|
|
This document addresses the following topics:
Cisco uBR900 series cable access routers are fully-functional Cisco IOS routers and standards-based bidirectional cable modems that give a residential or small office/home office (SOHO) subscriber high-speed Internet or Intranet access and packet telephone services via a shared two-way cable system and IP backbone network. Cisco uBR900 series cable access routers are based on the current Data-Over-Cable Service Interface Specifications (DOCSIS) standards, and interoperate with any bidirectional, DOCSIS-qualified headend cable modem termination system (CMTS).
Cisco uBR900 series routers connect computers, telephone equipment, and other customer premises devices at a subscriber site to the service provider's Hybrid/Fiber Coax (HFC) and IP backbone network. Functioning as cable modems, the Cisco uBR900 series routers transport data and voice traffic on the same cable system that delivers broadcast TV signals.
Cisco uBR900 series cable access routers typically ship from the Cisco factory with a Cisco Internetwork Operating System (IOS) software image stored in nonvolatile memory (NVRAM). The standard Cisco IOS software image supports DOCSIS-compliant bridging operation for data as the default.
Based on the feature licenses purchased, other Cisco IOS images can be downloaded from Cisco Connection Online (CCO). Each Cisco uBR900 series router in your network can then be configured to support Voice over IP (VoIP) and/or other special operating modes based on your service offering and the practices in place for your network. A Cisco uBR900 series device can function as an advanced router, providing wide area network (WAN) data connectivity in a variety of configurations.
This section briefly describes the common feature sets supported by the Cisco uBR900 series cable access routers. Each feature set contains a number of features that provide a specific functionality such as Voice over IP (VoIP) or virtual private network (VPN) access.
The following feature set categories are currently available:
The data and voice feature sets add Voice over IP (VoIP) support to the same base features contained in the data only feature sets. Telephones that are connected to the uBR924 cable access router can make voice calls over the Internet using either the H.323 (Gateway/Gatekeeper) voice control protocol or Simple Gateway Control Protocol (SGCP). (For more information on these protocols, refer to H.323 Protocol Stack and SGCP Protocol Stack in this document.)
Because voice calls are real-time traffic, the Cisco uBR924 cable access router supports the DOCSIS Quality of Service (QoS) enhancements to give higher priority to IP packets containing voice traffic.
Note Feature sets and software images vary depending on the cable access router model you are using and the Cisco IOS software release that is running. For a list of the available software images for your application, and the specific features contained in each image, refer to the release notes for the Cisco uBR900 series cable access router and Cisco IOS software release you are using. This document describes the features available for the Cisco uBR904 and uBR924 cable access routers in Cisco IOS Release 12.0(7)T.
The following feature sets are available in data and voice versions as well as in data only versions:
These feature sets are described in the following sections.
Base IP Bridging includes full and DOCSIS-compliant bridging and DOCSIS Baseline Privacy. The Base IP Bridging feature set allows the Cisco uBR900 series cable access router to function as a DOCSIS 1.0 cable modem and to interoperate with any DOCSIS 1.0-qualified CMTS. It provides basic high-speed Internet connectivity for users who want to connect only one computer to the cable network.
DOCSIS-compliant bridging (also referred to as "plug-and-play" bridging) is the default configuration for Cisco uBR900 series cable access routers. While in plug-and-play bridging mode, the router locates a downstream and upstream channel; finds ToD, TFTP, and DHCP servers; obtains an IP address; downloads a DOCSIS configuration file; and obtains DHCP parameters to work in bridging mode.
In DOCSIS-compliant bridging mode, the Cisco uBR900 series cable access router acts as a transparent bridge for the following device combinations:
Note The ability of the Cisco uBR900 series cable access router to grant access to CPE devices is controlled by the MAX CPE field in the DOCSIS configuration file. The MAX CPE field defaults to one CPE device unless otherwise set to a higher number.
The Home Office feature set provides high-speed Internet connectivity for customers who have a small home network (typically 2-4 computers). In addition to full DOCSIS 1.0 support and all of the functionality of the Base IP Bridging feature set, the Home Office feature set (also known as Easy IP) supports intelligent Dynamic Host Configuration Protocol (DHCP) server functions, including DHCP Relay Agent and DHCP Client functionality. It also supports Easy IP (NAT/PAT).
This feature set allows the Cisco uBR900 series cable access router great flexibility in administering IP addresses for the PCs and other customer premises equipment it is connecting to the cable network. The DHCP functionality allows intelligent use of the IP addresses that allow customer premises computers and other equipment to connect to the Internet. The NAT/PAT functionality allows you to use private IP addresses on the local network, while still maintaining connectivity to the Internet.
In addition to full DOCSIS 1.0 support and all of the functionality of the Easy IP feature set, the Small Office feature set supports the Cisco IOS firewall feature set which provides a wide range of security features for Cisco uBR900 series cable access routers. Using the firewall feature set, Cisco uBR900 series cable access routers act as buffers between the customer's private enterprise network and the Internet and other connected public networks.
In firewall mode, the Cisco uBR900 series cable access router provides a high-speed Internet connection for an office's local network while protecting the computers on the office network from common attacks such as denial of service attacks and destructive Java applets, as well as real-time alerts of such attacks.
The Small Office feature set can be optionally extended with support for IPSec encryption to ensure that the traffic passed over the Internet cannot be intercepted. You can select either standard 56-bit IPSec Network Security encryption or high-security 168-bit Triple Data Encryption Standard (DES) encryption.
In addition to full DOCSIS 1.0 support and all of the functionality of the Easy IP feature set, the Telecommuter feature set supports IPSec encryption and the Layer 2 Tunneling Protocol (L2TP), which can establish secure high-speed Internet connections between employees' homes and the office local network.
IPSec is an IP security feature that provides robust authentications and encryption of IP packets for the secure transmission of sensitive information over unprotected networks such as the Internet. You can select either standard 56-bit IPSec Network Security encryption or high-security 168-bit Triple Data Encryption Standard (DES) encryption.
L2TP is an extension of the Point-to-Point Protocol (PPP) that allows computers on different physical networks to interoperate as if they were on the same local area network (LAN). These features are important components for Virtual Private Networks (VPNs).
Note The Telecommuter feature set does not require the firewall feature set because the individual telecommuter has a secure connection to the office network. The office network, however, should implement a firewall for its own connection to the Internet.
Figure 1 illustrates a typical broadband data cable system. Data transmitted to a Cisco uBR900 series cable access router from the service provider's CMTS shares a 27 or 26 Mbps, 6 MHz data channel in the 88 to 860 MHz range. The Cisco uBR900 series cable access router shares an upstream data rate of up to 10 Mbps on a 200 kHz-wide to 3.2 MHz-wide channel in the 5 to 42 MHz range.
Note End-to-end throughput varies based on the design and loading of network components, the mix of traffic, the processing speed and interface of the host server(s), the processing speed and local Ethernet performance of the subscriber's computer, as well as other parameters. Since the network can be configured to support multiple levels of service to meet differing market price/performance requirements, the subscriber's service level agreement also affects throughput. DOCSIS further contains some fundamental performance limitations because standards are designed to give a larger number of customers good performance, rather than permitting a few users to consume the entire capacity.
The broadband data cable system uses multiple types of access control to ensure efficient use of bandwidth over a wide range of loading conditions. Advanced queuing techniques and service algorithms are used to define the acquisition and release of channels.
Cisco uBR900 series cable access routers support 64 or 256 Quadrature Amplitude Modulation (QAM) downstream, and Quadrature Phase Shift Keying (QPSK) or 16 QAM upstream transmission. This allows the CMTS system administrator to set the preferred modulation scheme based on the quality of the cable plant.
Note In noisy plant environments, 16 QAM upstream and 256 QAM downstream modulation may not be viable. In high-quality HFC networks capable of supporting 16 QAM formats in the upstream direction, Cisco recommends using QPSK for fixed-slot short packets like maintenance or data requests, and 16 QAM for variable length data packets. This results in the most efficient use of the available upstream timeslots or minislots.
The system uses Transmission Control Protocol/Internet Protocol (TCP/IP) to transmit data. TCP/IP transmits data in segments encased in IP datagrams, along with checksums to detect data corruption and sequence numbers to ensure an ordered byte stream on the TCP connection between the Cisco cable access router and the CMTS.
Cisco cable access routers also support multicast services—data streams sent to groups of subscribers. These applications utilize the User Datagram Protocol (UDP) instead of TCP. Since UDP does not mandate upstream acknowledgments, these applications can be very efficient in the network. Additionally, restricting upstream throughput will have no effect on downstream UDP streaming throughput.
Note Interactive games are the exception. Although low latency is required in gaming applications, high upstream data throughput is not demanded since the volume of data transmitted upstream is typically small.
Table 1 Cisco uBR900 Series Cable Access Router Data Specifications
Each Cisco uBR900 series cable access router on the network is configured to receive data on a particular downstream channel. A downstream channel contains upstream segment(s). Each upstream segment typically serves more than one fiber node.
Partitioning the upstream plant into smaller segments significantly reduces the number of potential ingress sources and failure points. The CMTS divides the cable plant into downstream channels and upstream segments or clusters of nodes.
When operating normally, the Cisco uBR900 series cable access router receives data addressed to it from the CMTS. The router reads the address in the header of the message, filters the message and forwards it to the appropriate device at the subscriber site.
Note Bandwidth at the subscriber site is shared by the active data users connected to the network segment.
For upstream data transfer, the Cisco cable access router uses a request/grant mechanism to obtain upstream bandwidth. The CMTS configures, via MAC messages, upstream parameters associated with transmissions from all Cisco cable access routers on the system. Service class registration is granted based on class assignment and load provisioning. Upstream channels are time slotted and divided into basic scheduling time units.
The CMTS informs the Cisco cable access router of minislot structures on the upstream channel. Some minislots are marked as contention-based—shared by routers to make bandwidth (timeslot) requests with the CMTS. Others are grouped together into unicast grants for specific routers to send their data bursts. Yet others are grouped together into maintenance slots for "keep alive" messages from routers to the CMTS.
In bridging applications, the Cisco uBR900 series cable access router acts as a transparent bridge for up to 254 devices depending on the version of Cisco IOS software you are using. Older versions of software allow a maximum of 3 CPE devices to be bridged. The cable access router is connected to the Internet through the coaxial cable interface. All four 10BaseT Ethernet ports are treated as one Ethernet interface by the Cisco IOS software. The IP addresses for the CPE devices and the coaxial cable interface are typically in the same subnet, although this is not a requirement.
The Cisco uBR900 series complies with the DOCSIS standards for interoperable cable access routers; it supports full transparent bridging as well as DOCSIS-compliant transparent bridging.
Note If the attached CPE devices and the coaxial cable interface are in different IP subnets, the cable interface must have a secondary address.
DOCSIS-compliant transparent bridging is the factory default configuration of the Cisco uBR900 series cable access router. If your cable service provider is using a DHCP server, all you need to do is connect the cables and power on the cable access router; your service provider's configuration program will automatically configure both the coaxial cable interface and the bridging functionality. You do not need to set up IP addresses for the attached PCs or enter any Command Line Interface (CLI) configuration commands. This type of operation is called plug-and-play bridging.
In DOCSIS-compliant bridging mode, the cable access router is able to locate a downstream and upstream channel; find the TOD, TFTP, and DHCP server(s); obtain an IP address; download a DOCSIS configuration file; and obtain DHCP parameters to work in a bridging mode.
You can configure a customized bridging application on the Cisco uBR900 series using a downloadable configuration file or the CLI. See the sections "Configuring Bridging" and "Customizing the Cable Access Router Interface" for details.
The Cisco uBR900 series cable access router can be configured to act as a router to preserve IP address space and limit broadcasts that can impact the performance of the network. A typical use would be if you are connecting the cable access router to an internal Ethernet hub that is connected to an existing PC network. The Cisco uBR900 series supports Routing Information Protocol Version 2 (RIP V2) for this application.
When configured in routing mode, the Cisco uBR900 series is automatically configured to use the headend's IP address as its IP default gateway. This allows the cable access router to send packets not intended for the Ethernet interface to the headend when IP host-routing is configured.
RIP V2 routing is useful for small internetworks in that it enables optimization of Network Interface Center (NIC)-assigned IP addresses by defining variable-length subnet masks (VLSMs) for network addresses, and it allows classless interdomain routing (CIDR) addressing schema.
Layer 2 Tunneling Protocol (L2TP) is an emerging Internet Engineering Task Force (IETF) standard that combines the best features of two existing tunneling protocols: Cisco's Layer 2 Forwarding (L2F) and Microsoft's Point-to-Point Tunneling Protocol (PPTP). L2TP is an extension of the Point-to-Point Protocol (PPP), which is an important component for Access Virtual Private Networks (VPNs).
Traditional dial-up networking services only supported registered IP addresses, which limited the types of applications that could be implemented over VPNs. L2TP supports multiple protocols and unregistered and privately administered IP addresses over the Internet. This allows the existing access infrastructure such as the Internet, modems, access servers, and ISDN terminal adapters (TAs) to be used.
L2TP can be initiated wherever PPTP or L2F is currently deployed, and can be operated as a client initiated tunnel such as PPTP, or a network access server (NAS) initiated tunnel such as L2F.
The current implementation of L2TP in Cisco IOS software is dependent on a PPP connection supported on one of the directly attached interfaces. A dial-up PPP connection is required in order to initiate an L2TP Tunnel connection. This is a requirement of the L2TP Access Concentrator (LAC). Currently the Cisco uBR900 series cable access router cannot function as the LAC; it can only function as the L2TP Network Server (LNS), which terminates a tunnel created elsewhere in the network.
Cisco uBR900 series cable access routers support Intelligent DHCP Relay and DHCP Client functionality. A DHCP Relay Agent is any host that forwards DHCP packets between clients and servers. A DHCP Relay Agent enables the client and server to reside on separate subnets. If the Cisco IOS DHCP server cannot satisfy a DHCP request from its own database, it can forward the DHCP request to one or more secondary DHCP servers defined by the network administrator using standard Cisco IOS IP helper-address functionality.
Network Address Translation (NAT) reduces the need for globally unique IP addresses. NAT allows an organization with addresses that are not globally unique to connect to the Internet by translating those addresses into globally routable address space.
Port Address Translation (PAT) is a similar mechanism that enables all internal hosts to share a single registered IP address (many-to-one translation). NAT/PAT:
Routing protocols will run on the Ethernet interface instead of the cable interface, and all packets received are translated to the correct private network IP address and routed out the Ethernet interface. This eliminates the need to run RIP on the cable interface.
To implement NAT on the Cisco uBR900 series, the Ethernet interface is configured with an "inside" address and the cable interface is configured with an "outside" address. The Cisco uBR900 series also supports configuration of static connections, dynamic connections, and address pools.
The Cisco uBR924 cable access router uses packets to transmit and receive digitized voice over an IP network. Voice signals are packetized and transported in compliance with H.323 or Simple Gateway Control Protocol (SGCP). H.323 is an International Telecommunications Union (ITU) standard that specifies call signaling and control protocols for a shared IP data network. SGCP is an alternative to the H.323 protocol that provides signaling and feature negotiation using a remote call agent (CA).
SGCP eliminates the need for a dial plan mapper. It also eliminates the need for static configuration on the router to map IP addresses to telephone numbers because this function is provided by the remote CA.
Figure 4 illustrates a broadband cable system that supports VoIP transmission. Quality of Service (QoS) and prioritization schemes are used to enable real-time (voice) and non-real-time traffic to coexist on the same channel. The CMTS routes IP telephony calls intermixed with other data traffic.
Your company can then deploy IP telephony as a local-loop bypass service where voice packets are transferred from the CMTS to:
The gatekeeper or call agents manage voice calls; the gateway interconnects the IP network to the public switched telephone network (PSTN). The gatekeeper must be running Cisco IOS Release 12.0(5)T or higher in order to support registration of the full E.164 address for each Cisco uBR924 port.
Voice calls are digitized, encoded, compressed, and packetized in the originating gateway, then decompressed, decoded, and reassembled in the destination gateway. A server maintains subscriber profiles and policy information.
You can place and receive calls without using the local exchange carrier. Two simultaneous voice and fax calls are supported to and from each subscriber site. Multiple telephones and fax devices can be connected to each of the two VoIP telephone lines at a subscriber site, providing the 5 REN limit is adhered to for each telephone line.
Note the following requirements and characteristics of VoIP applications using the Cisco uBR924 cable access router:
Contact your network management, provisioning, or operations team to determine what your network supports.
The Cisco uBR924 cable access router supports the following compression and decompression algorithms (CODECs):
To achieve acceptable voice quality and reduce network bandwidth usage, several voice processing techniques and services are employed, including echo cancellation, voice compression, Voice Activity Detection (VAD) or silence compression, and Dual Tone Multi- Frequency (DTMF) tone detection and generation.
The Cisco uBR924 cable access router supports multiple QoS service IDs (SIDs), enabling multiple classes of service on the cable interface. This enables VoIP and data traffic to be treated separately, with all data assigned to a default class of service, while VoIP traffic is assigned to a different class of service. Thus, voice traffic from the Cisco uBR924's telephone ports can take precedence over the data traffic coming from the Ethernet interfaces.
Note Separate class of service (CoS) streams are only available when the Cisco uBR924 is
connected to a CMTS that supports multiple classes of service per router. In addition, the router's
configuration file must specify the use of multiple classes of service.
If the Cisco uBR924 interoperates with a DOCSIS 1.0 CMTS that does not support multiple CoS per
router, voice traffic will be transmitted on a "best effort" basis along with data traffic. This may cause
poorer voice quality and lower data throughput when calls are being made from the router's
telephone ports.
The Cisco uBR924 cable access router supports the following service classes:
This service class results in the assignment of a primary SID for the router. In addition to being used as a data SID, the router uses this SID for all MAC message exchanges with the CMTS. Any SNMP management traffic from the network to the Cisco uBR924 will also use this SID.
While this class is strictly "best effort," data traffic within this class can be prioritized into eight different priority levels. The CMTS system administrator, however, must define the supported upstream traffic priority levels and include the traffic priority fields in the configuration file downloaded to the Cisco uBR924.
The multiple SID-per-router feature enables the Cisco uBR924 to use multiple SID queues for differentiated services. The Cisco uBR924 diverts voice call traffic to the higher QoS secondary SID, while forwarding "best effort" data from the Ethernet interface and MAC messages on the primary SID.
Cisco IOS Release 12.0(7)XR and Cisco IOS Release 12.0(7)XR1 images introduce DOCSIS 1.0+ extensions that support dynamic multi-SID assignment and concatenation. Dynamic multi-SID assignment enables you to dynamically and automatically add, delete, and modify multiple SIDs in order to provide the parameters (such as QoS) required for the type of traffic—typically voice—which requires a higher priority than data in order to ensure optimum quality. With dynamic multi-SIDs, high-bandwidth data streams can be created and eliminated as needed. Concatenation enables you to combine multiple upstream packets into one packet to reduce packet overhead and overall latency, as well as increase transmission efficiency.
The following paragraphs provide more detailed descriptions of the DOCSIS 1.0+ extensions that are supported by the Cisco uBR924 cable access router in Cisco IOS Release 12.0(7)XR:
Note In order to use the dynamic multi-SID and concatenation feature, both the Cisco uBR924 cable access router and the CMTS router must have dynamic multi-SID support. If you are using the Cisco uBR7200 series headend equipment as the CMTS router, Cisco IOS Release 12.0(7)XR or Cisco IOS Release 12.0(7)XR1 is required on both the Cisco uBR924 cable access router and the CMTS router to ensure these features are activated.
H.323 is an International Telecommunications Union (ITU) standard that specifies call signaling and control protocols for a shared IP data network. The Cisco uBR924 cable access router acts as an H.323 gateway. In architectures using the VoIP H.323 protocol stack, the session application manages two call legs for each call: (1) a telephony leg managed by the voice telephony service provider; (2) the VoIP leg managed by the cable system operator—the VoIP service provider. Use of the H.323 protocol typically requires a dial plan and mapper at the headend or other server location to map IP addresses to telephone numbers.
When both legs of the call have been set up, the session application creates a conference between them. The opposite leg's transmit routine for voice packets is given to each provider. The CMTS router passes data to the gateway and gatekeeper. The H.323 stack provides signalling via H.225 and feature negotiation via H.245.
To make and receive H.323 calls, the Cisco uBR924 cable access router must know:
Note To support voice configurations involving Cisco gatekeeper products using RAS, the headend must have IP multicast enabled. The cable interface must be designated as the default for RAS to discover the gatekeeper. The gatekeeper then resolves all dialed destinations sent to the RAS protocol.
The Cisco uBR924 cable access router supports Simple Gateway Control Protocol (SGCP), an out-of-band signaling protocol that interacts with an external call agent (CA) to provide call setup and teardown for VoIP calls made through the Internet or a local intranet. Using the call control agent, SGCP communicates with the voice gateways, allowing you to create a distributed system that enhances performance, reliability, and scalability while still appearing as a single VoIP gateway to external clients. SGCP eliminates the need for a dial plan mapper and static configuration on the router to map IP addresses to telephone numbers because this function is provided by the external call agent.
In architectures using the SGCP protocol stack, the session application implements the gateway functionality defined to support both trunk and residential gateways. The Cisco uBR924 functions in this mode as a residential gateway with two endpoints.
SGCP can preserve Signaling System 7 (SS7) style call control information as well as additional network information such as routing information and authentication, authorization, and accounting (AAA) security information. SGCP allows voice calls to originate and terminate on the Internet, as well as allowing one end to terminate on the Internet and the other to terminate on a telephone or PBX on the PSTN.
Note The uBR924 cable access router supports both H.323 and SGCP call control, but only one method can be active at a time.
Table 2 Cisco uBR924 Cable Access Router Voice Specifications
The Cisco uBR924 cable access router provides an RJ-11 port (Line) that connects to a standard analog telephone wall jack. In the event of a building power failure or a Cisco uBR924 power problem, the cutover port lets you dial out using the backup PSTN line. If the Cisco uBR924 loses power while VoIP calls are in progress, you can reestablish one of the two connections—dialing out over the PSTN.
Note The backup POTS connection enables only one of the VoIP ports on the Cisco uBR924 to function during a power outage. Calls in progress prior to the power outage will be disconnected. If power is reestablished while a cutover call is in progress, the connection will remain in place until the call is terminated. Once the cutover call is terminated, the router automatically reboots.
Cisco uBR900 series cable access routers support the security features described in the paragraphs below.
Support for DOCSIS Baseline Privacy in the Cisco uBR900 series is based on the DOCSIS Baseline Privacy Interface Specification (SP-BPI-I01-970922). It provides data privacy across the HFC network by encrypting traffic flows between the cable access router and the CMTS.
Baseline Privacy security services are defined as a set of extended services within the DOCSIS MAC sublayer. Two new MAC management message types, BPKM-REQ and BPKM-RSP, are employed to support the Baseline Privacy Key Management (BPKM) protocol.
The BPKM protocol does not use authentication mechanisms such as passwords or digital signatures; it provides basic protection of service by ensuring that a cable modem, uniquely identified by its 48-bit IEEE MAC address, can only obtain keying material for services it is authorized to access. The Cisco uBR900 series cable access router is able to obtain two types of keys from the CMTS: the Traffic Exchange Key (TEK), which is used to encrypt and decrypt data packets, and the Key Exchange Key (KEK), which is used to decrypt the TEK.
To support encryption/decryption, Cisco IOS images must contain encryption/decryption software at both the CMTS router and the Cisco uBR924 cable access router. Both the CMTS router and the Cisco uBR924 cable access router must be enabled and configured per the software feature set.
IPSec Network Security (IPSec) is an IP security feature that provides robust authentication and encryption of IP packets. IPSec is a framework of open standards developed by the Internet Engineering Task Force (IETF) providing security for transmission of sensitive information over unprotected networks such as the Internet. IPSec acts at the network layer (Layer 3), protecting and authenticating IP packets between participating IPSec devices ("peers") such as the Cisco uBR900 series cable access router.
IPSec provides the following network security services:
The Data Encryption Standard (DES) is a standard cryptographic algorithm developed by the United States National Bureau of Standards. The Triple DES (3DES) Cisco IOS Software Release images increase the security from the standard 56-bit IPSec encryption to 168-bit encryption, which is used for highly sensitive and confidential information such as financial transactions and medical records.
Cisco uBR900 series cable access routers act as buffers between any connected public and private networks. In firewall mode, Cisco cable access routers use access lists and other methods to ensure the security of the private network.
Cisco IOS firewall-specific security features include:
For additional information, see the description of the Cisco IOS Firewall Feature Set in the Cisco Product Catalog, or refer to the sections on Traffic Filtering and Firewalls in the Security Configuration Guide and Security Command Reference available on Cisco Connection Online (CCO) and the Documentation CD-ROM.
NetRanger is an Intrusion Detection System (IDS) composed of three parts:
The Cisco uBR900 series cable access router typically ships from the factory ready to work in the Base IP Bridging (DOCSIS-compliant bridging) data-only mode. The cable access router is configured automatically at startup by one or more configuration files generated by the cable service provider and downloaded to the router; no configuration or setup is required other than to connect the router to the cable system. The CMTS provides a path from the cable access router to the DHCP server for PC address assignment.
The PCs connected to the Cisco uBR900 series must be configured for Internet Protocol (IP). Using DHCP, the CMTS assigns an IP subnet address to the cable access router each time it connects to the network. The IP addresses of the cable access router and the individual PCs attached to it enable the CMTS to route data to and from the PCs.
Note When the Cisco uBR900 series cable access router is shipped from the factory, it is configured by default for DOCSIS-compliant bridging.
The configuration file or files downloaded to the Cisco uBR900 series by the CMTS at the headend are dependent on the services purchased by the individual cable service subscriber. The cable access router is provisioned in the following manner:
Note The CMTS typically downloads the DOCSIS configuration file, Cisco IOS image (if needed), and the Cisco IOS configuration file (if needed) only once when the router is initially brought online. However, a new configuration file or image can be downloaded whenever necessary, such as when the cable service provider offers new services or subscribers upgrade their services.
To ensure that you obtain the exact services that you have ordered, the Cisco uBR900 series arrives from the factory with a unique identifier (UID) that consists of a serial number and MAC address. These factory-assigned values are on a label at the bottom of the cable access router; for convenience, these values are also in a barcode label that can be easily scanned for entry into the service provider's provisioning and billing system.
Using the MAC address of the cable access router as the key, the CMTS downloads the DOCSIS configuration file and Cisco IOS image that will provide the services that you have purchased. Service technicians at the headend typically create a number of standard configuration files to match the range of services offered by the provider; these configuration files can be created manually or with tools provided for this purpose by Cisco Systems.
The following sections describe the initial power-on and provisioning sequences in more detail, as well as the requirements that must be met by both the cable access router and the CMTS before provisioning can be successful.
When connected and first powered on, the Cisco uBR900 series cable access router performs the following boot procedures:
Next, the Cisco uBR900 series performs a series of DOCSIS-mandated procedures for automatic installation and configuration. These procedures are summarized in Table 3 and in Figure 5.
Table 3 Cable Access Router Initialization Sequences and Events
At this point the router is online and operational in the basic DOCSIS bridging ("plug and play") mode. If the DOCSIS configuration file specifies that the router must download a Cisco IOS image and a Cisco IOS configuration file, the router uses TFTP to download the image and configuration file into its local memory. It then installs the new IOS image and runs the configuration file.
Downloading a DOCSIS configuration file to a Cisco uBR900 series cable access router automatically:
Telnet access to the router from the headend is still allowed, but only if the Cisco IOS configuration file includes enable and line vty passwords; if the configuration file does not include enable and line vty commands to specify these passwords, Telnet access and console access are both disabled.
The sequence numbers shown in Table 3 are also shown in Figure 5 below. The Cisco uBR900 series cable access router will complete all the steps shown in the table and flowchart each time it needs to reregister with the CMTS.
Figure 6 illustrates the traffic flow during the initialization process.
Cisco uBR900 Series Cable Access Router Provisioning Overview
Note For more detail on the provisioning process, see the DOCSIS 1.0 Radio Frequency Interface (RFI) specification (SP-RFII01-990731 or later revision).
After the Cisco uBR900 series cable access router goes online, it begins transferring data between the attached CPE devices and the network (internet, intranet, VoIP). The cable service provider typically uses DHCP to assign IP addresses to the CPE devices. The number of IP addresses each subscriber can obtain depends on the services purchased from the provider.
A MAC-layer circular log file is stored inside the Cisco uBR900 series cable access router. This file contains a history of the log messages such as state event activities and timestamps. This is the most valuable information for troubleshooting the cable interface.
The MAC log file is displayed by entering the show controllers cable-modem 0 mac log command from privileged EXEC mode.
The most useful display fields in this output are the reported state changes. These fields are preceded by the message CMAC_LOG_STATE_CHANGE. These fields show how the Cisco uBR900 series progresses through the various processes involved in establishing communication and registration with the CMTS. The normal operational state is maintenance_state ; the normal state when the interface is shut down is wait_for_link_up_state.
Note Because the MAC log file holds only a snapshot of 1023 entries at a time, you should try to display the file within 5 minutes after the reset or problem occurs.
The following is the normal progression of states as the Cisco uBR900 series registers with the CMTS:
Following is an example of a MAC log file for a cable access router that has successfully registered with the headend CMTS. The output that is displayed is directly related to the messages that are exchanged between the Cisco uBR900 series and the CMTS.
You can display other aspects of the MAC layer by adding the following keywords to the show controllers cable-modem 0 mac command:
For examples and descriptions of how to use these keywords, see the show controllers cable-modem mac command reference page.
The MAC log file gives a detailed history of initialization events that occur in the Cisco uBR900 series cable access router. All pertinent troubleshooting information is stored here.
In the following paragraphs, a sample log file is broken down into the chronological sequence of events listed below. Sample comments are also included in the log file.
When the Cisco uBR900 series cable access router is powered on and begins initialization, the MAC layer first informs the cable access router drivers that it needs to reset. The LINK_DOWN and LINK_UP fields are similar to the shut and no shut conditions on a standard Cisco interface.
Different geographical regions and different cable plants use different RF frequency bands. A frequency band is a group of adjacent 6 MHz-wide channels. These bands are numbered from 88 to 99. Each band has starting and ending digital carrier frequencies and a 6 MHz step size. For example, a search of EIA channels 95-97 is specified using band 89. The starting frequency of band 89 is 93 MHz; the ending frequency is 105 MHz.
The Cisco uBR900 series' default frequency bands correspond to the North American EIA CATV channel plan for 6 MHz channel slots between 90 and 858 MHz. For example, EIA channel 95 occupies the 90-96 MHz slot. The digital carrier frequency is specified as the center frequency of the slot, which is 93 MHz. Channel 95 is usually specified using the analog video carrier frequency of 91.25 MHz, which lies 1.75 MHz below the center of the slot.
Some CATV systems use alternative frequency plans such as the IRC (Incrementally Related Carrier) plan and HRC (Harmonically Related Carrier) plan. Cisco uBR900 series cable access routers support both of these plans. Most of the IRC channel slots overlap the EIA plan.
The Cisco uBR900 series uses a built-in default frequency scanning feature to find and lock onto a downstream channel. After the cable access router successfully finds a downstream frequency channel, it saves the channel to NVRAM. The router recalls this value the next time it needs to synchronize its frequency.
The downstream frequency search table is arranged so that the first frequencies that are scanned are above 450 MHz. Because many CATV systems have been upgraded from 450 MHz to 750 MHz coaxial cable, digital channels have a high chance of being assigned in the new spectrum. The search table omits channels below 90 MHz and above 860 MHz since the DOCSIS specification does not mandate their coverage.
The CMAC_LOG_WILL_SEARCH_DS_FREQUENCY_BAND field tells you what frequencies the cable access router will scan. The CMAC_LOG_WILL_SEARCH_SAVED_DS_FREQUENCY field tells you the frequency the router locked onto and saved to NVRAM for future recall. The CMAC_LOG_DS_64QAM_LOCK_ACQUIRED field communicates the same information. The CMAC_LOG_DS_CHANNEL_SCAN_COMPLETED field indicates that the scanning and synchronization was successful.
The Cisco uBR900 series waits for an upstream channel descriptor (UCD) message from the CMTS. The UCD provides transmission parameters for the upstream channel.
The ranging process adjusts the transmit power of the cable access router. Ranging is performed in two stages: ranging state 1 and ranging state 2.
The CMAC_LOG_POWER_LEVEL_IS field is the power level that the CMTS told the Cisco uBR900 series to adjust to. The CMAC_LOG_RANGING_SUCCESS field indicates that the ranging adjustment was successful.
After ranging is complete, the cable interface on the cable access router is UP. Now the cable access router accesses a remote DHCP server to get an IP address. The DHCP server sends a response containing the router's IP address plus the TFTP server's address, the Time of Day (TOD) server's address, and the name of a configuration file containing additional configuration parameters. The CMAC_LOG_DHCP_COMPLETE field shows that the IP connectivity was successful.
The Cisco uBR900 series accesses the Time of Day server for the current date and time, which is used to create time stamps for logged events. The CMAC_LOG_TOD_COMPLETE field indicates a successful time of day sequence.
This event is currently bypassed by the Cisco uBR900 series because "full security" has not been fully defined by DOCSIS and is therefore not yet supported.
Note "Full security" was a request made by cable service providers for a very strong authorization and authentication check by the CMTS. The Cisco uBR900 series supports DOCSIS baseline privacy (Event 10), which protects your data from being "sniffed" on the cable network.
After completing the DHCP and security operations, the Cisco uBR900 series downloads operational parameters by downloading a configuration file located on the TFTP server. The CMAC_LOG_DHCP_CONFIG_FILE_NAME field shows the filename containing the transmission parameters.
After the Cisco uBR900 series is initialized, authenticated, and configured, it requests to be registered with the headend CMTS. The CMAC_LOG_COS_ASSIGNED_SID field assigns a class of service (CoS) number and a service ID (SID). Multiple CoS entries in the configuration file imply that multiple SIDs are supported by the cable access router. If several cable access routers use the same configuration file, they will have the same CoS numbers but will be assigned different SIDs.
A successful registration is indicated by the CMAC_LOG_REGISTRATION_OK field.
During this event, keys for baseline privacy are exchanged between the Cisco uBR900 series and the headend CMTS. A link level encryption is performed so that your data cannot be "sniffed" by anyone else on the cable network.
Following is a trace showing baseline privacy enabled. The key management protocol is responsible for exchanging two types of keys: KEKs and TEKs. The KEK (key exchange key, also referred to as the authorization key) is used by the CMTS to encrypt the TEKs (traffic encryption keys) it sends to the Cisco uBR900 series. The TEKs are used to encrypt/decrypt the data. There is a TEK for each SID that is configured to use privacy.
Note In order for baseline privacy to work, you must use a code image name on the Cisco uBR900 series that contains the characters k1. In addition, baseline privacy must be supported on the headend CMTS, and it must be turned on in the configuration file that is downloaded to the cable access router.
As soon as the Cisco uBR900 series has successfully completed the above events, it enters the operational maintenance state and is authorized to forward traffic into the cable network.
The Cisco uBR900 series cable access router provides the following benefits for data-over-cable applications:
When using the Cisco uBR900 series cable access router, keep the following restrictions and limitations in mind:
Note The Cisco uBR900 series cable access router is typically configured by the headend CMTS. Most cable service providers do not permit local configuration by individual subscribers.
The Cisco uBR900 series cable access router is intended to be used in conjunction with a Cisco uBR7246 or a Cisco uBR7223 universal broadband router located at the cable service provider's headend facility. Other compatible headend devices may also be used with the Cisco uBR900 series.
For related information on the Cisco uBR900 series cable access router, refer to the following documents:
· Quick Start Guide - Cisco uBR924 Cable Access Router Subscriber Setup
· Quick Start Guide - Cisco uBR924 Cable Access Router Installation and Startup
· Regulatory Compliance and Safety Information for the Cisco uBR924 Cable Access Router
The Cisco uBR900 series cable access router is a standalone device; it works in conjunction with the Cisco uBR7246 and the Cisco uBR7223 universal broadband routers.
In order to use the Cisco uBR900 series cable access router for data-over-cable or voice-over-cable (VoIP) applications, the following tasks must be completed:
Note The MAC address on the cable access router ensures that each router downloads only the file(s) intended for it.
Note When the Cisco uBR900 series is connected to an Ethernet hub, a crossover cable must be used. Category 5 UTP (10BaseT Ethernet) cable with RJ-45 connectors is recommended.
Note For subscriber sites that support multiple telephones or fax devices on a telephone line, all wiring associated with the telephone line extension must be in place. Inside wiring must be in compliance with the country of operation to prevent degradation of service.
Note If the Cisco uBR7246 universal broadband router at the cable headend is using MC16 modem cards, Cisco IOS Release 11.3(7)NA or later must be running on the Cisco uBR900 series cable access router.
In order to use the Cisco uBR900 series cable access router for VoIP-over-cable applications, the following additional conditions must be met:
The Cisco uBR900 series cable access router supports the following categories of MIBs:
Table 4 shows the cable-specific MIBs that are supported on the Cisco uBR900 series cable access router. This table also provides a brief description of each MIB's contents and the Cisco IOS software release in which the MIB was initially functional—earlier releases might have had unsupported prototype versions of the MIB; later releases might have added new attributes and functionality. Because of interdependencies, the MIBs must be loaded in the order given in the table.
Note The names given in Table 4 are the filenames for the MIBs as they exist on Cisco's FTP site (ftp://ftp.cisco.com/pub/mibs/ or http://www.cisco.com/public/mibs) . Most MIBs are available in both SNMPv1 and SNMPv2 versions; the SNMPv1 versions have V1SMI as part of their filenames.
Table 4 Supported MIBs for the Cisco uBR900 Series Cable Access Router
The Cisco uBR900 series cable access router also supports the following:
For descriptions of supported MIBs and how to use MIBs, see Cisco's MIB web site on CCO at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
The Cisco uBR900 series cable access router typically is configured automatically on power-up using a configuration file generated by the cable service provider and delivered via the CMTS installed at the cable headend. All of the configuration tasks listed below are optional.
One of the first configuration tasks you might want to perform is to configure a host name and set an encrypted password. Configuring a host name allows you to distinguish multiple Cisco uBR900 series cable access routers from each other. Setting an encrypted password allows you to prevent unauthorized configuration changes.
To configure a host name and an encrypted password for a Cisco uBR900 series cable access router, perform the following tasks, starting in global configuration mode:
To verify that you configured the correct host name and password, enter the show running-config command from global configuration mode:
To assign an IP address to the Ethernet or cable access router interface so that it can be recognized as a device on the Ethernet LAN, perform the following tasks, starting in global configuration mode:
| Step | Command | Purpose |
|---|---|---|
| 1. | Enter interface configuration mode for the Ethernet and/or the cable access router interface. |
|
| 2. | Assign the appropriate IP address and subnet mask to the interface. |
|
| 3. |
To verify that you have assigned the correct IP address, enter the show arp command:
DOCSIS-compliant transparent bridging is the factory default configuration of the Cisco uBR900 series cable access router. To change the configuration of your cable access router from bridging to routing using the CLI, perform the following tasks, starting in global configuration mode:
To verify that bridging is not configured, routing is enabled, and that Routing Information Protocol is configured on the interfaces, enter the show startup-config command:
The Cisco uBR900 series cable access router is configured for DOCSIS-compliant transparent bridging by default. If it becomes necessary to reconfigure the unit for bridging after it has been configured for routing, you can erase the routing configuration and return the unit to factory default configuration settings, or you can reconfigure the unit manually using the CLI. To return the cable access router to factory default settings, see the section "Reestablishing DOCSIS-Compliant Bridging" for details. To reconfigure the cable access router manually, perform the following tasks, starting in global configuration mode:
When the cable interface comes up, the IP address and downstream channel are configured automatically.
Note To configure multiple PCs, repeat Steps 4 through 7 above for each additional PC. You can connect a maximum of three PCs to the Cisco uBR900 series cable access router in a bridging application.
To verify that routing has been disabled on all interfaces and that bridging has been reenabled, enter the show startup-config command from privileged EXEC mode:
To erase the current non-default cable access router configuration and return the unit to its factory default DOCSIS-compliant bridging configuration, perform the following task from privileged EXEC mode:
| Step | Command | Purpose |
|---|---|---|
| 1. | Erase the current configuration (assuming the current running configuration has been saved to NVRAM). |
After entering this command, perform a warm reset of the Cisco uBR900 series cable access router by pressing and holding down the Reset button for less than 10 seconds. For information on the location and operation of the Reset button, refer to the "Physical Description" section in the chapter "Installing the Cisco uBR924 Cable Access Router" in the Cisco uBR924 Cable Access Router Installation and Configuration Guide.
To verify that the cable access router is configured for DOCSIS-compliant bridging, enter the show startup-config command from privileged EXEC mode. The configuration should look like this:
Different geographical regions and different cable plants use different frequency bands. The Cisco uBR900 series cable access router uses a built-in default frequency scanning feature to address this issue. After the cable access router finds a successful downstream frequency channel, it saves the channel and power setting to NVRAM. The cable access router recalls this value the next time it needs to synchronize its frequency or register with the cable service provider's CMTS.
However, you can customize the cable access router's interface configuration if you need to deviate from the default setting that ships with the unit. For example, you might need to specify a different compliant mode, modify the saved downstream channel setting and upstream power value, or enable a faster downstream search algorithm.
To customize the cable access router interface, perform the following tasks, starting in global configuration mode:
| Step | Command | Purpose |
|---|---|---|
| 1. | ||
| 2. | ||
| 3. | Modify the saved downstream channel setting and upstream power value. If you do this, you must specify an exact downstream frequency and a power value.1 |
|
| 4. |
| 1Use the no cable-modem downstream saved channel ds-frequency us-power command to remove a saved frequency and power setting from NVRAM. |
The MAX CPE parameter in the DOCSIS configuration file determines how many PCs or other CPE devices are supported by a particular cable access router. The default value for the MAX CPE parameter is 1, which means only one PC can be connected to the cable access router unless this value is changed.
The DOCSIS 1.0 specification states that a CMTS cannot age-out MAC addresses for CPE devices. Thus, if MAX CPE = 1, the first PC that is connected to a cable access router is normally the only one that the CMTS recognizes as valid. If you wish to replace an existing PC or change its network interface card (NIC) to one that has a different MAC address, the CMTS will refuse to let the PC come online because this would exceed the maximum number of CPE devices specified by the MAX CPE parameter.
If you wish to replace an existing PC or NIC, use one of the following workarounds:
This section provides the following configuration examples:
The following Cisco uBR900 series cable access router configuration supports a typical residential Internet-access, data only subscriber:
The Cisco uBR900 series cable access router can be configured to act as a router to preserve IP address space and limit broadcasts that can impact the performance of the network. A sample configuration file follows.
Note To configure the Cisco uBR900 series to act as a router, the no cable-modem compliant bridge command must be used. In addition, the bridge group 59 command must be removed from the Ethernet and cable-modem interfaces.
The following configuration is for a Cisco uBR900 series that uses PIM sparse-dense mode and belongs to a specific multicast group. Other multicast routing protocols such as PIM sparse-mode or PIM dense-mode can be used.
In this example, the Cisco uBR900 series is configured for bridging, with an H.323v2 dial peer to another Cisco uBR900 series attached to the same downstream interface on the headend CMTS.
In this example, the Cisco uBR900 series is configured for IP routing, with an H.323v2 dial peer to another Cisco uBR900 series attached to the same downstream interface on the headend CMTS.
In this example, Cisco uBR924 is configured to support VoIP in bridging mode using SGCP. Note the following in the sample configuration file:
To configure this application via DHCP, the following fields must also be set:
Note Encryption/decryption is subject to export licensing controls. To support IPSec, the Cisco uBR900 series must be configured in routing mode. the software images running at both the headend and the subscriber end must support the feature set.
Note Careful address assignment on user equipment and policy routing at the headend is required.
The headend may or may not use tunnels to convey traffic back to the corporate gateway.
For detailed information on IP security, L2TP, and Firewall, refer to the Security Configuration
Guide.
Note Encryption/decryption is subject to export licensing controls. To support L2TP and Firewall, the Cisco uBR900 series must be configured in routing mode. Software images running at both the headend and the subscriber end must support the feature set.
Note Careful address assignment on user equipment and policy routing at the headend is required.
The headend may or may not use tunnels to convey traffic back to the corporate gateway.
For detailed information on IP security, L2TP, and Firewall, refer to the Security Configuration
Guide.
This section describes the following cable-modem interface commands for the Cisco uBR900 series cable access router for Cisco IOS Release 12.0(7)T:
All commands relating to VoIP applications are documented in the Cisco IOS Release 12.0 command references, or in Voice over IP for the Cisco AS5300, which can be accessed online or on the Documentation CDROM by going to New Features in Cisco IOS Release 12.0(3)T.
All other commands used with this feature are documented in the Cisco IOS Release 12.0 command references.
In Cisco IOS Release 12.0(1)T or later, you can search and filter the output for show and more commands. This functionality is useful when you need to sort through large amounts of output, or if you want to exclude output that you do not need to see.
To use this functionality, enter a show or more command followed by the "pipe" character (|), one of the keywords begin, include, or exclude, and an expression that you want to search or filter on:
command | {begin | include | exclude} regular-expression
Following is an example of the show atm vc command in which you want the command output to begin with the first line where the expression "PeakRate" appears:
For more information on the search and filter functionality, refer to the Cisco IOS Release 12.0(1)T document, CLI String Search.
To enable DOCSIS-compliant transparent bridging for a cable access router interface at startup, use the cable-modem compliant command from interface configuration mode. Use the no form of this command to disable DOCSIS-compliant bridging for the interface.
This command has no arguments or keywords.
| Release | Modification |
|---|---|
It is normally not necessary to enter this command in data-over-cable bridging applications because DOCSIS-compliant bridging is enabled by default. If you wish to do full transparent bridging rather than DOCSIS-compliant bridging, use the no form of the command, then configure full transparent bridging using CLI commands. See the "Configuring Bridging" section for instructions.
The following example shows how to enter the cable-modem compliant bridge command for a cable access router interface, starting from global configuration mode:
To modify the saved downstream channel setting and upstream power value on a cable access router interface, enter the cable-modem downstream saved channel command from interface configuration mode. Use the no form of this command to remove the saved settings, which will be resaved at the next initialization cycle.
Downstream channel frequency in Hz, which can be from 91000000 to 860000000. |
|
Upstream power level in decibels per millivolt (dBmV), which can be from 8 to 61. |
| Release | Modification |
|---|---|
This command is auto-generated by the operation of the cable MAC layer process. The DOCSIS RFI specification requires that cable modems remember the downstream frequency and upstream power of the last successfully ranged session. These parameters are called up as the first downstream frequency and upstream power to use the next time the cable modem is booted. This operation dramatically speeds up the channel search.
Use the no cable-modem downstream saved channel ds-frequency us-power command to remove the saved frequency and power setting from the running configuration, which will be resaved at the next initialization cycle.
Cisco recommends that this command NOT be used by end users of the Cisco uBR900 series cable access router.
The following example shows how to remove the downstream frequency of 91000000 Hz and the upstream power level of 33 dBmV from the running configuration of a cable-modem interface, starting from global configuration mode.
To enable a faster downstream search algorithm on a cable access router interface, use the cable-modem fast-search command from interface configuration mode. Use the no form of this command to disable the downstream fast-search feature.
There are no keywords or arguments for this command.
| Release | Modification |
|---|---|
This feature speeds up the frequency search performed by the cable access router. Normally it takes the cable access router about 30 to 50 seconds to sample 30 to 50 frequencies. The cable-modem fast-search command can reduce this search time. However, there might be some cases where this fast-search algorithm might not perform as well as the default algorithm. Trial and error is the only way to discover how well this feature works for your environment.
The following example shows how to enter the cable-modem fast-search command, starting from global configuration mode:
To enable the QPSK modulation scheme in the upstream direction from the cable access router interface to the headend, enter the cable-modem upstream preamble qpsk command from interface configuration mode. Use the no form of this command to disable upstream modulation for the interface.
This command has no arguments or keywords.
| Release | Modification |
|---|---|
The following example shows how to enter the cable-modem upstream preamble qpsk command for a cable access router interface, starting from global configuration mode:
To allow voice calls to be sent upstream over the cable interface via best effort, use the cable-modem voip best-effort command from interface configuration mode. To disable best-effort voice calls, use the no form of this command.
This command has no arguments or keywords.
| Release | Modification |
|---|---|
This command allows you to configure the voice traffic on a Cisco uBR900 series to allow only calls having a high priority service identifier (SID) to be connected.
If the dynamic configuration of high priority queues for voice traffic fails, or if the far end cannot support the multiple SIDs and multiple classes of service required by high priority traffic, the flag set by this command will be checked. If enabled (the default setting), the call will be allowed to go through. If disabled, the call will fail.
The following example shows how to disable best-effort voice calls on a Cisco uBR900 series cable interface, starting from global configuration mode:
To specify the cable interface on a Cisco uBR900 series cable access router, enter the interface cable-modem command from global configuration mode.
The interface number of the cable interface on the rear panel of the cable access router. |
| Release | Modification |
|---|---|
When this command is entered, the Cisco uBR900 series cable access router switches from global configuration mode to interface configuration mode.
The following example brings up cable access router interface 0 and displays the available cable-modem interface configuration commands:
To display bridging information for a Cisco uBR900 series cable access router, enter the show bridge cable-modem command from privileged EXEC mode.
The interface number of the cable interface on the rear panel of the Cisco uBR900 series. |
No default behavior or values.
| Release | Modification |
|---|---|
Following is a sample output for this command:
Table 5 describes the significant fields shown in the display.
Table 5 show bridge cable-modem Field Descriptions
| Command | Description |
Displays the current DHCP settings on point-to-point interfaces. |
|
Displays information about the cable interface on the Cisco uBR900 series cable access router. |
To display high-level controller information about a Cisco uBR900 series cable access router, use the show controllers cable-modem command in privileged EXEC mode.
No default behavior or values.
| Release | Modification |
|---|---|
The show controllers cable-modem display begins with information from the first few registers of the Broadcom BCM3300 chip. Next is buffer information for the receive, receive MAC message, buffer descriptor, and packet descriptor rings. Then comes MIB statistics from the BCM3300 chip, DMA base registers to indicate where the rings start, global control and status information, and finally interrupts for the interrupt code.
When using this command, be sure to check the tx_count and the tx_head and tx_tail values for the buffer descriptor (TX BD) and packet descriptor (TX PD) rings. The tx_count should be greater than 0, and the tx_head and tx_tail values should not be equal. If these values do not change for a long period of time, it indicates there are packets stuck on the ring. This condition is often caused by the headend not giving grants.
Following is sample output for the show controllers cable-modem 0 command:
Table 6 briefly describes some of the fields shown in the display. For more information, see the Broadcom documentation for the BCM3300 chip.
Table 6 show controllers cable-modem Field Descriptions
To display information about the baseline privacy key management exchange between the Cisco uBR900 series cable access router and the headend CMTS, use the show controllers cable-modem bpkm command in privileged EXEC mode.
Controller number inside the Cisco uBR900 series cable access router. |
No default behavior or values.
| Release | Modification |
|---|---|
Baseline privacy key management exchanges take place only when both the Cisco uBR900 series and the CMTS are running code images that support baseline privacy, and the privacy class of service is enabled via the configuration file that is downloaded to the cable access router. Baseline privacy code images for the Cisco uBR900 series contain k1 in the code image name.
The following output is displayed when the headend CMTS does not have baseline privacy enabled:
Table 7 describes the fields shown in the display.
Table 7 show controllers cable-modem bpkm Field Descriptions
To display information about the Data Encryption Standard (DES) engine registers, use the show controllers cable-modem des command in privileged EXEC mode.
No default behavior or values.
| Release | Modification |
|---|---|
DES engine registers are displayed in the following example:
Table 8 briefly describes some of the fields shown in the display. For more information, see the Broadcom documentation for the BCM3300 chip.
Table 8 show controllers cable-modem des Field Descriptions
To display the registers in the MAC hardware that are used for filtering received frames, use the show controllers cable-modem filters command in privileged EXEC mode.
No default behavior or values.
| Release | Modification |
|---|---|
Some of the filtering parameters are MAC hardware addresses, Service IDs (SIDs), and upstream channel IDs.
MAC and SID filter information is displayed in the following example:
Table 9 briefly describes some of the fields shown in the display. For more information, see the Broadcom documentation for the BCM3300 chip.
Table 9 show controllers cable-modem filters Field Descriptions
To display the mini-slot lookup table inside a Cisco uBR900 series, use the show controllers cable-modem lookup-table command in privileged EXEC mode.
No default behavior or values.
| Release | Modification |
|---|---|
This command displays the details of the lookup table. The driver uses this table to convert the size of the packets that the Cisco uBR900 series wants to transmit into a bandwidth request to the CMTS in mini-slots. The contents of this table are affected by the upstream symbol rate that is negotiated between the CMTS and the cable access router.
Use this table to look up the packet size and determine how many mini-slots will be needed.
The mini-slot lookup table is displayed in the following example:
To display detailed MAC-layer information for a Cisco uBR900 series, use the show controllers cable-modem mac command in privileged EXEC mode.
No default behavior or values.
| Release | Modification |
|---|---|
MAC log messages are written to a circular log file even when debugging is not turned on. These messages include timestamps, events, and information pertinent to these events. Use the show controllers cable-modem mac log command to view MAC log messages.
If the Cisco uBR900 series interface fails to come up or resets periodically, the MAC log will capture what happened. For example, if an address is not obtained from the DHCP server, an error is logged, initialization starts over, and the Cisco uBR900 series scans for a downstream frequency.
The most useful keywords for troubleshooting a Cisco uBR900 series are log, errors, and resets. See Example 1, Example 2, and Example 3.
The following sample display shows the MAC log file for a cable-modem interface that has successfully registered with the CMTS:
If the DHCP server cannot not be reached, the error will look like this in the MAC log:
The fields in this display are explained in the section "Basic Troubleshooting".
MAC error log information is displayed in the following example, which is also reported via SNMP:
This output indicates that the Cisco uBR900 series acquired a downstream lock, successfully read a UCD, and successfully read a MAP. However, it was unable to communicate with the CMTS after ranging through all upstream transmit power levels. The Cisco uBR900 series tried to communicate with the CMTS 16 times without success, after which it reset the cable interface to try to find a better downstream frequency.
If the DHCP server could not be reached, the error would look like this in the MAC error display:
The show controllers cable-modem 0 mac resets command shows only the entries in the MAC log that begin with the field CMAC_LOG_RESET. Collectively presenting these fields provides you with a summary of the most recent reasons why the cable interface was reset.
Reset messages and brief explanations are included in the following examples and in Table 10; however, the reset messages in Table 10 do not commonly occur.
In the following example, the configuration file downloaded from the TFTP server could not be read. The file might not exist, or the file might have incorrect permissions.
The following example shows that the DHCP server could not be reached, or that it took too long to respond.
The following example indicates that an event in the cable interface driver caused the interface to reset. This often occurs because a shut or clear command is currently being issued on the interface.
Table 10 Possible but Uncommon Cable Interface Reset Causes
The following example display for the show controllers cable-modem 0 mac hardware command shows the detailed configuration of the interface driver and the MAC-layer hardware. The most interesting bit is the station address (hardware address). The MIB statistics reflect the MAC hardware counters for various events, but these counters are typically reset every few seconds, so their contents are not accurate in this display.
Most of the fields in this display are described in Table 15, show dhcp server Field Descriptions. Table 11 describes the MIB statistics shown in the display.
Table 11 show controllers cable-modem MIB Statistics Field Descriptions
Below the MIB statistics in the show controllers cable-modem 0 mac hardware display, the BCM3300 registers section shows the DMA locations of the indicated processing routines of the Broadcom 3220 MAC chip within the Cisco uBR900 series.
The show controllers cable-modem mac state command summarizes the state of the cable MAC layer and provides a list of downstream search frequency bands and the order in which they are searched. If the cable MAC layer is in the wait_for_link_up_state, the information shown in the display corresponds to the last time the interface was up. This allows useful information to be acquired from this display even though the modem has not been able to range and register. The normal operational state of the interface is the maintenance_state.
Table 12 describes the fields shown in the display.
Table 12 show controllers cable-modem MAC State Field Descriptions
To display the contents of the registers used in the downstream physical hardware of the Cisco uBR900 series cable access router, use the show controllers cable-modem phy command in privileged EXEC mode.
Displays all receiver registers in the downstream physical hardware. |
|
Displays all transmitter registers in the upstream physical hardware. |
No default behavior or values.
| Release | Modification |
|---|---|
To understand the output from this command, consult the Broadcom specifications for the BCM3116 and BCM3037 chips.
Physical receive registers are displayed in the following example:
Physical transmit registers are displayed in the following example:
To display the settings for the upstream and downstream tuners used by a Cisco uBR900 series cable access router, use the show controllers cable-modem tuner command in privileged EXEC mode.
There are no key words or arguments for this command.
No default behavior or values.
| Release | Modification |
|---|---|
Typical Cisco uBR900 series tuner settings are displayed in the following example. See Table 13 for output field possibilities and descriptions.
show controllers cable-modem tuner Field Descriptions
To display the current DHCP settings on point-to-point interfaces, enter the show dhcp command from privileged EXEC mode.
No default behavior or values.
| Release | Modification |
|---|---|
You can use this command on any point-to-point type of interface that uses DHCP for temporary IP address allocation.
Following is sample output for the show dhcp lease command:
Table 14 describes the significant fields shown in the display.
Table 14 show dhcp lease Field Descriptions
Following is sample output for the show dhcp server command:
Table 15 describes the significant fields shown in the display.
Table 15 show dhcp server Field Descriptions
To display information about the Cisco uBR900 series cable access router's cable interface, enter the show interfaces cable-modem command from either user EXEC mode or privileged EXEC mode.
No default behavior or values.
| Release | Modification |
|---|---|
When this command is entered without a keyword, general information about the cable interface is displayed.
Traffic passing through the cable access router interface is shown in the following example:
Table 16 describes the significant fields shown in the display.
Table 16 show interfaces cable-modem Field Descriptions
To display the number of packets and bytes of each protocol type passing through the cable access router interface, use the accounting option with the show interface cable-modem command:
Table 17 describes the fields shown in this display.
Table 17 show interfaces cable-modem Accounting Descriptions
MIB counters on the cable interface are displayed in the next example:
Table 18 describes the counters shown in this display.
Table 18 show interfaces cable-modem Counters Descriptions
Information about routing and bridging protocols and filtering on the cable access router interface is displayed in the following example:
Table 19 describes the software MAC address filter information for the cable access router interface.
Table 19 show interfaces cable-modem Routing and Bridging Descriptions
Note Troubleshooting the Cisco uBR900 series cable access router is typically accomplished using the CMTS at the cable operator's headend facility; it is rarely done by directly accessing the Cisco uBR924. For information on troubleshooting the Cisco uBR900 series using Cisco uBR7200 series universal broadband routers, see the document Cisco uBR7246 Universal Broadband Router Features. Also see the "Related Documents" section for additional documents relating to troubleshooting.
The following debug commands are available to troubleshoot a Cisco uBR900 series cable access router:
All commands relating to VoIP applications are documented in the Debug Command Reference for Cisco IOS Release 12.0, which can be accessed online or on the Documentation CDROM by going to Cisco IOS Release 12.0 and selecting Supporting Documents.
To debug baseline privacy information on a Cisco uBR900 series, use the debug cable-modem bpkm command in privileged EXEC mode. To turn the debugging messages off, use the no form of this command.
No default behavior or values.
| Release | Modification |
|---|---|
Baseline privacy key management exchanges take place only when both the Cisco uBR900 series and the CMTS are running code images that support baseline privacy, and the privacy class of service is enabled via the configuration file that is downloaded to the cable access router. Baseline privacy code images for the Cisco uBR900 series contain k1 in the code image name.
The following example shows debug output when the headend does not have privacy enabled:
Use the debug cable-modem bridge command in privileged EXEC mode to debug bridge filter processing information on a Cisco uBR900 series. To turn the debugging messages off, use the no form of this command.
This command has no keywords or arguments.
No default behavior or values.
| Release | Modification |
|---|---|
When the interface is down, all bridge table entries learned on the Ethernet interface are set to discard because traffic is not bridged until the cable interface has completed initialization. After the interface (the line protocol) is completely up, bridge table entries learned on the Ethernet interface program the cable MAC data filters. The cable MAC hardware filters out any received packets whose addresses are not in the filters. In this way, the cable interface only receives packets addressed to its own MAC address or an address it has learned on the Ethernet interface.
The following example shows sample display output for the debug cable-modem bridge privileged EXEC command:
Use the the debug cable-modem error command in privileged EXEC mode to enable debugging messages for the cable interface driver. To turn the debugging messages off, use the no form of this command.
This command has no keywords or arguments.
No default behavior or values.
| Release | Modification |
|---|---|
This command displays detailed output about the sanity checking of received frame formats, the acquisition of downstream QAM/FEC lock, the receipt or non-receipt of SYNC messages from the CMTS, reception errors, and bandwidth request failures.
