
The CM will change upstream channels (via ULB) in order complete ranging on the lesser-subscribed channel. However, once the download of the configuration file is complete, the CM will attempt to re-range on the upstream channel specified in the configuration file. This results in the CM cycling between ranging and IP complete on two different upstream channels. This also prevents the CM from completing its registration for as long as this conflict exists between ULB and the configuration file.
Related CLI Commands
This section lists the CLI commands used to configure upstream load balancing. To configure the cable group: configure cable-group To assign the upstream channel on a CAM to the cable group: configure interface cable cable upstream cable-group-id NOTE To remove an upstream channel from all cable groups, set the cable group ID to zero. To activate load balancing on the cable-group for the CAM specified: configure cable-group cable loadbalance To see the results of load balancing on the upstream channel (i.e. to show the count for the number of upstream channel overrides that have occurred as a result of ULB): show controllers cable upstream ulboverride To see the override count for all upstream channels on a CAM: show controllers cable ulb-override
15-28
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
To deactivate ULB for a specified cable group: configure cable-group cable no load-balance For a description of BPI/BPI+ setup procedures, protocol, and basic debugging, see chapter 17, Baseline Privacy Interface (BPI).
DSx DQoS VoIP on the C4 CMTS Dynamic Services (DSx) / Dynamic Quality of Service (DQoS) provides for guaranteed Quality of Service for voice applications using DOCSIS 1.1 Dynamic Services (DSx) functionality. This mode accepts DSx signaling from any DSx-capable modem. DSx DQoS VoIP does not provide full PacketCable™ operation within the C4 CMTS. DSx DQoS Provisioning on the C4 CMTS
The following two CLI commands should be run for all CAMs, including any spare CAMs, which will be used for DSx DQoS call processing: configure interface cable authorization-module open-dynamic-flow-policy configure interface cable authorization-module no packetcable The first command allows for authorization of non-PacketCable DQoS through DSx signaling on the CAM. Open-dynamic-flow-policy must be enabled (the system default is enabled). Enabling open-dynamic-flowpolicy is required when running with non-ARRIS MTAs. If only ARRIS Touchstone™ Telephony Modems or Touchstone™ Telephony Ports are used, this setting can be disabled to provide a higher level of protection against theft of service. The second command disables PacketCable authorization. The system default is Packet-Cable authorization enabled. NOTE The ARRIS Touchstone™ MTAs uses special hardcoded values for their authorization parameters when running in DSx DQoS mode. When using ARRIS MTAs, the PacketCable authorization module must be disabled. If PacketCable authorization is enabled, the C4 CMTS will try to authorize against the hardcoded authorization parameters and will fail the call. The following CLI commands can be used to alter timers on the C4 CMTS: configure cable max-qos-admitted-timeout
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-29
15 Authentication, Authorization, and Accounting (AAA)
Default =
200
configure cable max-qos-active-timeout Default =
30
NOTE If PacketCable is enabled, the admitted timeout should be set at 200 seconds (the default), and the active timeout should be set to 30 seconds. The defaults ensure that inactive resources are released. Increasing these default values or setting them to 0 (which represents infinity) is not recommended. The default values serve as a precaution for freeing resources in the event that any device or transmission path in the network does not perform as required. Software Upgrades When Running a Voice Application
15-30
A C4 CMTS configured for DSx DQoS voice application on Release 3.1.x can be upgraded to a later C4 CMTS release per the release notes for the new load. The existing DSx DQoS provisioning will be preserved when following the upgrade procedure described in the release notes and will be reapplied on the new load.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
C4 CMTS Advanced CM Configuration File Verification A common type of theft-of-service occurs when users create or modify configuration files in order to gain a higher class of service. Sometimes they even crack the Message Integrity Check (MIC) and then generate their own high bandwidth configurations with valid MICs. This feature is meant to ensure that the cable modems download their configurations from the correct files on the correct server. It also ensures that users do not modify their configuration files before their CMs generate registration requests. This feature is configurable on a per-downstream basis. If enabled for a physical interface (downstream), configuration file verification and TFTP enforcement are applied equally to all the modems on that downstream.
TFTP Enforcement
The C4 CMTS performs this task by relaying Trivial File Transfer Protocol (TFTP) requests and responses between the cable modems and TFTP servers, while monitoring the contents of the configuration files. After a modem receives an IP address from the DHCP server, it requests its TFTP configuration file. The C4 CMTS, verifies that the file name in the TFTP request is correct and relays the request to the correct server. By default TFTP enforcement is disabled. Use the following command to enable it: configure interface cable cable tftp-enforce [mark-only] The parameter mark-only limits TFTP enforcement: failed modems are allowed to register but will be marked as having failed TFTP enforcement in related log messages and in the show cable modem commands. Use the following command to disable TFTP enforcement: configure interface cable no cable tftpenforce
MIC Verification
Before sending the correct configuration file to the CM, the C4 CMTS extracts information from the file, stores it for later verification, and modifies the CMTS MIC value in the file. When the modem sends up its registration request, the C4 CMTS validates that the information in the registration request matches the information gathered during the TFTP transfer. If the registration information is valid, the registration is allowed to proceed normally. If C4 CMTS detects a MIC mismatch it assumes that the cable modem’s configuration file has been altered. The C4 CMTS can verify MICs by dynamically create a shared secret at the time the cable modem is regis-
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
15-31
15 Authentication, Authorization, and Accounting (AAA)
tering. This shared secret is valid only for that particular session with that particular cable modem. A new dynamically generated shared secret is used each time each cable modem registers. By default this function is disabled. Use the following command to enable it: configure interface cable / cable dynamic-secret Where … lock mark reject
Allows the CM to register but limits its bandwidth (QoS) Allows the CM to register but sends a warning to the log and marks the failed CM with an exclamation point (!) in the show cable modem command Rejects the request and prevents the CM from registering.
NOTE If the CM fails both the TFTP enforcement and the MIC check, only the pound sign (#) is displayed in the show cable modem command. Use the following command to disable dynamic-secret verification of the configuration file: configure interface cable no cable dynamic-secret
15-32
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
16. PacketCable™ Services
Topics
Page
PacketCable 1.x Overview
1
PacketCable Multimedia Overview
5
Configuration Procedures
9
IKE and IPSec Configuration
10
PC1.x Electronic Surveillance
32
Running in a non-PacketCable Compliant Voice Environment 35 Converged Services
38
PacketCable 1.x Overview PC1.x refers to the functionality defined by the following CableLabs specifications: •
PacketCable 1.0
•
PacketCable 1.1
•
PacketCable 1.5
Packetized voice traffic, such as that carried over an IP network, tends to have stringent latency and jitter requirements. If one adjusts for the packet arrival jitter through the use of a large jitter buffer, the latency of
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-1
16 PacketCable™ Services
the audio hampers a normal conversation pattern. If the jitter buffer is too small, poor audio quality results as the audio codec hardware under- or overflows due to packets arriving too late or too early. In order to reduce both jitter and latency simultaneously in a network that has not been overengineered, the packets must be treated with an enhanced quality-ofservice (QoS). PacketCable services on the C4 CMTS provide the ability to place enhanced-QoS telephone calls over an existing DOCSIS cable data access network. To provide this capability, the C4 CMTS must communicate with several other specialized servers over a managed IP network that is capable of providing enhanced QoS from end-to-end. See Figure 16-1, PacketCable Network Reference Architecture , on page 16-3. These other servers may be packaged separately or they may be bundled together in any combination. Specifically, the C4 CMTS itself must communicate with the Call Management Server (CMS), the Record Keeping Server (RKS), and the Delivery Function (DF) for various portions of signaling information. NOTE The IP addresses and ports for RKS and DF are configured on the CMS, not on the CMTS.
16-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Telephone
Call Management Server (CMS)
ARRIS
E-MTA
HFC access network (DOCSIS)
Announcement Controller (ANC)
Announcement Player (ANP)
CMTS
Media Gateway Controller (MGC)
Telephone E-MTA
Managed IP Network
PSTN Media Gateway (MG)
Telephone
ARRIS
E-MTA
HFC access network (DOCSIS) CMTS
Telephone E-MTA
SYSLOG Server
Key Distribution Center (KDC)
DHCP Servers
Record Keeping Server (RKS)
DNS Servers
Provisioning Server
TFTP/HTTP Servers
Delivery Function (DF)
Signaling Gateway (SG)
Figure 16-1: PacketCable Network Reference Architecture
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-3
16 PacketCable™ Services
Table 16-1: Explanation of Network Elements Network Element Embedded Multimedia Terminal Adapter (E-MTA)
Purpose Single device containing a DOCSIS cable modem and a telephony device that provides one or more line interfaces
Cable Modem Termination System Provides connectivity between DOCSIS network and PacketCable devices; also performs call (CMTS) authorization enforcement, bandwidth allocation, and call trace functions Call Management Server (CMS)
Provides call control and signaling services for the MTA, CMTS, and PSTN gateways; typically performs both Call Agent (handles call state) and Gate-Controller (authorization) functions as well.
SYSLOG server
Optional server used to collect, store, and retrieve logging messages for devices on the network
DHCP Server
Server that provides initial boot-up networking information such as the querying device’s IP addresses, next-hop routers, server information, etc.
DNS Server
Server that provides translation between the Domain name and the IP address of a device
TFTP/HTTP server
Server that provides download capability for device configuration files
Announcement Controller (ANC)
Initiates and manages all announcement services that are provided by the announcement player
Announcement Player (ANP)
Delivers the appropriate announcement(s) to the MTA under control of the announcement controller
Key Distribution Center (KDC)
Performs security key negotiations for MTA and Provisioning Server in the PacketCable network
Record Keeping Server (RKS)
Collection point for all PacketCable Event Messages; may also correlate Event Messages to create Call Detail Records for billing interfaces
Provisioning Server (OSS)
Provides provisioning information for PacketCable devices via SNMPv3
Delivery Function (DF)
Aggregation point for electronic surveillance; delivers reasonably available call-identifying information and call content based on the requirements of lawful authorization
Media Gateway Controller (MGC)
Provides bearer mediation between the PSTN and the PacketCable network
Media Gateway (MG)
Provides media (voice packets) connectivity between the PSTN and the PacketCable network
Signaling Gateway (SG)
Provides signaling mediation between the PSTN and the PacketCable network
PacketCable 1.x Compliance
On April 23, 2003, CableLabs® announced that it had qualified the ARRIS C4 CMTS and certified the ARRIS Embedded Multimedia Terminal Adapter (E-MTA) as complying with the PacketCable™ standard. In its implementation of PacketCable™ the C4 CMTS complies with the following DOCSIS specifications: •
PacketCable™ Dynamic Quality-of-Service Specification,
PKT-SP-DQOS-I07-030815, also I08, I09, I10, and I11
•
PacketCable™ Event Messages Specification, PKT-SP-EM-I08-040113,
•
PacketCable™ Security Specification, PKT-SP-SEC-I09-030728,
•
also I08, I09, I10, and I11; as well as EM-N-04.0198-2
also I10, and I11
PacketCable™ Electronic Surveillance Specification,
PKT-SP-ESP-I01-991229
PacketCable™ Electronic Surveillance Specification,
PKT-SP-ESP-I02-030815, also I03 and I04.
16-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
PacketCable Multimedia Overview PacketCable Multimedia (PCMM) is a Cable Labs specified framework which defines an architecture for deployment of QoS-enabled, general multimedia services. This framework leverages DOCSIS 1.1 QoS functionality and is founded on much of the functionality that was defined in PacketCable 1.x (PC1.x). Any legacy device that works on an IP network should also work in a PCMM network. The architecture of PacketCable 1.x was customized for delivering residential telephony, PCMM is designed for the delivery of a variety of multimedia services requiring QoS treatment. PCMM specifically addresses the issues of policy authorization, QoS signaling, resource accounting, and security. NOTE PCMM does not include support for CALEA. The primary benefit of PCMM is that it gives greater control of special services to the cable operator. Ordinary DOCSIS 1.x services still operate in the primary flow. Subscribers to 1.x services experience performance that varies according to the number of users requesting bandwidth. Among the advantages of PCMM over ordinary PacketCable are the following: •
Good, Better, Best service delivery options to the subscriber
•
More efficient use of bandwidth and QoS services on an as needed basis
•
New revenue sources from these additional services
•
Higher subscriber satisfaction because subscribers are paying for the services they want.
The ARRIS implementation of PCMM is based on the C4 CMTS’s carrier class redundancy, wire-speed architecture, and DOCSIS 1.1 QoS capabilities, which are described elsewhere in this document.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-5
16 PacketCable™ Services
Applications PCMM DOCSIS 1.1 QoS Wire-Speed Architecture Carrier Grade Redundancy
Figure 16-2: Foundations of PCMM Architecture To provide PCMM functionality, the C4 CMTS must communicate with several other network elements, as defined by the PCMM architecture. An example of such a network configuration is as follows: PCMM introduces two new elements: the Application Manager and the Policy Server. Application Manager (AM) — A system that interfaces to Policy Server(s) for requesting QoS-based service on behalf of an end-user or network management system. The AM is characterized by the following: •
It is analogous to the PC1.x Call Agent
•
It is a COPS Policy Decision Point (PDP)
•
It executes the application signaling with the client
•
It grants or rejects requests for service.
Once the AM grants a request to access a service, it determines the bandwidth required for this service and sends a Gate-Set, that is, a request for bandwidth, to the Policy Server.
16-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Policy Server (PS) — A system that primarily acts as an intermediary between Application Manager(s) and CMTS(s). It applies network policies to Application Manager requests and proxies messages between the Application Manager and CMTS.1 The following are the functions of the PS: •
Applies provisioned rules before forwarding requests to the CMTS (for example, a given service may be granted to no more than ten users at a time)
•
Synchronizes states
•
Proxies messages between the AM and the CMTS or CMTSs
•
Acts as a COPS Policy Enforcement Point (PEP) with respect to the AM
•
Acts as a COPS Policy Decision Point (PDP) with respect to the CMTS
•
Communicates with one or more AMs and one or more CMTSs
For a diagram of the network elements see Figure 16-3, page 16-8. In the current implementation of PCMM the client is ignorant of the PCMM or QoS protocols. The client has no built-in network awareness or intelligence to negotiate PCMM or QoS levels. Subscribers can use their current client hardware and software, for game applications, teleconferencing, VPN, and so on.
1. PacketCable Multimedia Specification, PKT-SP-MM-I02-040930
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-7
16 PacketCable™ Services
Application Manager Record Keeping Server
Policy Server
DOCSIS 1.1 DSX
C4 CMTS
CMs/MTA
St
and
B at by
te ry
Bat Tel eph Tele t ery o ne p hon 1 e1 2
2
Li nk
O n-
l ine
US
DS
Pow
St er
and
B at by
t er
B at Tel eph Tel eph te on ry one e1 1 2
y 2
Li nk
On
-l in
e
US
D
Pow S
St er
and
B at by
te
ry
Bat Tel eph T elep t ery o hon ne e1 1 2
2
Li nk
O n-
l ine
US
DS
P ow
er
CPE
Figure 16-3: Network Diagram of PCMM Implementation Compliance with PCMM Standards
16-8
In its implementation of PacketCable Multimedia in release 4.2, the C4 CMTS complies with the following subset of the PacketCable Multimedia Specification, PKT-SP-MM-I02-040930: •
PCMM Gate Control
•
State Synchronization
•
Versioning
•
All traffic profile formats
•
DOCSIS Parameters
•
IKE/IPSec
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Future releases of the C4 CMTS will support •
Octet counts per gate
•
Commit time accumulation
•
Time and volume-based gate-state-report triggers
•
Event messaging
•
Multiple sub-flows per flow
•
Call Admission Control (CAC) for PCMM, including full PCMM session class ID support
Configuration Procedures Procedure outline
To configure the C4 CMTS for PacketCable services, the following steps must be taken: •
Configure and bring in-service all cards in a duplex system chassis
•
(Optional) Configure SYSLOG server
•
Configure and connect cable and network interfaces
•
Configure CAM sparing groups
•
Configure CAM bundle groups
•
Configure Inband Management access for one of the interfaces (typically a logical loopback interface) to have access to SCM
•
Configure DHCP relay agent to perform policy routing with all DHCP clients as cable helpers
•
Configure and start the NTP client (NTP is required for Event Messaging and PC1.x Electronic Surveillance. Configuring the network synchronization is discussed in chapter 7, Clock Synchronization Protocol.)
•
(Optional) Configure IPSec/IKE
•
Configure and start PacketCable Services
-
Release 4.2, Standard
Bring up COPS connection(s) from CMS(s) and/or Policy Server(s) Configure PacketCable timers Configure and enable Event Messaging if desired, or as required for support of Electronic Surveillance Configure bandwidth thresholds for upstream and downstream telephony usage per CAM
ARRIS PROPRIETARY — All Rights Reserved
16-9
16 PacketCable™ Services
Feature interaction
PacketCable services have been designed to work with all other features of the C4 CMTS including Inband-Management, DHCP relay agent, and redundancy. In fact, for Control Complex Redundancy to work properly, the interface (typically a logical loopback interface) used for connections to the Call Management Server, Policy Server, Record Keeping Server, and Delivery Function needs to be configured with the Inband-Management feature to have SCM access. This way, if a CCR failover occurs, the links to the failed SCM would be automatically restarted on the redundant SCM. CAM redundancy works with PacketCable through the same sparing groups that are set up for data services. The DHCP relay agent is typically configured to perform policy-based agent functionality so that the MTAs (which behave as CPE hosts) are provided with an IP address space that is separate from the cable modem address space. PC1.x and PCMM are designed to coexist on the C4 CMTS. Either one or both can be enabled. Either can be disabled without impairing the function of the other.
IKE and IPSec Configuration PacketCable requires the use of the Internet Protocol Security (IPSec) protocol suite to provide authentication and confidentiality for messages exchanged between the CMTS and other network peers, such as the Call Management Server (CMS), the Record Keeping Server (RKS), and the Policy Server (PS). As part of this requirement, the Internet Key Exchange (IKE) protocol provides for automatic peer authentication, as well as session key and cipher negotiation between the peers when creating secure connections. Limitations: The C4 CMTS IKE implementation only supports pre-shared secret keys for authentication of peers. There is no support for public keys or X.509 certificates. Only IPSec transport mode is supported. The single DES encryption algorithm is not supported; only triple DES encryption (3DES) is supported. These limitations are compliant with PacketCable security requirements. IKE and IPSec Introduction
16-10
IKE is a hybrid protocol based on the Oakley Key Determination Protocol (Oakley), the Secure Key Exchange Mechanism for Internet (SKEME), and the Internet Security Association and Key Management Protocol (ISAKMP). Note, the terms IKE and ISAKMP are sometimes interchanged. The IKE daemon on the C4 CMTS provides the IKE service. The IKE daemon is used when the C4 CMTS and another IKE peer need to automatically establish inbound and outbound IPSec Security Associations (SAs) for secure communication. IKE operates in two stages known as Phase 1 and Phase 2, described below. Phase 1 and Phase 2 ISAKMP messaging between IKE
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
peers is accomplished via UDP sockets on port 500. The IP address of the C4 CMTS's local IP interface, to conduct ISAKMP messaging with the peer, is defined with the "configure crypto isakmp local-address" command. In Phase 1 (also called Main or Identity Protection Mode), two IKE peers fully authenticate each other, as well as create key material for encrypting and authenticating future communications between themselves. The Phase 1 ISAKMP message exchange consists of six messages. The result of Phase 1 is a bidirectional ISAKMP SA to protect future ISAKMP message exchanges. The ISAKMP SA is defined by such parameters as authentication method, pre-shared authentication key, encryption algorithm, authentication algorithm, lifetime seconds, and Diffie-Hellman group. The Phase 1 parameters, used by the C4 CMTS during negotiation, are configured with the "configure crypto isakmp key" and "configure crypto isakmp policy" commands. If the Phase 1 parameter proposal is offered to the C4 CMTS, the proposed parameters must match an existing C4 CMTS ISAKMP policy exactly, except for the lifetime seconds parameter. For the lifetime seconds, the C4 CMTS will accept a value if it falls in the range of the C4 CMTS ISAKMP policy's configured lifetime plus 100 seconds. If the C4 CMTS is configured to initiate offers to an IKE peer, the C4 CMTS will propose all ISAKMP policies, since these global policies apply to any IKE peer. There is only one bidirectional ISAKMP SA between the C4 CMTS and an IKE peer. If simultaneous ISAKMP SAs are being negotiated with an IKE peer, the C4 CMTS retains the most recently created ISAKMP SA. The ISAKMP SA will be removed after its lifetime seconds has lapsed (also called expired). The ISAKMP SA does not have a grace period associated with it since ISAKMP SAs are not automatically renewed by the C4 CMTS. If an ISAKMP SA has expired, a new ISAKMP SA is created when the IPSec SAs need to be renewed. In Phase 2 (also called Quick Mode), two IKE peers negotiate and create a pair of inbound/outbound IPSec SAs. The Phase 2 ISAKMP message exchange consists of three messages. Phase 2 uses the key material derived from Phase 1 to provide encryption and authentication keys for the IPSec SAs. The IPSec SAs are defined by such parameters as encryption algorithm, authentication algorithm, lifetime seconds, and the packet selection criteria for determining which packets flow through the IPSec SAs. The packet selection criteria (also called flow) is defined by the packet's source/destination IP addresses, the packet's type of protocol (IP, UDP, TCP), and the packet's port number if using the UDP or TCP protocol. The packet selection criteria is defined by a C4 CMTS CLI construct called an access list or access control list (ACL). The Phase 2 parameters, used by the C4 CMTS during negotiation, are configured with the "configure access-list", "configure crypto ipsec security-association lifetime seconds", "configure crypto ipsec transform-set",
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-11
16 PacketCable™ Services
"configure crypto dynamic-map", and "configure crypto map" commands. The C4 CMTS crypto map is the entity that completely defines the IPSec policy used by the C4 CMTS during Phase 2 negotiation. If the Phase 2 parameter proposal is offered to the C4 CMTS, the proposed parameters must match an existing C4 CMTS IPSec policy exactly, except for the lifetime seconds parameter. For the lifetime seconds, the C4 CMTS will accept an offered value if it falls in the range of the C4 CMTS IPSec policy's configured lifetime plus 100 seconds. If the C4 CMTS is configured to initiate offers to the peer, the C4 CMTS will propose the contents of the C4 CMTS's IPSec policy. The C4 CMTS transmits traffic over one outbound IPSec SA (the youngest) and receives traffic over two inbound SAs (the youngest), per peer. Each IPSec SA has a grace period, at the end of its lifetime, used to create a new pair of inbound/outbound IPSec SA replacements. Each IKE peer will use its own defined grace period, since this is not negotiated during Phase 2. The C4 CMTS uses a grace period of five minutes, for IPSec SA lifetime seconds of 15 minutes or greater. For IPSec SA lifetime seconds less than 15 minutes, the grace period duration is one-third of the lifetime seconds. The C4 CMTS assumes an IKE role with each IKE peer with regard to Phase 1 and Phase 2 ISAKMP message exchanges. The two IKE roles are "responder-only" and "initiator/responder" (also called "initiator"). For the "responder-only" role, the C4 CMTS passively waits for the IKE peer to initiate ISAKMP messaging. For the "initiator/responder" role, the C4 CMTS actively initiates ISAKMP messaging with the IKE peer, in addition to waiting for ISAKMP messaging. Of the two IKE peers, typically one peer is the "initiator/responder" and the other is the "responder-only". If both IKE peers are configured as "responder-only", no ISAKMP messaging will occur. If both IKE peers are configured as "initiator/responder", ISAKMP and IPSec SAs will be created, but likely with extra wastefully unused IPSec SAs. Regarding secure COPS traffic between two IKE peers, the CMS should be configured in the "initiator/ responder" role and the C4 CMTS in the "responder-only" role. The IKE role of the C4 CMTS is configured with the "configure crypto map" command. The two IKE peers may send one-way ISAKMP Informational Notification messages for the purpose of SA management, such as informing the peer that an SA has expired or that the IPSec SA parameters are rejected during Phase 2 negotiation. These messages are protected by the ISAKMP SA, but may be unprotected if sent before an ISAKMP SA has been completely created.
16-12
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Set Local Interface for IKE Use
The IKE daemon uses a local IP address on the C4 CMTS to conduct ISAKMP messaging. Either the in-band (loopback) or out-of-band management (SCM active) IP address is configured with the following CLI command: configure crypto isakmp local-address
Set Phase 1 Pre-Shared Key
For each IKE peer needing to use IPSec with the C4 CMTS, configure a preshared key with the following CLI command: configure crypto isakmp key address Where: is the IKE peer's IP address used for ISAKMP messaging is the pre-shared key string For example: configure crypto isakmp key PACKETCABLE address 10.43.200.241 Delete the pre-shared key with the following CLI command: configure no crypto isakmp key address
Set Phase 1 Global Policy
A phase 1 policy is not defined per peer, but instead applies globally to all peers. Policies must be created to permit Phase 1 negotiations between the C4 CMTS and its IKE peers. A policy includes a policy number, authentication method, encryption algorithm, hash algorithm, Diffie-Hellman group, and SA lifetime. Each global policy is created with the following CLI command: configure crypto isakmp policy [authentication ] [encryption ] [hash ] [group ] [lifetime ] Where: is the policy number and priority level is the only supported "pre-share" authentication method is the only supported "3des" encryption transform is the hash algorithm of "sha" or "md5". is the Diffie-Hellman group identifier of "1" or "2" is the ISAKMP SA lifetime in seconds For example: configure crypto isakmp policy 1 authentication preshare encryption 3des hash md5 group 2 lifetime 43200
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-13
16 PacketCable™ Services
Delete a policy by issuing the CLI command: configure no crypto isakmp policy Set Phase 2 Global Lifetime
The phase 2 global lifetime is used by all IPSec SAs, unless it is overridden with the map or dynamic-map lifetime seconds parameter. The global lifetime seconds is configured with the following CLI command: configure crypto ipsec security-association lifetime seconds
Set Phase 2 Transform Set
The IPSec transform parameters are defined by a transform set, configured with the following CLI commands: configure crypto ipsec transform-set mode transport configure crypto ipsec transform-set encryption configure crypto ipsec transform-set authentication Where: is a textual name is the encryption algorithm of "esp-3des" or "esp-null" is the type of authentication algorithm of "esp-md5-hmac" or "esp-sha-hmac" For example: configure crypto ipsec transform-set ts1 mode transport configure crypto ipsec transform-set ts1 encryption esp-3des configure crypto ipsec transform-set ts1 authentication esp-md5-hmac Delete a transform set with the following CLI command: configure no crypto ipsec transform-set
Set Phase 2 Access List
The extended ACL identifies the types of packets permitted to flow through an IPSec SA. The extended ACL is configured with the following CLI command: configure access-list permit host [eq ] host [eq ] Where:
16-14
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
is the identifier of the extended ACL, ranging from 100 to 199 is the protocol of the permitted packets, where… "tcp" is used for CMS COPS messaging "udp" is used for RKS Event messaging "ip" is used for all IP-based protocols, including TCP and UDP is the source IP address of the permitted packets is the source "tcp" or "udp" port number of the permitted packets is the destination IP address of the permitted packets is the destination "tcp" or "udp" port number of the permitted packets The following example is suitable for COPS messaging, regardless of TCP port numbers. configure access-list 140 permit tcp host 10.43.204.171 host 10.43.200.241 Delete an extended ACL with the following CLI command: configure no access-list Set Phase 2 Dynamic-Map
The crypto dynamic-map defines the IPSec parameters to negotiate with the peer when the C4 CMTS must assume the IKE "responder-only" role. If the lifetime seconds is configured, it will override the global lifetime seconds parameter. The crypto dynamic-map is defined with the following CLI commands: configure crypto dynamic-map set peer configure crypto dynamic-map match address configure crypto dynamic-map set transform-set configure crypto dynamic-map set security-association lifetime seconds Where: is the textual name to identify the dynamic-map is the sequence number to further identify the dynamic-map is the extended ACL identifier is the ISAKMP peer IP address is the IPSec SA lifetime in seconds is the IPSec transform set name
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-15
16 PacketCable™ Services
For example: configure crypto dynamic-map cms_dmap 1 set peer 10.1.240.82 configure crypto dynamic-map cms_dmap 1 match address 101 configure crypto dynamic-map cms_dmap 1 set transformset ts1 configure crypto dynamic-map cms_dmap 1 set securityassociation lifetime seconds 1800
Delete a crypto dynamic-map with the following CLI command: configure no crypto dynamic-map Set Phase 2 Map for Responder-Only
The crypto map is used to create the IPSec policy for the IKE "responderonly" role by association with a crypto dynamic-map, defining the IPSec parameters to negotiate with the peer. The crypto map is defined with the following CLI command: configure crypto map ipsec-isakmp dynamic Where: is the textual name to identify the map is the sequence number to further identify the map is the name of the dynamic-map containing all the responder-only IPSec parameters For example: configure crypto map cms_resp_map 1 ipsec-isakmp dynamic cms_dmap Delete a crypto map with the following CLI command: configure no crypto map
16-16
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Set Phase 2 Map for Initiator/Responder
The crypto map is used to create the IPSec policy for the IKE "initiator/responder" role, by defining the IPSec parameters to negotiate with the peer. If the lifetime seconds is configured, it will override the global lifetime seconds parameter. The crypto map is defined with the following CLI commands: configure crypto map ipsec-isakmp set peer configure crypto map ipsec-isakmp match address configure crypto map ipsec-isakmp set transform-set configure crypto map ipsec-isakmp set security-association lifetime seconds Where: is the textual name to identify the map is the sequence number to further identify the map is the extended ACL identifier is the ISAKMP peer IP address is the IPSec SA lifetime in seconds is the IPSec transform set name
For example: configure crypto map cms_initresp_map 1 ipsec-isakmp set peer 10.1.240.82 configure crypto map cms_initresp_map 1 ipsec-isakmp match address 101 configure crypto map cms_initresp_map 1 ipsec-isakmp set transform-set ts1 configure crypto map cms_initresp_map 1 ipsec-isakmp set security-association lifetime seconds 1800
Delete a crypto map with the following CLI command: configure no crypto map
Start and Stop IKE Daemon
Release 4.2, Standard
Once the IKE and IPSec configuration is complete, the IKE daemon must be started. If any of the Phase 1 or Phase 2 configuration data is incomplete, the IKE daemon will not start, accompanied with a CLI error
ARRIS PROPRIETARY — All Rights Reserved
16-17
16 PacketCable™ Services
response. If any configuration changes are made while the IKE daemon is running, the IKE daemon must be stopped and restarted for changes to take effect. Note, the current IPSec SAs are not disturbed when the IKE daemon is stopped. The IKE daemon is started with the following CLI command: configure crypto isakmp enable The IKE daemon is stopped with the following CLI command: configure no crypto isakmp enable
Verify IPSec Operation
Once the C4 CMTS IKE daemon is started and the IKE peers are ready, ISAKMP and IPSec SAs should be created soon. There should be one ISAKMP SA per peer, unless the SA has expired. There should be at least one inbound IPSec SA and one outbound IPSec SA between the C4 CMTS and each IKE peer, at all times. The following command examples show how to display the SAs. C4> show crypto isakmp sa
Local --------------10.1.171.11 10.1.171.11
Remote --------------10.1.240.82 10.1.2.48
Lifetime (sec) State Conn Role Enc Hash Grp Limit Remain ------ ---- ---- ---- ---- --- ------ -----mature 21 resp 3des md5 1 6000 4072 mature 20 resp 3des md5 1 6000 4057
C4> show crypto ipsec sa Interface: loopback 0 Local Remote --------------- --------------10.1.171.11 10.1.2.48 10.1.171.11 10.1.2.48 10.1.171.11 10.1.2.48 10.1.171.11 10.1.2.48 10.1.171.11 10.1.240.82 10.1.171.11 10.1.240.82 Interface total SA count: 6
Dir --in in out out in out
Life Limit Life Remain Type SPI State Enc Auth (sec) (sec) Packets ---- ---------- ------ ---- ---- ---------- ----------- ---------esp 0x3067015b mature 3des md5 6000 4006 6 esp 0x4a90df1e mature 3des md5 6000 4032 2029 esp 0x3bd152b8 mature 3des md5 6000 4006 6 esp 0x66deea04 mature 3des md5 6000 4032 2089 esp 0x187eb4fe mature 3des md5 6000 4021 3331 esp 0x00000bf2 mature 3des md5 6000 4021 4567
The "Packets" in the "show crypto ipsec sa" display should be increasing on one outbound IPSec SA and increasing on one or more incoming IPSec SAs per peer. This is a good hint that the intended traffic (COPS and/or Event messaging, for example) is flowing through the IPSec SAs. If IKE and/or IPSec SAs fail to be created properly, the first step should be to manually compare the Phase 1 and Phase 2 security parameters configured on the C4 CMTS and the IKE peer to ensure compatibility. The next
16-18
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
step is to inspect the C4 CMTS syslogs to diagnose the problem. Make sure that INFO syslogs are enabled as this is where much IKE and IPSec information is recorded.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-19
16 PacketCable™ Services
IKE and IPSec Command Summary
The following commands are used to manage IKE and IPSec functionality on the C4 CMTS: configure access-list clear crypto sa configure crypto dynamic-map configure crypto dynamic-map match address configure crypto dynamic-map set peer configure crypto dynamic-map set security-association lifetime configure crypto dynamic-map set transform-set configure crypto ipsec security-association lifetime seconds configure crypto ipsec transform-set configure crypto ipsec transform-set authentication configure crypto ipsec transform-set encryption configure crypto ipsec transform-set mode configure crypto isakmp enable configure crypto isakmp key configure crypto isakmp local-address configure crypto isakmp policy configure crypto map ipsecisakmp configure crypto map ipsecisakmp dynamic configure crypto map ipsecisakmp match address configure crypto map ipsecisakmp set peer
16-20
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
configure crypto map ipsecisakmp set security-association lifetime seconds configure crypto map ipsecisakmp set transform-set show crypto dynamic-map show crypto ipsec sa show crypto ipsec security-association lifetime show crypto ipsec transform-set show crypto isakmp show crypto isakmp policy show crypto isakmp sa
PacketCable Settings Showing status
Viewing PacketCable settings — To view many of the important settings relating to PacketCable on the C4 CMTS, issue the CLI command: show packetcable global
The following is a typical system response: PacketCable DQoS Administrative state: DOWN COPS TCP port: 2126 Timer t0: 30 seconds Timer t1: 250 seconds PacketCable Multimedia Administrative state: DOWN COPS TCP port: 3918 Timer t1: 300 deciseconds Gate Message Throttling: SCM NORMAL max Gate Messages per 10 seconds: 900 SCM YELLOW max Gate Messages per 10 seconds: 900 SCM RED max Gate Messages per 10 seconds: 300
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-21
16 PacketCable™ Services
Admission Control Limits: Upstream Priority Reserved Allowed -------- ------Normal 0% 50% Emergency 0% 70% Total 70% Preemption: enabled
Downstream Reserved Allowed -------- ------0% 50% 0% 70% 70%
Event Messaging Parameters Enabled: no - not configured Element ID: not configured Event messaging UDP source port: 1813 Maximum number of events per batched message: 3 Batch timer: 1 minute ACK timer: 1000 milliseconds Maximum number of retransmissions to RKS: 1 Viewing Connected Network Elements — To display the current connections, issue the following CLI command: show netstat Look for TCP connections with a state of ESTABLISHED at ports 2126, 1813, and 3918 on the C4 CMTS. The C4 CMTS generates an output similar to the following text: Proto udp udp udp udp udp udp udp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp
16-22
Local Address 0.0.0.0.123 0.0.0.0.161 0.0.0.0.1813 0.0.0.0.49152 0.0.0.0.49155 0.0.0.0.49162 100.0.0.30.69 0.0.0.0.21 0.0.0.0.23 0.0.0.0.2126 10.44.13.3.3918 10.44.13.3.23 10.44.13.3.23 10.44.13.3.2126 10.44.13.3.2126 10.44.13.3.3918 10.44.13.3.3918 127.0.0.1.2323
Foreign Address
(state)
0.0.0.0.0 0.0.0.0.0 0.0.0.0.0 10.43.4.35.3423 10.43.4.35.3626 10.44.16.9.4513 10.1.2.48.45490 10.1.240.82.52639 10.43.200.226.42259 10.43.200.227.41968 0.0.0.0.0
LISTEN LISTEN LISTEN ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED LISTEN
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
In the above output some of the lines appear here in boldface type.
Enabling and Disabling PacketCable Services
•
Port 1813 is used for Event Messaging
•
There is an open TCP LISTENING socket at port number 2126, which is waiting to accept new COPS connections
•
There are two ESTABLISHED COPS TCP connections from Call Management Servers to the C4 CMTS at port 2126 – one connection from 10.1.2.48.45490 and one connection from 10.1.240.82.52639
•
Port 3918 is used for PCMM Policy Servers. There are two established PCMM Policy Server connections: one from 10.43.200.226.42259 and another from 10.43.200.227.41968.
By default, PacketCable services are disabled on the Cadant C4 CMTS. When PacketCable Services are disabled, The C4 CMTS disallows any PacketCable signaling connections using the Common Open Policy Service (otherwise known as COPS) from a Call Management Server (CMS) or Policy Server (PS). As a result, all PC1.x and PCMM requests fail. To enable PacketCable services on the C4 CMTS, issue the CLI command: configure packetcable PC1.x and PCMM can be enabled independently using the following commands: configure packetcable dqos no shutdown configure packetcable pcmm no shutdown With PC1.x services enabled, the C4 CMTS accepts and maintains PacketCable COPS TCP connections to port 2126. In addition, the C4 CMTS processes PacketCable signaling messages from the Call Management Server and use this signaling to authorize call requests from the subscribers’ Multimedia Terminal Adapters (MTAs). Likewise, with PCMM enabled, the C4 CMTS accepts and maintains PacketCable COPS and TCP connections to port 3918. To disable PacketCable services on the C4 CMTS, issue the CLI command: configure no packetcable Or use one of the following to disable PC1.x or PCMM, specifically: configure packetcable dqos shutdown configure packetcable pcmm shutdown When PacketCable services transition from enabled to disabled, all PacketCable calls in progress are aborted and signaling links to all CMSs are torn down. If PCMM is shut down, all associated PacketCable gates are torn down and all signaling links to the PSs are torn down.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-23
16 PacketCable™ Services
PC1.x Timers
The following timers are specific to the PacketCable DQoS protocol. The C4 CMTS functions properly in most environments using the default values. In rare cases, the parameters may be modified through the use of CLI commands. To set the threshold value of a particular timer of the C4 CMTS, issue the CLI command: configure packetcable timer {timer name} Where {timer name} is t0 or t1. Timer T0 — Timer T0 limits the amount of time between the reception of a Gate-Alloc message and a Gate-Set message for the same DQoS Gate. The default value of this timer is 30 seconds. This timer has a range of 1 to 60 seconds. Timer T1 — This timer limits the validity period for authorization of a particular PacketCable call. This timer is started whenever a Gate is established and reset whenever a Commit operation is performed on the resources authorized by the gate. It is also reset for a reserve operation. Ordinarily, Timer-T1 is received in the Gate-Set message. If the value given in the Gate-Set message is zero, then Timer-T1 is set to a provisioned value. The default value of this timer is 250 seconds. This timer has a range of 1 to 600 seconds.
PCMM Timers
The following timers are specific to the PacketCable Multimedia protocol. The C4 CMTS functions properly in most environments using the default values. In rare cases, the parameters may be modified through the use of CLI commands. To set the threshold value of a particular timer of the C4 CMTS, issue the CLI command: configure packetcable pcmm timer t1 Where is the value, in deciseconds. Default = 300 deciseconds. Timer T1 — This timer limits the validity period for authorization of a particular PacketCable call. This timer is started whenever a Gate is established and reset whenever a Commit operation is performed on the resources authorized by the gate. It is also reset for a reserve operation. Ordinarily, Timer-T1 is received in the Gate-Set message. If the value given in the Gate-Set message is zero, then Timer-T1 is set to a provisioned value.
Showing PacketCable Timers
To display all of the PacketCable timer settings, issue the CLI command: show packetcable global Look for lines similar to the following in the output:
16-24
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
PacketCable DQoS Administrative state: DOWN COPS TCP port: 2126 Timer t0: 30 seconds Timer t1: 250 seconds PacketCable Multimedia Administrative state: DOWN COPS TCP port: 3918 Timer t1: 300 deciseconds Setting the Upstream DiffServ Code Point
When setting up a data network with voice, it is recommended that the entire network (access and backbone) be configured to provide an enhanced QoS for telephony. One of the ways to do this is to use the DiffServ protocol. This protocol uses a field in the IP header to determine the quality of service level to be used for each network hop. The C4 CMTS marks all upstream voice packets with the DiffServ code point that is provided by the CMS in the Gate-Set message. This parameter should be provisionable on the CMS. NOTE The C4 CMTS does not currently support Event Messaging for PCMM.
Event Messaging
PacketCable uses the notion of half-calls for its call model. Each half call consists of the portion of a call from the CMTS to the other device – either an MTA or a PSTN gateway. These half-calls are signaled independently of one another and are tied together only by the logical connection that the CMS creates when it sets up each half call. These half-calls are also signaled separately for billing purposes. Billing events for each half call are transmitted to a Record Keeping Server (RKS). The RKS then correlates all events for the full call and creates billing records. The protocol used by devices that communicate to the RKS is known as Event Messaging. Event Messaging port number — The C4 CMTS uses the static port 1813 for Event Messages. The C4 CMTS listens to port 1813 when PacketCable services are enabled, and uses port 1813 as the source port in the UDP header of any Event Messages. Event Messaging Retry Interval — The Event Messaging Retry Interval is the maximum amount of time that the C4 CMTS waits for an acknowledgement of an event message before the CMTS assumes that the message is lost. At this point, the C4 CMTS either retransmits the message or switches to the secondary RKS. To set the Event Messaging Retry Interval, issue the CLI command: configure packetcable eventmsg retry timer
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-25
16 PacketCable™ Services
The default value of this timer is 1000 milliseconds. This timer has a range of 10 to 10,000 milliseconds. Event Messaging Retry Count — The Event Messaging Retry Count is the maximum number of times that the Event Messaging Retry Interval may expire before the C4 CMTS switches to the secondary RKS. To set the Event Messaging Retry Count, issue the CLI command: configure packetcable eventmsg retry limit The default value is 1. The count has a range of 0 to 9. Event Messaging Maximum Batch Events — The Event Messaging Maximum Batch Events is the maximum number of event messages collected and combined into one packet for transmission to the RKS. Use the following command: configure packetcable eventmsg batch-size The default value is 3. The count has a range of 2 to 10. NOTE To enable or disable Event Messaging Batch Mode, refer to the CMS documentation. Event Messaging Element Identifier — The Event Messaging element Identifier is a number that is assigned to the C4 CMTS and is included in all event messages from the C4 CMTS. This number is used by the RKS so that it knows that the event message came from this particular CMTS. configure packetcable eventmsg element-id There is no default value. This number must be configured for event messaging to work. The range of values is 0 to 99999. Disabling the Generation of All Event Messages — To disable generation of all event messages enter: configure packetcable eventmsg element-id no Enabling Event Messaging Error Logging — Event Messaging on the C4 CMTS has the capability to dump the contents of an event message to a file if all attempts to communicate with the RKS have failed. These records can be used later to manually update the RKS when it becomes operational. By default, this error logging is turned off. It should be turned on if the system is relying on event messaging from the C4 CMTS for billing. To turn on this capability, the syslog server must be configured. Once the syslog server is configured, type the following at the CLI prompt: configure logging override event 2473092361
16-26
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
To verify the logging is enabled, type the command: show logging The output shows event ID 2473092361 with the word “Admit” next to it. When this event ID is enabled, the syslog file contains a memory dump of each event message that it has failed to transmit to the RKS. PacketCable Connection Admission Control (CAC)
The C4 CMTS provides the capability for partitioning the available bandwidth on a per channel basis (upstream and downstream) between telephony and non-telephony services. Furthermore, the C4 CMTS provides the capability to “borrow” from the non-telephony pool in the case of a high priority (emergency) call. The data portion of the channel bandwidth is still allowed to be over-subscribed as in previous releases of the C4 CMTS. NOTE The CMS detects and signals the priority of the call to the C4 CMTS. The new definitions of CAC Levels are as follows: •
CAC LEVELS 1 and 2 are used only for upstream load balancing (ULB) across a cable group. When these values are exceeded on an upstream channel, load balancing attempts to direct registering modems to another upstream channel within the cable group.
•
CAC LEVEL 3 is used as a data oversubscription multiplier in the following way. If CAC L3 is set to 500%, then we take the percent of the channel that can be used for data and multiply that by 500%. Data service flows whose minimum guaranteed bandwidth would cause this value to be exceeded are denied.
Packetcable CAC values for allowed-normal-voice should be configured so that adequate bandwidth is reserved for channel management and modem registration purposes. The value for allowed-emergency-voice should be configured so that at least enough bandwidth remains to do basic channel management of creating and destroying dynamic service flows. The guidelines below provide the settings for PacketCable CAC values that should not be exceeded so that the channel can be managed effectively. Exceeding these guidelines could result in a channel becoming overloaded and prevent dynamic service flow set up and tear down. NOTE PacketCable voice limits do not apply to PCMM unless the gate is specified as a UGS flow. PCMM treats non-UGS flows as normal data flows.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-27
16 PacketCable™ Services
Guidelines for Maximum CAC Values
Use the following recommendations for setting allowed-normal-voice and allowed-emergency-voice. Bandwidth is expressed in terms of data throughput and is a function of channel width and compression technique. Allowed-total-voice should be equal to allowed-emergency-voice. Voice traffic is not recommended on 320 or 640 KPBS channels. Channel BW 1.28 MBPS 2.56 MBPS 5.12 MBPS 10.24 MBPS
allowed-normal-voice 55% 75% 85% 90%
allowed-emergency-voice 75% 85% 90% 90%
Setting Downstream Values — Use the following commands (in the order listed here) to set downstream values: configure interface cable / cable downstream voice-limits allowed-normal configure interface cable / cable downstream voice-limits reserved-normal configure interface cable / cable downstream voice-limits allowed-emergency configure interface cable / cable downstream voice-limits reserved-emergency configure interface cable / cable downstream voice-limits allowed-total Where: is the chassis slot that contains the CAM port being configured — valid range is 0-15 is the downstream interface port number that is being configured — 0 is the only valid downstream port at this time. is the percentage of bandwidth to be used — valid range is 0 to 90
16-28
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Setting Upstream Values — Use the following commands to set upstream values: configure interface cable / cable upstream voice-limits allowed-normal configure interface cable / cable upstream voice-limits reserved-normal configure interface cable / cable upstream voice-limits allowed-emergency configure interface cable / cable upstream voice-limits reserved-emergency configure interface cable / cable upstream voice-limits allowed-total Where: is the chassis slot that contains the CAM port being configured — valid range is 0-15 is the downstream interface port number that is being configured — 0 is the only valid downstream port at this time. id the upstream interface port number that is being configured — valid range is 0 through 7 is the percentage of bandwidth to be used — valid range is 0 to 90 Preemption of Normal by Emergency Calls
If completion of an emergency call would cause the channel to exceed the allowed-total-percentage CAC limit, the C4 CMTS randomly searches for an existing normal call on that channel to preempt. If a normal call to preempt is found, the C4 CMTS simultaneously initiates a tear-down of that normal call while allowing the emergency call to be set up. Use the following commands to enable/disable emergency preemption: C4# configure packetcable voice-limits [no] emergencypreemption Use the following commands to set global voice limits for PacketCable in the C4 CMTS: C4# configure packetcable voice-limits set-all Use the following commands to set voice limits for all downstream or upstream channels: C4# configure packetcable voice-limits [downstream|upstream] where x is:
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-29
16 PacketCable™ Services
allowed-normal Maximum % DS and/or US channel bandwidth allowed for normal voice use allowed-emergency Maximum % DS and/or US channel bandwidth allowed for emergency voice use allowed-total for all classes of voice traffic
% US and/or DS Bandwidth allowed
reserved-emergency Minimum % US and/or DS channel bandwidth reserved for emergency voice use reserved-normal Minimum % US and/or DS channel bandwidth reserved for normal voice use Use the following command to view voice limit parameters for a particular upstream or downstream channel: configure interface cable /[] cable downstream voice-limits ? configure interface cable /[] cable upstream voice-limits ? allowed-normal reserved for normal voice use
Maximum % US channel bandwidth
reserved-normal reserved for normal voice use
Minimum % US channel bandwidth
allowed-emergency Maximum % US channel bandwidth reserved for emergency voice use reserved-emergency Minimum % US channel bandwidth reserved for emergency voice use allowed-total classes of voice traffic
% US Bandwidth allowed for all
emergency-preemption normal traffic
allow emergency traffic to preempt
Use the following command to show Packetcable global configuration: show packetcable global The system response includes the administrative state of PacketCable, COPS parameters, event messaging parameters, and voice limits.
16-30
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Data Consistency Checks
The C4 CMTS uses the following rules to ensure that data is consistent: •
Percent reserved-normal + percent reserved-emergency are reserving bandwidth for normal and emergency calls. The sum of the two values cannot exceed 90%
•
Percent reserved-normal can never be greater than percent allowednormal and percent reserved-emergency can never be greater than percent allowed-emergency
•
Percent allowed-normal can not be greater than 90 or greater than percent allowed-total
•
Percent allowed-emergency can not be greater than 90 or greater than percent allowed-total
•
Percent allowed-total can not be greater than 90. Where the values for normal and emergency percentages must be expressed as integers from 0-90.
Show Values — To show the current settings for a downstream channel, issue the following CLI command: show controllers cable / downstream To show the current settings for an upstream channel, issue the following CLI command: show controllers cable upstream To show the current setting for the downstream channel and all its upstream channels, issue the following CLI command: show controllers cable To show the current PacketCable bandwidth allocation/usage of a single CAM, issue the following CLI command: show interface cable / allocated-bandwidth To show the current PacketCable bandwidth allocation/usage of all CAMs, issue the following CLI command: show interface cable allocated-bandwidth Upstream Packet Classification Enforcement
The C4 CMTS provides upstream packet classification enforcement, in keeping with the PacketCable requirement to do so. This functionality is configurable via the following command. By default upstream packet classification is disabled. configure operation mode [no] upce If it is enabled, the C4 CMTS classifies any upstream packets according to the classifiers defined during modem registration and via any DSx messaging.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-31
16 PacketCable™ Services
When the enforcement functionality is enabled using the command above, the C4 CMTS compares the SID associated with the matching classifier with the SID upon which the packet was received. If these SIDs match, the packet is passed on. If these SIDs do not match, the packet is dropped.
PC1.x Electronic Surveillance The C4 CMTS supports PacketCable Electronic Surveillance (ES), versions I01, I02, I03, and I04, which includes Communications Assistance for Law Enforcement Act (CALEA) Call Data and CALEA Call Content. PacketCable Electronic Surveillance makes it possible for MSOs that implement PacketCable specifications to support lawfully authorized electronic surveillance consistent with the requirements of CALEA. As defined by the specification, the functionality covered by this feature applies only to packets transmitted utilizing the capabilities of the Call Management System, including enhanced Quality of Service as authorized. Only such packet streams are defined as calls by CALEA; therefore, these are the only packet streams subject to surveillance. Thus, only networks employing full PacketCable DQoS can leverage PacketCable Electronic Surveillance functionality. There are three types of surveillance requests: •
Pen Register – this type of request records call identifying information for all calls originated by a subject. This is one flavor of CALEA Call Data.
•
Trap and Trace – this type of request records call identifying information for all calls received by a subject. This is the second flavor of CALEA Call Data.
•
Interception – this type of request allows Law Enforcement Agents (LEAs) to listen to conversations of a subject. This is CALEA Call Content.
90% of all surveillance orders are of the first two types, and the request is generally made for both Pen Register and Trap and Trace simultaneously. A request for electronic surveillance is initiated at the CMS. The role of the CMTS in an electronic surveillance request includes the following steps: 1 Recognize the request that has been initiated by the CMS. 2 Duplicate event messages and send them to the specified Delivery Function (DF), if the surveillance request involves CALEA Call Data. 3 Duplicate media stream content and send the duplicate stream to the Delivery Function, if the surveillance request involves CALEA Call Content.
16-32
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
When a surveillance request has been associated with a subscriber on the CMS and the subject under surveillance is involved in a call, an Electronic Surveillance object is sent to the CMTS within the Gate-Set message sent to the CMTS from the CMS. This object contains all or some subset of the following, depending on what type of surveillance request has been made: •
A flag which indicates the type of surveillance requested
•
The IP address of the Delivery Function to which Call Data should be forwarded
•
The port of the Delivery Function to which Call Data should be forwarded
•
The IP Address of the Delivery Function to which Call Content should be forwarded
•
The port of the Delivery Function to which Call Content should be forwarded
•
The Call Content Connection Identifier (CCC-ID). The CCC-ID is used by the Delivery Function to uniquely identify the packets associated with this particular media stream (this attribute is present beginning with PKT-SP-ESP-I02).
The C4 CMTS dynamically determines the electronic surveillance version from the syntax of the electronic surveillance object sent to the CMTS from the CMS. The C4 CMTS can be connected to multiple CMSs, each of which might support a different version of electronic surveillance. The C4 CMTS forwards surveillance information in a format compliant with the version related to the surveillance request in question. Therefore, the network should be configured such that the Delivery Function associated with a surveillance request should be compatible with the version requested by the CMS. Per Electronic Surveillance specification assumptions, the C4 CMTS supports a maximum number of intercepts of 5% of its active calls.
Electronic Surveillance Configuration Event Messaging must be configured on the C4 CMTS in order to enable the forwarding of the duplicated event messages to the Delivery Function. This is in keeping with the PacketCable specification, since a CMTS Element ID is required for the event messages that are forwarded to the Delivery Function. For more details see Event Messaging, page 16-25. Note that the retry limit and the retry timer as configured for Event Messaging also apply to the event messages that are sent to the Delivery Function.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-33
16 PacketCable™ Services
If an RKS is not being deployed within the PacketCable network being configured, the following command can be entered to turn off billing on the C4 CMTS: configure packetcable eventmsg no billing-events This allows the event messages to be forwarded to the Delivery Function without sending event messages to a non-existent RKS. No provisioning is required on the C4 CMTS to enable CALEA Call Content.
Electronic Surveillance Logging Messages The C4 CMTS prints the following “info” level log messages when a request for CALEA Call Data or CALEA Call Content, respectively, is received from the CMS: Example 1: — CALEA Call Data log message C4# slh History: notifications=4, size=2000 show history filters: terse format Time Sl Pri Text... -------- -- ---- ------17:01:54 19 notc: CLI command:c4:10.43.200.204:clear logging history 17:02:40 19 info: Received Electronic Surveillance Request for Call Data (Pen Register Trap & Trace).
Example 2: — CALEA Call Content log message C4# slh History: notifications=4, size=2000 show history filters: terse format Time Sl Pri Text... -------- -- ---- ------17:01:54 19 notc: CLI command:c4:10.43.200.204:clear logging history 17:02:40 19 info: Received Electronic Surveillance Request for Call Data (Pen Register Trap & Trace). 17:02:45 19 info: CLI command:c4:10.43.200.204:show logging history 17:03:38 19 info: Received Electronic Surveillance Request for Call Content (Intercept).
16-34
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Running in a non-PacketCable Compliant Voice Environment The C4 CMTS may be configured to run in an enhanced-QoS network configuration that is not fully PacketCable compliant. In this case, one or more changes from the default configuration may be necessary on the C4 CMTS. The required changes are dependent on the vendor of the MTA as well as the degree of PacketCable compliance to be used on the access network. Of course, if enhanced QoS is not desired, the best-effort primary flow of the MTA may be used to carry telephony packets at the expense of audio quality. The benefits of running in a PacketCable compliant system configuration include: •
Authorization of DSx requests using PacketCable gates, thus providing a higher level of security against theft of service
•
Secure connections for administrative services (COPS messaging, Event Messaging, NCS, and so on)
•
Robust signaling support via the check and balance provided by the three legs involved (MTA, CMTS, CMS)
•
Billing support
•
Electronic surveillance support
•
Differentiation of emergency calls from normal calls
When the C4 CMTS is configured for non-PacketCable Compliance, the system provides for guaranteed Quality of Service using the DOCSIS 1.1compliant Dynamic Services Interface functionality. NOTE If you choose to support non-PacketCable, multiple vendor MTAs on the same C4 CMTS and even on the same CAM, use the configure interface cable {slot} authorization-module command to set open-dynamic-flow-policy to true and disable PacketCable (no packetcable). Otherwise, the C4 CMTS rejects DOCSIS Dynamic Services requests that do not include an Authorization Block specifying a CMS-issued Gate ID (required for PacketCable).
Working with non-ARRIS MTAs in a non-PacketCable Compliant Voice System When using enhanced-access QoS with an MTA produced by a vendor other than ARRIS in a non-PacketCable compliant system, the generic DOCSIS 1.1 Dynamic Services interface must be enabled. This mode causes the C4 CMTS to assume that all Dynamic Services requests are authorized.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-35
16 PacketCable™ Services
For each Cable Access Module (CAM) upon which calls will be made with this configuration, execute the CLI command: configure interface cable {slot Number} authorizationmodule open-dynamic-flow-policy where {slot Number} is replaced by the actual number of the C4 CMTS chassis slot containing the CAM. Ensure that spare CAMs in the same bundle-group are included as well. To disable this mode, for each CAM, execute the CLI command: configure interface cable {slot Number} authorizationmodule no open-dynamic-flow-policy
Working with ARRIS MTAs in a non-PC1.x Compliant System ARRIS MTAs (TTM and TTP families) are capable of using an additional degree of security in that they can mimic the format of PacketCablespecific Dynamic Services requests, thereby allowing the C4 CMTS to not need to be open to all DOCSIS Dynamic Services Requests. This is useful in environments whereby the CMS does not implement the PacketCable DQoS Gate authorization scheme over the COPS protocol. (See NOTE above.) First execute the following command to disable PacketCable: configure interface cable {slot Number} authorizationmodule no packetcable where {slot Number} is replaced by the actual number of the C4 CMTS chassis slot containing the CAM. Ensure that spare CAMs in the same bundle-group are included as well. If using ARRIS MTAs in a non-PacketCable voice application, opendynamic-flow-policy may be enabled or disabled, according to user preference. configure interface cable {slot Number} authorizationmodule [no] open-dynamic-flow-policy Comparison of Provisioning for PacketCable and nonPacketCable Voice
As stated above, use the following two commands to configure the authorization module: configure interface cable {slot Number} authorizationmodule [no] packetcable configure interface cable {slot Number} authorizationmodule [no] open-dynamic-flow-policy
16-36
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
If PacketCable DQoS is desired, then … •
packetcable MUST be enabled (the system default is enabled)
•
open-dynamic-flow-policy can be enabled or disabled; the system default is enabled Disabling open-dynamic-flow-policy prevents any non-PacketCable DOCSIS 1.1 DSx activity from occurring. Currently there are no known applications using DSx except PacketCable, so disabling opendynamic-flow-policy helps provide some level of protection against theft of service.
If DSx DQoS (non-PacketCable) is desired, then … •
packetcable should be disabled (the system default is enabled) Disabling packetcable is required when running with ARRIS TTMs: they use the gate ID 0x8675309 in the DSx messages. If packetcable is enabled, the C4 CMTS tries to authorize against this non-existent gate and fails the call.
•
open-dynamic-flow-policy should be enabled (the system default is enabled) Enabling open-dynamic-flow-policy is required when running with non-ARRIS MTAs. If only ARRIS TTMs are used, this setting can be disabled to provide for the higher level of protection against theft of service.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-37
16 PacketCable™ Services
Converged Services Ensuring QoS in a Converged Services Environment
Converged services is the term applied to the deployment of various applications, such as voice, video, and high speed data, on a single CMTS. To ensure that appropriate QoS levels are enforced in this mixed services environment, QoS parameters defined by DOCSIS 1.1 must be applied to enforce appropriate relative prioritization of traffic. ARRIS recommends the utilization of some of these DOCSIS parameters in association with each of the applications that might potentially run on the C4. Keep in mind that other settings can be used, as long as the relative priority of the various applications is set as desired. However, some of the values are strongly recommended, as noted, based on ARRIS experiences with lab testing of converged services in system overload conditions. See Table 16-2 below.
Table 16-2: Recommended Traffic Priorities for Different Applications Application
DOCSIS Traffic Priority
Notes
Upstream Voice Bearer Traffic: UGS and UGS/AD
N/A
The C4 guarantees service to UGS flows, per the DOCSIS specification; therefore, this flow type is always higher priority than any other.
Real-Time Polling Service (rtPS)
7
rtPS has been used in field trials as the flow type for the video portion of video calls
6
ARRIS strongly recommends that upstream signaling traffic, both in the form of PacketCable 1.x NCS and DSx signaling, be handled at traffic priority 6 to ensure call set up even in the presence of high speed data overload.
5
For PacketCable 1.x, this traffic priority is fixed, per CableLabs specification. If a mix, which includes PacketCable 1.x, of voice applications is to be deployed, priorities should be applied at this level, in order to treat the various voice applications equally. Of course, if it is desired that one type of voice application be given priority over another type, priority should be set appropriately for the desired behavior.
4
This value was chosen to be lower priority than the actual bearer traffic, but as high as possible. As in the upstream, “signaling” includes both PacketCable 1.x NCS and DSx signaling (which is critical to call set up and tear down).
3
This priority is a candidate for PCMM services, Advanced DSG service, and tiered services.
Upstream Voice Signaling Traffic
Downstream PacketCable 1.x Voice Bearer Traffic
Downstream PacketCable 1.x Voice Signaling Traffic
16-38
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table 16-2: Recommended Traffic Priorities for Different Applications (Continued) DOCSIS Traffic Priority
Application
Notes
2
This priority is a candidate for PCMM services, Advanced DSG service, and tiered services.
High Speed Data (Best Effort)
1
Priority 1 is often used for high speed data.
Default HSD and DSG Tunnel Data
0
Priority 0 is the default priority applied to high speed data and DSG Tunnel data, unless otherwise specified via a modem config file (for HSD) or via SCN (for DSG).
SfMaxTrafficRate (tmax) and SfMinReservedRate (tmin)
ARRIS recommends using the tmin and tmax values in Table 16-3 whenever there is a desire to maintain toll grade performance under data overload conditions:
Table 16-3: Adjusting tmax and tmin for Overload Conditions Application Upstream Voice Signaling Traffic
tmin
tmax
Notes
8k
64k
ARRIS strongly recommends these settings to ensure that sufficient opportunities are given for data to be transmitted on these flows.
64k
ARRIS strongly recommends these settings to ensure that sufficient opportunities are given for data to be transmitted on these flows. This is especially critical if there is a desire to maintain toll grade performance under high speed data overload conditions.
Downstream Voice Signaling Traffic
8k
High Speed Data
0k
Leaving HSD at the tmin default of 0k reinforces the priority for polling opportunities given to the applications listed above.
The following diagram shows one possible classification scheme to set up flows with the parameters recommended above. Note that the voice flows would be set up dynamically, per PacketCable 1.x, and the data and signaling flows would be set up via a modem configuration file.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
16-39
16 PacketCable™ Services
US Service Flows
Voice Flow (UGS [A/D]) [RTP]
Priority = 6 Tmax = 64K Tmin = 8K
Secondary Flow (BE) [Data] Priority = 1 Tmin = 8K
Priority = 2 IP: * Proto = 17(UDP) * SrcPort = 2427
Priority = 1 IP: * Proto = 256 (Match any IP Proto)
DS Service Flows
Voice Flow [RTP] Priority = 5
Priorities: High to Low
Prim. Flow (BE) [MacMgmt+NCS]
US Classifiers Priority = 128 IP: * Proto = 17(UDP) * SrcAddr = a.b.c.d * DestAddr = w.x.y.x * SrcPort = A * DestPort = Z
Prim. Flow [NCS+MacMgmt] Priority = 4 Tmax = 64K Tmin = 8K
Secondary Flow [Data]
DS Classifiers Priority = 128 IP: * Proto = 17(UDP) * SrcAddr = w.x.y.z * DestAddr = a.b.c.d * SrcPort = Z * DestPort = A Priority = 2 IP: * Proto = 17(UDP) * SrcPort = 2727
Priority = 1 IP: * Proto = 256 (Match any IP Proto)
Priority = 1 Tmin = 0
Figure 16-4: An Example of Classification for PacketCable 1.x In a Combined Voice and Data Environment
16-40
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
17. Baseline Privacy Interface (BPI)
Topics
Page
Baseline Privacy Overview
1
Baseline Privacy Setup
4
Baseline Privacy Debugging
20
Explanation of BPI Trap Codes
24
CLI Commands for Baseline Privacy
28
Baseline Privacy Overview This section is a brief and high-level overview, further detailed information can be obtained from CableLabs® in the latest versions of the DOCSIS® Baseline Privacy or Baseline Privacy Plus Interface specifications. Baseline Privacy (BP) provides cable modem users with data privacy across the cable network equal to or better than that provided by dedicated line network services. It does this by encrypting traffic flows on the RF link between the CM and CMTS. Baseline Privacy also provides cable operators with protection from theft of data services.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-1
17 Baseline Privacy Interface (BPI)
Baseline Privacy Plus Interface (BPI+) is an extension of the Baseline Privacy Interface (BPI); it further strengthens the BP specification by adding cable modem authentication through the use of X.509 digital certificates. These extensions are entirely backwards compatible with the earlier BPI specification. The Baseline Privacy portion of the DOCSIS® C4 CMTS is compatible with cable modems operating in either BPI or BPI+ mode. BPI Operations
Baseline Privacy is comprised of two separate but interrelated protocols. The first is Baseline Privacy Key Management (BPKM), the second is the packet data encryption on the RF link.
BPKM
The CM and CMTS use the BPKM protocol to determine authorization status and transfer of traffic keying material. Through this key management protocol, the CM and CMTS synchronize keying information. BPKM follows a client/server model where the CM, the client, requests encryption material and the CMTS, the server, responds to those requests. BPKM uses DOCSIS® MAC Management messaging in the request/reply operations of the protocol. Baseline Privacy uses public-key cryptography to establish symmetric traffic keys between the CM and CMTS.
Packet Data Encryption
Packet data encryption is an extended service within the DOCSIS® MAC sublayer. When encrypting packet data, only the frame’s packet data is encrypted; the frame’s header is not encrypted. To indicate the proper encryption/decryption key to use, a special Baseline Privacy Extended Header is included in the MAC frame header. This special extended header indicates encryption information related to the current MAC frame. The current DOCSIS® specified algorithm used for packet data encryption is 56-bit DES operating in cipher block chaining (CBC) mode. NOTE To reduce confusion in MIB tables and the Baseline Privacy Specification, a Security Association ID (SAId) can be thought of as the key ID for a traffic flow. It is just a number and should not be confused with the SID which is the service ID of a flow.
Baseline Privacy Operational Overview The operation between the CM and CMTS is conducted in three main steps: 1 Registration 2 Initialization 3 Reauthorization and rekeying Each is explained in the sections that follow.
17-2
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Registration
At registration, the modem receives operational parameters from the CM’s configuration file. The CMTS verifies these parameters through the CM’s registration request message. There is one specific message TLV, type 17, which contains the Baseline Privacy operational parameters. The progression of registration is the same for BPI and BPI+, but BPI+ has different requirements. CAUTION
BPI operation requires ALL type 17 BPI parameters to exist and be within range for registration to complete and accept the BPI portion of registration.
NOTE BPI+ is much less restrictive: some, all, or no type 17 parameters need to exist for the BPI portion of registration to complete. For BPI+ registration, any values that are not specifically defined in the configuration file are defaulted to the values defined in the Baseline Privacy Spec, Appendix A, in the Recommended Operational Ranges table. Initialization
After registration is complete, and Baseline Privacy is enabled, the second operational step of Baseline Privacy initialization begins. It begins by authorizing the CM to use specific flows and is then followed by the transferring of traffic key information for each specific flow. BPI+ performs the same sequence as BPI with the addition of an initial digital certificate information message which is used in modem authentication. A successful initialization sequence proceeds as follows: 1 The CM authorizes with the CMTS through the use of authorization messages.
Release 4.2, Standard
•
The first message is the Authorization Request. This message contains CM identification (CM MAC, serial number, manufacturer) and a list of unicast Service IDs (SIDs).
•
The second message is the Authorization Reply from the CMTS. This message contains: A public key encrypted authorization key, an authorization key valid lifetime, an authorization key sequence number, and a list of unicast SAIds along with provisioned multicast SAIds.
ARRIS PROPRIETARY — All Rights Reserved
17-3
17 Baseline Privacy Interface (BPI)
2 The CM is granted traffic keys through the use of key (TEK) messages.
Reauthorization and Rekeying
•
The first message is the Key Request message. This message contain CM identification (CM MAC, serial number, and manufacturer), a SAId the request is being made for, an authorization key sequence number and a message authentication code (HMAC). The HMAC is a keyed signature that uses the authorization key.
•
The second message is the Key Reply message. This message contains: an authorization key sequence number (again used for HMAC signature), the SAId the request is being made for, a security association flag, one or two traffic keys and respective information for the specific service flow, and a message authentication code (HMAC).
The third operational step of reauthorization and rekeying is accomplished at predetermined lifetimes using the messages in the respective sequence above.
Baseline Privacy Setup This section describes Baseline Privacy basic setup procedures. The basic configuration of the C4 CMTS for Baseline Privacy is broken into four main topics: 1 Initial CMTS Base Table Setup 2 Configuration files 3 Multicast 4 Digital certificates
Initial CMTS Base Table Setup The DocsBpi2CmtsBaseEntry contains settings required when all new cable modems initialize Baseline Privacy. Any changes made to this table will only affect newly registered modems. All previously registered modems will not be affected; therefore, the base table values should be set up before registering any modems on the system. This allows consistent settings to be applied to all modems. Consistent settings offers easier maintenance of key lifetime versus key grace time values which may cause denied modem registration. For normal operation, the default values in the CMTS base table should be used. If these values are acceptable, the C4 will choose these operating values at system power up and no further system configuration is required. If you wish to configure the system using values other than the defaults, please read the parameter descriptions on the following pages first.
17-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The configuration (status) data is briefly outlined, the counts are self explanatory and are read-only. Figure 17-1 illustrates the DocsBpi2CmtsBaseEntry:
Figure 17-1: Example of Baseline Privacy Base Table DefaultAuthLifetime
The value of this object is the default lifetime, in seconds, that the CMTS assigns to an initial cable modem’s authorization key. Recommended range: Default (per DOCSIS®):
86,400 – 6,048,000 604,800
The default value is acceptable for normal operation. The shorter the lifetime the more processor overhead will exist. Shorter times give some improvement in security. A MIB browser or CLI command may be used to configure DefaultAuthLifetime directly. Since there are many different MIB browsers, only the CLI command will be described. configure interface cable cable privacy kek life-time
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-5
17 Baseline Privacy Interface (BPI)
(Example) To set the default authorization lifetime to 7 days on slot 5 channel 0: configure interface cable 5/0 cable privacy kek life-time 604800 DefaultTEKLifetime
The value of this object is the default lifetime, in seconds, that the CMTS assigns to an initial cable modem’s traffic key (TEK). Recommended range: Default (per DOCSIS®):
1,800 – 604,800 43,200
The default value is acceptable for normal operation. The shorter the lifetime the more processor overhead will exist. Shorter times give some improvement in security. CAUTION
The TEK lifetime must be more than twice as large as the largest TEK CM grace time to prevent denied CM registration. A MIB browser or CLI command may be used to directly configure DefaultTEKLifetime. Since there are many different MIB browsers, only the CLI command will be described. configure interface cable cable privacy tek life-time (Example): To set the default TEK lifetime to 12 hours on slot 5 channel 0: configure interface cable 5/0 cable privacy tek life-time 43000 DefaultSelfSignedManufCert Trust (BPI+Certificates)
This object determines the default trust of self-signed manufacturer certificate entries, contained in DocsBpi2CmtsCACertTable, created after setting the object. Valid values: Default:
trusted | untrusted untrusted
CAUTION
Self-signed certificates are a security risk. As a general rule, do not trust them.
NOTE Valid self-signed certificates are marked trusted or untrusted depending on this MIB variable. If the default trust value is set to untrusted and CA Certificates are learned, then these CA Certificates are considered
17-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
untrusted and stored. This is a one-time determination which is never reevaluated unless the certificate is deleted and relearned. Setting the trust value for default self-signed back to trusted does not automatically change the trust of previously learned self-signed CA Certificates. To change the trust of previously learned self-signed CA Certificates, you must manually edit the current certificate’s trust state or delete the certificate entry so that the certificate will be relearned. A MIB browser or CLI command may be used to directly configure DefaultSelfSignedManufCertTrust. Since there are many different MIB browsers, only the CLI command will be described. configure interface cable cable privacy default-cert-trust (Example): To not trust self-signed certificates on slot 5 channel 0: configure interface cable 5/0 cable privacy default-cert-trust untrusted
CheckCertValidityPeriods (BPI+ Certificates)
Setting this object to TRUE causes all chained and root certificates in the chain to have their validity periods checked against the current time of day, when the CMTS receives an Authorization Request from the CM. A FALSE setting causes all certificates in the chain not to have their validity periods checked against the current time of day. Valid values: Default:
true | false true
Validity period checking should be on. NOTE The respective period checking of certificates and their related chaining is not retroactive. The current checking state is applied only to new incoming certificates and certificate chains. A MIB browser or CLI command may be used to directly configure CheckCertValidityPeriods. Since there are many different MIB browsers, only the CLI command will be described. configure interface cable cable privacy chk-validity-period
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-7
17 Baseline Privacy Interface (BPI)
(Example): To enable checking of certificate validity period on slot 5 channel 0: configure interface cable 5/0 cable privacy chk-validity-period true To Review or Confirm Settings
To check or review settings in the DocsBpi2CmtsBaseEntry MIB, either a MIB browser or the following CLI command may be used: show interface cable cable privacy base (Example): To display the DocsBpi2CmtsBaseEntry on slot 5 channel 0: show interface cable 5/0 cable privacy base
Baseline Privacy Cable Modem Configuration File Settings
All of the CM's Baseline Privacy configuration values are specified in the configuration file downloaded by the CM during registration. These values are BP-specific, type 17, configuration parameters. See Table 17-1, BP Cable Modem Config File Type 17 Parameters, on page 17-8. CAUTION
BPI requires ALL type 17 parameters to be present and within range in the CM's configuration file.
NOTE BPI+ does not require ANY parameters to be present in the CM's configuration file. BPI+ will choose DOCSIS® defined default values for any parameter not specified in the CM's config file. If a value is specified in the config file, that value will be used if within range. The modem will be rejected if the defined value is out of range. Table 17-1: BP Cable Modem Config File Type 17 Parameters Parameter Name
BPI Mode
Valid Range
BPI sugg. setting BPI+ Default
Authorize Wait Timeout
both
2-30
10
Reauthorize Wait Timeout
both
2-30
10
300-1800
600
300-3024000
600
Authorization Grace Time
BPI only BPI+ only
Operational Wait Timeout
both
1-10
10
Rekey Wait Timeout
both
1-10
10
17-8
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table 17-1: BP Cable Modem Config File Type 17 Parameters (Continued) Parameter Name
BPI Mode BPI only
TEK Grace Time
BPI+ only
Valid Range
BPI sugg. setting BPI+ Default
300-1800
600
300-302399
3600
10-600
60
Authorization Reject Wait Timeout
both
SA Map Wait Timeout
BPI+ only
1-10
1
SA Map Max Retries
BPI+ only
0-10
4
BPI Initialized State Configuration Settings. In normal operation the procedures given above are used before modems register. There are a limited number of BPI configuration values that may be changed after the modem has passed BPI initialization. You may use a MIB browser to modify these values; you can also use CLI commands to modify them from the console. The authorization and TEK valid lifetimes, as well as the Resetting of Authorization and TEK keys, are values that can be changed. Modifying certificates is covered in Provisioning BPI X.509 Certificates Using CLI Commands, page 17-17. DocsBpi2CmtsAuthCmLifeti me
The value of this object is the lifetime in seconds that the CMTS assigns to an authorization key for this CM. The no value of this command will set the value to default: 604800. configure interface cable cable privacy kek-cm life-time (Example) To set the authorization lifetime on modem 1122.3344.5566 to 604,800 seconds (seven days) on slot 5 channel 0: configure interface cable 5/0 cable privacy kek-cm 1122.3344.5566 life-time 604800
DocsBpi2CmtsAuthCmReset
The setting of this object causes the CMTS to invalidate the authorization key for this CM. configure interface cable cable privacy kek-cm-reset send-auth-invalid
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-9
17 Baseline Privacy Interface (BPI)
(Example) To reset the authorization on modem 1122.3344.5566 on slot 5 channel 0: configure interface cable 5/0 cable privacy kek-cm-reset 1122.3344.5566 send-auth-invalid
DocsBpi2CmtsTEKLifetime
The value of this object is the lifetime, in seconds, the CMTS assigns to keys for this TEK association. The no value of this command defaults to 43200. configure interface cable cable privacy tek-said life-time (Example) To set the TEK lifetime of SAId 1234 to 12 hours on slot 5 channel 0: configure interface cable 5/0 cable privacy tek-said 1234 life-time 43000
DocsBpi2CmtsTEKReset
The setting of this object causes the CMTS to invalidate the TEK for this SAId. configure interface cable cable privacy tek-said-reset (Example) To reset the TEK for SAId 1234 on slot 5 channel 0: configure interface cable 5/0 cable privacy tek-said-reset 1234
Encrypted Multicast Setup Encrypted multicast operates in parallel with the multicast feature. Encrypted multicast is similar to the above described encrypted unicast except that identical keying information must be sent to all modems operating in a specific multicast group. The operation of multicast between BPI and BPI+ modes is significantly different. BPI+ multicast is compatible with BPI multicast although BPI multicast is not compatible with certain BPI+ multicast operations. Multicast Static Operation BPI/BPI+
All static multicast group IP addresses must be provisioned and each modem using the multicast group must be authorized through the use of the CLI or MIB. This configuration is static multicast. Static operation requires the operator to define multicast groups and key IDs along with authorizations for these keys for each modem requesting static operation.
17-10
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Static Multicast Provisioning and Authorization
To statically provision a CM to receive keying information for a specific multicast group, a multicast map table element and associated multicast authorization element must be created. In its initial authorization or reauthorization, the CM is granted authorization for the provisioned (static) multicast map entry. To allow additional modems authorization to the specific multicast group, create additional multicast auth table entries for each respective modem. The sequence of steps needed to provision a single CM to receive encrypted multicast packets associated to a single IP multicast group address is as follows: 1 Provision the DocsBpi2CmtsIpMulticastMapTable. This may be done through an appropriate MIB browser using its specific method for provisioning table entries, or the C4 CMTS’s CLI may be used. Since the CLI is integral to the C4 CMTS, the CLI method is described here. The CLI command to provision a static multicast table entry is: configure interface cable cable privacy multicast map Where:
SAId: 8192 – 16383 IP Addr: Valid IP multicast range Prefix: IP mask Alg Type: none (none = unencrypted) or des56
(Example) In order to create a MulticastMapTable entry with the following values on slot 5 channel 0: SAId: IP Addr: Prefix Len (IP mask): Encryption Alg:
8192 230.1.2.3 255.255.255.255 56 Bit DES
… Use this command: configure interface cable 5/0 cable privacy multicast map 8192 230.1.2.3 255.255.255.255 des56 2 Verify the changes just made using the following show command: show interface cable cable privacy multicast map 3 Provision the DocsBpi2CmtsMulticastAuthTable. This may be done through an appropriate MIB browser using its specific method for provisioning table entries, or the C4 CMTS’s CLI may be used. The CLI command to provision a multicast authorization table entry is: configure interface cable cable privacy multicast auth
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-11
17 Baseline Privacy Interface (BPI)
Where:
SAId: 8192 – 16383
(Example) To create a MulticastAuthTable entry with these values on slot 5 channel 0: CM MAC: 00:10:95:17:92:4b Key authorization: 8192 … Use this command: configure interface cable 5/0 cable privacy multicast auth 8192 00:10:95:17:92:4b 4 Verify the changes just made using the following show command: show interface cable cable privacy multicast auth
Multicast Dynamic Operation BPI+ Only
For dynamic multicast, group IP addresses may be provisioned and each modem using the multicast group may be authorized through the use of the CLI or MIB. If a group is not provisioned, the group is unrestricted and the creation of the multicast group provisioning is performed by the CMTS. Dynamic operation handles the creation and cleanup of keys and the respective mapping automatically through the use of BPKM messaging. No operator configuration is required. NOTE If a multicast group does not have a static provisioned entry, the group is considered unrestricted. Multicast operation relative to the unrestricted group is a dynamic operation. This means that if a map request is made by a CM for the group, the modem will be granted keys. Furthermore, the downstream multicast data will be in the clear mode until the first encrypted modem makes a map request. At this time the group switches to encrypted mode.
CAUTION
If a multicast group contains a mix of encrypted and non encrypted users, the operator must provision a static unencrypted flow for the group. If this provisioning is not performed, ALL non-encrypted users stop receiving unencrypted downstream data when the first BPI enabled modem maps to the respective multicast group. Static Unencrypted Multicast provisioning (No Multicast Authorization Needed)
17-12
In order to map an IP address to a unencrypted flow, provision an unencrypted flow as follows:
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
1 Provision the DocsBpi2CmtsIpMulticastMapTable. This may be done through an appropriate MIB browser using its specific method for provisioning table entries, or the C4’s CLI may be used. The CLI command to provision a static multicast table entry is: configure interface cable cable privacy multicast map Where:
SAId: 8192 – 16383 IP Addr: Valid IP multicast range Prefix: IP mask Alg Type: none (none = unencrypted) or des56
(Example) To create a MulticastMapTable entry with the following values on slot 5 channel 0… SAId: IP Addr: Prefix Len (IP mask): Encryption Alg:
8192 230.1.2.3 255.255.255.255 none
…Use this command: configure interface cable 5/0 cable privacy multicast map 8192 230.1.2.3 255.255.255.255 none At this point an unencrypted MulticastMapTable entry has been created. All data relative to this multicast group is unencrypted.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-13
17 Baseline Privacy Interface (BPI)
Digital Certificates (BPI+ Only) In normal operation, configuration of certificates is not required. In cases requiring removal of certificates, change of trust status, addition of new certificates, etc., the respective Baseline Privacy certificate MIB table entries must be added, deleted, or modified. For BPI+ to authenticate cable modems, the DOCSIS® (or EuroDOCSIS) Root Certificate must already be provisioned in the in the DocsBpi2CmtsCACertTable. The CMTS loads these certificates at powerup. If a CA certificate is not present or there is a new DOCSIS Root Certificate to add, then it must be manually added. This certificate may be added through a MIB browser, BPI-related CLI commands, or through BPI import and export commands. The BPI CLI commands allow certificates to be added individually from the C4 command line. The import and export commands allows one to many certificates to be added. Both the CM and Ca certificate database can be provisioned through the BPI CLI and through import and export commands.
17-14
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Provisioning BPI X.509 Certificates Using Import/Export Commands Importing Certificate Authority (CA) Certificates
Use this procedure to import provisioned CA certificates entries for the DocsBpi2CmtsCACertEntry MIB table. The imported file may be an ASCII file (containing previously exported provisioned CA certificate(s), or a DER-encoded binary (usually *.der) certificate file. 1 FTP to the C4 CMTS. 2 Enter the /system/certs directory on the CMTS flash disk. 3 Upload the ASCII file(s) containing exported DocsBpi2CmtsCACertEntrys in ASCII mode, or DER encoded certificate file(s) in binary mode. 4 When all desired DOCSIS® Root CA Certificate(s) are on the flash disk, telnet to the C4 CMTS. At the C4 prompt, copy the certificates to the CMTS internal database by issuing the following CLI command: copy cacert-config : is the path and file name of the ASCII certificate file, or the DER-encoded binary certificate file. The CA certificate is read out of and provisioned into the MIB entry called DocsBpi2CmtsCACertEntry. (Example) To read the certificate(s) in the file certs/cacerts.txt on the CMTS flash disk and save it or them in the DocsBpi2CmtsCACertEntry MIB table, use the following command: copy certs/cacerts.txt cacert-config
Exporting Certificate Authority (CA) Certificates
Use this procedure to export provisioned CA certificates entries from the DocsBpi2CmtsCACertEntry MIB table. The exported file contains all the certificates in this table in ASCII format. 1 FTP to the C4 CMTS. 2 Copy the CA certificates to the certs directory on the CMTS flash disk by issuing the following CLI command: copy cacert-config : is the path and file name of the backup certificate(s) file to be stored. CA certificate entries are stored in ASCII just as they appear in the MIB.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-15
17 Baseline Privacy Interface (BPI)
(Example) To copy the CA Certificate(s) in the DocsBpi2CmtsCACertEntry MIB table to an ASCII file named cacerts.txt in the certs directory on the CMTS flash disk, use the following command: copy cacert-config certs/cacerts.txt Importing Provisioned Cable Modem (CM) Certificates
Use this procedure to import provisioned CM certificates entries for the DocsBpi2CmtsProvisionedCmCertEntry MIB table. The imported file may be an ASCII file containing previously exported provisioned CM certificate(s), or a DER-encoded binary certificate file (usually *.der). 1 FTP to the C4 CMTS. 2 Enter the certs directory on the CMTS flash disk. 3 Upload the ASCII file(s) containing exported DocsBpi2CmtsProvisionedCmCertEntrys in ASCII mode, or DER encoded certificate file(s) in binary mode. 4 When all desired CM Certificate(s) are on the flash disk, copy the certificates to the CMTS internal database by issuing the following CLI command: copy provcmcert-config : is the path and file name of the ASCII certificate file, or the DER-encoded binary certificate file. The CM certificate is read out of and provisioned into the MIB entry called DocsBpi2CmtsProvisionedCmCertEntry. (Example) To read the certificate(s) in the file certs/cmcerts.txt on the CMTS flash disk and save it or them in the DocsBpi2CmtsProvisionedCmCertEntry MIB table, use the following command: copy certs/cmcerts.txt provcmcert-config
Exporting Provisioned Cable Modem (CM) Certificates
Use this procedure to export provisioned CM certificates entries from the DocsBpi2CmtsProvisionedCmCertEntry MIB table. The exported file contains all the certificates in this table in ASCII format. 1 FTP to the C4 CMTS. 2 Copy the CM certificates to the certs directory on the CMTS flash disk by issuing the following CLI command: copy provcmcert-config : is the path and file name of the ASCII certificate file to be stored.
17-16
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The CM certificate entries are stored in ASCII just as they appear in the MIB. (Example) To copy the CM Certificate(s) in the DocsBpi2CmtsProvisionedCmCertEntry MIB table to an ASCII file named cmcerts.txt in the certs directory on the CMTS flash disk, use the following command: copy provcmcert-config certs/cmcerts.txt NOTE All CM certificates are provisioned with a default trust value of untrusted. An operator may choose to change this value via a MIB browser, BPI or CLI command. If an authorization request is received and a CM Certificate identical to the CM certificate received from the CM has been provisioned for that MAC address, the CMTS disregards the CM certificate provided in the auth request and use the trust value associated with the provisioned CM certificate for validation.
Provisioning BPI X.509 Certificates Using CLI Commands A MIB browser may be used to directly install or display certificates in the Certificate Authority (CA) MIB table. When a MIB browser is not available, use the CLI commands below to gain access through the CMTS console. CA Certificates
To install certificates in the CA certificate MIB table: configure cable privacy add-certificate manufacturer (Example) To add a manufacturer certificate to the CA certificate MIB table: configure cable privacy add-certificate manufacturer 308203da 308202c2 a0030201 02021045 529c2654 797e1623 c6e72318 0a9e9c30 0d06092a 864886f7 0d010105 05003081 97310b30 09060355 04061302 55533139 • • • 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 7218c479 34be7cc1 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 dc378ffc 1234
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
17-17
17 Baseline Privacy Interface (BPI)
To remove certificates in the CA certificate MIB table: configure cable privacy no add-certificate manufacturer
(Example) To remove a manufacturer certificate from the CA certificate MIB table: configure cable privacy no add-certificate manufacturer 308203da 308202c2 a0030201 02021045 529c2654 797e1623 c6e72318 0a9e9c30 0d06092a 864886f7 0d010105 05003081 97310b30 09060355 04061302 55533139 • • • 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 7218c479 34be7cc1 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 dc378ffc 1234
To Review or Confirm CA Certificates
To display certificates in the CA certificate MIB table: show cable privacy {manufacturer-cert-list | root-cert-list | ca-certificates} (Example) To display the list of root CA certificates: show cable privacy root-cert-list
(Example) To display the list of manufacturer CA certificates: show cable privacy manufacturer-cert-list
(Example) To display all CA certificates: show cable privacy ca-certificates
CM Certificates:
17-18
Provisioning CM certificates is similar to CA certificate provisioning except, the CM certificates are stored in a different mib table, DocsBpi2CmtsProvisionedCmCertTable, and there is an additional parameter, the MAC address. The examples above for CA certificates can be used with the addition of the MAC address parameter.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
To provision CM certificates: configure cable privacy add-certificate cm
(Example) To add a CM certificate: configure cable privacy add-certificate cm 308203da 308202c2 a0030201 02021045 529c2654 797e1623 c6e72318 0a9e9c30 0d06092a 864886f7 0d010105 05003081 97310b30 09060355 04061302 55533139 • • • 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 7218c479 34be7cc1 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 dc378ffc 1234 To remove CM certificates: configure cable privacy no add-certificate cm
(Example) To remove a cm certificate: configure cable privacy no Hex-data> 308203da 308202c2 a0030201 c6e72318 0a9e9c30 0d06092a 97310b30 09060355 04061302
add-certificate cm
show crypto ipsec transform-set The following is an example of the output returned by the system: Transform set: TSET1 encryption algorithm: esp-3des authentication algorithm: esp-md5-hmac encapsulation mode: transport Transform set: TSET2 encryption algorithm: esp-null authentication algorithm: esp-sha-hmac encapsulation mode: transport
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-733
26 CLI Command Descriptions
show crypto isakmp Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the current state of the Internet Key Exchange (IKE) daemon process (e.g. enabled vs. disabled). show crypto isakmp
Example
To display the current state, use the following command: C4>
show crypto isakmp If the IKE daemon had been enabled, the system response would be: The IKE daemon is running. If the IKE daemon had been disabled, the system response would be: The IKE daemon is not running.
26-734
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show crypto isakmp policy Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays all global ISAKMP phase 1 policies (proposals). show crypto isakmp policy
Example
To display the ISAKMP phase 1 policies, type the following command: C4>
show crypto isakmp policy The following is an example of the output returned by the system: Protection suite priority 1 encryption algorithm: 3DES - Data Encryption Standard (168 bit keys) hash algorithm: Message Digest 5 (MD5) authentication method: Preshared Key Diffie-Hellman Group: #1 (768 bit) lifetime: 420 seconds Protection suite priority 2 encryption algorithm: 3DES - Data Encryption Standard (168 bit keys) hash algorithm: Secure Hash Standard (SHA-1) authentication method: Preshared Key Diffie-Hellman Group: #2 (1024 bit) lifetime: 1200 seconds
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-735
26 CLI Command Descriptions
show crypto isakmp sa Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the current ISAKMP (Phase 1) security associations (SAs) including connection-id. show crypto isakmp sa
Example
To display the current ISAKMP SAs, type the following command: C4>
show crypto isakmp sa The following is an example of the output returned by the system:
Local --------------10.1.64.238 10.1.64.238
Remote --------------10.1.240.82 10.1.2.40
Lifetime (sec) State Conn Role Enc Hash Grp Limit Remain ------ ---- ---- ---- ---- --- ------ -----mature 188 resp 3des md5 1 420 29 mature 189 resp 3des sha 2 1200 1042
The example shows: •
Local = The IP address of the C4's ISAKMP SA endpoint.
•
Remote = The IP address of the peer's ISAKMP SA endpoint.
•
State = The current status of the ISAKMP SA. Values are: -
26-736
larval: If this is a lasting condition, the ISAKMP SA negotiation is likely unsuccessful. If this is a temporary condition, then the ISAKMP SA is likely negotiating successfully. mature: The ISAKMP SA negotiation was successfully and is now available for negotiating IPSec SAs as needed.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
-
•
dying: The ISAKMP SA is expiring. A new ISAKMP SA should be created when new IPSec SAs are needed. Conn: Numeric identifier used to correlate related IPSec SAs.
•
Role: -
Release 4.2, Standard
•
resp: The C4 CMTS acted as a responder during the creation of this ISAKMP SA. - init: The C4 CMTS acted as an initiator during the creation of this ISAKMP SA. Enc = See corresponding "configure crypto" command.
•
Hash = See corresponding "configure crypto" command.
•
Grp = See corresponding "configure crypto" command.
•
Limit Lifetime (sec) = See corresponding "configure crypto" command.
•
Remain Lifetime (sec) = The amount of lifetime remaining until this ISAKMP SA expires.
ARRIS PROPRIETARY — All Rights Reserved
26-737
26 CLI Command Descriptions
show crypto map Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the crypto maps. If a map name is given, only displays that crypto map entry. show crypto map [tag ] Parameter
Definition
[tag ]
Example
Name of the crypto map.
To display the crypto maps, type the following command: C4>
show crypto map The following is an example of the output returned by the system: Map: initmap 1 Role: initiator/responder Peer: 10.1.64.2 Extended IP access list 101 access-list 101 permit tcp source addr: 10.1.64.238/0.0.0.0 dest addr: 10.1.64.2/0.0.0.0 Security association lifetime: 3600 seconds Transform set: TS1 Map: respmap 1 Role: responder Using dynamic-map: dmap
26-738
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show disk volume scm Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the disk volume information. show disk volume scm [critical-hold | major-hold | minor-hold ] [auto-delete-file] Parameter
Definition
The volume name in the following format: /system, /update, or /active. The slot number of the SCM (either slot 19 or 20)
[critical-hold
The threshold when exceeded will cause a trap to be sent with diskVolumeUsageLevel of diskVolumeUsageCritical
| major-hold
The threshold when exceeded will cause a trap to be sent with diskVolumeUsageLevel of diskVolumeUsageMajor
| minor-hold ]
The threshold when exceeded will cause a trap to be sent with diskVolumeUsageLevel of diskVolumeUsageMinorl
[auto-delete-file]
Example
Automatically deletes unused files when critical-threshold is exceeded.
Following are examples of show disk volume commands for the /system, /update, and /active volumes on the SCM in slot 19 along with the corresponding replies: C4>
show disk volume /system scm 19 Disk volume /system at SCM slot 19: Critical threshold: 90% Major threshold: 80% Minor threshold: 70%
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-739
26 CLI Command Descriptions
Auto delete unused files: off C4>
show disk volume /update scm 19 Disk volume /update at SCM slot 19: Critical threshold: 90% Major threshold: 80% Minor threshold: 70% Auto delete unused files: off
C4>
show disk volume /active scm 19 Disk volume /active at SCM slot 19: Critical threshold: 90% Major threshold: 80% Minor threshold: 70% Auto delete unused files: off
26-740
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show environment Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the module temperature status, fan status, and power feed status. show environment
Example
To display the hardware status, type the following command: C4#>
show environment The following is an example of the output returned by the system: ==Temperature status== Slot Description ---- --------------0 CAM (IU, 1D, 8U) 1 CAM (IU, 1D, 8U) 2 CAM (IU, 1D, 8U) 3 CAM (IU, 1D, 8U) 4 CAM (IU, 1D, 8U) 5 CAM (IU, 1D, 8U) 6 CAM (IU, 1D, 8U) 7 CAM (IU, 1D, 8U) 8 CAM (IU, 1D, 8U) 9 CAM (1D, 8U) 10 CAM (1D, 8U) 12 CAM (2D, 12U) 14 NAM (1GE, 1FE) 16 NAM (1GE, 1FE) 17 FCM 18 FCM 19 SCM 20 SCM
HW Version ----------------CAM-01081N/J04 8400002G01/G06 8400002G01/G06 8400002G01/G06 8400002G01/G05 CAM-01081N/L05 CAM-01081N/J03 CAM-01081N/J04 8400002G01/G05 8400002G01/G06 CAM-01081N/L04 CAM-01122W/D15 GNAM-GB010W/B13 GNAM-GB010W/D04 FCM-30640W/E06 FCM-30640W/E06 SCM-00440W/G05 SCM-00440W/G05
Temperature -----------49 C (120 F) 45 C (113 F) 45 C (113 F) 46 C (114 F) 45 C (113 F) 45 C (113 F) 45 C (113 F) 44 C (111 F) 44 C (111 F) 44 C (111 F) 43 C (109 F) 57 C (134 F) 28 C ( 82 F) 27 C ( 80 F) 29 C ( 84 F) 27 C ( 80 F) 28 C ( 82 F) 28 C ( 82 F)
==Fan status==
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-741
26 CLI Command Descriptions
Unit ---------Fan Tray 0 Fan Tray 1 Fan Tray 2
Monitored --------yes yes yes
fan speed controlled:
Status -------spinning spinning spinning enabled
==Power feed status== Unit Monitored Status ----- --------- -----PCM A yes on PCM B yes on Related Command(s)
configure fan monitor shutdown configure fan speed-control shutdown
26-742
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show factory-eeprom Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the information in the factory EEPROM. If the slot parameter is omitted, it will display information in the factory EEPROM of the local card. show factory-eeprom [slot ] Parameter
Definition
[slot ]
Example
The chassis slot in which the targeted module resides. Valid values are from 0-20.
To display the factory-eeprom information of the FCM in slot 19, type the following command: C4>
show factory-eeprom slot 19 The following is an example of the output returned by the system: EEPROM information in slot 19 Model Number: SCM-02440W Model Version: B02 Options: 00 00 00 00 Serial Number: 03031CBM0051 Factory Name: AGCOMM Factory Date: 012303 Bus Frequency: 99900000 Downstream Calibration Checksum: 0 Firmware 0: P302 Firmware 1: C502 Firmware 2: Firmware 3: Firmware 4: Firmware 5: PIC EEPROM Information PIC Model Number: PICS-00440W PIC PCB Revision: D01
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-743
26 CLI Command Descriptions
PIC PIC PIC PIC PIC PIC PIC PIC
26-744
Serial Number: Factory Name: Factory Date: MAC Address: Type: Attenuation: Firmware 0: Firmware 1:
3223100047 AGCOMM 00:01:5C:11:CE:00 0000 0000
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show history Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the commands you have issued during your current CLI session. show history
Related Command(s)
history
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-745
26 CLI Command Descriptions
show hostname Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the name of the CMTS. show hostname
Example
To display the name assigned to the CMTS, type the following command: C4>
show hostname The following is an example of the output returned by the system: Hostname is C4
Related Command(s)
configure hostname
26-746
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show image Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
The C4 CMTS boots from an image file that contains all the necessary executable software code for the given release’s feature set and functionality. If no file name is specified, this command will display the image header of the current running image. show image [] Parameter
Definition
[]
Example
Image file directory and file name.
To display the current running image header, type the following command: C4>
show image The following is an example of the output returned by the system: No reload operation is in progress. Image file: /active/CMTS_V04.02.00.60.img Image name: CMTS_V04.02.00.60 Image ID: 43345349 Image timestamp: Wed Mar 02 21:20:42 2005 Image checksum: 7b8ac586 Component count: 28 NOTE The above output shows a committed image. If the image is had not been committed, the first line would read: update:/CMTS_V04.02.00.60.img •
Image file = image file name
•
Image ID = This number will be the same for every product in the line
•
Image timestamp = date when image was last updated
•
Component count = the number of individual software/firmware components in the current image.
Related Command(s)
reload
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-747
26 CLI Command Descriptions
show interface Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the interface information. show interface
Example
To display the interface information, use the following command: C4#
show interface The following is an example of the output returned by the system:
cable 0/0 mac-port AdminState:Down OperState:OOS-MAN Physical Address: 0001.5c11.ce00 MTU is 1500 Outgoing access list is not set Inbound access list is not set InOctets = 0 OutOctets = 0 InUcastPkts = 0 OutUcastPkts= 0 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0 InFiltered = 0
Type:
cable 1/0 mac-port AdminState:Up OperState:IS Physical Address: 0001.5c11.ce02 MTU is 1500 Outgoing access list is not set Inbound access list is not set InOctets = 0 OutOctets = 783936 InUcastPkts = 0 OutUcastPkts= 0 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0 InFiltered = 0
Type:
cable 2/0 mac-port AdminState:Up Physical Address: 0001.5c11.ce04
Type:
26-748
OperState:IS
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
MTU is 1500 Outgoing access list is not set Inbound access list is not set InOctets = 0 OutOctets = InUcastPkts = 0 OutUcastPkts= InDiscards = 0 OutDiscards = InErrors = 0 OutErrors = InFiltered = 0
640 0 0 0
fastEthernet 14/0 AdminState:Up OperState:IS Physical Address: 0001.5c11.ce24 MTU is 1500 Outgoing access list is not set Inbound access list is not set InOctets = 144831642 OutOctets = 24477121 InUcastPkts = 290593 OutUcastPkts= 280929 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0
Type:100 BaseT
gigabitEthernet 14/1 AdminState:Down OperState:OOS-MAN Physical Address: 0001.5c11.ce25 MTU is 1500 Outgoing access list is not set Inbound access list is not set InOctets = 0 OutOctets = 0 InUcastPkts = 0 OutUcastPkts= 0 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0
Type:1000 BaseT
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-749
26 CLI Command Descriptions
show interface / rate-limit Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the ACL configuration on the specified interface. show interface / rate-limit [counts] Parameter
Definition
Valid values for the gigabitEthernet NAM are slot 14 and 16 only.
The FastEthernet Port value on the Gigabit Ethernet Access Module (GNAM) is 0. The Gigabit Ethernet Port value on the GNAM 1. This optional parameter will cause the count information to display in a tabular format.
[counts]
Example
To display the ACL configuration for the gigabitethernet module in slot 14, port 1, type the following command: C4#
show interface gigabitethernet 14/1 rate-limit The following is an example of the output returned by the system:
gigabitEthernet 14/1 Input matches: access-group 101 params: 20000000 bps, 24000 limit, 32000 extended limit conformed 3 packets, 189 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes last cleared 00:03:59 ago matches: access-group 102 params: 10000000 bps, 24000 limit, 32000 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes
26-750
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
last cleared 00:03:59 ago matches: all traffic params: 8000000 bps, 16000 limit, 24000 extended limit conformed 5 packets, 315 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes last cleared 00:03:59 ago Output matches: all traffic params: 15000000 bps, 2812500 limit, 2812500 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop current burst: 0 bytes last cleared 00:03:59 ago Example
To display the CAR constraints for the gigabitethernet module in slot 14, port 1, in tabular form, type the following command: C4#
show interface gigabitethernet 14/1 rate-limit counts The following is an example of the output returned by the system:
Slot/ Port 14/1 14/1 14/1 14/1
Dir Access Group In 101 In 102 In All Out All
Release 4.2, Standard
Rate Limit bps 20000000 10000000 80000000 150000000
-----Conform-----packets bytes 3 189 0 0 5 315 0 0
-----Exceed------packets bytes 0 0 0 0 0 0 0 0
ARRIS PROPRIETARY — All Rights Reserved
26-751
26 CLI Command Descriptions
show interface cable / cable privacy multicast authorization Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Provides the ability to display all or specific baseline privacy multicast authorizations from the multicast auth table MIB. This is a channel specific parameter. NOTE This command is applicable to BPI and BPI+ modem operation. show interface cable / cable privacy multicast authorization [mac] Parameter
Definition
The chassis slot in which the targeted CAM module resides. Valid range is 0-15.
The downstream port number on the specified Cable Access Module.
[mac]
MAC address of the cable modem.
Example
The following example displays all multicast cable modem group/key authorizations on slot 5 channel 0. C4#
show interface cable 5/0 cable privacy multicast authorization The following is an example of the output returned by the system:
BPI Multicast Authorizations Interface SAId MAC Address Cable 5/128 9000 00:00:ca:31:4f:c1 Example
The following example displays all multicast cable modem group/key authorizations on slot 5 channel 0. Detailed output is shown below: C4>
show interface cable 5/0 cable privacy multicast authorization detail 0000.ca31.4fc1
26-752
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
The following is an example of the output returned by the system: slot/ds : 5/0 MAC : 00:00:ca:31:4f:c1 docsBpi2CmtsMulticastAuthControl : ACTIVE Related Command(s)
configure interface cable / cable privacy multicast authorization configure interface cable / cable privacy multicast map
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-753
26 CLI Command Descriptions
show interface cable / cable privacy multicast authorization detail Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Provides the ability to display all or specific baseline privacy multicast authorizations from the multicast auth table MIB. The detail option of the authorization will display the multicast parameters for the cable modem’s multicast group/key authorization. This is a channel specific parameter. NOTE This command is applicable to BPI and BPI+ modem operation. show interface cable / cable privacy multicast authorization detail [mac] [said]
26-754
Parameter
Definition
The chassis slot in which the targeted CAM module resides. Valid range is 0-15.
The downstream port number on the specified Cable Access Module.
[mac]
MAC address of the cable modem.
[said]
SAId (Key ID). Valid range is 1-16383
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / allocated-bandwidth Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the current PacketCable bandwidth allocation/usage of a single CAM. show interface cable / allocated-bandwidth Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
Example
To display the current PacketCable bandwidth allocation for the CAM in slot 5, type the following command: C4#
show interface cable 5/0 allocated-bandwidth The following is an example of the output returned by the system:
Nar 10 15:21:33
Interface 5/0 5/0/0 5/0/1 5/0/2 5/0/3 5/0/4 5/0/5 5/0/6 5/0/7
---Total Chan--Capacity BW (Mb/sec) Alloc 30.00 0.0% 10.24 0.0% 10.24 0.0% 10.24 0.0% 10.24 0.0% 10.24 0.0% 10.24 0.0% 10.24 0.0% 10.24 0.0%
Release 4.2, Standard
----Normal Calls----
---Emergency Calls---
Allow 50% 50% 50% 50% 50% 50% 50% 50% 50%
Allow 70% 70% 70% 70% 70% 70% 70% 70% 70%
Alloc 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0%
Number 0 0 0 0 0 0 0 0 0
ARRIS PROPRIETARY — All Rights Reserved
Alloc 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0%
Number 0 0 0 0 0 0 0 0 0
26-755
26 CLI Command Descriptions
show interface cable / cable downstream Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the specified cable interface information for the Cable Access Module (CAM). show interface cable / cable downstream Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
Example
To show the cable interface information for the CAM in slot 5 with a MAC domain number of 0 and subinterface number 1, type the following command: C4#
show interface cable 5/0 cable downstream The following is an example of the output returned by the system:
Downstream Port 0 --------------Port state: Cable Standard: Frequency (Hz): Insertion interval (centiseconds): Interleave depth (no of taps): Invited ranging attempts: Modulation: Provisioned Power (tenth of dBmV): Power Fine Adjustment (steps): Ranging interval (centiseconds): Sync interval (milliseconds): UCD interval (milliseconds): Max Round Trip Delay(microseconds): Ranging Cycles Int (centiseconds): Clone Group Enabled: Level 1 overload threshold:
26-756
IS Annex B from ITU-J83 381000000 40 32 16 q64 500 0 2400 10 1600 1600 120 True (Hard timeouts enabled for IM opport) 90
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Level 2 overload threshold: Level 3 overload threshold: Max Allowable Normal Voice BW (%): Reserved Normal Voice BW (%): Max Allowable Emergency Voice BW (%): Reserved Emergency Voice BW (%): Max Allowed Total (Emergency + Normal) (%): Emergency Preemption: TFTP Enforcement: Dynamic Secret:
Release 4.2, Standard
100 500 50 0 70 0 70 enabled disabled disabled
ARRIS PROPRIETARY — All Rights Reserved
26-757
26 CLI Command Descriptions
show interface cable [/] cable downstream dsg Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays all the indices used to configure a downstream (VSP-list, timer-list, dsfrequency-list, and DCD). If slot and mac are not present, then the entire table is displayed. If slot and mac are present, then only the information for the specified slot and mac will be displayed. NOTE If any indices have the value of (0), then a hyphen will be displayed. Also, if any of the indices provisioned against this interface have not yet been provisioned, that index will be preceded by an asterisk (*). show interface cable [/] cable downstream dsg Parameter
Definition
[]
The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15.
[]
The MAC domain number (valid numbers are 0 or 1).
Example
To display the interface 4/0, use the following command: C4>
show interface cable 4/0 downstream dsg The following is an example of the output returned by the system:
Slot/ MAC ----1/0 4/0 4/1
Vendor Param Index ------2 *1
Timer List Index ------1 -
DS Channel List ------*2 -
DCD Enabled ------true false false
Tunnel Group -------
Tunnel -------
Client ID List -------
Classifier ----------
* The index provided has no associated provisioning.
26-758
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / cable downstream dsg tunnel-group [ ]
Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays tunnel group provisioning for a given interface. An optional tunnel group identifier may be provided to filter the output. NOTE If a tunnel group is not associated with an interface, then the tunnel group number will be preceded by an asterisk (*). show interface cable / cable downstream dsg tunnel-group [] Parameter
Definition
[
Example
Unsigned integer used to filter the output based on the tunnel group identifier.
To display all tunnel groups for interface 4/0, use the following command: C4>
show interface cable 4/0 cable downstream dsg tunnel-group The following is an example of the output returned by the system:
Tunnel Group -----1
GrpChl Index ------4
Release 4.2, Standard
slot/ mac ----4/0
UCID Vend Rule List ParmID Pri -------------------------- ------- ------1,2,3,6,8,10,11 0 0
ARRIS PROPRIETARY — All Rights Reserved
26-759
26 CLI Command Descriptions
show interface cable [/] cable downstream dsg verbose Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays all the entire table of indices used to configure a downstream (VSPlist, timer-list, ds-frequency-list, and DCD) for the specified interface, including any incomplete provisioning. NOTE This command displays the same information as the show cable dsg command, however, the data is filtered based on the slot/mac provided. show interface cable [/] cable downstream dsg verbose Parameter
Definition
[]
The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15.
[]
The MAC domain number (valid numbers are 0 or 1).
NOTE If any indices have the value of (0), then a hyphen will be displayed. Also, if any of the indices provisioned against this interface have not yet been provisioned, that index will be preceded by an asterisk (*). Example
To display the interface 4/0, use the following command: C4>
show interface cable 4/0 downstream dsg verbose
Related Command(s)
show cable dsg
26-760
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / cable downstream dsg dcd Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the exact DCD message that is being sent out on a given interface and the rate at which the DCD for that interface is being sent. The slot/mac are required and will be used to indicate which interfaces DCD message should be displayed. show interface cable / cable downstream dsg dcd Parameter
Definition
The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15.
The MAC domain number (valid numbers are 0 or 1).
Example
To display a DCD message for interface 4/0 (note that all the data is available and displayed), use the following command: C4>
show interface cable 4/0 cable downstream dsg dcd The following is an example of the output returned by the system:
DCD Fragment Rate: 1000ms DCD Fragment 1 of 1; Cfg change count: 2 DSG Configuration Channel Frequencies 62500 2500000 Timers (sec) Initialization (Tdsg1): 2 Operation (Tdsg2): 600 Two-Way Retry (Tdsg3): 300 One-Way Retry (Tdsg4): 1800 Vendor Specific Parameters 01:02:03 aa:bb:cc:dd:ee:ff:11:22:33:44:55
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-761
26 CLI Command Descriptions
Rule Id: 1 Priority: 0 UCID List: 1,2,3,4,5,6 Client Ids Application Id: 2 Tunnel Address: 0102.0304.0506 Classifier Id: 3 Vendor Specific Parameters 01:02:03 aa:bb:cc:dd:ee:ff:11:22:33:44:55 11:43:2a 12:34:56:78:90:ab:cd DSG Classifier Id: 3 Priority: 0 Source Network: 192.168.234.120/29 Destination Ip: 224.232.128.205 Destination TCP/UDP Port Range: 128-235
26-762
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / cable privacy authorization Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Provides the ability to display authorization MIB table entries for all CMs or a specific CM. This is a channel-specific command. NOTE This command is applicable to BPI and BPI+ modem operation. show interface cable / cable privacy authorization Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
MAC address of the cable modem.
Example
The following example displays authorization mib entries on slot 5 channel 0. C4#
show interface cable 5/0 cable privacy authorization 00:00:ca:31:4f:c1 The following is an example of the output returned by the system:
slot/ds : 5/0 MAC : 00:00:ca:31:4f:c1 docsBpi2CmtsAuthCmBpiVersion : BPIPLUS AuthCmPublicKey: 30818902 818100c0 e835d3ad 4aa79ae3 459ac187 85106e58 9a8d1044 1dd6ba6b edc36281 f217f61d b4a6c9ee 478c26f6 8fbab971 064e5b0c c75a9a07 5db12f33 37dc06db ac854863 9b91a55a 10d283a9 a364dd30 8b41bbcf 8607cf8a 2c3fcff0 618f322e bf24f302 03010001
c39d590a 7792e344 083e7abb 11ed2ea8
f44148e2 5c5302cd 86ac3c18 4a06b3e8
docsBpi2CmtsAuthCmKeySequenceNumber : 1 AuthCmExpiresOld : Wed Oct 15 09:34:04 2003
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-763
26 CLI Command Descriptions
AuthCmExpiresNew AuthCmLifetime AuthCmGraceTime AuthCmReset AuthCmInfos AuthCmRequests AuthCmReplies AuthCmRejects AuthCmInvalids AuthRejectErrorCode AuthRejectErrorString AuthInvalidErrorCode AuthInvalidErrorString AuthPrimarySAId AuthBpkmCmCertValid AuthBpkmCmCert: 30820301 308201e9 a0030201 0d06092a 864886f7 0d010105 30200603 55040a13 19417272 432e310f 300d0603 55040b13 77616e65 652c2047 656f7267 61626c65 204d6f64 656d2052 6f726974 79301e17 0d303231 33333333 5a306831 0b300906 72726973 20496e74 65726163 0b131053 7577616e 65652c20 3a30303a 43413a33 313a3446 0003818d 00308189 02818100 0af44148 e29a8d10 441dd6ba 445c5302 cd8fbab9 71064e5b bb86ac3c 189b91a5 5a10d283 a84a06b3 e8618f32 2ebf24f3 03820101 003c59f6 6e95d5f0 cce0cfe7 e32db220 5c8a9e57 3eec302e e6aefdd7 bf2f42ef ce5014cb 75347366 37a88631 7a757b19 4207c16e c166e182 c9e10cd9 33ba26ea 8b246890 6ddada32 125bc83f dc51678b d0cbd40c 41f9c47d b2e6347d 6f4ea818 ba !
26-764
: : : : : : : : : : : : : : : 02021063 05003081 69732049 06444f43 69613135 6f6f7420 30313031 03550406 74697665 47656f72 3a433130 c0e835d3 6bedc362 0cc75a9a a9a364dd 02030100 72849b6f b196be1e 36ed5d7c 9837eedd 7ce66062 a0980ea6 c718c46f 012d0d5f
Wed Oct 22 09:34:04 2003 604800 60 NORESETREQUESTED 1 1 1 0 0 NONE NONE 6 VALIDCMCHAINED c0b1304a 94310b30 6e746572 53495331 30330603 43657274 35333333 13025553 2c204c2e 67696131 819f300d ad4aa79a 81f217f6 075db12f 308b41bb 01300d06 c743b77e e4c8ea17 96e1b3bf b8d465b5 52a0ed4d 11878bb0 e1edb38c dec307fa
b58e7875 09060355 61637469 19301706 55040313 69666963 335a170d 31223020 4c2e432e 1a301806 06092a86 e3459ac1 1db4a6c9 3337dc06 cf8607cf 092a8648 337b1990 963d5d33 f26a1f50 642de57e 08d8ab9b 21c99067 d2f86529 37bf850d
9f8e0fff 04061302 76652c20 0355040b 2c417272 61746520 32323130 06035504 31193017 03550403 4886f70d 8785106e ee478c26 dbac8548 8a2c3fcf 86f70d01 f4c05e10 e490034b 09018613 ff9dfb0d 5fd137c6 074b4599 e9e6aa3b c0a81d94
ARRIS PROPRIETARY — All Rights Reserved
2bbbd030 55533122 4c2e4c2e 13105375 69732043 41757468 31303135 0a131941 06035504 13113030 01010105 58c39d59 f67792e3 63083e7a f011ed2e 01050500 68975e4a e4d2853d e6146376 a50c89da 7ad6f423 b4d8c79d 0903ea0c 53c5b4bb
07/05/05
C4 CMTS
Related Command(s)
configure interface cable / cable privacy kek-cm life-time configure interface cable / cable privacy kek-cm-reset
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-765
26 CLI Command Descriptions
show interface cable / cable privacy base Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Provides the ability to display a specific channel’s BPI base table MIB entry. This is a channel specific command. NOTE This command is applicable to BPI and BPI+ modem operation. show interface cable / cable privacy base Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
Example
To display the cable interface default channel parameters for slot 5 port 0, use the following command: C4#
show interface cable 5/0 cable privacy base The following is an example of the output returned by the system:
slot/ds DefaultAuthLifetime DefaultTEKLifetime DefaultSelfSignedManufCertTrust CertValidityPeriods docsBpi2CmtsAuthentInfos AuthRequests AuthReplies AuthRejects AuthInvalids SAMapRequests SAMapReplies SAMapRejects
: : : : : : : : : : : : :
5/0 604800 43200 Untrusted FALSE 3 4 2 2 1 0 0 0
Related Command(s)
configure interface cable / cable privacy chk-validity-period
26-766
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / cable privacy multicast map Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Provides the ability to display all or specific baseline privacy multicast group/key mappings from the multicast map table MIB. The detail option of the map will display the multicast map. This is a channel specific parameter. NOTE This command is applicable to BPI and BPI+ modem operation. show interface cable / cable privacy multicast map [detail] Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
[detail]
Multicast parameters for CM’s multicast group/key authorization
Example
The following example displays all multicast group/key mappings on slot 5 channel 0. C4#
show interface cable 5/0 cable privacy multicast map The following is an example of the output returned by the system:
BPI Multicast Maps Interface SAId Cable 5/128 9000 Example
Group Address 235.1.2.3
Group Mask 255.255.255.255
Encryption des56
To display detailed multicast parameters for the CM’s multicast group/key on slot 5 channel 0, use the following: C4#
Release 4.2, Standard
SAId Type statis
show interface cable 5/0 cable privacy multicast map detail
ARRIS PROPRIETARY — All Rights Reserved
26-767
26 CLI Command Descriptions
The following is an example of the output returned by the system: slot/ds : 5/0 docsBpi2CmtsIpMulticastIndex : 1 IpMulticastAddressType : IPV4 IpMulticastAddress : 235.1.2.3 IpMulticastMaskType : IPV4 IpMulticastMask : 255.255.255.255 IpMulticastSAId : 9000 IpMulticastSAType : STATIC IpMulticastDataEncryptAlg : DES56CBCMODE IpMulticastDataAuthentAlg : NONE IpMulticastSAMapRequests : 0 IpMulticastSAMapReplies : 0 IpMulticastSAMapRejects : 0 IpMulticastSAMapRejectErrorCode : NONE IpMulticastSAMapRejectErrorString : IpMulticastMapControl : ACTIVE Related Command(s)
configure interface cable / cable privacy multicast authorization
26-768
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / cable privacy tek Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Provides the ability to display all or specific SAId Traffic Encryption Key (TEK) MIB table entries. This is a channel specific parameter. NOTE This command is applicable to BPI and BPI+ modem operation. show interface cable / cable privacy tek Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
SAId (KeyId). Valid range is 1-16383.
Example
The following example displays SAId (TEK) MIB entries on slot 5, channel 0: C4#
show interface cable 5/0 cable privacy tek The following is an example of the output returned by the system:
slot/ds SAId TEKSAType TEKDataEncryptAlg TEKDataAuthentAlg TEKLifetime TEKGraceTime TEKKeySequenceNumber TEKExpiresOld TEKExpiresNew TEKReset KeyRequests KeyReplies
Release 4.2, Standard
: : : : : : : : : : : : :
5/0 6 Primary DES56CBCMODE 0 43200 60 1 Wed Oct 15 15:34:04 2003 Wed Oct 15 21:34:04 2003 FALSE 1 1
ARRIS PROPRIETARY — All Rights Reserved
26-769
26 CLI Command Descriptions
KeyRejects TEKInvalids KeyRejectErrorCode KeyRejectErrorString TEKInvalidErrorCode TEKInvalidErrorString
: : : : : :
0 0 NONE NONE
Related Command(s)
configure interface cable / cable source-verify configure interface cable / cable privacy tek-said life-time configure interface cable / cable privacy tek-said-reset
26-770
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / cable upstream Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the cable interface information for the client modules. show interface cable / cable upstream Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
The upstream channel
Example
To show the interface cable information for the upstream channel 4 on port 0 of the CAM in slot 10, type the following command: C4#
show interface cable 10/0 cable upstream 4 The following is an example of the output returned by the system: Upstream Port 4 ------------Port state: Assigned Upstream Connector: Assigned Downstream Port: Frequency (Hz): Channel width (Hz): Equalizer Coefficient State: Power (dBmV): Max Power Adj Per Range Resp (1/4 dBmV): Ranging Power Thresh For Success (1/4 dBmV): Frequency priority list id: Cable Group id: Clone Group id: Level 1 Overload Threshold (%): Level 2 Overload Threshold (%): Level 3 Overload Threshold (%): Max Allowable Normal Voice BW (%): Reserved Normal Voice BW (%):
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
IS 4 0 28000000 3200000 off 11 24 24 80 95 1000 50 0
26-771
26 CLI Command Descriptions
Reserved Emergency Voice BW (%): 0 Max Allowed Total (Emergency + Normal) (%): 70 Ingress Cancellation Interval: 0 Ingress Cancellation Size: 0 Channel Type: tdma Modulation profile id: 5 Ranging backoff range: 2 - 7 Data backoff range: 2 - 8 Map Size (800 microsecond ticks): 4 Slot Size (6.25 microsecond ticks): 4 C4-8# show interface cable 10/0 cable upstream 4 Upstream Port 4 ------------Port state: IS Assigned Upstream Connector: 4 Assigned Downstream Port: 0 Frequency (Hz): 28000000 Channel width (Hz): 3200000 Equalizer Coefficient State: off Power (dBmV): 11 Max Power Adj Per Range Resp (1/4 dBmV): 24 Ranging Power Thresh For Success (1/4 dBmV): 24 Frequency priority list id: Cable Group id: Clone Group id: Level 1 Overload Threshold (%): 80 Level 2 Overload Threshold (%): 95 Level 3 Overload Threshold (%): 1000 Max Allowable Normal Voice BW (%): 50 Reserved Normal Voice BW (%): 0 Reserved Emergency Voice BW (%): 0 Max Allowed Total (Emergency + Normal) (%): 70 Ingress Cancellation Interval: 0 Ingress Cancellation Size: 0 Channel Type: tdma Modulation profile id: 5 Ranging backoff range: 2 - 7 Data backoff range: 2 - 8 Map Size (800 microsecond ticks): 4 Slot Size (6.25 microsecond ticks): 4
26-772
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / mac-scheduler Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the time-slot scheduling state and statistics. show interface cable / mac-scheduler [upstream ] {interval } {type } [detail] Parameter
Definition
CAM slot number. Valid range is 0-15.
MAC domain number. Valid range is 0 or 1.
[upstream ] {interval }
The upstream port number. Valid range is 0-7 The timespan in seconds to monitor changes in scheduler information.
{type } [detail]
Displays complete output at full precision.
Example
To display the time-slot scheduling state and statistics, use the following commands: C4#
show interface cable 1 mac-scheduler The following is an example of the output returned by the system:
MapMaker Overall Summary Statistics Total Total Slot/ Maps Total UcstGrnt DS/US Sent Mslots Mslots ----------- -------- -------- -------1/0/0 34329k 4395016k 488860k 1/0/1 34329k 4395017k 1030363k 1/0/2 34329k 4395018k 1007574k
Release 4.2, Standard
Total Skipped Total Mslots BwReq -------- -------427798 37405k 425034 54415k 425710 65353k
ARRIS PROPRIETARY — All Rights Reserved
Total UGS QI Transn -------0 0 0
Total UGS AD Transn -------0 0 0
26-773
26 CLI Command Descriptions
1/0/3 1/0/4 1/0/5 1/0/6 1/0/7
34329k 34329k 34329k 34329k 34329k
4395019k 4395020k 4395020k 4395021k 4395022k
698894k 0 0 0 38477
425682 443001 421079 413470 432314
43097k 0 0 0 5597
0 0 0 0 0
0 0 0 0 0
The example shows: TotalMapsSent Total number of maps transmitted downstream for this UChannel. TotalMslots Total Minislots count for this UChannel. TotalUcastGrantedMslots Total Minislots granted to Unicast for this UChannel. TotalSkippedMslots Total Minislots not granted because the MapMaker was behind. TotalBwRequests Total number of Bandwidth Requests processed for this UChannel. This count does not include requests dropped due to SuperGreedy in hardware. TotalFragmentedGrants Total number of fragmented bandwidth grants for this UChannel. TotalUgsQiTransitions Total number of UGS QI transitions. Useful for debugging VoIP. TotalUgsadTransitions Total number of UGSAD flow transitions.Useful for debugging VoIP.
Example
show interface cable 1 mac-scheduler type req-summary
The following is an example of the output returned by the system: MapMaker Request Summary Statistics Slot/ Total Bandwidth Total Request Total Fragment Total Grants DS/US Requests Drops Grants Pendings ----------- --------------- --------------- --------------- --------------1/0/0 37405815 0 11188 118801 1/0/1 54415443 0 8920 865789 1/0/2 65353554 0 23348 1013282 1/0/3 43097487 0 9606 191574 1/0/4 0 0 0 0 1/0/5 0 0 0 0 1/0/6 0 0 0 0 1/0/7 5597 0 0 0 The example shows: Total Bandwidth Requests Total number of Bandwidth Requests processed for this UChannel. This count does not include requests dropped due to SuperGreedy in hardware.
26-774
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Total Request Drops Total number of Bandwidth Requests dropped by the MapMaker without giving a grant or grant pending. This count does not include grant pending drops. Total Request Drops Total number of Bandwidth Requests dropped due to the service flow being in the super greedy state. This should not happen if the cable modem is properly policing its service flows. Total Fragment Grants Total number of fragmented bandwidth grants for this UChannel. Total Grants Pendings
Total number of Grant Pendings given for this UChannel.
ReqDrops TotalBwRequestSchedulerDrops + TotalBwRequestSuperGreedyDrops
Example
show interface cable 1 mac-scheduler type req
The following is an example of the output returned by the system: MapMaker Request Statistics Slot/ Total Avg Peak Total Total Total Peak DS/US BwReq BwReq/s BwReqSz ReqDrop FragGrnt GrntPend GrntPend ----------- -------- -------- -------- -------- -------- -------- -------1/0/0 37405k N/A 102 0 11188 118801 0 1/0/1 54415k N/A 110 0 8920 865789 0 1/0/2 65353k N/A 104 0 23348 1013283 1 1/0/3 43097k N/A 104 0 9608 191574 0 1/0/4 0 N/A 0 0 0 0 0 1/0/5 0 N/A 0 0 0 0 0 1/0/6 0 N/A 0 0 0 0 0 1/0/7 5597 N/A 0 0 0 0 0
The example shows: TotalBwReq Total number of Bandwidth Requests processed for this UChannel. This count does not include requests dropped due to SuperGreedy in hardware. Avg BwReq/sTotalBwRequests / aInterval ) Peak BwReqSz Total ReqDrop
The peak size of a Bandwidth request received since the last read. Total number of Bandwidth Requests dropped by the MapMaker without giving a grant or grant pending. This count does not include grant pending drops. Total number of Bandwidth Requests dropped due to the service flow being in the super greedy state. This should not happen if the cable modem is properly policing its service flows.
TotalFragGrnt Total GrntPend
Total number of fragmented bandwidth grants for this UChannel. Total number of Grant Pendings given for this UChannel. Total number of Grant Pendings Dropped by the MapMaker for this UChannel. These are dropped primarily for pending for too long or too many grants pending per map. Total number of Grant Pendings Promoted by the MapMaker to a higher priority (less greedy) queue for this UChannel.
Peak GrntPend
The peak number of Bandwidth requests per map received since the last read.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-775
26 CLI Command Descriptions
Example
show interface cable 1 mac-scheduler type grants-pending
The following is an example of the output returned by the system: MapMaker Grants Pending Statistics Slot/ Total Grant Avg Grant Peak Grant Total Grant Total Grant DS/US Pendings Pendings/s Pendings Pend Drops Pend Promos ----------- ------------ ------------ ------------ ------------ -----------1/0/0 118801 N/A 0 0 0 1/0/1 865791 N/A 1 0 0 1/0/2 1013283 N/A 0 0 0 1/0/3 191574 N/A 0 0 0 1/0/4 0 N/A 0 0 0 1/0/5 0 N/A 0 0 0 1/0/6 0 N/A 0 0 0 1/0/7 0 N/A 0 0 0
The example shows: Total Grant Pendings Total number of Grant Pendings given for this UChannel. Avg Grant Pendings/sTotal number of Grant Pendings given for this UChannel. Peak Grant PendingsThe peak number of Bandwidth requests per map received since the last read. Total Grant Pend Drops Total number of Grant Pendings Dropped by the MapMaker for this UChannel. These are dropped primarily for pending for too long or too many grantspending per map. Total Grant Pend Promos Total number of Grant Pendings Promoted by the MapMaker to a higher priority (less greedy) queue for this UChannel.
Example
show interface cable 1 mac-scheduler type queues
The response from the system would look similar to: MapMaker Queue Statistics Slot/ Number Number Number Number Number Average DS/US Prio Need Adds Pendings Promos Drops Elements Latency ----------- ---- -------- -------- -------- -------- -------- -------- -------1/0/0 5 Needy 0 0 0 0 0 1/0/0 5 Normal 35584k 107143 0 0 0 12293 1/0/0 5 Greedy 1821266 11663 0 0 0
26-776
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Slot/ Number Number Number Number Number Average DS/US Prio Need Adds Pendings Promos Drops Elements Latency ----------- ---- -------- -------- -------- -------- -------- -------- -------1/0/1 5 Needy 0 0 0 0 0 1/0/1 5 Normal 47401k 554156 0 0 0 13803 1/0/1 5 Greedy 7013701 311635 0 0 0 Slot/ Number Number Number Number Number Average DS/US Prio Need Adds Pendings Promos Drops Elements Latency ----------- ---- -------- -------- -------- -------- -------- -------- -------1/0/2 5 Needy 0 0 0 0 0 1/0/2 5 Normal 59898k 774724 0 0 0 13111 1/0/2 5 Greedy 5455207 238559 0 0 0 Slot/ Number Number Number Number Number Average DS/US Prio Need Adds Pendings Promos Drops Elements Latency ----------- ---- -------- -------- -------- -------- -------- -------- -------1/0/3 5 Needy 0 0 0 0 0 1/0/3 5 Normal 39690k 150723 0 0 0 12514 1/0/3 5 Greedy 3407221 40851 0 0 0 Slot/ Number Number Number Number Number Average DS/US Prio Need Adds Pendings Promos Drops Elements Latency ----------- ---- -------- -------- -------- -------- -------- -------- -------1/0/7 5 Needy 0 0 0 0 0 1/0/7 5 Normal 5597 0 0 0 0 5015 1/0/7 5 Greedy 0 0 0 0 0
The example shows: Prio
Corresponds to the priority in which the MAC scheduler processes bandwidth requests from the cable modems. These priorities are related to the Upstream Traffic Priority TLV specified in the cable modem configuration file. The following table illustrates this relationship: BW Request PriorityUpstream Traffic Priorities 1 2 3 4 5
Need
UGS (not applicable) 6 and 7 4 and 5 2 and 3 0 and 1
Each Bandwidth Request priority has 3 queues. They are called Needy, Normal, and Greedy for a total of 12 Bandwidth Request priority queues processed by the MAC scheduler. Subscribers who use most of their assigned bandwidth are classified as Greedy while those who use bandwidth only once in a while are classified as Needy. All other subscribers are classified as Normal.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-777
26 CLI Command Descriptions
Needy subscribers have the highest priority requesting bandwidth while Greedy subscribers will have the lowest. Therefore, a low priority Needy subscriber will receive an upstream grant earlier than a Normal subscriber and a Normal subscriber will get an upstream grant quicker than a Greedy subscriber. Number Adds
For each Bandwidth Request priority Queue, the total number of bandwidth requests added to this queue. This includes requests promoted from lower priority queues.
Number Pendings
For each Bandwidth Request priority Queue, the total number of grant pendings given to bandwidth requests on this queue.
Number Promos
For each Bandwidth Request priority Queue, the total number of bandwidth requests promoted from this queue to a higher priority (less greedy) queue.
Number Drops
For each Bandwidth Request priority Queue, the total number of requests dropped. These are dropped primarily for pending for too long or too many grants pending per map.
Number Elements For each Bandwidth Request priority Queue, the current number of bandwidth requests in the queue. Average Latency (sum(BwRequestQueuesLatencySum) / (sum(BwRequestQueuesNumAdds) (sum(BwRequestQueuesNumPromos)
Example
show interface cable 1 mac-scheduler type flows The following is an example of the output returned by the system:
MapMaker Flow Statistics UGSAD Slot/ NRTPS RTPS Active DS/US Flows Flows Flows ----------- --------- --------- --------1/0/0 0 0 0 1/0/1 0 0 0 1/0/2 0 0 0 1/0/3 0 0 0 1/0/4 0 0 0 1/0/5 0 0 0 1/0/6 0 0 0 1/0/7 0 0 0
UGSAD Polling UGS Flows Flows --------- --------0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
BE Polling Flows --------1 1 1 1 1 1 1 1
The example shows: NRTPS Flows
Current number of scheduled NRTPS flows for this UChannel.
RTPS Flows
Current number of scheduled RTPS flows scheduled for this UChannel.
UGSAD Active Flows
Current number of scheduled UGSAD flows in the Active (UGS) mode for this UChannel.
UGSAD Polling Flows
Current number of scheduled UGSAD flows in the Polling (RTPS) mode
UGS Flows
Current number of scheduled UGS flows for this UChannel.
BE Polling Flows
Current number of scheduled Best Effort Polling flows for this UChannel.
for this UChannel.
These are NRTPS request opportunities given to Best Effort flows based on the flow priority and guaranteed minimum reserved rate.
26-778
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Example
show interface cable 1 mac-scheduler type mslots The following is an example of the output returned by the system:
MapMaker Minislot Statistics
Slot/ DS/US ----------1/0/0 1/0/1 1/0/2 1/0/3 1/0/4 1/0/5 1/0/6 1/0/7
Initial Periodic ReqOps Ranging Ranging -------- -------- -------3793513k 13185k 7423530 3225446k 13185k 10080k 3239385k 13185k 9677555 3572416k 13185k 5654165 4380376k 13185k 0 4380402k 13185k 0 4380413k 13185k 0 4380337k 13185k 190
1.x Data Grants -------481448k 1020299k 997913k 693253k 0 0 0 38287
Adv Phy Data Grants -------0 0 0 0 0 0 0 0
%1.x %Req %Rng Data ---- ---- ---86.3 0.5 11.0 73.4 0.5 23.2 73.7 0.5 22.7 81.3 0.4 15.8 99.7 0.3 0.0 99.7 0.3 0.0 99.7 0.3 0.0 99.7 0.3 0.0
%Adv Phy Data ---0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
The example shows: BcstReqOpps For each IUC type, the total number of minislots granted to the Broadcast SID. Other RqstOpps REQ/Data (MCastMSlots) For each IUC type, the total number of minislots granted to Multicast SIDs. Initial Maintenance (BCastMSlots + UCastMSlots) Station Maintenance For each IUC type, the total number of minislots granted to Unicast SIDs. Short Data Grant For each IUC type, the total number of minislots granted to Unicast SIDs. Long Data Grant For each IUC type, the total number of minislots granted to Unicast SIDs. Advanced PHY Short Data Grant For each IUC type, the total number of minislots granted to Unicast SIDs. Advanced PHY Long Data Grant For each IUC type, the total number of minislots granted to Unicast SIDs. Advanced PHY Unsolicited Grant For each IUC type, the total number of minislots granted to Unicast SIDs. TotalZeroSIDs MREQS
sum(GrantedZeroSidMSlots) = (BCastMSlots + MCastMSlots + UCastMSlots + MCastMSlots)
MINITMAINT
= (BCastMSlots + UCastMSlots + UCastMSlots)
M1XDATAGRANTS
= (UCastMSlots + UCastMSlots)
MADVPHYDATAGRANTS = (UCastMSlots + UCastMSlots + UCastMSlots) totals
= (MREQS + MINITMAINT + M1XDATAGRANTS + MADVPHYDATAGRANTS + sum(GrantedZeroSidMSlots)
%Req
= ((MREQS
%Rng
= ((MINITMAINT
%1.x Data
/ totals) * 100) / totals) * 100)
= ((M1XDATAGRANTS
/ totals) * 100)
%Adv Phy Data = ((MADVPHYDATAGRANTS / totals) * 100)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-779
26 CLI Command Descriptions
Example
show interface cable 1 mac-scheduler type mslots-summary
The response from the system would look similar to: MapMaker Minislot Summary Total Ucast Slot/ Total Grant DS/US Mslots Mslots ----------- ------ -----1/0/0 4395M 488M 1/0/1 4395M 1030M 1/0/2 4395M 1007M 1/0/3 4395M 698M 1/0/4 4395M 0 1/0/5 4395M 0 1/0/6 4395M 0 1/0/7 4395M 38477
Statistics Total Bw Req Mslots -----481M 1020M 997M 693M 0 0 0 38287
Total Skip Mslots -----427k 425k 425k 425k 443k 421k 413k 432k
Total LchPad Mslots -----0 0 0 0 0 0 0 0
% Lch Actv ---100% 100% 100% 100% 100% 100% 100% 100%
% Ucst Grnt ---11% 23% 23% 16% 0% 0% 0% 0%
% Bw Req ---11% 23% 23% 16% 0% 0% 0% 0%
The example shows: Total Mslots
Total Minislots count for this UChannel.
Total Ucast Grant MslotsTotal Minislots granted to Unicast for this UChannel. Total Bw Req Mslots
Total Minislots requested via bandwidth requests for this UChannel. This count does not include requests dropped due to SuperGreedy in hardware.
Total Skip Mslots
Total Minislots not granted because the MapMaker was behind.
Total LchPad MSlots
Total Minislots allocated to the NULL SID for a logical channel which is inactive
% Lch Actv(TotalMSlots - TotalLogicalNullPadMSlots) / TotalMSlots) * 100) % Ucst Grnt(TotalUCastGrantedMSlots / TotalMSlots) * 100) % Bw Req(TotalBwRequestMSlots / TotalMSlots) * 100)
26-780
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable / cable privacy multicast-authorization Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Provides the ability to display all or specific baseline privacy multicast authorizations from the multicast auth table MIB. This is a channel specific parameter. NOTE This command is applicable to BPI and BPI+ modem operation. show interface cable / cable privacy multicastauthorization [mac] Parameter
Definition
The chassis slot in which the targeted CAM module resides. Valid range is 0-15.
The downstream port number on the specified Cable Access Module.
[mac]
MAC address of the cable modem.
Example
The following example displays all multicast cable modem group/key authorizations on slot 5 channel 0. C4#
show interface cable 5/0 cable privacy multicastauthorization The following is an example of the output returned by the system:
BPI Multicast Authorizations Interface SAId MAC Address Cable 5/128 9000 00:00:ca:31:4f:c1 Example
The following example displays all multicast cable modem group/key authorizations on slot 5 channel 0. Detailed output is shown below: C4>
show interface cable 5/0 cable privacy multicastauthorization detail 0000.ca31.4fc1
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-781
26 CLI Command Descriptions
The following is an example of the output returned by the system: slot/ds : 5/0 MAC : 00:00:ca:31:4f:c1 docsBpi2CmtsMulticastAuthControl : ACTIVE
Related Command(s)
configure interface cable / cable privacy multicast authorization configure interface cable / cable privacy multicast map
26-782
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface cable allocated-bandwidth Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Samples the data rate on a specified interface over a specified (or default) interval and then displays the PacketCable bandwidth utilization as a percentage of that interface’s total capacity. show interface cable allocated-bandwidth To show the allocated bandwidth, type the following command: C4#
show interface cable allocated-bandwidth The following is an example of the output returned by the system:
Aug 31 15:15:22 ---Total Chan--Interface Capacity BW (Mb/sec) Alloc 1/0 30.00 0.0% 1/1 30.00 0.0% 1/0/0 10.24 0.0% 1/0/1 10.24 0.0% 1/0/2 10.24 0.0% 1/0/3 5.12 0.0% 1/0/4 5.12 0.0% 1/0/5 5.12 0.0% 1/1/6 10.24 0.0% 1/1/7 5.12 0.0% 1/1/8 5.12 0.0% 1/1/9 5.12 0.0% 1/1/10 10.24 0.0% 1/1/11 5.12 0.0% 2/0 30.00 0.0% 2/1 30.00 0.0% 2/0/0 10.24 0.0% 2/0/2 10.24 0.0% 5/0 30.00 0.0% 5/0/0 10.24 0.0% 5/0/1 10.24 0.0%
Release 4.2, Standard
----Normal Calls----
---Emergency Calls---
Allow 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50%
Allow 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70%
Alloc 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0%
Number 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ARRIS PROPRIETARY — All Rights Reserved
Alloc 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0%
Number 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
26-783
26 CLI Command Descriptions
5/0/2 5/0/3 5/0/4 5/0/5 5/0/6 5/0/7 6/0 6/0/0 12/0 12/0/0 12/0/1 12/0/2 12/0/3 12/0/4 12/0/5 12/0/6 12/0/7 12/0/8 12/0/9 12/0/10 12/0/11 13/0 13/0/0 13/0/1 13/0/2 13/0/3 13/0/4 13/0/5 13/0/6 13/0/7 15/0 15/0/0 15/0/1 15/0/2 15/0/3 15/0/4 15/0/5 15/0/6 15/0/7
26-784
10.24 10.24 10.24 10.24 10.24 10.24 30.00 5.12 30.00 10.24 10.24 10.24 5.12 5.12 5.12 10.24 5.12 5.12 5.12 10.24 5.12 30.00 10.24 10.24 10.24 10.24 10.24 10.24 10.24 10.24 30.00 10.24 10.24 10.24 10.24 10.24 10.24 10.24 10.24
0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 27.7% 0.0% 0.1% 0.1% 0.0% 0.1% 0.1% 0.0% 0.0% 0.3% 0.0% 0.1% 0.0% 0.1% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0%
50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50% 50%
0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0%
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70% 70%
ARRIS PROPRIETARY — All Rights Reserved
0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 0.0%
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
07/05/05
C4 CMTS
show interface fastethernet / access-group Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the access control information for the FastEthernet interfaces on the GigabitEthernet Network Access Modules (GNAMs). show interface fastethernet / access-group Parameter
Definition
The chassis slot in which the targeted GNAM resides. Valid values are from 14 and 16.
Valid GNAM port is 0.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-785
26 CLI Command Descriptions
show interface gigabitethernet / access-group Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Displays the access control information for packets. show interface gigabitethernet / access-group Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are slot 14 and 16 only.
Port value is 1 for the GigE NAM.
Example
To show the access control information, type the following command: C4#
show interface gigabitethernet 14/1 access-group The following is an example of the output returned by the system: gigabitEthernet 14/1 Input matches: access-group 101 permit 3 packets deny 0 packets last cleared 00:03:59 ago Output matches: access-group 102 permit 0 packets deny 0 packets last cleared 00:03:59 ago
26-786
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show interface utilization Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Samples the data rate on a specified interface over a specified (or default) interval and then displays the bandwidth utilization as a percentage of that interface’s total capacity. NOTE You must set the utilization interval to a non-zero value for the utilization to be calculated. Use the following command to set the utilization interval: configure cable load-interval show interface utilization [slot ] Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20.
[slot ]
Example
To show the interface utilization of the Network Access Module in slot 14, type the following command: C4>
show interface utilization slot 14 The following is an example of the output returned by the system: Polling rate (cable load-interval) = 1500 seconds Interface
14/0 14/1
MaxRate Mb/sec
DataRate Loaded Mb/sec % 100.00 0.00 0% 1000.00 0.00 0%
Related Command(s)
configure cable load-interval
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
DataRate Loaded Mb/sec % 0.00 0% 0.00 0%
26-787
26 CLI Command Descriptions
show ip bundle Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the ip bundle groups. show ip bundle
26-788
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip domain-invquery Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Performs an inverse PTR (pointer record) Domain Naming System (DNS) query on an IP address. show ip domain-invquery Parameter
Release 4.2, Standard
Definition
The IP address to lookup.
ARRIS PROPRIETARY — All Rights Reserved
26-789
26 CLI Command Descriptions
show ip domain-lookup Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays all the settings for host name-to-address translation based on the IP Domain Naming System (DNS). show ip domain-lookup
Example
To display the IP DNS-based host name-to-address translation, type the following command: C4>
show ip domain-lookup The following is an example of the output returned by the system: DNS lookup is ENABLED Domain Servers: Pref|Server ----|-------------------1|10.44.0.11 2|10.44.0.12 Domain append list: None defined Default domain name: .lab.chi.arrisi.com
26-790
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip domain-query Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Performs a Domain Naming System (DNS) query on a hostname. show ip domain-query Parameter
Release 4.2, Standard
Definition
The hostname to query.
ARRIS PROPRIETARY — All Rights Reserved
26-791
26 CLI Command Descriptions
show ip filter all Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays all the IP filters in list-form. show ip filter group all
Example
Type the following command to display all the IP filters: C4#>
show ip filter all The following is an example of the output returned by the system:
Grp ---1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
Idx --1 6 9 10 11 12 13 5 8 9 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
26-792
Source Destination ULP ------------------ ------------------ --0.0.0.0/32 0.0.0.0/0 256 172.28.0.0/14 10.0.0.0/8 17 172.16.0.0/12 0.0.0.0/0 1 10.0.0.0/8 0.0.0.0/0 256 0.0.0.0/0 10.0.0.0/8 256 172.16.0.0/12 0.0.0.0/0 256 192.168.0.0/16 0.0.0.0/0 256 10.0.0.0/8 172.28.0.0/14 17 0.0.0.0/0 172.28.0.0/14 1 10.0.0.0/8 10.0.0.0/8 1 0.0.0.0/32 0.0.0.0/0 256 0.0.0.0/0 10.0.0.0/8 256 10.0.0.0/8 0.0.0.0/0 256 0.0.0.0/0 172.16.0.0/12 256 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6 0.0.0.0/0 0.0.0.0/0 6
TOS ----00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00 00/00
SPort DPort ----- ----65 65536 6 65536 65536 65536 65 6 1
65536 65536 65536 65536 65536
6 65536 65536 65536 65536 65536 65 65536 6 25 65536 80 65536 53 65536 21 65536 23 65536 22 65536 35 65536 36 65536 37 65536 38 65536 39 65536 40 65536 41 65536 42 65536 43
ARRIS PROPRIETARY — All Rights Reserved
TCP ----00,00 00,00 , 00,00 00,00 00,00 00,00 00,00 , , 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00 00,00
Action -----accept accept accept accept accept accept accept accept accept accept accept accept accept accept drop drop drop drop drop drop drop drop drop drop drop drop drop drop drop
Matched ------0 0 0 0 6756630 0 0 0 0 0 0 0 7120356 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
07/05/05
C4 CMTS
2 30 2 31 3 1 3 2 4 1 4 2
0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0
Release 4.2, Standard
0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 0.0.0.0/0 172.28.0.0/14
6 6
00/00 65536 00/00 65536 1 00/00 256 00/00 1 00/00 17 00/00
44 00,00 drop 0 45 00,00 drop 0 , accept 150615422 , accept 816 , accept 150593297 , accept 0
ARRIS PROPRIETARY — All Rights Reserved
26-793
26 CLI Command Descriptions
show ip igmp groups Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the IGMP group memberships. show ip igmp groups
Example
To display the IGMP group memberships, use the following command: C4>
show ip igmp groups The following is an example of the output returned by the system:
IGMP Connected Group Membership Group Address Interface 224.1.2.3 cable 13/0
26-794
Uptime 0d0h0m
Expires never
ARRIS PROPRIETARY — All Rights Reserved
Last Reporter 0.0.0.0
07/05/05
C4 CMTS
show ip igmp interfaces Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the IGMP interface configuration for all interfaces with IGMP provisioning. show ip igmp interfaces
Example
To display the IGMP interface configuration for all interfaces with IGMP provisioning, use the following command: C4>
show ip igmp interfaces The following is an example of the output returned by the system:
IGMP interface cable 13/0: IGMP query interval is 125 seconds IGMP max query response time is 10000 ms IGMP last member query response interval is 1000 ms IGMP proxy interface is none IGMP backup proxy interface is none IGMP active proxy interface is none IGMP robustness is 2 IGMP activity: 1 joins, 1 groups, 0 wrong version queries IGMP querying router is 1.2.3.4 Multicast groups joined: 224.1.2.3
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-795
26 CLI Command Descriptions
show ip interface Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the IP interfaces for the client modules. show ip interface
Example
To show the all ip interfaces, type the following command: C4>
show ip interface The following is an example of the output returned by the system: cable 5/0, VRF: default, IP Address: 10.106.0.1/19 Secondary IP Address(es): No Secondary Addresses Physical Address: 0001.5c22.c8da MTU is 1500 DHCP Policy mode is disabled (primary mode) DHCP Server Helper Address(es): 10.50.6.3 for Traffic Type "any" Directed Broadcast is disabled ICMP unreachables are always sent Multicast reserved groups joined: None Source-verify is disabled InOctets = 0 OutOctets = InUcastPkts= 0 OutUcastPkts= InDiscards = 0 OutDiscards = InErrors = 0 OutErrors =
0 0 0 0
... fastEthernet 16/1, VRF: default, IP Address: 10.78.0.2/19 Secondary IP Address(es): 10.78.32.2/19 Physical Address: 0001.5c11.ce2d MTU is 1500
26-796
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Directed Broadcast is disabled ICMP unreachables are always sent Multicast reserved groups joined: None InOctets = 2699792 OutOctets = InUcastPkts= 16087 OutUcastPkts= InDiscards = 0 OutDiscards = InErrors = 3425 OutErrors =
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
2260198 10904 0 0
26-797
26 CLI Command Descriptions
show ip interface brief Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the IP addresses for the client modules. show ip interface brief
Example
To show the brief ip interface, type the following command: C4>
show ip interface brief The following is an example of the output returned by the system:
Interface
Primary IP
cable 1/0 cable 1/0.1 cable 5/0 cable 9/0 cable 9/1 fastEthernet 13/0 fastEthernet 13/1 fastEthernet 13/2 fastEthernet 14/0 fastEthernet 14/1 fastEthernet 14/2 fastEthernet 14/3 fastEthernet 16/0 gigabitEthernet 16/1 ethernet 19/0 ethernet 19/0 active loopback 0 ethernet 20/0 ethernet 20/0 active C4#
10.122.0.1/19 66.66.66.66/24 10.122.32.1/19 10.122.64.1/19 10.122.96.1/19 10.50.22.1/24 192.168.0.1/24 192.168.10.1/24 10.72.128.2/19 10.72.192.2/19 172.16.32.2/24 10.72.224.2/19 10.72.64.2/19 10.72.0.2/19 10.44.22.1/29 10.44.22.3/29 10.44.22.200/32 10.44.22.2/29 10.44.22.3/29
26-798
Admin State Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up
ARRIS PROPRIETARY — All Rights Reserved
Oper State IS IS OOS-AUTO OOS-AUTO OOS-AUTO IS IS IS IS OOS-AUTO OOS-AUTO OOS-AUTO IS IS IS IS IS IS IS
07/05/05
C4 CMTS
show ip interface cable Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the IP cable interfaces only. show ip interface cable
Example
To show the ip cable interfaces, type the following command: C4>
show ip interface cable The following is an example of the output returned by the system:
cable 5/0, VRF: default, IP Address: 10.117.0.1/19 Secondary IP Address(es): 10.118.0.1/24 10.118.1.1/24 10.118.2.1/24 10.118.4.1/24 10.118.5.1/24 10.118.6.1/24 10.118.8.1/24 10.118.9.1/24 10.118.10.1/24 10.118.12.1/24 10.118.13.1/24 10.118.14.1/24 10.118.16.1/24 10.118.17.1/24 10.118.18.1/24 10.118.20.1/24 10.118.21.1/24 10.118.22.1/24 10.118.24.1/24 10.118.25.1/24 10.118.26.1/24 10.118.28.1/24 10.118.29.1/24 10.118.30.1/24 10.118.32.1/24 10.118.33.1/24 10.118.34.1/24 10.118.36.1/24 10.118.37.1/24 10.118.38.1/24 MTU is 1300 DHCP Policy mode is disabled (primary mode) DHCP Server Helper Address(es): 10.50.17.3 for Traffic Type "any" Directed Broadcast is disabled Multicast reserved groups joined: 224.0.0.9 Source-verify is disabled InOctets = 0 OutOctets = 392 InUcastPkts= 0 OutUcastPkts= 0 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
10.118.3.1/24 10.118.7.1/24 10.118.11.1/24 10.118.15.1/24 10.118.19.1/24 10.118.23.1/24 10.118.27.1/24 10.118.31.1/24 10.118.35.1/24 10.118.39.1/24
26-799
26 CLI Command Descriptions
show ip interface fastethernet Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the fast Ethernet interface information for the client modules. show ip interface fastethernet
Example
To show the fast Ethernet interfaces, type the following command: C4>
show ip interface fastethernet The following is an example of the output returned by the system:
26-800
fastEthernet 13/0 10.79.0.2/19 Secondary IP(s): 10.79.32.2/19 MTU is 1300 DHCP Policy mode is disabled (primary mode) Directed Broadcast is disabled Multicast reserved groups joined: None InOctets = 0 OutOctets = InUcastPkts= 0 OutUcastPkts= InDiscards = 0 OutDiscards = InErrors = 0 OutErrors =
0 0 0 0
fastEthernet 13/1 10.79.64.2/19 Secondary IP(s): 10.79.96.2/19 MTU is 1300 DHCP Policy mode is disabled (primary mode) Directed Broadcast is disabled Multicast reserved groups joined: None InOctets = 0 OutOctets = InUcastPkts= 0 OutUcastPkts= InDiscards = 0 OutDiscards = InErrors = 0 OutErrors =
0 0 0 0
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Release 4.2, Standard
fastEthernet 13/2 10.79.128.2/19 Secondary IP(s): 10.79.160.2/19 MTU is 1300 DHCP Policy mode is disabled (primary mode) Directed Broadcast is disabled Multicast reserved groups joined: None InOctets = 0 OutOctets = InUcastPkts= 0 OutUcastPkts= InDiscards = 0 OutDiscards = InErrors = 0 OutErrors =
0 0 0 0
fastEthernet 13/3 10.79.192.2/19 Secondary IP(s): 10.79.224.2/19 MTU is 1300 DHCP Policy mode is disabled (primary mode) Directed Broadcast is disabled Multicast reserved groups joined: None InOctets = 0 OutOctets = InUcastPkts= 0 OutUcastPkts= InDiscards = 0 OutDiscards = InErrors = 0 OutErrors =
0 0 0 0
ARRIS PROPRIETARY — All Rights Reserved
26-801
26 CLI Command Descriptions
show ip interface gigabitethernet Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the gigabit Ethernet interface information for the client modules. show ip interface gigabitethernet
Example
To show the gigabit Ethernet interface information, type the following command: C4>
show ip interface gigabitethernet The following is an example of the output returned by the system: gigabitEthernet 16/1, VRF: default, IP Address: 192.168.18.2/24 Secondary IP Address(es): No Secondary Addresses MTU is 1300 DHCP Policy mode is disabled (primary mode) Directed Broadcast is disabled Multicast reserved groups joined: 224.0.0.5 224.0.0.6 InOctets = 0 OutOctets = 1703655996 InUcastPkts= 0 OutUcastPkts= 17367 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0
26-802
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip irdp /[] Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the IRDP configuration show ip irdp [/[]] Parameter
[]
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20. The port number and the subinterface number.
ARRIS PROPRIETARY — All Rights Reserved
26-803
26 CLI Command Descriptions
show ip ospf Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Shows general information about the OSPF routing processes. show ip ospf [vrf ] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
Example
To show general information about the OSPF routing process, type the following command: C4>
show ip ospf The following is an example of the output returned by the system: Router VRF default with ID 192.168.18.2 Only cost is used when choosing among multiple AS-externalLSAs It is an area border and autonomous system boundary router Redistributing External Routes from, connected with metric type 2 mapped to 0, excludes subnets in redistribution Exit overflow interval 0 seconds Number of external LSA 10. Checksum 0x50D40 Number of new originated LSAs 14 Number of received LSAs 3 SPF default time 180 SPF Schedule time 5
26-804
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip ospf area Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Shows the OSPF area information. show ip ospf [vrf ] area Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
Example
To show the OSPF area information, type the following command: C4>
show ip ospf area The following is an example of the output returned by the system: Area 0.0.0.0 Number of interfaces in this area is 0 Area has None authentication SPF algorithm executed 410 times Area ranges are: Number of LSA 3. Checksum Sum 0xfe4b Number of ABR 0. Number of ASBR 0. Area 0.0.0.100 Number of interfaces in this area is 1 Area has None authentication SPF algorithm executed 410 times Area ranges are: Number of LSA 4. Checksum Sum 0x1604d Number of ABR 0. Number of ASBR 1.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-805
26 CLI Command Descriptions
show ip ospf database Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Shows the OSPF database information. show ip ospf [vrf ] database [adv-router] [asbrsummary] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[adv-router]
Advertising Router link states (as an IP address)
[asbr-summary]
Example
The ASBR summary link states link state ID (as an IP address)
To display the OSPF database information, type the following: C4>
show ip ospf database The following is an example of the output returned by the system:
Type-1 Router Link States (VRF 1 Link ID 192.168.18.2
ADV Router 192.168.18.2
Age 1320
Area 0.0.0.0) Seq# Checksum Link count 0x80000028 0x6AE8 1
Type-3 Summary Net Link States (VRF 1 Link ID 192.168.18.0
ADV Router 192.168.18.2
Age 1320
Seq# Checksum 0x80000027 0x56A6
Type-4 AS Summary Link States (VRF 1 Link ID 192.168.18.1
ADV Router 192.168.18.2
Age 675
Type-1 Router Link States (VRF 1
26-806
Area 0.0.0.0)
Area 0.0.0.0)
Seq# Checksum 0x80000028 0x3CBD Area 0.0.0.100)
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Link ID 192.168.18.1 192.168.18.2
ADV Router 192.168.18.1 192.168.18.2
Age 1307 1311
Type-2 Net Link States (VRF 1 Link ID 192.168.18.1
ADV Router 192.168.18.1
Age 1307
Seq# Checksum Link count 0x80000FF9 0x2017 1 0x80000143 0xD601 1 Area 0.0.0.100) Seq# Checksum 0x800000D3 0x551F
Type-3 Summary Net Link States (VRF 1 Link ID 10.43.201.155
ADV Router 192.168.18.2
Age 1313
Area 0.0.0.100)
Seq# Checksum 0x800000DA 0x1516
Type-5 AS External Link States (VRF 1) Link ID 10.43.201.152 10.68.64.0 10.68.96.0 10.68.128.0 10.68.160.0 10.118.0.0 10.118.32.0 10.118.64.0 192.168.18.0 192.168.18.0
ADV Router 192.168.18.2 192.168.18.2 192.168.18.2 192.168.18.2 192.168.18.2 192.168.18.2 192.168.18.2 192.168.18.2 192.168.18.1 192.168.18.2
Release 4.2, Standard
Age 1313 1313 1313 1313 1313 1313 1313 1326 562 1313
Seq# 0x8000013C 0x8000013B 0x8000013B 0x8000013B 0x8000013B 0x8000013B 0x8000013C 0x8000005A 0x800000CF 0x8000013C
Checksum 0xBA8D 0xFC6D 0x9BAE 0x3AEF 0xD831 0x6513 0x0255 0x67B2 0x4198 0x96C6
ARRIS PROPRIETARY — All Rights Reserved
26-807
26 CLI Command Descriptions
show ip ospf database external Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays only detailed information about external Link State Advertisements (LSAs.) show ip ospf [vrf ] database external [adv-router] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[adv-router]
Advertising Router link states (as an IP address)
Example
To display detailed information about external LSAs, type the following command: C4>
show ip ospf database external The following is an example of the output returned by the system:
OSPF Router with ID (192.168.18.2)
(Vrf Id 1)
Type-5 AS External Link States LS age: 1541 Options: ( E ) LS Type: AS External Link Link State ID: 10.43.201.152 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000013C Checksum: 0xBA8D Length: 36 Network Mask: /29 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0
26-808
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Tag: 0 LS age: 1541 Options: ( E ) LS Type: AS External Link Link State ID: 10.68.64.0 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000013B Checksum: 0xFC6D Length: 36 Network Mask: /19 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 1541 Options: ( E ) LS Type: AS External Link Link State ID: 10.68.96.0 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000013B Checksum: 0x9BAE Length: 36 Network Mask: /19 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 1542 Options: ( E ) LS Type: AS External Link Link State ID: 10.68.128.0 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000013B Checksum: 0x3AEF Length: 36 Network Mask: /19
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-809
26 CLI Command Descriptions
Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 1542 Options: ( E ) LS Type: AS External Link Link State ID: 10.68.160.0 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000013B Checksum: 0xD831 Length: 36 Network Mask: /19 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 1580 Options: ( E ) LS Type: AS External Link Link State ID: 10.118.0.0 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000013B Checksum: 0x6513 Length: 36 Network Mask: /19 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 1580 Options: ( E ) LS Type: AS External Link Link State ID: 10.118.32.0 (External Network Number) Advertising Router: 192.168.18.2
26-810
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
LS Seq Number: 8000013C Checksum: 0x255 Length: 36 Network Mask: /19 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 1593 Advertising Router: 192.168.18.2 LS Seq Number: 8000013C Checksum: 0x255 Length: 36 Network Mask: /19 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 1593 Options: ( E ) LS Type: AS External Link Link State ID: 10.118.64.0 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000005A Checksum: 0x67B2 Length: 36 Network Mask: /19 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0 LS age: 829 Options: ( DC ) LS Type: AS External Link Link State ID: 192.168.18.0 (External Network Number)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-811
26 CLI Command Descriptions
Advertising Router: 192.168.18.1 LS Seq Number: 800000CF Checksum: 0x4198 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 0.0.0.0 Tag: 0 LS age: 1603 Options: ( E ) LS Type: AS External Link Link State ID: 192.168.18.0 (External Network Number) Advertising Router: 192.168.18.2 LS Seq Number: 8000013C Checksum: 0x96C6 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 0 Forward Address: 0.0.0.0 Tag: 0
26-812
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip ospf database network Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Shows the OSPF database network link states (as IP addresses). show ip ospf [vrf ] database network [adv-router] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[adv-router]
Advertising Router link states (as an IP address)
Example
To display the OSPF database network information, type the following: C4>
Release 4.2, Standard
show ip ospf database network
ARRIS PROPRIETARY — All Rights Reserved
26-813
26 CLI Command Descriptions
show ip ospf database nssa-external Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Shows the OSPF database NSSA external link states information. show ip ospf [vrf ] database nssa-external [advrouter] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[adv-router]
Advertising Router link states (as an IP address)
Example
To display the OSPF database NSSA external link state information, type the following: C4>
26-814
show ip ospf database nssa-external
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip ospf database router Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Shows the OSPF database router link states information. show ip ospf [vrf ] database router [adv-router] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[adv-router]
Advertising Router link states (as an IP address)
Example
To display the OSPF database router link states information, type the following: C4>
Release 4.2, Standard
show ip ospf database router
ARRIS PROPRIETARY — All Rights Reserved
26-815
26 CLI Command Descriptions
show ip ospf database summary Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Shows the OSPF database summary information. show ip ospf [vrf ] database summary [adv-router] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[adv-router]
Advertising Router link states (as an IP address)
Example
To display the OSPF database summary information, type the following: C4>
26-816
show ip ospf database summary
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip ospf interface Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Display OSPF interface information. show ip ospf [vrf ] interface [brief] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[brief]
Displays brief output (See example of system output on page 26-819.)
Example
To display information about OSPF interfaces, type the following command: C4>
show ip ospf interface The following is an example of the output returned by the system:
fastEthernet 16/0 Router Virtual Interface of Virtual Router: default Internet Address is 10.66.0.1 / 255.255.255.0 Internet Secondary Address(es): 10.69.32.2/19 Area ID: 0.0.0.0 Network type: Broadcast Timer intervals (in seconds): Cost: 1 Hello: 10 Transmit delay: 1 Retransmit: 5 Admin state: Enabled Dead: 40 Interface state: Designated router Poll: 120 Priority: 1 Counts: Designated router: 10.66.0.1 Events: 23 Backup designated LSAs: 1 router: 0.0.0.0 Graceful-restart helper max grace period 60 fastEthernet 16/1 Router Virtual Interface of Virtual Router: default Internet Address is 10.69.64.2 / 255.255.224.0 Internet Secondary Address(es): 10.69.96.2/19 Area ID: 0.0.0.0
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-817
26 CLI Command Descriptions
Network type: Broadcast Cost: 1 Transmit delay: 1 Admin state: Enabled Interface state: Designated router Priority: 1 Designated router: 10.69.64.2 Backup designated router: 10.69.64.1 Not a graceful-restart helper
Timer intervals (in seconds): Hello: 10 Retransmit: 5 Dead: 40 Poll: 120 Counts: Events: 21 LSAs: 1
fastEthernet 16/2 Router Virtual Interface of Virtual Router: default Internet Address is 10.69.128.2 / 255.255.224.0 Internet Secondary Address(es): 10.69.160.2/19 Area ID: 0.0.0.0 Network type: Broadcast Timer intervals (in seconds): Cost: Bad Type. Hello: 10 Transmit delay: 1 Retransmit: 5 Admin state: Enabled Dead: 40 Interface state: Designated router Poll: 120 Priority: 1 Counts: Designated router: 10.69.128.2 Events: 7 Backup designated LSAs: 1 router: 0.0.0.0 Graceful-restart helper max grace period 60 fastEthernet 16/3 Router Virtual Interface of Virtual Router: default Internet Address is 10.69.192.2 / 255.255.224.0 Internet Secondary Address(es): 10.69.224.2/19 Area ID: 0.0.0.0 Network type: Broadcast Timer intervals (in seconds): Cost: Bad Type. Hello: 10 Transmit delay: 1 Retransmit: 5 Admin state: Enabled Dead: 40 Interface state: Designated router Poll: 120 Priority: 1 Counts: Designated router: 10.69.192.2 Events: 7 Backup designated LSAs: 1 router: 0.0.0.0 Graceful-restart helper max grace period 60
26-818
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Example
To display information about OSPF interfaces using the brief option, type the following command: C4>
show ip ospf interface brief The following is an example of the system output in a lab environment:
C4# show VRF default default default default default default default default
ip ospf interface brief if Descr IP addr fastEthernet 16/0 10.66.0.1 10.69.32.2 fastEthernet 16/1 10.69.64.2 10.69.96.2 fastEthernet 16/2 10.69.128.2 10.69.160.2 fastEthernet 16/3 10.69.192.2 10.69.224.2
area 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
DR 10.66.0.1 0.0.0.0 0.0.0.0 0.0.0.0 10.69.128.2 0.0.0.0 10.69.192.2 0.0.0.0
BDR 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0
A A A A A A A A A
I 5 7 3 7 5 7 5 7
R A A A A A A A A
P A P A P A P A P
The following are the possible values for the A I R P fields: A = Admin Status (A= Active, I = Inactive) I = OSPF If State 1 = Down 2 = Loopback 3 = Waiting 4 = Point To Point 5 = Designated Router 6 = Backup Designated Router 7 = Other Designated Router R = OSPF If Row Status (A = Active, I = Inactive) P = Whether or not the OSPF interface is passive (A = Active, P = Passive)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-819
26 CLI Command Descriptions
show ip ospf neighbor Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Display OSPF neighbor information. show ip ospf [vrf ] neighbor Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
Example
To display information about OSPF neighbors, type the following command: C4>
show ip ospf neighbor The following is an example of the output returned by the system:
Vrf Name nce default
26-820
ID
Pri
192.168.18.1
1
State Full/DR
RxmtQlen 0
ARRIS PROPRIETARY — All Rights Reserved
Address
Permane
192.168.18.1
Dynamic
07/05/05
C4 CMTS
show ip ospf virtual-links Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays parameters of the current state of the OSPF virtual link. show ip ospf [vrf ] virtual-links Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-821
26 CLI Command Descriptions
show ip rip Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Will confirm RIP is enabled for the network and display the RIP configuration. show ip rip
Example
To display the RIP configuration, type the following command: C4>
show ip rip The following is an example of the output returned by the system: RIP Interfaces Interface 10.78.0.2 10.78.64.2 10.128.0.1 10.128.64.1 10.128.128.1 10.128.192.1 10.178.0.1 10.178.64.1 10.178.128.1 10.178.192.1 10.228.0.1 10.228.64.1 10.228.128.1 10.228.192.1
VRF default default default default default default default default default default default default default default
Df Met 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Auth Mode disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled
State disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled
RIP Timers VRF default: Update interval is set to 30 seconds. VRF default: Route invalidation interval is set to 180 seconds. VRF default: Route flush interval is set to 120 seconds.
26-822
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip route summary Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the total number of all routes,e.g. total number of RIP, OSPF, static, and netmgt and local routes in the box. show ip route [vrf ] summary Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
Example
To confirm all routes are accounted for, type the following command: C4>
show ip route summary The following is an example of the output returned by the system: IP routing table name is default(1) Route Source Routes local 4 netmgmt 1 ospf 15 Intra-area: 6 Inter-area: 0 External-1: 0 External-2: 9 NSSA External-1: 0 NSSA External-2: 0 VR Total 20 Total
Release 4.2, Standard
20
ARRIS PROPRIETARY — All Rights Reserved
26-823
26 CLI Command Descriptions
show ip route vrf Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the active and inactive routes on all virtual routers in the C4. show ip route vrf [detail] [A.B.C.D[/bits]] [connected] [local] [netmgmt] [ospf] [rip] [static] [summary] Parameter
Definition
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[detail]
Shows active and inactive routes. Defaults to displaying only active routes.
[A.B.C.D[/bits]] [connected]
IP address or network with optional mask bits Connected VRFs
[local]
Local routes
[netmgmt]
Net management routes
[ospf]
Open Shortest Path First (OSPF) routes
[rip]
Routing Information Protocol (RIP) routes
[static]
Static routes
[summary]
Show total routes for each routing protocol
Example
To display RIP information on the default VRF routes, type the following command: C4>
show ip route vrf default rip The following output is an example of the type of information returned by the system:
VRF Name IP Route Dest. ======== ============== default 0.0.0.0/0 default 10.43.201.152/29 default 10.50.11.0/24
Act PSt Next Hop Dist Protocol Route Age Interface === === ========= ==== ======== ===== ===== ========= No OOS 10.68.0.1 0 netmgmt 2 17:58:06 fastE 14/0.0 Yes IS 10.43.201.155 0 local 2 17:58:06 loopb 0 Yes IS 192.168.18.1 1 ospf(E2) 2 17:55:04 gigE 16/1.0
26-824
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
default default default default default default default default default default default default default default
10.50.18.0/24 10.68.0.0/19 10.68.32.0/19 10.68.64.0/19 10.68.96.0/19 10.68.128.0/19 10.68.160.0/19 10.68.192.0/19 10.68.224.0/19 10.118.0.0/19 10.118.32.0/19 10.118.64.0/19 192.168.18.0/24 224.0.0.0/4
Release 4.2, Standard
Yes IS No OOS No OOS No OOS No OOS No OOS No OOS No OOS No OOS Yes IS Yes IS Yes IS Yes IS Yes
192.168.18.1 10.68.0.2 10.68.32.2 10.68.64.2 10.68.96.2 10.68.128.2 10.68.160.2 10.68.192.2 10.68.224.2 10.118.0.1 10.118.32.1 10.118.64.1 192.168.18.2 224.0.0.0
1 ospf(E2) 0 local 0 local 0 local 0 local 0 local 0 local 0 local 0 local 0 local 0 local 0 local 0 local 0 local
ARRIS PROPRIETARY — All Rights Reserved
2 17:55:04 gigE 16/1.0 2 17:58:06 fastE 14/0.0 2 17:58:06 fastE 14/0.0 2 17:58:06 fastE 14/1.0 2 17:58:06 fastE 14/1.0 2 17:58:06 fastE 14/2.0 2 17:58:06 fastE 14/2.0 2 17:58:06 fastE 14/3.0 2 17:58:06 fastE 14/3.0 2 17:55:22 cable 1/0.0 2 17:55:22 cable 5/0.0 2 17:55:22 cable 10/0.0 2 17:56:00 gigE 16/1.0 2 17:58:00
26-825
26 CLI Command Descriptions
show ip scm access Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the list of VRFs with SCM access enabled as well as an indication if directed broadcasts are enabled. The interfaces that have an associated ACL are displayed by VRF and the SCM default gateway is displayed. By default, all VRFs are displayed. To display SCM access information for a specific VRF, specify the VRF using the vrf option. Note that to display the information for only the default VRF, enter “default” as the VRF name. show ip scm access [vrf ] Parameter
Definition
[vrf ]
Name given to VRF. To display only the default VRF, enter “default” as the VRF name.
[detail]
Displays SCM access information details
Example
To show all VRFs, use the following command: C4#>
show ip scm access The following is an example of the output returned by the system: SCM access enabled for VRF default Directed broadcast is enabled Interfaces with ACLs: ACL 1 on interface 13/0 ACL 7 on interface 5/0, 6/0 SCM access enabled for VRF ispA Interfaces with ACLs: SCM default gateway set to: [ifIndex | FEP nextHop] NOTE If SCM access is disabled for all VRFs, the output only shows the SCM default gateway. There is not a message indicating SCM access is not enabled for any VRFs.
26-826
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
If directed broadcast is disabled, the “Directed broadcast is enabled” line is omitted from the output. If there are no ACLs associated with the interface, the ACLs list is empty. There is not a message indicating there are not interfaces with an associated ACL.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-827
26 CLI Command Descriptions
show ip scm access interface-only Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays only the interface and ACL associations. show ip scm access interface-only
Example
To show only the interface and ACL associations, use the following command: C4#>
show ip scm access interface-only The following is an example of the output returned by the system: Interfaces ACL list ACL list ACL list
26-828
with ACL assigned: for interface fastEthernet 14/0: 20 for interface gigabitEthernet 14/1: 20 for interface gigabitEthernet 16/1: 1
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip ssh Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the currently running status of the SSH daemon, and if running, connection details for any current SSH sessions such as the connection ID, the user ID, the client IP address, the service (terminal or SFTP), Authentication method (password or public key), encryption algorithm, MAC algorithm, and the client software version. show ip ssh
Example
To display the current running status of the SSH daemon and connection details for any sessions, use the following command: C4>
show ip ssh The following is an example of the output returned by the system:
SSH is running Connected clients: ID User Clt Addr 6815843 c4 10.1.175.137
Release 4.2, Standard
Service terminal
Auth Meth password
Encr Alg aes128-cbc
ARRIS PROPRIETARY — All Rights Reserved
MAC Alg hmac-sha1
Clt SW OpenSSH_3.5p1
26-829
26 CLI Command Descriptions
show ip ssh config Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the settings for the bind address, port number, idle time, max clients, max shells, supported encryption and MAC algorithms, service terminal, port forwarding, password allowed, password required, public key allowed, public key required, public key first, and the max number of authentication failures. show ip ssh config
26-830
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ip unreachables Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the status of all interface ICMP unreachables. show ip unreachables
Example
To show the status of all interface ICMP unreachables, type the following command: C4>
show ip unreachables The following is an example of the output returned by the system: ICMP unreachables are always sent
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-831
26 CLI Command Descriptions
show ip vrf Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the virtual router data in various levels of detail. show ip vrf [brief | detail | interface] Parameter
Definition
brief
Only give VR Index to name mapping and OSPF and RIP status
detail
Provides “brief” info plus all virtual router interface information
interface
Provides only the virtual router interface information
Example
To show the virtual route brief data, type the following command: C4>
show ip vrf brief The following is an example of the output returned by the system:
Virtual Router Details: Name Index =============== ========== default 1 Example
OSPF ==== no
RIP === no
ICMP-TIME-EXCEEDED ================== no
To show the virtual route detail data, type the following command: C4>
show ip vrf detail The following output is an example of the type of information returned by the system:
Virtual Router Interfaces: Name Slot/Port =============== ========= default 5/0 default 5/0.1 default 5/0.1 default 5/0.2
26-832
IP Address ================== (P)10.106.0.1 (P)10.108.0.1 10.118.0.1 (P)10.109.0.1
Mask =============== 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
default default default default default default default default default default default default default
5/0.3 5/0.4 5/0.5 5/0.6 5/0.7 5/0.8 6/0 14/0 14/0.1 14/0.2 14/1 16/0 16/1
Virtual Router Details: Name Index =============== ========== default 1
(P)10.110.0.1 (P)10.111.0.1 (P)10.112.0.1 (P)10.113.0.1 (P)10.114.0.1 (P)10.115.0.1 (P)10.107.0.1 (P)10.66.0.2 (P)10.86.0.2 (P)10.96.0.2 (P)10.66.64.2 (P)10.76.0.2 (P)10.76.64.2
OSPF ==== no
RIP === no
255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0 255.255.224.0
ISIS ==== no
BGP === no
ICMP-TIME-EXCEEDED ================== no
C4#
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-833
26 CLI Command Descriptions
show line Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the current line status. show line [detail] Parameter
Definition
[detail]
Displays detailed utilization and performance measurements.
Example
To display the current line status, type the following command: C4>
show line The following is an example of the output returned by the system:
Line Type
Enabled Session Timeout (secs) ---- ------- ------- --------------0 CONSOLE TRUE 0 0 VTY TRUE 0 1 VTY TRUE 0 2 VTY TRUE 0 3 VTY TRUE 0 4 VTY TRUE 0 5 VTY TRUE 0 6 VTY TRUE 0
26-834
Idle Timeout (secs) -----------60000 60000 60000 0 0 0 0 0
Page Length Speed ----------0 0 24 0 0 0 0 0
ARRIS PROPRIETARY — All Rights Reserved
-----9600 N/A N/A N/A N/A N/A N/A N/A
07/05/05
C4 CMTS
show linecard status Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
The show linecard status command displays the current module status information. Refer to the example below with corresponding explanatory text. If no slot number is specified, then the system will display the status of all the modules. show linecard status [slot] Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20.
[slot]
Example
To display the status of all modules, type the following command: C4>
show linecard status The following is an example of the output returned by the system:
Slot Description 0 1 2 3 4 5 6 7 8 9 10 12 14 16 17 18
CAM CAM CAM CAM CAM CAM CAM CAM CAM CAM CAM CAM NAM NAM FCM FCM
(IU, 1D, 8U) (IU, 1D, 8U) (IU, 1D, 8U) (IU, 1D, 8U) (IU, 1D, 8U) (IU, 1D, 8U) (IU, 1D, 8U) (IU, 1D, 8U) (IU, 1D, 8U) (1D, 8U) (1D, 8U) (2D, 12U) (1GE, 1FE) (1GE, 1FE)
Release 4.2, Standard
Admin Oper State State Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS Up IS
Duplex State Standby Active Active Active Active Active Active Active Simplex Active Simplex Simplex Simplex Simplex Standby Active
Serial Number 02421CBD0022 3163100266 02161CBD0017 3163100525 HK000354 HK000561 02281CBD0022 02421CBD0053 HK000333 02151CBD0014 03031CBD0053 04111CMD0004 02201CBG0014 03081CBG0030 03041CBR0026 02381CBR0005
ARRIS PROPRIETARY — All Rights Reserved
HW Version
Prov/Det Type CAM-01081N/J04 CAM/CAM 8400002G01/G06 CAM/CAM 8400002G01/G06 CAM/CAM 8400002G01/G06 CAM/CAM 8400002G01/G05 CAM/CAM 8400002G01/G05 CAM/CAM CAM-01081N/J03 CAM/CAM CAM-01081N/J04 CAM/CAM 8400002G01/G05 CAM/CAM 8400002G01/G06 CAM/CAM CAM-01081N/L04 CAM/CAM CAM-01122W/E06 CAM/CAM GNAM-GB010W/B13 NAM/NAM GNAM-GB010W/D04 NAM/NAM FCM-30640W/E06 FCM/FCM FCM-30640W/E06 FCM/FCM
26-835
26 CLI Command Descriptions
19 20
SCM SCM
Up Up
IS IS
Standby Active
02341CBM0041 SCM-00440W/G05 02421CBM0022 SCM-00440W/G05
SCM/SCM SCM/SCM
The show linecard status command will display the operational or service states of all configured and provisioned modules in the system. Each column is defined below. •
Slot = the slot number provisioned for the module -
• •
Description m= the module type for each provisioned slot. For the CAM, this output designates IU (integrated upconverter), 1D (1 downstream channel), 8U (8 upstream channels) - For the NAM in slot 14, this output indicates 1 gigabit ethernet port and 1 fast ethernet port. The NAM in slot 16 indicates 4 fast ethernet ports. Admin State = the module’s administrative state as Up or Dn Oper State = the module’s operational state The following is a list and brief description of all the possible operational states: IS IS-INIT OOS-MAN OOS-FLT OOS-DGN OOS-DNLD OOS-PUMP
•
Duplex State = designation of each module as either the Active module in a duplex configuration or as Simplex mode only.
•
Serial Number = the number on each module
•
HW Version = the hardware version for each module
•
Prov/Det Type = the provisioned module type and the detected module type. The Detected Type will be named or represented as the following: -
26-836
In service In service - undergoing initialization Out of service - shutdown manually Out of service - faulted Out of service - undergoing diagnostics Out of service - undergoing software download Out of service - FPGAs are being pumped
a dash (-) if no module is present in the slot a question mark (?) if the module is present, but the CMTS cannot detect the correct type.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show logging Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays all event management subsytems and features available for logging configuration on the C4 CMTS. show logging
Example
To display the current logging information, type the following command: C4#
show logging The following is an example of the output returned by the system:
Throttle: type=unconstrained, threshold=0, interval=1, notifications=516, throttled=0 Syslog:
no hosts configured notifications=516, throttled=0, dropped=516 priority=1(emergency), 2(alert), 3(critical), 4(error), 5(warning), 6(notice)
SNMP:
notifications=477, throttled=0 priority=1(emergency), 2(alert), 3(critical), 4(error), 5(warning), 6(notice)
Local:
size=10 Volatile: notifications=516 priority=1(emergency), 2(alert), 3(critical), 4(error), 5(warning), 6(notice) Nonvolatile: notifications=0 priority=none
Console:
notifications=0 priority=none
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-837
26 CLI Command Descriptions
Monitor:
notifications=0 priority=none
History:
notifications=512, size=512
Currently Active Event Overrides: 0066030300 (0x03ef8adc) Inhibit 0066060600 (0x03f00138) Inhibit 0066060700 (0x03f0019c) Inhibit 0082010100 (0x04e35ff4) Inhibit 0082010200 (0x04e36058) Inhibit Related Command(s)
show logging debug show logging history
26-838
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show logging console Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the current logging configuration and utilization statistics for the system console. show logging console
Example
To show the current system console configuration, type the following command: C4#
show logging console The following is an example of the output returned by the system: Console: notifications=0 level=none
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-839
26 CLI Command Descriptions
show logging debug Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the traces currently enabled. show logging debug [facility] Parameter
Definition
Facility name: 2OSPF
IPFiltering
SNMP
STP
TstRec
aging
anm
appl
arp
audit
authmod
bpi
brief_modem
cammanager
camsparing ccrrcvy
cli
[facility]
clock
cmts
MibGC
broker channelcac counts
dappl
data
dataManagement datamanagement
dcard
dchan
dhcp
diag
dsx
eappl
eventrcvr
fiddb
flinkmon
icmp
ipnetwork
irdp
kptrManager
learning
mac
macdm
macdmVerbose
macmgr
maintenance
Example
MACProtocol
map
igmp
modem
ipc
mtce
To display the traces currently enabled, type the following command: C4#
show logging debug The following is an example of the output returned by the system: Debug:
26-840
rip.authentication enabled on all slots rip.daemon.down enabled on all slots rip.daemon.started enabled on all slots rip.daemon.stopped enabled on all slots rip.daemon.up enabled on all slots rip.general.general enabled on all slots
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
rip.general.ifdatanotfound enabled on all slots rip.general.message enabled on all slots rip.general.route enabled on all slots rip.interface.added enabled on all slots rip.interface.removed enabled on all slots rip.message.receivedisabled enabled on all slots rip.message.senddisabled enabled on all slots rip.msgrcvd.error enabled on all slots rip.msgrcvd.request enabled on all slots rip.msgrcvd.response enabled on all slots rip.msgsent.request enabled on all slots rip.msgsent.response enabled on all slots rip.msgsent.socketerror enabled on all slots rip.msgsent.triggeredupdate enabled on all slots rip.route.added enabled on all slots rip.route.advertise enabled on all slots rip.route.error enabled on all slots rip.route.filtered enabled on all slots rip.route.invalid enabled on all slots rip.route.invalidated enabled on all slots rip.route.modified enabled on all slots rip.route.removed enabled on all slots rip.route.timer enabled on all slots rip.route.unprocessed enabled on all slots router.attemptingto.general enabled on all slots router.route.add enabled on all slots router.route.general enabled on all slots router.route.print enabled on all slots router.route.print enabled on all slots
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-841
26 CLI Command Descriptions
show logging history Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the contents of the log history buffer which contains all log messages sent to any logging destination. The log can be filtered to display only a subset of information. show logging history [last ] [beforedate ] [after-date ] [after-time ] [event ] [priority ] [text ] [slot ] [detail] Parameter
Definition
[last ]
Displays the specified number of events
[before-date ] [after-date ] [after-time ]
Displays events before the specified date; mm=month, dd=day, and yyyy=year Displays events after the specified date; mm=month, dd=day, and yyyy=year Displays events after specified time; hh=hour, mm=minute, ss=seconds
[event ]
Displays events with the specified event id
[priority ]
Displays events with the specified priority
[text ] [slot ] [detail]
Displays events containing the matching text Displays events that occurred on the specified slot Displays detailed header information
Example
The following is an example of the logging history. C4#
show logging history The following is an example of the output returned by the system:
History: notifications=377, size=2000 show history filters: terse format Time Sl Pri Text... -------- -- ---- ------15:12:17 19 notc: SystemMtce: AutoRecovery Enabled
26-842
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
15:12:54 20 notc: RADIUS server 10.44.0.18 (group default) failed to authenticate user c4 at 10.44.225.191 on line 1 15:12:17 19 notc: SystemMtce::notifyCardStateChange(): SystemMtceCard.19: basicMtceState=INIT_CREATED 15:12:57 20 notc: RADIUS server 10.44.0.18 (group default) successfully authenticated user c4 on line 1 15:12:22 19 notc: CardMtceFunction: InitProgressStatus Change: old=1 new=2 15:12:59 20 notc: CLI command:c4:10.44.225.191:config session 1000 15:13:00 20 notc: SystemMtce::notifyCardStateChange(): SystemMtceCard.19: basicMtceState=INIT_CREATED 15:13:00 20 notc: Card Primary State Change: Trap Severity=cleared,Shelf Number:0,CardNumber:19,CardType=mcard,Card Subtype=mcard,Card Primary State=is 15:13:00 20 notc: Card Secondary State Change: Trap Severity=warning,Shelf Number:0,CardNumber:19,CardType=mcard,Card Subtype=mcard,Card Secondary State=initializing 15:12:34 19 notc: PSM: Using saved configuration 15:12:36 19 alrt: NAL::getOsIfIndex() invalid interface name: eth0 15:12:36 19 notc: SystemMtce: SelectActiveStandby: Selecting STANDBY (weMayGoActive=0 cloneMayGoActive=1 cloneSideNeedsRecovery=0) 15:13:13 20 notc: CloneProxy[PersistentStoreManager]::gen() : 10 events sent before Proxy is active, triggering event(32737) 15:12:37 19 notc: SystemMtce::notifyCardStateChange(): SystemMtceCard.19: basicMtceState=INIT_INITED
Related Command(s)
configure logging priority cli trace logging no
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-843
26 CLI Command Descriptions
show logging local Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the local logging related information. show logging local
Example
To display the current information, type the following command: C4#
show logging local The following is an example of the output returned by the system:
Local:
26-844
size=10 Volatile: notifications=1489 priority=1(emergency), 2(alert), 3(critical), 4(error), 5(warning), 6(notice) Nonvolatile: notifications=793 priority=1(emergency), 2(alert), 3(critical), 4(error)
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show logging monitor Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays monitor logging related information. show logging monitor
Example
To display the monitor logging information, type the following command: C4#
show logging monitor The following is an example of the output returned by the system: Monitor: notifications=0 priority=none
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-845
26 CLI Command Descriptions
show logging overrides Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays any existing SNMP logging overrides. show logging overrides
Example
To show the SNMP logging overrides, type the following command: C4#
show logging overrides The following is an example of the output returned by the system: Currently Active Event Overrides: 0066030300 (0x03ef8adc) Inhibit 0066060600 (0x03f00138) Inhibit 0066060700 (0x03f0019c) Inhibit 0082010100 (0x04e35ff4) Inhibit 0082010200 (0x04e36058) Inhibit
26-846
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show logging priority cli Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the CLI access levels 0 through 15 and the logging priority that is assigned to that particular CLI access level. The current system default settings are listed in the following table: CLI Access Level
Notification Priority
0 through 4
7 (Informational)
5 through 15
6 (Notice)
show logging priority cli Example
To show the CLI logging priority information, type the following command: C4#
show logging priority cli The following is an example of the output returned by the system:
CLI Access Level 0 1 2 3 4 5 6 7 8 9 10 11 12
Release 4.2, Standard
Notification Priority 7(information) 7(information) 7(information) 7(information) 7(information) 6(notice) 6(notice) 6(notice) 6(notice) 6(notice) 6(notice) 6(notice) 6(notice)
ARRIS PROPRIETARY — All Rights Reserved
26-847
26 CLI Command Descriptions
13 14 15
6(notice) 6(notice) 6(notice)
Related Command(s)
configure logging priority cli show logging history
26-848
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show logging proprietary Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the proprietary SNMP logging status. show logging proprietary
Example
To show the proprietary SNMP logging status, type the following command: C4#
show logging proprietary The following is an example of the output returned by the system: Proprietary notifications are enabled for snmp, local log (volatile and non-volatile), and syslog destinations.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-849
26 CLI Command Descriptions
show logging snmp Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the current SNMP logging related information. show logging snmp
Example
To display the current SNMP logging related information, type the following command: C4#
show logging snmp The following is an example of the output returned by the system: notifications=261, throttled=0 priority=3(critical), 4(error), 5(warning), 6(notice)
26-850
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show logging syslog Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the current Syslog logging configuration and utilization statistic information. show logging syslog
Example
To display the current syslog logging configuration and utilization statistic information for the default Syslog configuration, type the following command: C4#
show logging syslog The following is an example of the output returned by the system: Syslog: no hosts configured notifications=97, throttled=0, dropped=97 priority= 1(emergency), 2(alert), 3(critical), 4(error), 5(warning), 6(notice) If a single Syslog host had been configured, the output would look similar to the following: Syslog: hosts (ip address facility): 10.43.4.5 local0 notifications=500, throttled=0, dropped=500 priority= 1(emergency), 2(alert), 3(critical), 4(error), 5(warning), 6(notice)
If multiple Syslog hosts had been configured, the output might look like the following: Syslog: hosts (ip address facility): 10.43.4.5 local0 10.43.4.6 local5 10.43.4.7 local2 notifications=501, throttled=0, dropped=503 priority= 1(emergency), 2(alert), 3(critical), 4(error), 5(warning), 6(notice)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-851
26 CLI Command Descriptions
show logging throttle Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the current throttle configuration and utilization statistics. show logging throttle
Example
To display the current throttle configuration, type the following command: C4#
show logging throttle The following is an example of the output returned by the system: type=unconstrained, threshold=0, interval=1, notifications=13, throttled=0
26-852
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show logging trap Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays SNMP trap logging related information. show logging trap
Example
To display trap logging information, type the following command: C4#
show logging trap The following is an example of the output returned by the system: Enabled logging traps: None enabled Enabled CM reset traps: None enabled
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-853
26 CLI Command Descriptions
show memory Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the memory usage information for the specific slot. show memory [detail] Parameter
Definition
[detail]
The chassis slot number. Valid range is 0-20. Shows detailed OSE heap stats.
Example
To display the memory usage information for the SCM in slot 19, type the following command: C4#
show memory 19 The following is an example of the output returned by the system:
Memory Statistics: Total heap size Total free bytes in heap = Total heap object allocations Total heap object extant Total bytes allocated to small heap Total bytes allocated to large heap
26-854
= = = = =
476426528 468182832 ( 98% of total heap size) 55559259 79325 7806976 10403840
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show netstat Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the currently active network connections and lists statistics for various protocols in the TCP/IP for the System Control Module. show netstat [slot ] [routes] [stats] [interfaces] Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 19 to 20.
[slot ] [routes]
Keyword to show the IP routing table
[stats]
Keyword to show all statistics for TCP, UDP, IP and ICMP
[interfaces]
Keyword to show the interface statistics
Example
To display the currently active network connections and statistics for the various protocols for the SCM, type the following command: C4>
show netstat The following is an example of the output returned by the system:
Proto
Local Address
Foreign Address
(state)
udp udp udp udp udp udp udp udp udp udp udp tcp tcp
0.0.0.0.0 0.0.0.0.123 0.0.0.0.161 0.0.0.0.49152 0.0.0.0.49159 10.43.201.147.49161 100.0.0.30.69 127.0.0.1.8456 127.0.0.1.49153 127.0.0.1.49154 127.0.0.1.49156 0.0.0.0.21 0.0.0.0.23
0.0.0.0.0 0.0.0.0.0
LISTEN LISTEN
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-855
26 CLI Command Descriptions
tcp tcp tcp tcp
26-856
0.0.0.0.2126 10.43.201.145.23 10.43.201.145.23 127.0.0.1.2323
0.0.0.0.0 10.43.4.81.1544 10.43.4.163.4359 0.0.0.0.0
ARRIS PROPRIETARY — All Rights Reserved
LISTEN ESTABLISHED ESTABLISHED LISTEN
07/05/05
C4 CMTS
show ntp Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the Network Time Protocol (NTP) settings. show ntp Parameter
Definition
The status of the NTP associations The default NTP minpool, maxpool, and the version
Example
To show the defaults that have been set for the NTP, type the following command: C4#
show ntp defaults The following is an example of the output returned by the system: minpoll=6 maxpoll=10 ver=4
Example
To show the status of the NTP associations, type the following command: C4#
show ntp associations The following is an example of the output returned by the system: 10.50.28.3 server unicast burst=off prefer=on minpoll=4 maxpoll=4 ver=4
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-857
26 CLI Command Descriptions
show operation mode Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays Upper Level Protocol (ULP) operation mode status. show operation mode
Example
To show the ULP operation mode status, type the following command: C4> show operation mode The following is an example of the output returned by the system:
Enabled Enabled Enabled Disabled Enabled Enabled Disabled Disabled
26-858
: : : : : : : :
(dqossf10cms) Allow 1.0 CMs in DocsQosServiceFlowEntry (adjrxpwrctl) Allow adjustment of rx power control by mod type (enbudptcpfltr) Allow combining of Udp and Tcp messages in same filter (upce) Enable Upstream Packet Classification Enforcement (cmstatusoperational) Allow modem status at the CMTS to reach operational(8) (cpeNacksForceCmReset) Force CM reset upon receiving 3 consecutive CPE NACKs (docsis20test) DOCSIS 2.0 Testing (upstreamLockupDetect) Detection of upstream channel lockups
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show packetcable cops counts Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays counts of Packetcable COPS connection attempts and messages. show packetcable cops counts
Example
To display the counts, use the following command: C4>
show packetcable cops counts The following is an example of the output returned by the system:
Server cnx/OPN CAT/REQ KA/KA DEC/RPT /DRQ CC/CC SSQ/SSC 10.43.200.226 rx 0 0 165 0 0 0 tx 0 0 165 0 0 0 0 10.43.200.227 rx 0 0 172 5656 0 0 tx 0 0 172 5655 0 0 0 10.43.200.232 rx 0 0 984 0 0 0 tx 0 0 984 0 0 0 0 ---------------------------------------------------------------------------Total rx 0 0 1321 5656 0 0 tx 0 0 1321 5655 0 0 0
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-859
26 CLI Command Descriptions
show packetcable gate Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays Packetcable gate information. show packetcable gate [detail]
26-860
Parameter
Definition
Enter a 32-bit number in decimal or hex, with a prefix of 0x denoting hex. Valid range is or 0x0-0xFFFFFFFF>
[detail]
Shows detailed gate information.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show packetcable gate dqos Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays only Packetcable dqos gates. show packetcable gate dqos [detail] Parameter
Definition
First IP address
Second IP address
[detail]
Release 4.2, Standard
Show detailed dqos gate information
ARRIS PROPRIETARY — All Rights Reserved
26-861
26 CLI Command Descriptions
show packetcable gate pcmm Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays only Packetcable pcmm gates. show packetcable gate pcmm [detail] Parameter
First IP address
Second IP address
[detail]
26-862
Definition
Show detailed pcmm gate information
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show packetcable gatectl counts Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays only Packetcable DQoS gate control statistics and control message counters. show packetcable gatectl counts
Example
To display the counts, use the following command: C4>
show packetcable gatectl counts The following is an example of the output returned by the system:
Server Gate-Aloc Gate-Set Gate-Info Gate-Del Gate-Open Gate-Close 10.43.200.226 req 0 0 0 0 ack 0 0 0 0 0 0 err 0 0 0 0 10.43.200.227 req 0 1888 1884 1884 ack 0 1886 1884 1884 0 0 err 0 0 0 0 10.43.200.232 req 0 0 0 0 ack 0 0 0 0 0 0 err 0 0 0 0 ------------------------------------------------------------------------------Total 0 3774 3768 3768 0 0
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-863
26 CLI Command Descriptions
show packetcable global Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays system-wide Packetcable settings. show packetcable global
Example
To display the global Packetcable configuration, type the following command: C4>
show packetcable global The following is an example of the output returned by the system: PacketCable DQoS Administrative state: DOWN COPS TCP port: 2126 Timer t0: 30 seconds Timer t1: 250 seconds PacketCable Multimedia Administrative state: DOWN COPS TCP port: 3918 Timer t1: 300 deciseconds Gate Message Throttling: SCM NORMAL max Gate Messages per 10 seconds: 900 SCM YELLOW max Gate Messages per 10 seconds: 900 SCM RED max Gate Messages per 10 seconds: 300 Admission Control Limits: Upstream Priority Reserved Allowed -------- ------Normal 0% 50% Emergency 0% 70% Total 70% Preemption: enabled
26-864
ARRIS PROPRIETARY — All Rights Reserved
Downstream Reserved Allowed -------- ------0% 50% 0% 70% 70%
07/05/05
C4 CMTS
Event Messaging Parameters Enabled: no - not configured Element ID: not configured Event messaging UDP source port: 1813 Maximum number of events per batched message: 3 Batch timer: 1 minute ACK timer: 1000 milliseconds Maximum number of retransmissions to RKS: 1
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-865
26 CLI Command Descriptions
show packetcable global dqos Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays Packetcable 1.x (DQos) settings. show packetcable global dqos
Example
To display the DQos Packetcable settings, type the following command: C4>
show packetcable global dqos The following output is an example of the type of information returned by the system: PacketCable DQoS Administrative state: UP COPS TCP port: 2126 Timer t0: 30 seconds Timer t1: 250 seconds SCM NORMAL max connections per 10 seconds: 125 SCM YELLOW max connections per 10 seconds: 125 SCM RED max connections per 10 seconds: 41 Admission Control Priority Mapping: DQoS Priority Multimedia Priority Unspecified 0 Normal 5 Emergency 7 preemption: enabled Event Messaging Parameters Billing event messaging: Enabled Enabled: yes Element ID: 12345 Event messaging UDP source port: 1813 Maximum number of events per batched message: 3 Batch timer: 1 minute ACK timer: 1000 milliseconds Maximum number of retransmissions to RKS: 1
26-866
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show packetcable global pcmm Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays Packetcable Multimedia settings. show packetcable global pcmm
Example
To display the Packetcable Multimedia settings, type the following command: C4>
show packetcable global pcmm The following output is an example of the type of information returned by the system: Gate Message Throttling: PacketCable Multimedia Administrative state: UP COPS TCP port: 3918 Timer t1: 300 deciseconds Admission Control Limits: Upstream Downstream Priority Reserved Allowed Reserved Allowed Normal 0% 50% 0% 50% Emergency 0% 70% 0% 70% Total 70% 70% Preemption: enabled Event Messaging Parameters Billing event messaging: Enabled Enabled: yes Element ID: 12345 Event messaging UDP source port: 1813 Maximum number of events per batched message: 3 Batch timer: 1 minute ACK timer: 1000 milliseconds Maximum number of retransmissions to RKS: 1
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-867
26 CLI Command Descriptions
show packetcable transactions Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the counts of throttled PC Gate transactions. show packetcable transactions [detail] Parameter
Definition
[detail]
Displays detailed information.
Example
To display the Packetcable transactions, type the following command: C4>
show packetcable transactions The following is an example of the output returned by the system: Since last command execution: Avg Gate Transaction rate (msg/sec): 0.0 Max Gate Transaction rate (msg/sec): 0 Since system boot maximum Gate Transaction rate (trans/sec): 0
Example
To display Packetcable transactions in detail, type the following command: C4>
show packetcable transactions detail The following is an example of the output returned by the system: Gate SCM SCM SCM
Message Transaction Throttling: NORMAL max Gate Transactions per 10 seconds: 180 YELLOW max Gate Transactions per 10 seconds: 180 RED max Gate Transactions per 10 seconds: 60
Throttle triggering results in temporarily reduced message receive rate.
26-868
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Gate transaction throttle triggering per overload condition: NORMAL YELLOW RED Gate-Alloc 0 0 0 Gate-Set 0 0 0 Gate-Info 0 0 0 Gate-Delete 0 0 0 (total) 0 0 0
Total 0 0 0 0 0
Since last command execution: Avg. Gate Transaction rate (trans/sec): 11.5 Maximum Gate Transaction rate (trans/sec): 27 Since system boot maximum Gate transaction rate (trans/sec): 51 Rate history for last 30 seconds: (rate of -1 indicates no transaction activity and no update) seconds ago rate (trans/sec) 1 0 2 -1 3 -1 4 -1 5 -1 6 -1 7 -1 8 -1 9 -1 10 -1 11 -1 12 -1 13 -1 14 -1 15 -1 16 -1 17 -1 18 -1 19 -1 20 -1
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-869
26 CLI Command Descriptions
21 22 23 24 25 26 27 28 29 30
26-870
-1 -1 -1 -1 -1 -1 -1 -1 -1 -1
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show port status Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the port level upstream and downstream information on the module in the specified slot. NOTE This command will not report status of spare master ports. It will report only th estate of the protected ports. show port status [slot/port] Parameter
[slot/ [
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
]
Port value is 0 for the downstream on a Cable Access Module and 0-7 on the upstream ports. The Network Access Module ports are numbered 0, 1, 2, and 3.
/port]
Example
If no port is specified, this command returns status of all the ports of all the active slots similar to the following: C4>
show port status The following is an example of the output returned by the system:
Slot/MAC/ Port 4/0 4/0/D 4/0/U0 4/0/U1 4/0/U2 4/0/U3 4/0/U4 4/0/U5 4/0/U6 4/0/U7 5/0
Conn Admin State Down 0 Down 0 Down 1 Down 2 Down 3 Down 4 Down 5 Down 6 Down 7 Down Up
Release 4.2, Standard
Oper State OOS-MAN OOS-MAN OOS-MAN OOS-MAN OOS-MAN OOS-MAN OOS-MAN OOS-MAN OOS-MAN OOS-MAN IS
Logical Channel State 0 1 Adm Oper Adm Oper
ARRIS PROPRIETARY — All Rights Reserved
26-871
26 CLI Command Descriptions
5/0/D 5/0/U0 5/0/U1 5/0/U2 5/0/U3 5/0/U4 5/0/U5 5/0/U6 5/0/U7 7/0 7/0/D 7/0/U0 7/0/U1 7/0/U2 7/0/U3 7/0/U4 7/0/U5 7/0/U6 7/0/U7 8/0 8/0/D 8/0/U0 8/0/U1 8/0/U2 8/0/U3 8/0/U4 8/0/U5 8/0/U6 8/0/U7 Slot/ Port 13/0 aseT 13/1 aseT 13/2 aseT 13/3 aseT 16/0 16/1 19/0 20/0
26-872
0 0 1 2 3 4 5 6 7 0 0 1 2 3 4 5 6 7 0 0 1 2 3 4 5 6 7
Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up
IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS
Conn Admin State 0 Up
Oper State IS
Admin Mode
Oper Mode
Auto Negotiate
Full Duplex, 100 B
1
Up
IS
Auto Negotiate
Full Duplex, 100 B
2
Up
IS
Auto Negotiate
Full Duplex, 100 B
3
Up
IS
Auto Negotiate
Full Duplex, 100 B
0 1 -
Down Down Up Up
OOS-MAN OOS-MAN IS IS
Auto Negotiate Auto Negotiate
Invalid Invalid
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Slot/Port Admin State 5/D0 Up 5/U0 Up 5/U1 Up 5/U2 Up 5/U3 Up 5/U4 Up 5/U5 Up 5/U6 Up 5/U7 Up 5/MAC Up 13/0 Up 13/1 Up 13/2 Up 13/3 Up 19/0 Up
Release 4.2, Standard
Oper State IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS
Admin Mode
Oper Mode
Auto Full Auto Auto
Full Full Full Full
Negotiate Duplex, 100 BaseT Negotiate Negotiate
Duplex, Duplex, Duplex, Duplex,
ARRIS PROPRIETARY — All Rights Reserved
100 100 100 100
BaseT BaseT BaseT BaseT
26-873
26 CLI Command Descriptions
show privilege Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the user’s privilege level. show privilege
Example
To show your current privilege level, type the following command: C4>
show privilege The following output is an example of the type of information returned by the system if you only have access to user commands: Current privilege level is 0 If you had privileged access, the system would respond as follows: Current privilege level is 15
Related Command(s)
show logging priority cli configure logging console enable
26-874
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show privilege exec Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the privilege level of all the commands in the command tree. If a specific command (optional) is entered, only the privilege level for that command will be displayed. NOTE Only commands that have access levels less than or equal to the current CLI access level, will be displayed. For example if your CLI access level is 5, then only those command nodes that have levels 5 and below will be displayed. show privilege exec [] Parameter
Definition
[]
Example
The command whose privilege level you want to check.
To show the privilege level for all commands, type the following command: C4>
Example
show privilege exec To show the privilege level for the command show audit, type the following command:
C4>
show privilege exec show audit The following is an example of the output returned by the system: Current privilege level for ‘show audit’is 0
Related Command(s)
show logging priority cli configure logging console configure privilege exec level configure privilege exec reset
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-875
26 CLI Command Descriptions
show processes Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays CPU utilization statistics. show processes [slot ] [summary] Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20.
[slot ] [summary]
Displays cumulative CPU usage% totals per slot.
Example
To show CPU utilization statistics, type the following command: C4#
show processes The following is an example of the output returned by the system (partial output only):
Total CPU Idle Time = 93 Recent CPU Idle Time = 96 Name Pri Total CPU Time Recent CPU TIME PctTime Switches idle OAMP COM APPL cli_shell timerA0 SMTC CMTC BGRD cli_shell ose_confm_ ose_confm_ timerA1 ose_ntp_ha ose_ipsec_ ipcom_time ose_telnet ose_telnet
26-876
32 11 3 10 12 1 0 2 26 12 9 9 1 8 9 10 12 12
1570.676227 50.986524 18.611644 1.952616 4.084864 3.715191 2.691756 2.257819 3.394740 4.235815 0.646300 0.756893 0.587978 0.246118 0.458689 0.441989 0.299966 0.362740
30.940752 95.50 0.542930 1.67 0.234524 0.72 0.214725 0.66 0.087373 0.26 0.069653 0.21 0.052224 0.16 0.041864 0.12 0.035327 0.10 0.034298 0.10 0.014287 0.04 0.013210 0.04 0.012858 0.03 0.009926 0.03 0.008601 0.02 0.008330 0.02 0.007586 0.02 0.007161 0.02
217718 110573 96498 9575 51462 95893 23037 8805 75514 46212 37760 44828 8557 5473 8550 17229 14623 17394
ARRIS PROPRIETARY — All Rights Reserved
Recent Switches StackDep 3720 1315 1683 168 1063 1783 458 166 834 890 838 774 163 169 230 325 351 317
120/9215 6863/9023 1671/9215 7159/17023 15103/50175 287/5023 927/9023 3511/9023 1199/9023 11959/50175 527/3039 527/3039 143/5023 599/3071 583/9215 327/3071 591/3039 591/3039
07/05/05
C4 CMTS
ose_inetr 9 SNMP 16 ose_ntp 8 AUDT 20 cli_shell 12 cli_shell 12 cli_shell 12 ose_rtc 3 ose_confm_ 9 ose_confm_ 9 ose_confm_ 9 ose_inet 9 i2c 7 ose_inetti 9 cli_shell 12 NOTD 20
0.354006 0.231930 0.129654 2.051857 4.569715 1.468942 1.749283 0.176652 0.741775 0.205511 0.363346 0.138694 0.095090 0.086554 0.208648 0.513291
Example
0.006684 0.02 0.006447 0.01 0.006409 0.01 0.005038 0.01 0.004298 0.01 0.004079 0.01 0.004031 0.01 0.003430 0.01 0.002805 0.00 0.002620 0.00 0.002614 0.00 0.001977 0.00 0.001873 0.00 0.001704 0.00 0.001479 0.00 0.001237 0.00
11966 3765 2061 3998 53029 14981 24443 3423 43667 12071 21289 3664 129 6809 4826 1496
270 105 104 51 185 177 177 67 169 160 160 42 4 129 81 4
543/3071 1159/17407 343/9023 2103/9023 15079/50175 11895/50175 15079/50175 215/5023 527/3039 527/3039 527/3039 335/9215 647/3071 583/3071 6119/50175 1327/41983
To show cumulative CPU usage percent totals per slot, use the following command: C4#
show processes summary The following is an example of the output returned by the system:
Slot Description 0 1 2 3 4 5 6 9 10 11 12 13 14 15 16 17 19
CAM CAM CAM CAM CAM CAM CAM CAM CAM CAM CAM CAM NAM CAM NAM FCM SCM
(2D, 12U) (2D, 12U) (2D, 12U) (2D, 12U) (2D, 12U) (1D, 8U) (2D, 12U) (1D, 8U) (2D, 12U) (1D, 8U) (2D, 12U) (1D, 8U) (1GE, 1FE) (1D, 8U) (1GE, 1FE) A A
Release 4.2, Standard
Admin State Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up Up
Oper State IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS IS
CPU% Util 3 14 13 14 13 18 9 15 14 15 14 15 1 15 1 2 7
ARRIS PROPRIETARY — All Rights Reserved
26-877
26 CLI Command Descriptions
show proto-throttle-rate Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the current protocol throttle rates and the number of packets. show proto-throttle-rate
Example
By typing the following command: C4#
show proto-throttle-rate The following is an example of the output returned by the system: Protocol Throttle Rates ----------------------FCM global packet rate: ARP packet rate: DHCP packet rate: ICMP packet rate: IGMP packet rate: OSPF packet rate: RIP packet rate: SNMP packet rate: FCM other packet rate: SCM global packet rate:
2500 2500 750 500 500 750 500 100 500 900
packets/second packets/second packets/second packets/second packets/second packets/second packets/second packets/second packets/second packets/second
Protocol Received Counts -----------------------FCM global packets passed: FCM global packets dropped: ARP packets passed: ARP packets dropped: DHCP packets passed: DHCP packets dropped: ICMP packets passed: ICMP packets dropped: IGMP packets passed: IGMP packets dropped:
26-878
ARRIS PROPRIETARY — All Rights Reserved
235 0 143 0 92 0 0 0 0 0
packets packets packets packets packets packets packets packets packets packets
07/05/05
C4 CMTS
OSPF packets passed: OSPF packets dropped: RIP packets passed: RIP packets dropped: SNMP packets passed: SNMP packets dropped: FCM other packets passed: FCM other packets dropped: Protocol Sent Counts -------------------FCM global packets: ARP packets: DHCP packets: ICMP packets: IGMP packets: OSPF packets: RIP packets: SNMP packets: FCM other packets:
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
0 0 0 0 0 0 0 0
packets packets packets packets packets packets packets packets
318 226 92 0 0 0 0 0 0
packets packets packets packets packets packets packets packets packets
26-879
26 CLI Command Descriptions
show qos-sc Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the Quality-Of-Service (QoS) class information. show qos-sc [name ] Parameter
Definition
[name ]
Example
QoS service class name.
To show the QoS class information, type the following command: C4> show qos-sc name SCNA The following is an example of the output returned by the system:
QOS Service Class Name: Relative Service Flow Priority: Max Sustained Traffic Rate (bits/sec): Max Traffic Burst (bytes): Min Reserved Rate (bits/sec): Min Reserved Packet Size (bytes): Max Concat Burst for US flow (bytes): Nominal Poll Interval (microseconds): Poll Jitter (microseconds): Unsolicited Grant Size (bytes): Nominal Grant Interval (microseconds): Grant Jitter (microseconds): Data Grants Per Nominal Grant Interval: Max Latency for DS flows (microseconds): Active Timeout (seconds): Admitted Timeout (seconds): Upstream Scheduling Service: Interface Direction:
26-880
SCNA 0 500000 3044 0 0 0 0 0 0 0 0 0 0 0 200 Best Effort Upstream
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show radius Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays detailed utilization and performance measurements. Without the detail keyword, the command displays all configured RADIUS server groups, the members of each group, and the operation parameters of each group member. With the detail keyword, the utilization and performance measurements are also displayed for each server. show radius [detail] Parameter
Definition
Utilization and performance measures (minimally):
[detail]
Release 4.2, Standard
- Access-Request packets formed - Access-Accept packets received - Access-Reject packets received - Access-Challenge packets received - Outstanding Access-Accept packets - Access-Request packet timeouts - Access-Request packet retransmissions - Access-Request packets dropped due to unreachable server - Round trip time in hundredths of a second for the most recent authentication transaction - Access-Request responses received with an invalid length - Access-Request responses received with an invalid type - Access-Request responses received with an invalid identifier - Access-Request responses received with an invalid authenticator - Accounting-Request packets formed - Accounting-Response packets received - Outstanding Accounting-Request packets - Accounting-Request packet timeouts - Accounting-Request packet retransmissions - Accounting-Request packets dropped due to unreachable server - Round trip time in hundredths of a second for the most recent accounting transaction - Accounting-Response packets received with an invalid length - Accounting-Response packets received with an invalid type - Accounting-Response packets received with an invalid identifier - Accounting-Response packets received with an invalid authenticator
ARRIS PROPRIETARY — All Rights Reserved
26-881
26 CLI Command Descriptions
show radius groups Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the RADIUS server group information. show radius groups
Example
To display the currently provisioned radius groups, type the following command: C4>
show radius groups The following is an example of the output returned by the system: default
26-882
10.44.0.18
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show radius hosts Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the RADIUS server host information. show radius hosts
Example
To display the currently provisioned radius hosts, type the following command: C4>
show radius hosts The following is an example of the output returned by the system: IP Address
Auth Acc Timeout Retrans Auth Port Port (secs) Index --------------- ---- ---- ------- ------- ----10.44.0.18
Release 4.2, Standard
1812 1813
3
ARRIS PROPRIETARY — All Rights Reserved
5
2
26-883
26 CLI Command Descriptions
show reload-status Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the reload status. show reload-status
26-884
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show running-config Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
The show running-config command shows the writable (configurable) MIB data that is saved in the C4 CMTS’s persistent memory. These commands may be used to enable or disable system features and set each feature’s operational parameters. show running-config [full] [linenumber] [verbose] Parameter
Definition
[full]
Displays all configuration values, including default values.
[linenum]
Enumerates each line with its line number in the output.
[verbose]
Displays the output with ‘configure’ on each line.
Example
To show the configurable data that is saved in persistent memory, type the following command: C4#
show running-config
NOTE This command generates extensive output. If printed, the results of this command could fill well over fifty pages of text for a fully populated chassis.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-885
26 CLI Command Descriptions
show running-config interface cable / Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
The show running-config interface command shows the parameters for the specified cable interface. show running-config interface cable / [linenumber] [verbose] [full] Parameter
Definition
The chassis slot in which the targeted CAM module resides. Valid values are from 0-15.
MAC domain number. Valid range is 0 or 1.
[linenum]
Enumerates each line with its line number in the output.
[verbose]
Displays the output with ‘configure’ on each line.
[full]
Displays all configuration values, including default values.
Example
To show the configurable data that is saved in persistent memory, type the following command: C4#
show running-config interface cable 5/0 The following is an example of the output returned by the system:
configure interface cable 5/0 cable bundle 1/0 cable downstream frequency 351000000 cable downstream power-level 610 cable upstream 0 frequency 12000000 cable upstream 0 power-level 11 cable upstream 0 modulation-profile 5 cable upstream 0 no shutdown cable upstream 1 frequency 16000000 cable upstream 1 power-level 11 cable upstream 1 modulation-profile 5 cable upstream 1 no shutdown cable upstream 2 frequency 20000000
26-886
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
cable upstream 2 power-level 11 cable upstream 2 modulation-profile cable upstream 2 no shutdown cable upstream 3 frequency 24000000 cable upstream 3 power-level 11 cable upstream 3 modulation-profile cable upstream 3 no shutdown cable upstream 4 frequency 28000000 cable upstream 4 power-level 11 cable upstream 4 modulation-profile cable upstream 4 no shutdown cable upstream 5 frequency 32000000 cable upstream 5 power-level 11 cable upstream 5 modulation-profile cable upstream 5 no shutdown cable upstream 6 frequency 36000000 cable upstream 6 power-level 11 cable upstream 6 modulation-profile cable upstream 6 no shutdown cable upstream 7 frequency 40000000 cable upstream 7 power-level 11 cable upstream 7 modulation-profile cable upstream 7 no shutdown cable downstream no shutdown no shutdown mac-port exit end
Release 4.2, Standard
5
5
5
5
5
5
ARRIS PROPRIETARY — All Rights Reserved
26-887
26 CLI Command Descriptions
show running-config interface ethernet /0 Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
The show running-config interface command shows the parameters for the specified System Controller ethernet interface. show running-config interface ethernet /0 [linenumber] [verbose] [full] Parameter
Definition
/0
The chassis slot number of the System Controller Module. Valid slot values are 19 or 20. The only valid port value is 0 (zero).
[linenum]
Enumerates each line with its line number in the output.
[verbose]
Displays the output with ‘configure’ on each line.
[full]
Displays all configuration values, including default values.
Example
To show the configurable data that is saved in persistent memory, type the following command: C4#
26-888
show running-config interface ethernet 19/0
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show running-config interface fastethernet / Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
The show running-config interface command shows the parameters for the specified FastEthernet interface. show running-config interface fastethernet / [linenumber] [verbose] [full] Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 13-15.
The Network Access Module ports are numbered 0, 1, 2, and 3.
[linenum]
Enumerates each line with its line number in the output.
[verbose]
Displays the output with ‘configure’ on each line.
[full]
Displays all configuration values, including default values.
Example
To show the configurable data that is saved in persistent memory, type the following command: C4#
show running-config fastethernet cable 14/0 The following is an example of the output returned by the system:
configure interface fastEthernet 14/0 description VLAN 625 no shutdown exit interface fastEthernet 14/0.0 ip address 10.58.64.2 255.255.255.192 ip scm access-group 1 exit end
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-889
26 CLI Command Descriptions
show running-config interface gigabitethernet / Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
The show running-config interface command shows the parameters for the specified Gigabit Ethernet interface. show running-config interface gigabitethernet / [linenumber] [verbose] [full] Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are slot 14 and 16 only.
Port value is 1 for the GigE NAM.
[linenum]
Enumerates each line with its line number in the output.
[verbose]
Displays the output with ‘configure’ on each line.
[full]
Displays all configuration values, including default values.
Example
To show the configurable data that is saved in persistent memory, type the following command: C4#
show running-config interface gigabitethernet 14/1 The following is an example of the output returned by the system: configure interface gigabitEthernet 14/1 shutdown exit end
26-890
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show running-config interface loopback Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
The show running-config interface command shows the parameters for the specified loopback interface. show running-config interface loopback [linenumber] [verbose] [full] Parameter
Definition
The loopback interface number. Valid range is 0-15.
[linenum]
Enumerates each line with its line number in the output.
[verbose]
Displays the output with ‘configure’ on each line.
[full]
Displays all configuration values, including default values.
Example
To show the configurable data that is saved in persistent memory, type the following command: C4#
show running-config interface loopback 1 The following is an example of the output returned by the system:
configure interface loopback 0 ip address 10.44.8.200 no shutdown exit interface loopback 1 ip address 10.44.8.201 no shutdown exit interface loopback 2 ip address 10.44.8.202 no shutdown exit interface loopback 3 ip address 10.44.8.203 no shutdown
Release 4.2, Standard
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
ARRIS PROPRIETARY — All Rights Reserved
26-891
26 CLI Command Descriptions
exit interface loopback 4 ip address 10.44.8.204 no shutdown exit interface loopback 5 ip address 10.44.8.205 no shutdown exit interface loopback 6 ip address 10.44.8.206 no shutdown exit interface loopback 7 ip address 10.44.8.207 no shutdown exit interface loopback 8 ip address 10.44.8.208 no shutdown exit interface loopback 9 ip address 10.44.8.209 no shutdown exit interface loopback 10 ip address 10.44.8.210 no shutdown exit interface loopback 11 ip address 10.44.8.211 no shutdown exit interface loopback 12 ip address 10.44.8.212 no shutdown exit interface loopback 13 ip address 10.44.8.213 no shutdown exit
26-892
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
255.255.255.255
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
interface loopback 14 ip address 10.44.8.214 255.255.255.255 no shutdown exit interface loopback 15 ip address 10.44.8.215 255.255.255.255 no shutdown end
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-893
26 CLI Command Descriptions
show session-timeout Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the telnet session timeout in minutes. show session-timeout
Example
To display the telnet session timeout in minutes, type the following command: C4>
show session-timeout The following is an example of the output returned by the system: Idle timeout for this session is 1000 minutes, 0 seconds Absolute timeout has been disabled for this session
26-894
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show shelfname Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the shelf name. show shelfname
Example
To display the current shelf name, type the following command: C4>
show shelfname The following is an example of the output returned by the system: Shelf name is Cadant C4 CMTS
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-895
26 CLI Command Descriptions
show snmp community Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the SNMP community information show snmp community
Example
To display the SNMP community information, type the following command: C4>
show snmp community The following is an example of the output returned by the system: Community Index private public
26-896
Community Name private public
ARRIS PROPRIETARY — All Rights Reserved
Community Security Name rwtesting rotesting
07/05/05
C4 CMTS
show snmp contact Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays system contact information.
Example
To display the SNMP contact information, type the following command: C4>
show snmp contact The following is an example of the output returned by the system: Contact
[email protected] NOTE If no contact information has been configured or the contact information has been cleared, the system would respond: No contact info set. Use “configure snmp-server contact” to set this information.
Related Command(s)
configure snmp-server contact
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-897
26 CLI Command Descriptions
show snmp engineboots Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays information about the number of SNMP engine reboots. C4>
Example
show snmp engineboots To display the number of SNMP engine reboots, type the following command:
C4>
show snmp engineboots The following is an example of the output returned by the system: The number of reboot of the SNMP engine is 18
26-898
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show snmp engineid Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays information about the local SNMP engine.
Example
To display the local SNMP engine ID, type the following command: C4>
show snmp engineid The following is an example of the output returned by the system: The SNMP engine id is: 80 00 13 86 03 00 01 5c 11 ca be
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-899
26 CLI Command Descriptions
show snmp group Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays information about SNMPv3 groups. C4>
Example
show snmp group To display information about SNMPv3 groups, type the following command:
C4>
show snmp group The following is an example of the output returned by the system:
Group Name Vers Auth Read View Write View Notify View initial v3 noauth docsisManagerView docsisManagerView docsisManagerView rotesting v1 noauth docsisManagerView docsisManagerView rotesting v2c noauth docsisManagerView docsisManagerView rwtesting v1 noauth docsisManagerView docsisManagerView rwtesting v2c noauth docsisManagerView docsisManagerView AuthPrivMD5User v3 priv docsisManagerView docsisManagerView docsisManagerView AuthPrivSHAUser v3 priv docsisManagerView docsisManagerView docsisManagerView noAuthNoPrivUser v3 noauth docsisManagerView docsisManagerView docsisManagerView AuthNoPrivMD5User v3 auth docsisManagerView docsisManagerView docsisManagerView AuthNoPrivSHAUser v3 auth docsisManagerView docsisManagerView docsisManagerView
26-900
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show snmp location Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the system location, or sysLocation string.
Example
To display the system location, type the following command: C4>
show snmp location The following is an example of the output returned by the system: System location is Lisle, IL
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-901
26 CLI Command Descriptions
show snmp user Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the list of current SNMPv3 users. C4>
Example
show snmp user To display the list of current SNMPv3 users, type the following command:
C4>
show snmp user The following is an example of the output returned by the system:
SNMP Engine 80 00 13 86 80 00 13 86 80 00 13 86 80 00 13 86 80 00 13 86
26-902
Id 03 03 03 03 03
00 00 00 00 00
01 01 01 01 01
5c 5c 5c 5c 5c
00 00 00 00 00
03 03 03 03 03
c0 c0 c0 c0 c0
User Name AuthPrivMD5User AuthPrivSHAUser noAuthNoPrivUser AuthNoPrivMD5User AuthNoPrivSHAUser
User Security Name AuthPrivMD5User AuthPrivSHAUser noAuthNoPrivUser AuthNoPrivMD5User AuthNoPrivSHAUser
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show snmp view Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the SNMPv3 views. show snmp view
Example
To display the SNMPv3 views, type the following command: C4>
show snmp view The following is an example of the output returned by the system: View Name docsisManagerView docsisManagerView
Release 4.2, Standard
Subtree Type 1.2.826.0.1.1578918included 1.3.6.1 included
ARRIS PROPRIETARY — All Rights Reserved
26-903
26 CLI Command Descriptions
show spare-group Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the sparing groups. show spare-group
Example
To display a list of configured spare-groups, type the following command; C4>
show spare-group The following is an example of the output returned by the system: Slot 05 06
Leader Slot 05 05
Mode Auto
If no spare groups have been set up, the system would respond: There are no sparing groups defined Related Command(s)
configure interface cable / spare-group show linecard status
26-904
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show ssh host public-key Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the SSH server’s host public key. show host public-key Parameter
Definition
DSA public keys are for SSH2 clients
Example
To display the SSH server’s host public key, type the following command C4#
show ssh host public-key dsa The following is an example of the output returned by the system:
BE74191136BD9BE4E73242FE90E7EC1680E5237432A16CD5F0C23D2D1875134FF2BF884EFD909DBAC B62A36CD0CAC45142E63A9B71D21BA20DD7080E CDD4A76F4303B418D2FEBEC827155D798D0313447DEE33D133ECF4B2778842145F62001C46D226AA5 67A37CEDA83E2087E00AA9B25BBA57646ACF259 8107B6EEB9DB81AD
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-905
26 CLI Command Descriptions
show startup-config Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the current operating configuration written to memory. show startup-config [linenumber] Parameter
[linenumber]
26-906
Definition
Enumerates each line with its line number in the output.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show tacacs Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays all configured TACACS+ server groups, the members of each group, and the operational parameters of each group member. If the detail keyword is added, then utilization and performance measurements are also displayed for each TACACS+ server. show tacacs [detail] Parameter
Definition
[detail]
Show TACACS+ information in detail
Example
To display all configured TACACS+ server groups and members of each group, type the following command; C4>
show tacacs The following is an example of the output returned by the system:
TACACS+ Groups... Group Name ---------------------------------------------------------------amen tac_default TACACS+ Hosts... IP Address Port Timeout (secs) --------------- ---- ------10.44.0.18 49 5 Example
IP Address --------------10.44.0.18 10.44.0.18
Multiplexing Over Index Single TCP Conn ----------------- ----No 1
To display the TACACS+ server group information along with utilization and performance measurements, type the following command; C4>
show tacacs detail The following is an example of the output returned by the system:
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-907
26 CLI Command Descriptions
TACACS+ Groups... Group Name ---------------------------------------------------------------amen tac_default TACACS+ Hosts... IP Address Port Timeout (secs) --------------- ---- ------10.44.0.18 49 5
Multiplexing Over Index Single TCP Conn ----------------- ----No 1
TACACS+ Details... TACACS+ Server = Authentication Login Requests = Authentication Enable Requests = Authentication Pass Responses = Authentication Fail Responses = Authentication Get Data Responses = Authentication Get User Responses = Authentication Get Pass Responses = Authentication Restart Responses = Authentication Error Responses = Authentication Follow Responses = Authorization Requests = Authorization Pass Add Responses = Authorization Pass Reply Responses= Authorization Fail Responses = Authorization Error Responses = Authorization Follow Responses = Accounting Start Requests = Accounting Stop Requests = Accounting Success Responses = Accounting Error Responses = Accounting Follow Responses = Malformed Packets = Invalid Message Types = Invalid Sequence Numbers = Invalid Session Ids = Server Unreachables =
26-908
IP Address --------------10.44.0.18 10.44.0.18
10.44.0.18 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show tacacs groups Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the TACACS+ server group information. show tacacs groups
Example
To show the TACACS+ server group information, type the following command; C4>
show tacacs groups The following is an example of the output returned by the system:
Group Name ---------------------------------------------------------------amen tac_default
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
IP Address --------------10.44.0.18 10.44.0.18
26-909
26 CLI Command Descriptions
show tacacs hosts Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the TACACS+ server host information. show tacacs hosts
Example
To show the TACACS+ server host information, type the following command; C4>
show tacacs hosts The following is an example of the output returned by the system:
IP Address
Port Timeout (secs) --------------- ---- ------10.44.0.18 49 5
26-910
Multiplexing Over Index Single TCP Conn ----------------- ----No 1
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show tech-support Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the system information for technical support. NOTE This command generates extensive output. show tech-support
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-911
26 CLI Command Descriptions
show temperature Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays the temperature of each equipped chassis slot. The temperature is monitored at approximately 90-second intervals. Should a slot’s temperature fall below 20 degrees Celsius or exceed 70 degrees Celsius, a card TempOutOfRangeNotification SNMP trap is generated. Should a slot’s temperature exceed 85 degrees Celsius, the card will power down and a card TempOverHeatNotification SNMP trap is generated. Use the optional slot parameter if you only need status for a specific module. show temperature [slot ] Parameter
Definition
[slot ]
Example
The chassis slot in which the targeted module resides. Valid values are from 0-20.
To see the temperature of all modules in the system, type the following command: C4>
show temperature The following is an example of the output returned by the system: Slot ---0 1 2 3 4 5 6 7 8 9 10 12
26-912
Description --------------CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (IU, 1D, 8U) CAM (1D, 8U) CAM (1D, 8U) CAM (2D, 12U)
HW Version ----------------CAM-01081N/J04 8400002G01/G06 8400002G01/G06 8400002G01/G06 8400002G01/G05 CAM-01081N/L05 CAM-01081N/J03 CAM-01081N/J04 8400002G01/G05 8400002G01/G06 CAM-01081N/L04 CAM-01122W/D15
ARRIS PROPRIETARY — All Rights Reserved
Temperature -----------43 C (109 F) 40 C (104 F) 40 C (104 F) 41 C (105 F) 41 C (105 F) 41 C (105 F) 41 C (105 F) 41 C (105 F) 41 C (105 F) 42 C (107 F) 43 C (109 F) 57 C (134 F)
07/05/05
C4 CMTS
14 16 18 20 Example
NAM (1GE, 1FE) NAM (1GE, 1FE) FCM SCM
GNAM-GB010W/B13 GNAM-GB010W/D04 FCM-30640W/E06 SCM-00440W/G05
30 29 31 30
C C C C
( ( ( (
86 84 87 86
F) F) F) F)
To see the temperature of the Cable Access Module in slot 4 only, type the following command: C4>
show temperature slot 4 The following is an example of the output returned by the system: Slot Description HW Version Temperature ---- --------------- ----------------- -----------4 CAM (IU, 1D, 8U) 8400002G01/G05 41 C (105 F)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-913
26 CLI Command Descriptions
show tod Default Access Level
Mode
Prompt
Privileged – 15
Privileged Exec
C4#
Purpose
Displays the Time-Of-Day (TOD) services information. show tod
Example
To display the TOD service information, type the following command: C4#
show tod Following is an example of the output returned by the system: TOD Server IP Address: 10.50.11.3 connection type: tcp
26-914
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
show users Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Lists all CLI sessions along with the IP address of the originating hosts. show users
Example
To display all open CLI sessions along with their iP addresses, type the following command: C4>
show users The following is an example of the output returned by the system:
Line User Name c4 0 * c4 1 c4
Release 4.2, Standard
IP Address Console 10.43.4.54 10.43.202.139
Login Time Mon Nov 3 11:23:40 2003 Mon Nov 3 11:10:24 2003 Mon Nov 3 11:26:07 2003
ARRIS PROPRIETARY — All Rights Reserved
Privilege Level 15 (Privileged) 0 (Not Privileged) 15 (Privileged)
26-915
26 CLI Command Descriptions
show version Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Displays software and hardware version information for every module in the chassis. show version [detail | boot]
NOTE You may use either the show version or show version detail command to view system information. Parameter
Definition
[detail]
Displays FPGA version information
[boot]
Displays boot version information
Usage
To display the boot version information, use the following command: C4>
show version boot The following is an example of the output returned by the system:
Slot Description 0 CAM (1D, 8U) 1 CAM (1D, 8U) 2 CAM (1D, 8U) 3 CAM (1D, 8U) 4 CAM (1D, 8U) 5 CAM (1D, 8U) 6 CAM (1D, 8U) 7 CAM (1D, 8U) 8 CAM (2D, 12U) 9 CAM (2D, 12U) 10 CAM (1D, 8U) 11 CAM (1D, 8U) 12 CAM (1D, 8U) 13 CAM (1D, 8U) 14 NAM (1GE, 1FE) 15 CAM (1D, 8U)
26-916
HW Version CAM-01081N/L04 CAM-01081N/J04 CAM-01081N/J03 CAM-01081N/H03 CAM-01081N/H02 CAM-01081N/L05 8400002G01/G06 CAM-01081N/J03 CAM-01122W/F08 CAM-01122W/F09 8400002G01/G06 8400002G01/G06 8400002G01/G06 CAM-01081N/J03 GNAM-GB010W/B13 CAM-01081N/J03
Software Version CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62
Boot Version CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.03.59 CMTS_BOOT1_V00.03.59 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90
ARRIS PROPRIETARY — All Rights Reserved
0 2 2 0 2 0 2 2 0 0 2 2 2 2 2 2
Uptime days 2:06:16 days 1:26:05 days 1:26:05 days 2:06:21 days 1:26:05 days 2:24:41 days 1:26:05 days 1:26:05 days 1:53:37 days 1:56:23 days 1:26:05 days 1:26:05 days 1:26:05 days 1:26:05 days 1:26:13 days 1:26:05
07/05/05
C4 CMTS
16 17 18 19 20
NAM FCM FCM SCM SCM
(4FE) A B A B
ENAM-01040W/F04 FCM-30640W/E06 FCM-30640W/E06 SCM-02440W/B02 SCM-02440W/B02
Example
CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62 CMTS_V04.02.00.62
CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90
2 1 1 1 1
days days days days days
1:26:30 4:52:03 4:35:24 4:52:59 4:36:31
To display the software and hardware version information for the entire system, type the following command: C4>
show version detail The following is an example of the output returned by the system:
Time since the CMTS was last booted: 2 days, 1:37:18 (hr:min:sec) Slot: 0 Type: CAM Model Number: CAM-01081N Model Version: L04 CPU Type: MPC 755 (2.3) CPU Speed: 399 MHz Bus Speed: 99.900 MHz RAM Size: 256 MB Flash Size: 8 MB CPLD Versions: P303, G114 PIC Version: PICC-61081W/G01 FPGA Versions: loco = 05.25.00 poco = 06.81.05 Boot Versions: boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 Last Boot Version: CMTS_BOOT1_V00.02.90 [1] Software Version: CMTS_V04.02.00.62 Uptime: 0 days 2:11:40 Slot: 1 Type: CAM Model Number: CAM-01081N Model Version: J04 CPU Type: MPC 755 (2.3) CPU Speed: 399 MHz Bus Speed: 99.900 MHz RAM Size: 256 MB Flash Size: 8 MB
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-917
26 CLI Command Descriptions
CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 2 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 4 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions:
26-918
P303, G113 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 2 days 1:31:30 CAM CAM-01081N J03 MPC 755 (2.3) 399 MHz 99.900 MHz 256 MB 8 MB P303, G113 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [2] CMTS_V04.02.00.62 2 days 1:32:01 CAM CAM-01081N H02 MPC 755 (2.3) 399 MHz 99.900 MHz 256 MB 8 MB P301, G112 PICC-01081W/G01 loco = 05.25.00
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 5 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 6 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Release 4.2, Standard
poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [2] CMTS_V04.02.00.62 2 days 1:32:21 CAM CAM-01081N L05 MPC 755 (2.3) 399 MHz 99.900 MHz 256 MB 8 MB P303, G114 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 0 days 2:31:14 CAM 8400002G01 G06 MPC 750 (2.2) 349 MHz 99.900 MHz 256 MB 2 MB P201, G111 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90
ARRIS PROPRIETARY — All Rights Reserved
26-919
26 CLI Command Descriptions
Last Boot Version: Software Version: Uptime: Slot: 7 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 8 Type: Model Number: Model Version: Mezzanine Number: Mezzanine Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions:
Boot Versions:
26-920
boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 2 days 1:32:52 CAM CAM-01081N J03 MPC 755 (2.3) 399 MHz 99.900 MHz 256 MB 8 MB P303, G113 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [2] CMTS_V04.02.00.62 2 days 1:34:08 CAM CAM-01122W F08 ARCT00232 E04 PPC 750GX (1.1) 798 MHz 133.120 MHz 512 MB 8 MB SV25, SS25, BS13, MS11 PICC-61081W/D01 locofoco = 06.30.01 hermes = 03.50.00 muss0 = 02.07 muss1 = 04.07 boot0 = CMTS_BOOT0_V00.00.76
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Last Boot Version: Software Version: Uptime: Slot: 9 Type: Model Number: Model Version: Mezzanine Number: Mezzanine Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions:
Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 10 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions:
Release 4.2, Standard
boot1 = CMTS_BOOT1_V00.03.59 boot2 = CMTS_BOOT1_V00.03.59 CMTS_BOOT1_V00.03.59 [2] CMTS_V04.02.00.62 0 days 2:01:40 CAM CAM-01122W F09 ARCT00232 E05 PPC 750GX (1.1) 798 MHz 133.120 MHz 512 MB 8 MB SV25, SS25, BS13, MS11 PICC-01081W/G01 locofoco = 06.30.01 hermes = 03.50.00 muss0 = 02.07 muss1 = 04.07 boot0 = CMTS_BOOT0_V00.00.76 boot1 = CMTS_BOOT1_V00.03.59 boot2 = CMTS_BOOT1_V00.03.59 CMTS_BOOT1_V00.03.59 [2] CMTS_V04.02.00.62 0 days 2:04:49 CAM 8400002G01 G06 MPC 750 (2.2) 349 MHz 99.900 MHz 256 MB 2 MB P201, G111 PICC-61081W/D01 loco = 05.25.00 poco = 06.81.05
ARRIS PROPRIETARY — All Rights Reserved
26-921
26 CLI Command Descriptions
Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 11 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 12 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
26-922
boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 2 days 1:34:50 CAM 8400002G01 G06 MPC 755 (2.2) 399 MHz 99.900 MHz 256 MB 2 MB P201, G111 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [2] CMTS_V04.02.00.62 2 days 1:35:15 CAM 8400002G01 G06 MPC 750 (2.2) 349 MHz 99.900 MHz 256 MB 2 MB P201, G111 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Last Boot Version: Software Version: Uptime: Slot: 13 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 14 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions:
Boot Versions:
Last Boot Version: Software Version:
Release 4.2, Standard
CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 2 days 1:35:30 CAM CAM-01081N J03 MPC 755 (2.3) 399 MHz 99.900 MHz 256 MB 8 MB P303, G113 PICC-01081W/G01 loco = 05.25.00 poco = 06.81.05 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 2 days 1:35:45 NAM GNAM-GB010W B13 MPC 755 (2.3) 399 MHz 99.900 MHz 256 MB 8 MB P110, G105 PICE-GB028W/E02 alis = 02.61.00 gflo = 02.68.00 mel = 01.39.00 boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62
ARRIS PROPRIETARY — All Rights Reserved
26-923
26 CLI Command Descriptions
Uptime: 2 days 1:36:15 Slot:15 Type:CAM ModelNumber:CAM-01081N ModelVersion:J03 CPUType:MPC755(2.3) CPUSpeed:399MHz BusSpeed:99.900MHz RAMSize:256MB FlashSize:8MB CPLDVersions:P303,G113 PICVersion:PICC-01081W/G01 FPGAVersions:loco=05.25.00 poco=06.81.05 BootVersions:boot0=CMTS_BOOT0_V00.00.24 boot1=CMTS_BOOT1_V00.02.90 boot2=CMTS_BOOT1_V00.02.90 LastBootVersion:CMTS_BOOT1_V00.02.90[1] SoftwareVersion:CMTS_V04.02.00.62 Uptime:2days1:36:25 Slot:16 Type:NAM ModelNumber:ENAM-01040W ModelVersion:F04 CPU Type: MPC 755 (2.3) CPU Speed: 399 MHz Bus Speed: 99.900 MHz RAM Size: 256 MB Flash Size: 8 MB CPLD Versions: P302, G109, A101 PIC Version: PICE-GB028W/E02 FPGA Versions: faste = 05.13.00 Boot Versions: boot0 = CMTS_BOOT0_V00.00.24 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 Last Boot Version: CMTS_BOOT1_V00.02.90 [2] Software Version: CMTS_V04.02.00.62 Uptime: 2 days 1:36:50 Slot: 17 Type: FCM Model Number: FCM-30640W
26-924
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions:
Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 18 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions:
Boot Versions:
Last Boot Version: Software Version: Uptime:
Release 4.2, Standard
E06 MPC 755 (2.3) 399 MHz 99.900 MHz 512 MB 8 MB P302, G103 No Pic czar = 08.60.04 faro = 03.33.00 llo = 02.14.00 merlin = 02.06.04 wrr = 06.10.00 boot0 = CMTS_BOOT0_V00.00.54 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [2] CMTS_V04.02.00.62 1 days 5:02:45 FCM FCM-30640W E06 MPC 755 (2.3) 399 MHz 99.900 MHz 512 MB 8 MB P302, G103 No Pic czar = 08.60.04 faro = 03.33.00 llo = 02.14.00 merlin = 02.06.04 wrr = 06.10.00 boot0 = CMTS_BOOT0_V00.00.54 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 1 days 4:46:21
ARRIS PROPRIETARY — All Rights Reserved
26-925
26 CLI Command Descriptions
Slot: 19 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime: Slot: 20 Type: Model Number: Model Version: CPU Type: CPU Speed: Bus Speed: RAM Size: Flash Size: CPLD Versions: PIC Version: FPGA Versions: Boot Versions:
Last Boot Version: Software Version: Uptime:
SCM SCM-02440W B02 MPC 755 (2.3) 399 MHz 99.900 MHz 512 MB 8 MB P302, C502 PICS-00440W/D01 sandm = 06.10.00 boot0 = CMTS_BOOT0_V00.00.54 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 1 days 5:04:10 SCM SCM-02440W B02 MPC 755 (2.3) 399 MHz 99.900 MHz 512 MB 8 MB P302, C502 PICS-00440W/D01 sandm = 06.10.00 boot0 = CMTS_BOOT0_V00.00.54 boot1 = CMTS_BOOT1_V00.02.90 boot2 = CMTS_BOOT1_V00.02.90 CMTS_BOOT1_V00.02.90 [1] CMTS_V04.02.00.62 1 days 4:47:56
Related Command(s)
show image reload
26-926
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
telnet Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Initiates a telnet session to the specified target. The specified target can be either an IP address or hostname if the hostname has been configured on the C4 CMTS. telnet [dest-port ] [sourceip ] Parameter
Definition
IP address or hostname (if a hostname has been configured on the C4) to telnet to.
[dest-port ]
Destination port address.
[source-ip ]
IP address to source session from.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-927
26 CLI Command Descriptions
terminal length Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Sets the number of lines for pagination of the console port. For Telnet sessions, a value will enable non-zero pagination. terminal length Parameter
Definition
NO Command
To reset the back to the default, use the following command: C4>
26-928
Sets the pagination length of the console port
terminal length no
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Tests DOCSIS® 1.1 features on the specified slot. For detailed information on the commands contained, refer to the test commands.
Purpose
test Parameter
Release 4.2, Standard
Definition
The number of the chassis slot.
ARRIS PROPRIETARY — All Rights Reserved
26-929
26 CLI Command Descriptions
test cm addr Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Displays hexadecimal dump of the CM object. test cm addr Parameter
26-930
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The 48-bit hardware address of the modem.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test cm class Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Displays classifier data for the specified cable modem. test cm class [sfid] Parameter
[sfid]
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The 48-bit hardware address of the modem. The identifier assigned to a service flow by the CMTS (32 bits)
ARRIS PROPRIETARY — All Rights Reserved
26-931
26 CLI Command Descriptions
test cm parm Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Displays parameter set for the specified cable modem. test cm parm [sfid] Parameter
[sfid]
26-932
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The 48-bit hardware address of the modem. The identifier assigned to a service flow by the CMTS (32 bits)
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test cm phs Default Access Level
Mode
Prompt
Privileged – 15ileged
System controller interface configuration
C4#
Purpose
Displays payload header suppression for the specified cable modem test cm phs [sfid] Parameter
[sfid]
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The 48-bit hardware address of the modem. The identifier assigned to a service flow by the CMTS (32 bits)
ARRIS PROPRIETARY — All Rights Reserved
26-933
26 CLI Command Descriptions
test cm sf Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Displays service flow data for the specified cable modem. test cm sf [sfid] Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 015.
[sfid]
26-934
The 48-bit hardware address of the modem. The identifier assigned to a service flow by the CMTS (32 bits)
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test cm status Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Displays status of the specified cable modem specified by the MAC address or SM state. test cm status Parameter
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The 48-bit hardware address of the modem.
ARRIS PROPRIETARY — All Rights Reserved
26-935
26 CLI Command Descriptions
test docsis2 110 Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Runs the DOCSIS 2.0 test number 110. NOTE For tests 110 and 111, the slot and downstream port must be valid ports on a 2Dx12U CAM. test docsis2 110 Parameter
26-936
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The downstream port. Enables or disables this test.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test docsis2 111 Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Runs the DOCSIS 2.0 test number 111. NOTE For tests 110 and 111, the slot and downstream port must be valid ports on a 2Dx12U CAM. test docsis2 111 Parameter
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The downstream port. Enables or disables this test.
ARRIS PROPRIETARY — All Rights Reserved
26-937
26 CLI Command Descriptions
test docsis2 112 Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Runs the DOCSIS 2.0 test number 112. test docsis2 112 Parameter
26-938
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The downstream port. Enables or disables this test.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test dsx add Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Adds a service flow based on a Service Class Name (SCN) and up to three IP destination classifiers per flow. One upstream flow, one downstream flow or one upstream and downstream flow can be specified. test dsx add “[up(scname act [classifier..])]” and/or ”[down(scname act [classifier...])]” Parameter
Definition
The chassis slot in which the targeted card resides. Valid values are from 0-15.
The primary service ID This is either the upstream or downstream port.
“[up(scname act [classifier..])]” and/or “[down(scname act [classifier...])]”
The scname refers to the service class name which is activated. Possible values are: Deactivate=0 Admit=2, Activate=4, AdmitAndActivate=6 The classifier is one of the following: •
The TCP/UDP source port start and end number. Valid range is 065535
•
IP address
Note: These parameters must be enclosed in quotation marks (“ “).
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-939
26 CLI Command Descriptions
test dsx change Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Changes an existing service flow based on a Service Class Name (SCN) and up to three IP destination classifiers per flow. One upstream flow, one downstream flow or one upstream and downstream flow can be specified Local DSc support. test dsx change “[up(scname act [classifier..])]” and/or ”[down(scname act [classifier...])]” Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
The primary service ID This is either the upstream or downstream port.
[“[up(scname act [classifier..])]” and/or “[down(scname act [classifier...])]”
The scname refers to the service class name which is activated. Possible values are: Deactivate=0 Admit=2, Activate=4, AdmitAndActivate=6 The classifier is one of the following: •
The TCP/UDP source port start and end number. Valid range is 065535
•
IP address
Note: These parameters must be enclosed in quotation marks (“ “).
26-940
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test dsx delete Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Deletes an existing service flow. The PSID is the Primary Service Flow for the CM and the SFID is the service flow that you want to deleted. test dsx delete Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
The primary service ID
The identifier assigned to a service flow by the CMTS (32 bits)
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-941
26 CLI Command Descriptions
test dsx enforce Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
For DSx test purposes only — turns off QoS Parameter Set validation for the specified CM. Allows the CMTS to be used as a test vehicle for CMs by allowing illegal QoS parameters through the CMTS where they should be caught by the CM. test dsx enforce Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20. The 48-bit hardware address of the modem. Rules for the specified cable modem:
0 = turns off CMTS ack 1 = turns on CMTS ack
26-942
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test dsx file Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Sends DSx message in the file to the specified MAC address. test dsx file Parameter
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20. The 48-bit hardware address of the modem. Location of where the file resides. There are two types of actions that can be performed, add or change.
ARRIS PROPRIETARY — All Rights Reserved
26-943
26 CLI Command Descriptions
test dsx ignore Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Ignore parameter rules for the specified cable modem if set to 1; otherwise don’t ignore. test dsx ignore Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20. The 48-bit hardware address of the modem. Rules for the specified cable modem:
0 = turns off CMTS ack 1 = turns on CMTS ack
26-944
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test dsx simackloss Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Simulate loss of CMTS ack for the specified cable modem. test dsx simackloss Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20. The 48-bit hardware address of the modem. Rules for the specified cable modem:
0 = turns off CMTS ack 1 = turns on CMTS ack
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-945
26 CLI Command Descriptions
test lab dci Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Configures how a cable interface will respond to DCI-REQ messages for CMs on the specified interface. test lab dci { | | | } Parameter
26-946
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20.
Configures the interface to ignore DCI-REQ messages from CMs on the interface. It does not send any DCI-RSP responses.
Configures the interface to reject the next DCI request.
Configures the interface to reject all DCI requests.
Configures the interface to accept all DCI requests.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test lab minislot Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Set the maximum mini-slot grant size. Grant requests greater than entered value results in fragmentation. test lab minislot Parameter
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20. The number of minislots
ARRIS PROPRIETARY — All Rights Reserved
26-947
26 CLI Command Descriptions
test lab piggyback Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Select mode; use 1 if you want piggybacking mode, use 0 if you want multiple grant mode test 5 lab piggyback Parameter
26-948
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-20.
Zero will put you in multiple grant mode One will put you in piggybacking mode
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test lab updis Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Disables upstream transmission for the specified MAC address. test lab updis Parameter
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. The 48-bit hardware address of the modem.
ARRIS PROPRIETARY — All Rights Reserved
26-949
26 CLI Command Descriptions
test map default uport Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Request information test map default uport default-sid default-iuc Parameter
The chassis slot in which the targeted module resides. Valid values are from 0-15.
Specifies the upstream port
26-950
Definition
Specifies the default-sid range Specifies the default-iuc
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test map req-poll broadcast Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Add broadcast request opportunities in map. test map req-poll broadcast uport reqs-persec Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
Specifies the upstream port
Release 4.2, Standard
Specifies the requests per second
ARRIS PROPRIETARY — All Rights Reserved
26-951
26 CLI Command Descriptions
test map req-poll priority Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Add priority request opportunities in map. test map priority uport reqs-per-sec sid Parameter
The chassis slot in which the targeted module resides. Valid values are from 0-15.
Specifies the upstream port
26-952
Definition
Specifies the SID
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test map req-poll reqdata Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Add request data opportunities in map. test map req-port reqdata uport reqs-per-sec sid Parameter
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
Specifies the upstream port
Release 4.2, Standard
Specifies the SID
ARRIS PROPRIETARY — All Rights Reserved
26-953
26 CLI Command Descriptions
test map req-poll unicast Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Add unicast request opportunities in map. test map req-poll unicast uport reqs-per-sec sid Parameter
The chassis slot in which the targeted module resides. Valid values are from 0-15.
Specifies the upstream port
26-954
Definition
Specifies the SID
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test map ugsad on Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Perform normal ugs/ad activity detection. Unsolicited grant size with activity detection (ugs/ad) — This kind of service is for traffic with a strict latency and throughput requirement that may temporarily cease to be transmitted at random intervals. test map ugsad on Parameter
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
ARRIS PROPRIETARY — All Rights Reserved
26-955
26 CLI Command Descriptions
test map ugsad rtps Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Send rtps request opportunities for all ugs/ad flows only. Real time polling service (rtps) — This kind of service is used for real time applications that may be sending data of variable length and at unpredictable intervals. An example of this kind of traffic might be Video over IP, which has a variable bandwidth requirement depending on the content of the video but still requires low transmit latency. Unsolicited grant size with activity detection (ugs/ad) — This kind of service is for traffic with a strict latency and throughput requirement that may temporarily cease to be transmitted at random intervals. test map ugsad rtps Parameter
26-956
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
test map ugsad ugs Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Send ugs grants for all ugs/ad flows only. Unsolicited grant service (ugs) — This kind of service is for traffic with a strict latency and constant throughput requirement. An example of this kind of traffic might be Voice over IP. Unsolicited grant size with activity detection (ugs/ad) — This kind of service is for traffic with a strict latency and throughput requirement that may temporarily cease to be transmitted at random intervals. An example of this kind of traffic might be Voice over IP with Voice Activity Detection or Silence Suppression active test map ugsad ugs Parameter
Release 4.2, Standard
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15.
ARRIS PROPRIETARY — All Rights Reserved
26-957
26 CLI Command Descriptions
test multicast-encryption Default Access Level
Mode
Prompt
Privileged – 15
System controller interface configuration
C4#
Purpose
Turns multicast encryption on or off. If the parameter is omitted, the current status will be printed. test multicast-encryption [on | off] Parameter
[on | off]
26-958
Definition
The chassis slot in which the targeted module resides. Valid values are from 0-15. Turns multicast encryption on or off
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
tftp Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Downloads or uploads files (get or put). tftp host-ip [udp-port ] [destination file ] [mode ] Parameter
Definition
IP address of the host.
[udp-port ]
UDP port number
[destination file ] [mode ]
The name (location) of the file to be downloaded (to get) or uploaded (to put). Either ascii or binary
Related Command(s)
copy
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-959
26 CLI Command Descriptions
trace logging dhcp Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Enables the tracing of DHCP events to the logging history. This command defaults to the brief version. To see the verbose logs, use the optional keyword “verbose”. trace logging dhcp [verbose] Parameter
[verbose]
NO Command
Definition
The mac address used to filter the DHCP notification Verbose
To disable tracing of DHCP events, use the following command: trace logging dhcp no
Related Command(s)
show logging debug show logging history clear logging history
26-960
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
trace logging modem Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Enables the tracing of modem events to the logging history. This command defaults to the brief version. To see the verbose logs, use the optional keyword “verbose”. trace logging modem [verbose] Parameter
Definition
The mac address of the modem
[verbose]
Verbose
NO Command
To disable modem event traces, use the following command: C4>
trace logging modem no
Related Command(s)
show logging debug show logging history clear logging history
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-961
26 CLI Command Descriptions
trace logging no Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Clears all enabled traces. trace logging no
26-962
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
trace logging ospf Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Enables tracing of OSPF events to the logging history. trace logging ospf
NO Command
To disable OSPF event traces, use the following command: C4#
trace logging ospf no
Related Command(s)
show logging debug show logging history clear logging history
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
26-963
26 CLI Command Descriptions
trace logging packetcable Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Enables the tracing of PacketCable events to the logging history. trace logging packetcable Parameter
Definition
The IP address of the MTA device.
NO Command
To disable PacketCable event traces, use the following command: C4#
trace logging packetcable no
Related Command(s)
show logging debug show logging history clear logging history
26-964
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
trace logging packetcable Default Access Level
Mode
Prompt
Privileged – 15
Cable interface configuration
C4#
Purpose
Enables all DQoS gate trace, event messaging, and all modem (except BPI and ranging) logging for a single customer as specified by the customer’s MTA IP address. trace logging packetcable Parameter
Definition
IP address of the Multimedia Terminal Adapter (MTA)
NO Command
To disable all DQoS gate trace, event messaging, and all modem (except BPI and ranging) logging, use the following command: C4#
Release 4.2, Standard
Choose either the packetcable multi-media (MM) events or the packetcable DQoS events to the logging history
trace logging no
ARRIS PROPRIETARY — All Rights Reserved
26-965
26 CLI Command Descriptions
trace logging rip Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Enables tracing of RIP events to the logging history. trace logging rip
NO Command
To disable RIP event traces, use the following command: C4#
trace logging rip no
Related Command(s)
show logging debug show logging history clear logging history
26-966
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
traceroute Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Allows you to determine the path a packet takes to get to a destination. The device sends out a sequence of User Datagram Protocol (UDP) datagrams to an invalid port address at the remote host. Three datagrams are sent initially, each with a Time-To-Live (TTL) field value set to one. The TTL value of 1 causes the datagram to “timeout” as soon as it hits the first router in the path. A response is then received with an ICMP Time Exceed Message (TEM) indicating that the datagram has expired. NOTE The configure ip vrf default icmp-time-exceeded command must be run or traceroute through the C4 will not work Another three UDP messages are now sent, each with the TTL value set to 2 which causes the second router to return ICMP TEMs. This process continues until the packets actually reach the other destination. Since these datagrams are trying to access an invalid port at the destination host, ICMP Port Unreachable Messages are returned, indicating an unreachable port, this event signals the Traceroute program that it is finished. Traceroute can also execute from the System Control Module ethernet port. If the source-ip option specifies the SCM’s IP address, then the traceroute will be sourced from the SCM’s ethernet port. If the source-ip address is not specified, or it specifies a Fabric Control Module (FCM) or Network Access Module (NAM) IP address, than the traceroute will be sourced from the FCM or NAM. The purpose behind this is to record the source of each ICMP Time Exceeded Message to provide a trace of the path the packet took to reach the destination from a given source by returning the sequence of hops the packet has traveled. traceroute [source-ip | hostname ] [min-ttl ] [max-ttl ] [timeout ] [probe-count ] [port-number ]
Parameter
[source-ip | hostname ]
Release 4.2, Standard
Definition
Default
IP address to source traceroute to
N/A
IP address to traceroute from or a hostname if it has been configured on the C4
N/A
ARRIS PROPRIETARY — All Rights Reserved
26-967
26 CLI Command Descriptions
Parameter
Definition
Default
[min-ttl ]
Specifies the starting TTL for the traceroute (first probe). This is used to start the traceroute beyond the known hops en route to the destination. Range is 1 to 64 hops
1
[max-ttl ]
Specifies the max number of hops to the destination. Range is 1 to 64 hops.
30
[timeout ]
Specifies the timeout in seconds for each ICMP echo request “probe”. Range is 1 to 100 seconds.
3
[probe-count ]
Specifies the number of “probes” to send at each TTL level. The range is 1 to 10 probes.
3
[port-number ]
Specifies the starting destination port number. The port number increments by 1 for each “probe”. Range is 1 to 65535.
33434
Example
To run a traceroute on IP address 10.44.8.200, use the following command: C4>
traceroute 10.44.8.200 probe-count 10 The following is an example of the output returned by the system:
Sourced via active FCM. Initiating traceroute to: 10.44.8.200 1: 10.44.8.200 0.020 ms 0.008 ms 0.007 ms ms 0.007 ms 0.008 ms 0.007 ms
0.007 ms
0.008 ms
Related Command(s)
configure ip vrf
26-968
ARRIS PROPRIETARY — All Rights Reserved
0.008 ms
0.00 8
07/05/05
C4 CMTS
unalias Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Removes the specified command alias from the alias list. unalias Parameter
Definition
The specific name you want to remove
Example
To remove the alias sls for show linecard status, type the following command: C4>
Release 4.2, Standard
unalias sls
ARRIS PROPRIETARY — All Rights Reserved
26-969
26 CLI Command Descriptions
wait Default Access Level
Mode
Prompt
Non-privileged – 0
User EXEC
C4>
Purpose
Delays the execution of the next command by the specified number of seconds. wait Parameter
Definition
Time in number of seconds. Valid range is 1-4,294,967,295 seconds.
Example
If you want to delay the next command by 10 seconds, type the following command: C4>
26-970
wait 10
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
write log Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Allows the user to generate a customized notification/log. write log [level ] Parameter
Definition
]
Writes a memo to the log Writes to log using priority levels. Values of priority level are: 1 2 3 4 5 6 7 8
[level ]
= = = = = = = =
emergency alert critical error warning notice* informational debug
*If no level is given, the system will default to 6 (notice).
Example
If you wanted to generate a “critical” message, you would type the following command: C4#
Release 4.2, Standard
write log “This is a test” level 3
ARRIS PROPRIETARY — All Rights Reserved
26-971
26 CLI Command Descriptions
write memory Default Access Level
Mode
Prompt
Privileged – 15
Privileged EXEC
C4#
Purpose
Writes the running configuration to memory. This command will also copy the critical /system directories and their files to the standby System Control Module (SCM). write memory
26-972
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
27. Standard and Cadant Enterprise MIBs
Topics
Page
CMTS SNMP MIB Variable Descriptions
2
Enterprise MIBs
3
This document describes the C4 CMTS Simple Network Management Protocol (SNMP) enterprise Management Information Base (MIB) variables. The enterprise MIBs are created by for the C4 CMTS, as opposed to the MIBs defined by the DOCSIS® standards. Simple Network Management Protocol (SNMP) is used to configure the C4 CMTS. The CMTS is fully SNMP manageable. DOCSIS® requires that the CMTS and cable modems (CM) implement many MIB tables as defined in various Request for Comments (RFCs). Additional private MIB tables have been defined to represent the hardware and software architecture of the CMTS. NOTE To manage a CMTS, the CMTS IP address must be either discovered (via SNMP discovery) or entered manually.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
27-1
27 Standard and Cadant Enterprise MIBs
CMTS SNMP MIB Variable Descriptions The set of SNMP variables that the CMTS supports is called the Management Information Base or MIB. The base is made up of several parts. The following table shows the SNMP standard draft MIB groups that the C4 CMTS supports. The order in which the MIB is compiled can be critical. Table 27-1 lists the SNMP, Standard, and DOCSIS® MIBs in the preferred loading sequence. Once these have been loaded, the Enterprise MIBs can be loaded in the order they are presented. Table 27-1: C4 CMTS SNMP, Standard, and DOCSIS® MIBs (in preferred loading order) MIB Name
Standard/Draft Number
SNMP MIBs SNMPv2-MIB
RFC 1907
SNMP-FRAMEWORK-MIB
RFC 2571
SNMP-MPD-MIB
RFC 2572
SNMP-TARGET-MIB
RFC 2573
SNMP-NOTIFICATION-MIB
RFC 2573
SNMP-USER-BASED-SM-MIB
RFC 2574
SNMP-VIEW-BASED-ACM-MIB
RFC 2575
SNMP-COMMUNITY-MIB
RFC 2576
Standard MIBs
27-2
BRIDGE-MIB
RFC 1493
IANAifType-MIB
(http://www.iana.org/assignments /ianaiftype-mib)
IF-MIB
RFC 2863
IGMP-STD-MIB
RFC 2933
INET-ADDRESS-MIB
RFC 3291
ETHERLIKE-MIB
RFC 2665
IP-MIB
RFC 2011
IP-FORWARD-MIB
RFC 2096
IPSEC-ISAKMP-IKE-DOI-TC
draft-ietf-ipsec-doi-tc-mid.07
OSPF-MIB
RFC 1850
RIPv2-MIB
RFC 1724
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
Table 27-1: C4 CMTS SNMP, Standard, and DOCSIS® MIBs (in preferred loading order) (Continued) MIB Name
Standard/Draft Number
UDP-MIB
RFC 2013
RADIUS-ACC-CLIENT-MIB
RFC 2620
RADIUS-AUTH-CLIENT-MIB
RFC 2618
DOCSIS
®
MIBs
DOCS-IF-MIB
draft-ietf-ipcdn-docs-rfmibv2-08
DOCS-IF-EXT-MIB
draft-ietf-ipcdn-docsisevent-mib-01
DOCS-CABLE-DEVICE-MIB
draft-ietf-ipcdn-device-mib2-01
DOCS-CABLE-DEVICE-TRAP-MIB
draft-ietf-ipcdn-docsisevent-mib-01
DOCS-BPI2-MIB
draft-ietf-ipcdn-mcns-bpi2-mib-05
DOCS-SUBMGT-MIB
draft-ietf-ipcdn-subscriber-mib-02
DOCS-QOS-MIB
draft-ietf-ipcdn-qos-mib-05
Enterprise MIBs The Enterprise MIBs are listed below along with a brief description of their functionality. These should be loaded after the SNMP, standard and DOCSIS® MIBs are loaded. They are listed in the preferred loading sequence. NETPLANE-POLICY-MIB — This MIB defines tables that support policy configurations. This configurable entities are access-lists, prefix-lists, route-maps, and distribute-lists. CADANT-PRODUCTS-MIB — This MIB contains definitions that give structure to the Cadant enterprise OID tree. CADANT-TC — This file contains textual convention definitions which are used by other Cadant Enterprise MIBs. CADANT-CMTS-CABLEGROUP-MIB — This MIB describes the concepts and data needed to configure and control the cable groups defined and implemented within the C4 CMTS. Load balancing is a key feature controlled by this MIB. CADANT-CMTS-DOWNCHANNEL-MIB — This MIB contains management definitions to configure, control, and report on DOCSIS® downstream channels in the CMTS. The Cadant downstream channel table provides all of the management functionality of the DOCS-IF-MIB down-
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
27-3
27 Standard and Cadant Enterprise MIBs
stream channel table. The Cadant version of the table also contains additional object definitions to support and control downstream channel features above and beyond the minimum requirements of DOCSIS®. CADANT-CMTS-EQUIPMENT-MIB — This MIB contains management information to support the equipment provisioning, hardware control, diagnostic control, and auditing control of the CMTS. CADANT-CMTS-IGMP-MIB — This MIB is based upon the IGMP-STDMIB and differs only in the object names prefixes, indexing scheme, and time-elapsed objects. CADANT-CMTS-LAYER2CMTS-MIB — This MIB contains the management definitions to configure, control, and report on the MAC layer, or layer 2, features of the CMTS. Port management, including interface bundling, is the most notable of these features. CADANT-CMTS-MAC-MIB — This MIB contains management definitions about the CMTSs knowledge of CMs and CPEs. The ARP table and modem summary tables are examples of this. CADANT-OSPF-MIB — This MIB is the equivalent of the standard OSPFMIB with the addition of a vrIndex column to associate an OSPF instance with its respective virtual router. CADANT-RIPv2-MIB — This MIB is the equivalent of the standard RIPv2-MIB with the addition of a vrIndex column to associate a RIP instance with its respective virtual router. CADANT-CMTS-REMOTE-QUERY-MIB — This MIB provides the management definitions to configure, control, and report on the Remote Cable Modem Query features of the CMTS. CADANT-CMTS-SYSTEM-MIB — This MIB contains management definitions to configure, control, and report on the non-equipment features of the CMTS. CADANT-CMTS-UPCHANNEL-MIB — This MIB contains management definitions to configure, control, and report on DOCSIS® upstream channels in the CMTS. The Cadant upstream channel and modulation profile tables provide all of the management functionality of the DOCS-IF-MIB upstream channel and modulation tables. The Cadant versions of these tables also contain additional object definitions to support and control upstream channel features above and beyond the minimum requirements of DOCSIS®. CADANT-HW-MEAS-MIB — This MIB contains management definitions to report hardware-based counts and status information. Many of the objects in this MIB form the foundation of DOCSIS®-required counts and status management objects.
27-4
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
CADANT-VIRTUAL-ROUTER-MIB — This MIB contains management definitions to configure and control the bulk of the layer 3 features of the CMTS, including the virtual router feature. CADANT-CMTS-DHCPRA-MIB — This MIB contains management definitions to configure, control, and report on the Dynamic Host Configuration Protocol Relay Agent (DHCPRA) in the CMTS. CADANT-IP-FORWARD-MIB — This MIB is the equivalent of the standard IP-FORWARD-MIB with the addition of a vrIndex column to associate an IP forwarding table with its virtual router. CADANT-CMTS-NOTIFICATION-MIB — This MIB defines objects which are of the type NOTIFICATION-TYPE and are used to define SNMP traps generated from the C4 CMTS. EXT-CADANT-AAA-MIB — This MIB module describes the proprietary AAA configuration parameters used to support authentication and authorization in the C4 CMTS. CADANT-CMTS-PC-EVENTSMSG-MIB — This MIB contains configuration objects that control PacketCable event messaging between the C4 and a record keeping server. CADANT-CMTS-POLICY-MIB — This MIB defines configuration objects for AMen (access control lists and distribute lists). CADANT-DQOS-GATE-MIB — this MIB defines configuration objects for PacketCable DQos Gate control. CADANT-TIME-MIB — this MIB defines the objects for controlling and reporting on the various Time of Day Services in the Cadant C4 CMTS. These Time of Day services include the TOD protocol, the NTP protocol, and manual configuration. CADANT-TACSAS+-CLIENT-MIB — this MIB defines configuration support for TACACS+. CADANT-CMTS-DNSCLIENT-MIB — this MIB defines configuration support for C4 DNS resolver usage (ping, traceroute). CADANT-CMTS-PACKETCABLE-MIB — this MIB is a general-purpose management MIB for PacketCable. CADANT-CMTS-PROCESS-MIB — this MIB contains objects for monitoring the current CPU and memory resources of the ARRIS Cadant C4 CMTS. CADANT-IRDP-MIB — this MIB modules defines objects to manage the ICMP Router Discover Protocol (IRDP) in the ARRIS Cadant C4 CMTS.
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
27-5
27 Standard and Cadant Enterprise MIBs
CADANT-TRAP-LOG-MIB — this MIB contains objects for configuring syslog and trap features in the ARRIS Cadant C4 CMTS. ARRIS-CMTS-FFT-MIB — this MIB contains objects for observing and managing the usage of the upstream spectrum in the ARRIS Cadant C4 CMTS. CADANT-IKE-MIB — this MIB contains objects for managing the Internet Key Exchange (IKE) protocol in the ARRIS Cadant C4 CMTS. IKE is a protocol used to exchange keys for IPSec. CADANT-MAP-STATS-MIB — this MIB contains objects to display counts and statistical information for the DOCSIS map-makers. There exists a single map-maker for each upstream channel. The map-makers hold the keys to the upstream bandwidth. Thus, one is able to gain insight into how the upstream bandwidth is being managed by analyzing the various map-maker counts and statistics in this MIB.
27-6
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
List of CLI Commands 1 alias
26-2
2 archive
26-3
3 cd
26-4
4 chkdisk
26-5
5 clear arp-cache
26-6
6 clear cable filter counters
26-7
7 clear cable filter group counters
26-8
8 clear cable filter group index counters
26-9
9 clear cable flap-list
26-10
10 clear cable modem //[] reset
26-13
11 clear cable modem all reset
26-12
12 clear cable modem cable //[] all reset
26-14
13 clear cable modem cable //[] oui reset
26-15
14 clear cable modem oui reset
26-17
15 clear cable proto-throttle history
26-18
16 clear counters fastethernet /[]
26-19
17 clear counters gigabitethernet /[]
26-20
18 clear crypto sa
26-21
19 clear ip route vrf
26-22
20 clear line console
26-24
21 clear line vty
26-25
22 clear line
26-23
23 clear logging debug
26-26
24 clear logging history
26-27
25 clear logging local
26-28
26 clear logging qos-service-flow
26-29
27 clear packetcable cops counts
26-30
28 clear packetcable gate
26-31
29 clear packetcable gatectl counts
26-32
30 cls
26-33
31 configure absolute-timeout
26-34
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
CLI-i
C4 CMTS
32 configure access-list
26-36
33 configure access-list icmp
26-37
34 configure access-list igmp
26-38
35 configure access-list ip
26-39
36 configure access-list num
26-41
37 configure access-list tcp
26-42
38 configure access-list udp
26-44
39 configure access-list
26-35
40 configure access-list remark
26-46
41 configure accounting
26-47
42 configure aging
26-48
43 configure arp timeout
26-50
44 configure arp
26-49
45 configure audit autoscheduling enable
26-51
46 configure audit log enable
26-52
47 configure audit logthrottle enable
26-53
48 configure audit sequence card enable
26-56
49 configure audit sequence card run-now
26-57
50 configure audit sequence card enable
26-58
51 configure audit sequence card enable
26-54
52 configure audit sequence card run-now
26-55
53 configure authentication radius local
26-61
54 configure authentication
26-59
55 configure authorization
26-62
56 configure autorecovery
26-64
57 configure banner login
26-65
58 configure banner motd
26-67
59 configure cable cm-cfg-reg-req-time
26-69
60 configure cable concatenation-docsis10
26-70
61 configure cable dsg client-id-list
26-71
62 configure cable dsg ds-frequency-list
26-73
63 configure cable dsg timer-list
26-75
64 configure cable dsg tunnel classifier
26-78
65 configure cable dsg tunnel
26-77
66 configure cable dsg vsp-list
26-80
67 configure cable filter group index log
26-82
CLI-ii
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
68 configure cable flap-list power-adjust threshold
26-83
69 configure cable fragmentation-docsis10
26-84
70 configure cable freq-range
26-85
71 configure cable load-interval
26-86
72 configure cable max-qos-active-timeout
26-87
73 configure cable max-qos-admitted-timeout
26-88
74 configure cable max-traffic-burst-docsis11
26-89
75 configure cable modem remote-query
26-90
76 configure cable modulation-profile iuc
26-91
77 configure cable percentaddtldsbandwidth
26-99
78 configure cable privacy add-certificate
26-100
79 configure cable privacy ca-cert-trust
26-103
80 configure cable privacy cm-cert-trust
26-104
81 configure cable proto-throttle
26-105
82 configure cable proto-throttle
26-106
83 configure cable tcp-smoothing
26-107
84 configure cable unicast-polling pri
26-108
85 configure cable upstream-lockup-detection modem-threshold
26-111
86 configure cableauthstring
26-112
87 configure cable-group cable / load-balance
26-114
88 configure cable-group
26-113
89 configure clock network
26-115
90 configure clock set
26-116
91 configure clock timezone
26-117
92 configure cos-mapping
26-128
93 configure counts collection rate
26-130
94 configure crypto dynamic-map match address
26-132
95 configure crypto dynamic-map set peer
26-133
96 configure crypto dynamic-map set security-association lifetime seconds
26-134
97 configure crypto dynamic-map set transform-set
26-135
98 configure crypto dynamic-map
26-131
99 configure crypto ipsec security-association lifetime seconds
26-136
100 configure crypto ipsec transform-set
26-137
101 configure crypto ipsec transform-set authentication
26-138
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
CLI-iii
C4 CMTS
102 configure crypto ipsec transform-set encryption
26-139
103 configure crypto ipsec transform-set mode
26-140
104 configure crypto isakmp enable
26-141
105 configure crypto isakmp key
26-142
106 configure crypto isakmp local-address
26-143
107 configure crypto isakmp policy
26-144
108 configure crypto key export
26-145
109 configure crypto key generate
26-146
110 configure crypto key import
26-147
111 configure crypto key zeroize
26-148
112 configure crypto map ipsec-isakmp dynamic
26-150
113 configure crypto map ipsec-isakmp match address
26-151
114 configure crypto map ipsec-isakmp set peer
26-152
115 configure crypto map ipsec-isakmp set security-association lifetime seconds
26-153
116 configure crypto map ipsec-isakmp set transform-set
26-154
117 configure crypto map ipsec-isakmp
26-149
118 configure diag loop
26-156
119 configure diag
26-155
120 configure disconnect ssh
26-157
121 configure disk volume scm clone-access
26-160
122 configure disk volume
26-158
123 configure enable
26-161
124 configure fan monitor shutdown
26-163
125 configure fan speed-control shutdown
26-164
126 configure ftp-server
26-166
127 configure hostname
26-167
128 configure interface /[] ip igmp backup-proxy-interface
26-405
129 configure interface /[] ip igmp multicast-static-only
26-407
130 configure interface /[] ip igmp static-group
26-406
131 configure interface [/] igmp static-group
26-404
132 configure interface cable authorization-module packetcable
26-170
CLI-iv
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
133 configure interface cable authorization-module open-dynamic-flow-policy
26-169
134 configure interface cable / cable bundle [/master port]
26-171
135 configure interface cable / cable bundle master
26-172
136 configure interface cable / cable dhcp-giaddr
26-173
137 configure interface cable / cable downstream annex
26-174
138 configure interface cable / cable downstream clone-group-enable
26-175
139 configure interface cable / cable downstream description
26-177
140 configure interface cable / cable downstream dsg ds-frequency-list
26-178
141 configure interface cable / cable downstream dsg no
26-179
142 configure interface cable / cable downstream dsg timer-list
26-180
143 configure interface cable / cable downstream dsg tunnel-group 26-181 144 configure interface cable / cable downstream dsg vsp-list
26-183
145 configure interface cable / cable downstream dsg dcd-enable
26-176
146 configure interface cable / cable downstream frequency
26-185
147 configure interface cable / cable downstream insertion-interval
26-186
148 configure interface cable / cable downstream interleave-depth
26-187
149 configure interface cable / cable downstream invitedranging-attempts
26-188
150 configure interface cable / cable downstream level1-threshold
26-189
151 configure interface cable / cable downstream level2-threshold
26-190
152 configure interface cable / cable downstream level3-threshold
26-191
153 configure interface cable / cable downstream max-round-trip-delay
26-192
154 configure interface cable / cable downstream modulation
26-193
155 configure interface cable / cable downstream power-adjust
26-194
156 configure interface cable / cable downstream power-level
26-195
157 configure interface cable / cable downstream range-cycle-interval
26-196
158 configure interface cable / cable downstream ranging-interval
26-197
159 configure interface cable / cable downstream restore
26-198
160 configure interface cable / cable downstream show
26-199
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
CLI-v
C4 CMTS
161 configure interface cable / cable downstream shutdown
26-200
162 configure interface cable / cable downstream sync-interval
26-201
163 configure interface cable / cable downstream ucd-interval
26-202
164 configure interface cable / cable downstream voice-limits allowed-emergency
26-203
165 configure interface cable / cable downstream voice-limits allowed-normal
26-204
166 configure interface cable / cable downstream voice-limits allowed-total
26-205
167 configure interface cable / cable downstream voice-limits emergency-preemption
26-206
168 configure interface cable / cable downstream voice-limits reserved-emergency
26-207
169 configure interface cable / cable downstream voice-limits reserved-normal
26-208
170 configure interface cable / cable dynamic-secret
26-209
171 configure interface cable / cable helper-address
26-210
172 configure interface cable / cable privacy chk-validity-period
26-211
173 configure interface cable / cable privacy default-cert-trust
26-213
174 configure interface cable / cable privacy kek-cm life-time
26-216
175 configure interface cable / cable privacy kek-cm-reset send-auth-invalid
26-221
176 configure interface cable / cable privacy kek-cm-reset invalidate-auth
26-219
177 configure interface cable / cable privacy tek life-time
26-226
178 configure interface cable / cable privacy tek-said life-time
26-228
179 configure interface cable / cable privacy tek-said-reset
26-229
180 configure interface cable / cable privacy kek life-time
26-215
181 configure interface cable / cable privacy kek-cm-reset invalidate-tek
26-220
182 configure interface cable / cable privacy kek-cm-reset
26-218
183 configure interface cable / cable privacy multicast authorization
26-222
CLI-vi
ARRIS PROPRIETARY — All Rights Reserved
07/05/05
C4 CMTS
184 configure interface cable / cable privacy multicast map
26-224
185 configure interface cable / cable source-verify
26-230
186 configure interface cable / cable tftp-enforce
26-231
187 configure interface cable / cable upstream cable-group-id
26-233
188 configure interface cable / cable upstream channel-width
26-236
189 configure interface cable / cable upstream connector
26-237
190 configure interface cable / cable upstream databackoff
26-238
191 configure interface cable / cable upstream frequency
26-240
192 configure interface cable / cable upstream ingress-cancellation
26-241
193 configure interface cable / cable upstream level1-threshold
26-242
194 configure interface cable / cable upstream level2-threshold
26-243
195 configure interface cable / cable upstream level3-threshold
26-244
196 configure interface cable / cable upstream map-size
26-246
197 configure interface cable / cable upstream max-power-adj
26-247
198 configure interface cable / cable upstream mini-slot-size
26-248
199 configure interface cable / cable upstream modulation-profile
26-249
200 configure interface cable / cable upstream power-level
26-250
201 configure interface cable / cable upstream pre-eq-enable
26-253
202 configure interface cable / cable upstream restore
26-255
203 configure interface cable / cable upstream scdma
26-256
204 configure interface cable / cable upstream show
26-257
205 configure interface cable / cable upstream shutdown
26-258
206 configure interface cable / cable upstream threshold-power-offset
26-259
207 configure interface cable / cable upstream voice-limits allowed-emergency
26-260
208 configure interface cable / cable upstream voice-limits allowed-normal
26-261
209 configure interface cable / cable upstream voice-limits allowed-total
26-262
210 configure interface cable / cable upstream voice-limits emergency-preemption
26-263
Release 4.2, Standard
ARRIS PROPRIETARY — All Rights Reserved
CLI-vii
C4 CMTS
211 configure interface cable / cable upstream voice-limits reserved-emergency
26-264
212 configure interface cable / cable upstream voice-limits reserved-normal
26-265
213 configure interface cable / cable upstream
26-232
214 configure interface cable / cable upstream description
26-239
215 configure interface cable / cable upstream docsis-mode
26-235
216 configure interface cable / description
26-266
217 configure interface cable / ip scm access-group
26-300
218 configure interface cable / restore
26-303
219 configure interface cable / shutdown
26-305
220 configure interface cable / spare-group
26-306
221 configure interface cable / voice-limits emergency-preemption
26-310
222 configure interface cable / voice-limits
26-309
223 configure interface cable /[] ip igmp backup-proxy-interface
