This chapter provides an overview of the Cisco Broadband Operating System (CBOS) and its features. CBOS is the common operating system for all Cisco Customer Premise Equipment (CPE), including the Cisco 675, the Cisco 675e, the Cisco 676, and the Cisco 677.
Note These products are referred to as the Cisco 67x product line. When you see 67x in this documentation, substitute the hardware product you are using.
The CBOS is modeled after the Cisco Internetworking Operating System (IOS) and features a similar command syntax and format.
PPP/Internet Protocol Control Protocol (IPCP)Dynamically configures IP addresses over Point-to-Point Protocol (PPP). The Cisco CPE family uses PPP/IPCP to dynamically negotiate its own registered WAN interface IP address from a central access server. PPP/IPCP and DHCP are different methods of assigning addresses. The 67x can also be provisioned to obtain its LAN-side (ETH0) address via IPCP.
DHCP ClientAn Internet host using DHCP to obtain configuration parameters such as a network address.
DHCP ServerAn Internet host that returns configuration parameters to DHCP clients.
InsideThe set of network addresses that are subject to conversion by NAT. These addresses exist on the LAN side of the router.
OutsideCommonly referred to as legal or global addresses. These addresses exist on the WAN side of the router.
Outbound TrafficTraffic from an inside host to an outside host
Inbound TrafficTraffic from an outside host to an inside host.
Lease TimeThe amount of time that an address given to a DHCP client by a DHCP server remains valid. The lease time can be either:
A finite lease-time in which the client must renew the lease before it expires in order to continue using the address.
An infinite lease-time in which the client maintains the same IP address as long as it stays connected to the network
This section describes the CBOS-supported features that are common to the Cisco Customer Premise Equipment (CPE) product line.
Reduces or eliminates the need for you to manually configure CPE devices
Minimizes the need for configuration of the PCs in a Small Office/Home Office (SOHO) network
Incorporates the DHCP server and NAT functionality.
DHCP automatically configures the IP addresses of both the Cisco CPE 67x series products and PC clients within the SOHO network. NAT uses one or more public IP address to translate the SOHO network's private IP address space into real, Internet-valid network IP addresses (Figure 1-1).
The combination of DHCP and NAT in the Cisco PPP/ATM environment supports a configurationless CPE provisioning by automatically configuring both the Cisco 67x and the associated SOHO network at power-on. A minimal configuration is required in the user PC (typically a single check-box to enable DHCP operation) but all PCs within the network have identical settings which simplifies initial provisioning and network support.
Stand-alone modeIt fully configures the SOHO network with IP addresses, default gateways, and Domain Name Servers (DNSs).
The Cisco 67x DHCP then configures the Cisco 67x and provides sufficient information to allow the Cisco 67x-based DHCP server to configure the SOHO network as well.
2. The Cisco 67x (see Figure 1-1) sends a DHCP client request to the service provider's network.
3. The Cisco 67x obtains configuration information from the service provider's DHCP server.
4. The Cisco 67x turns into a DHCP server and can configure SOHO clients (PC#1, PC#2, and PC#3).
Note If you use the DHCP client mode, you must also use the DHCP server mode.
5. When the DHCP server is enabled, the Cisco 67x must contain a valid DHCP configuration, which has been either manually provisioned or obtained during a previous client transaction.
If this is the first time the Cisco 67x has performed a client request, it ignores all network traffic until the Cisco 67x client transaction has completed.
6. The Cisco 67x saves the client configuration information obtained during the client transaction to NVRAM for subsequent use.
If a client transaction results in configuration information that differs from that which is stored in NVRAM, the Cisco 67x saves the new configuration to NVRAM and uses the new information on the subsequent power-cycle.
NAT in the Cisco 67x translates private (or Internet-invalid) IP addresses to public (Internet-valid) IP addresses. By dynamically creating a table of translation information each time data is exchanged with any network outside of the SOHO network, the CPE device allows multiple PCs to oversubscribe a single, public IP address. This powerful feature both conserves IP addresses and minimizes customer reconfiguration of a local SOHO network.