The following example shows sample display output for the debug cable-modem error privileged EXEC command:
To debug Cisco uBR900 series interrupts, use the debug cable-modem interrupts command in privileged EXEC mode . To turn the debugging messages off, use the no form of this command.
This command has no keywords or arguments.
No default behavior or values.
| Release | Modification |
|---|---|
The following example shows sample debug output for Cisco uBR900 series interrupts.
To troubleshoot the Cisco uBR900 series MAC layer, use the debug cable-modem mac command in privileged EXEC mode. To turn the debugging messages off, use the no form of this command.
(Optional) Displays periodic MAC layer events, such as ranging. |
|
No default behavior or values.
| Release | Modification |
|---|---|
Of all the available debug cable modem commands, the most useful is debug cable-modem mac log.
MAC log messages are written to a circular log file even when debugging is not turned on. These messages include timestamps, events, and information pertinent to these events. Enter the debug cable-modem mac log command to view MAC log messages. If you want to view this information without entering debug mode, enter the show controllers cable-modem number mac log command. The same information is displayed by both commands.
If the Cisco uBR900 series interface fails to come up or resets periodically, the MAC log will show what happened. For example, if an address is not obtained from the DHCP server, an error is logged, initialization starts over, and the Cisco uBR900 series scans for a downstream frequency. The debug cable-modem mac log command displays the log from the oldest to the newest entry.
After initial ranging is successful (dhcp_state has been reached), further RNG-REQ/RNG-RSP messages and watchdog timer entries are suppressed from output unless the verbose keyword is used. Note that CMAC_LOG_WATCHDOG_TIMER entries while in the maintenance_state are normal when using the verbose keyword.
This example shows sample display output from the debug cable-modem mac log command. The fields of the output are the time since bootup, the log message, and in some cases a parameter that gives more detail about the log entry.
The line "0 events dropped due to lack of a chunk" at the end of a display indicates that no log entries were discarded due to a temporary lack of memory. This means the log is accurate and reliable.
The following example compares the output of the debug cable-modem mac log command with the debug cable-modem mac log verbose command. The verbose keyword displays periodic events such as ranging.
The following example shows display output for the debug cable mac messages command. This command causes received cable MAC management messages to be displayed in a verbose format. The messages that are displayed are shown below:
The dynsrv keyword displays Dynamic Service Add or Dynamic Service Delete messages during the off-hook/on-hook transitions of a phone connected to the Cisco uBR900 series.
In addition, transmitted REG-REQs are displayed in hex dump format. The output from this command is very verbose and is usually not needed for normal interface debugging. The command is most useful when attempting to attach a Cisco uBR900 series cable access router to a CMTS that is not DOCSIS-qualified.
For a description of the displayed fields of each message, refer to the DOCSIS Radio Frequency Interface Specification, v1.0 (SP-RFI-I04-980724).
To display the timing from MAP messages to sync messages and the timing between MAP messages on a Cisco uBR900 series cable access router, use the debug cable-modem map command in privileged EXEC mode. To turn the debugging messages off, use the no form of this command.
This command has no keywords or arguments.
No default behavior or values.
| Release | Modification |
|---|---|
The following example shows display output for the debug cable-modem map privileged EXEC command.
broadband—Transmission system that combines multiple independent signals onto one cable. In the cable industry, broadband refers to the frequency-division multiplexing of many signals in a wide bandwidth of RF frequencies using a hybrid fiber-coaxial (HFC) network.
CATV—Originally stood for Community Antenna Television. Now refers to any coaxial or fiber cable-based system that provides television services.
cable modem (CM)—A modulator-demodulator device that is placed at subscriber locations to convey data communications on a cable television system. The Cisco uBR900 series cable access router is also a cable modem.
Cable Modem Termination System (CMTS)—A termination system located at the cable television system headend or distribution hub which provides complementary functionality to the cable modems, enabling data connectivity to a wide-are network.
cable router—A modular chassis-based router optimized for data-over-CATV hybrid fiber-coaxial (HFC) applications.
carrier—A signal on which another, lower-frequency signal is modulated in order to transport the lower-frequency signal to another location.
Carrier-to-Noise—C/N (also CNR). The difference in amplitude between the desired RF carrier and the noise in a portion of the spectrum.
channel—A specific frequency allocation and bandwidth. Downstream channels used for television are 6 MHz wide in the United States; 8 MHz wide in Europe.
CMTS—Cable Modem Termination System.
coaxial cable—The principal physical media over which CATV systems are built.
CPE—Customer Premises Equipment
dB—Decibel. A measure of the relative strength of two signals.
dBm—Decibels with respect to one milliwatt. A unit of RF signal strength used in satellite work and other communications applications.
dBmV—Decibels with respect to one millivolt in a 75-ohm system. The unit of RF power used in CATV work in North America.
DHCP—Dynamic Host Configuration Protocol. This protocol provides a mechanism for allocating IP addresses dynamically so that addresses can be reused when hosts no longer need them.
DOCSIS—Data Over Cable Service Interface Specification. Defines technical specifications for equipment at both subscriber locations and cable operators' headends.
downstream—The set of frequencies used to send data from a headend to a subscriber.
FDM—Frequency Division Multiplexing. A data transmission method in which a number of transmitters share a transmission medium, each occupying a different frequency.
FEC—Forward Error Correction. In data transmission, a process by which additional data is added that is derived from the payload by an assigned algorithm. It allows the receiver to determine if certain classes of errors have occurred in transmission and, in some cases, allows other classes of errors to be corrected.
headend—Central distribution point for a CATV system. Video signals are received here from satellite (either co-located or remote), frequency converted to the appropriate channels, combined with locally originated signals, and rebroadcast onto the HFC plant. For a CATV data system, the headend is the typical place to create a link between the HFC system and any external data networks.
HFC—Hybrid fiber-coaxial (cable network). Older CATV systems were provisioned using only coaxial cable. Modern systems use fiber transport from the headend to an optical node located in the neighborhood to reduce system noise. Coaxial cable runs from the node to the subscriber. The fiber plant is generally a star configuration with all optical node fibers terminating at a headend. The coaxial cable part of the system is generally a trunk-and-branch configuration.
host—Any end-user computer system that connects to a network. In this document, the term host refers to the computer system connected to the LAN interface of the cable access router.
ingress noise—Over-the-air signals that are inadvertently coupled into the nominally closed coaxial cable distribution system. Ingress noise is difficult to track down and intermittent in nature.
MAC layer—Media Access Control sublayer. Controls access by the cable access router to the CMTS and to the upstream data slots.
MCNS—Multimedia Cable Network System Partners Ltd. A consortium of cable companies providing service to the majority of homes in the United States and Canada. This consortium has decided to drive a standard with the goal of having interoperable cable access routers.
MSO—Multiple System Operator. A cable service provider that operates in more than one geographic area, thus having multiple headend facilities.
narrowband—A single RF frequency.
NTSC—National Television Systems Committee. A United States TV technical standard, named after the organization that created the standard in 1941. Specifies a 6 MHz-wide modulated signal.
PAL—Phase Alternating Line. The TV system used in most of Europe, in which the color carrier phase definition changes in alternate scan lines. Utilizes an 8 MHz-wide modulated signal.
QAM—Quadrature Amplitude Modulation. A method of modulating digital signals onto a radio-frequency carrier signal in which the value of a symbol consisting of multiple bits is represented by amplitude and phase states of the carrier. QAM is a modulation scheme mostly used in the downstream direction (64-QAM, 256-QAM). 16-QAM is expected to be usable in the upstream direction. Numbers indicate number of code points per symbol. The QAM rate or the number of points in the QAM constellation can be computed by 2 raised to the power of <number of bits/symbol>. For example, 16-QAM has 4 bits per symbol, 64-QAM has 6 bits per symbol, and 256-QAM has 8 bits per symbol.
QPSK—Quadrature Phase-Shift Keying. A digital modulation method in which there are 2 data bits represented with each baud symbol.
ranging—The process of acquiring the correct timing offset such that the transmissions of a cable access router are aligned with the correct mini-slot boundary.
RF—Radio frequency. The portion of the electromagnetic frequency spectrum from 5 MHz to approximately 860 MHz.
SECAM—TV system used in France and elsewhere, utilizing an 8 MHz-wide modulated signal.
SID (Service ID)—A number that defines (at the MAC sublayer) a particular mapping between a cable access router (CM) and the CMTS. The SID is used for the purpose of upstream bandwidth allocation and class-of-service management.
Signal-to-Noise—S/N (also SNR). The difference in amplitude between a baseband signal and the noise in a portion of the spectrum.
spectrum reuse—CATV's most fundamental concept. Historically, the over-the-air spectrum has been assigned to many purposes other than that of carrying TV signals. This has resulted in an inadequate supply of spectrum to serve the needs of viewers. Cable can reuse spectrum that is sealed in its aluminum tubes.
subscriber unit (SU)—An alternate term for cable access router. See cable access router.
upstream—The set of frequencies used to send data from a subscriber to the headend.
Posted: Fri Jan 17 03:28:41 PST 2003
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