Use NAT if you cannot use a network's internal private addresses outside either for security reasons or because the addresses are invalid outside the network.
Basic NAT allows a one-to-one mapping between one private address and one public address.
Network Address Translation is predominantly application-independent, with the exception of FTP. However, the Cisco implementation of NAT fully supports full-rate FTP. Applications that include IP addresses within the packet payload will fail without special NAT-wise consideration.
Other benefits of the Cisco implementation of NAT on CPE products include:
Abstracts the customer premise network from any changes in the service provider network (including changing service providers).
Enables access (from the public Internet) to a specific private SOHO host by statically mapping a real IP address to a private host's IP address. This static mapping would facilitate the operation of a Web server, for example, within a network served by Cisco CPE products.
Preserves all of the Cisco 67x's layer three management features. TFTP (for firmware updates), TELNET (for general management), ping, and traceroute all operate in the same manner as when NAT is disabled, provided there is no static mapping from the outside address to an inside address.
Supports transparent use of the Domain Name Server (DNS) mechanism for outside hosts requests. This means that NAT does not interfere with host name look-ups such as CISCO.COM. However, for hosts inside the SOHO network's private address space, a DNS server (or LMHOSTS file) is required in the SOHO network to resolve host names automatically.
Does not impose any requirements on service provider configurations. Service providers provide their own NAT IP address (that is, registered to the service provider) for translation of 67xs outside network address.
When both NAT and DHCP are enabled, the Cisco 67x becomes virtually configurationless. NAT obtains the public address used for translation in the same manner as described above. However, DHCP does not require any additional provisioning since NAT translates all address information to the outside, public address. You can use a DHCP client transaction to obtain DNS, WINS, and other information for subsequent SOHO DHCP server operation, but this is not required.
When a DHCP client transaction is in progress, the Cisco 67x delays NAT implementation until the client transaction completes. This ensures that the most current information is used for server operation.
The end result for the SOHO users (PC#1, PC#2, and PC#3) (see Figure 1-1) is as follows:
1. SOHO users turn on their un-configured machines with DHCP enabled. Within seconds, they are surfing the Internet using a configuration totally and transparently supplied by their service provider.
2. Clients are not affected by changes at the service provider.
In addition to DHCP and NAT, CBOS also supports the applications, listed below, for management and control of the system:
Ping (packet Internet groper)
Cisco CPE products support the standard version of ping (packet Internet groper), which tests whether a particular network destination is online by sending an Internet control message protocol (ICMP) echo request and waiting for a response.
Using the CBOS, the Cisco 67x allows you to specify a remote server for logging system messages. Cisco supports the following levels of severity:
Debug
Info
Warning
Alarm
Critical
Crash
These are similar to the standard BSD style severity levels for SYSLOG; however, they do not include None and Mark.
To configure your syslog daemon to receive Cisco SYSLOG messages, modify the /etc/syslog.conf configuration file (remember to use tabs, not spaces). Several systems, such as Linux and FreeBSD, have SYSLOG set up properly by default.
For security reasons, Cisco recommends that you disable the TFTP application, except when uploading or downloading a file. Typically, use TFTP to transfer new software from Cisco to your Cisco 67x, where the file name equals nsrouter.c67x.<version #>ima.hr. You can also use TFTP to archive an image of your CBOS configuration file. This configuration file can be named anything you wish as long as you can view and edit the file with a standard text editor. Use the.cfg extension to make the configuration file easy to locate and to assure that it can be viewed and edited by a standard text editor. Archive an image of your configuration file before making changes to it so you can easily recover the old file if necessary. When uploading a configuration file to the 67x, you must name the configuration file nscfg.cfg before uploading.
Command Line InterfaceThis interface is designed for experienced personnel to use in their day-to-day tasks for operating banks of Cisco 67xs. Access this interface using either a Telnet or a terminal emulation program.
From the CBOS prompt, use the help command to display the online help system for a specified command. Refer to "Using the Command Line Interface," for more information on the help command. To access the Help Facility, enter the following command from the command line:
help [command-name]
or
? [command-name]
For example, to display information about the show version command, enter: