Cadant® C4™ CMTS

Cable Modem Termination System

C4 CMTS User Documentation

Documentation Set Release 4.2, Standard July 2005

ARRIS PROPRIETARY This document contains proprietary information of ARRIS, Inc. and is not to be disclosed or used except in accordance with applicable agreements. © 2005 ARRIS All Rights Reserved 07/05/05

Copyright and Trademark Information
Cadant® C4™ G2 IMS™ FlexCAM™ ARRIS® and Arris International are trademarks of ARRIS International, Inc. Cadant C4 CMTS is a registered trademark of ARRIS International, Inc. All other trademarks and registered trademarks are the property of their respective holders. Every attempt has been made to capitalize and spell correctly the trademarked and service marked terms used in this manual. ARRIS does not attest to the accuracy of these terms and their usage. Any misspelling or misuse of a term should not be construed as affecting the validity of its trademark or service mark. All information contained in this document is subject to change without notice. ARRIS reserves the right to make changes to equipment design or program components, as progress in engineering, manufacturing methods, or other circumstances may warrant. The G2 IMS™ product contains copyright material licensed from AdventNet, Inc. http://www.adventnet.com. All rights to such copyrighted material rest with AdventNet. The ARRIS Cadant® C4™ Cable Modem Termination System (CMTS) has been qualified by CableLabs® for DOCSIS®1.1 and by tComLabs for Euro-DOCSIS 1.1. In June, 2004, CableLabs® announced that the C4 CMTS qualified for DOCSIS® 2.0. PacketCable™ is a trademark of Cable Television Laboratories, Inc. Broadcom® is a registered trademark of the Broadcom Corporation, http://broadcom.com.

Patent Information
The ARRIS Cadant® C4™ Cable Modem Termination System (CMTS) is protected by U.S. and international patents including: 6,457,978 6,662,368 6,449,249 6,636,482 6,637,033 Additional ARRIS International, Inc. patents pending: 6,457,978; 6,769,132; 6,662,368; 6449,249; 6,636,482; 6,637,033; 6,898,182;

© 2005 ARRIS All rights reserved.

CADANT C4 CMTS – LIMITED WARRANTY
1. SOFTWARE WARRANTY ARRlS International, Inc. ("ARRIS") Warrants that for a period of ninety (90) days from delivery of the Software (the "Software Warranty Period), the Software will perform in substantial conformance with the technical specifications for such Software set forth in the Documentation. Purchaser's sole and exclusive remedy, and ARRIS's sole and exclusive liability under this Section I (Software Warranty) shall be, at ARRIS's option: (i) to use commercially reasonable efforts to correct any reproducible errors identified by Purchaser in writing during the Software Warranty Period which renders the Software non-conforming, (ii) to replace the Software with functionally equivalent Software or (iii) to accept return of the Software from Purchaser, if applicable. ARRlS makes no warranty that the Software will work in combination with any hardware or application software products provided by third parties, that the operation of the Software will be uninterrupted or error free, or that all defects in the Software can be corrected. ARRIS shall not have any obligation or liability with respect to this Section I (Software Warranty) for any errors or any defects in the Software upon expiration of the Software Warranty Period. 2. HARDWARE WARRANTY ARRIS warrants to Purchaser that under normal use and service, for a period of twelve (12) months from the purchase date of the Hardware (the "Hardware Warranty Period"), such Hardware will be free from defects in materials and workmanship. Purchaser's sole and exclusive remedy and ARRIS's sole and exclusive liability under this Section 2 (Hardware Warranty) shall be, at ARRIS's option: (i) to use commercially reasonable efforts to correct any reproducible Hardware errors identified by Purchaser in writing during the Hardware Warranty Period which renders the Hardware non-conforming, (ii) to replace the Hardware or (iii) accept return of the Hardware from Purchaser. ARRIS shall not be responsible for any of Purchaser's or third party software, firmware, information or memory data contained in, stored on, or integrated with any Hardware Products returned to ARRIS pursuant to any Warranty provided under this Agreement. 3. OBTAINING WARRANTY SERVICE To make a return under the Warranty above, the Purchaser must notify the ARRIS in writing by obtaining an ARRIS Return Material Authorization number (RMA) within the relevant Warranty Period. The authorized RMA number the Purchaser receives from ARRIS must be marked on the outside package and sent prepaid and packaged appropriately for safe shipment. ARRIS will use commercially reasonable efforts to ship any repaired or replaced Product will be shipped to Purchaser, at ARRIS' expense, not later than thirty (30) days after ARRIS receives the defective Product. Any repaired or replaced Hardware or Software shall be warranted for the remainder of the unexpired applicable Warranty Period. Notwithstanding the above, if any return is due to errors or defects for which ARRIS is not responsible or otherwise not covered by the Warranty, Purchaser shall be liable for and reimburse ARRIS for shipping and related expenses. 4. DISCLAIMER OF WARRANTY. EXCEPT AS MAY BE AGREED TO IN A SEPARATE WRITING BETWEEN THE PARTIES, THIS WARRANTY IS IN LIEU OF ALL OTHER WARRANTIES WITH RESPECT TO HARDWARE OR SOFTWARE DELIVERED TO PURCHASER HEREUNDER, WHETHER STATUTORY, BY OPERATION OF LAW, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON- INFRINGEMENT, TITLE AND ANY WARRANTIES ARISING OUT OF USAGE OR TRADE. THIS WARRANTY IS APPLICABLE SOLELY TO PURCHASER NAMED IN THE PREAMBLE HERETO AND NOT TO ANY SUCCESSOR IN INTEREST THEREOF OR ANY OTHER THIRD PARTY ON THE DATE HEREOF. NO WAIVER, ALTERATION, OR MODIFICATION OF THIS WARRANTY SHALL BE BINDING AGAINST THE ARRIS UNLESS IN WRITING AS A SEPARATE AMENDMENT HERETO AND SIGNED BY TWO (2) AUTHORIZED EXECUTIVE OFFICERS OF ARRIS. © 2005 ARRIS All rights reserved.

5. WARRANTY LIMITATIONS. ARRIS shall be relieved of all obligations and liability under the Warranty provisions set forth herein, if: a The Hardware or Software is operated with, or the error or defect is due to, any accessory, equipment, software or part not approved by ARRIS; b The Hardware or Software shall not have been installed, operated and maintained in accordance with ARRlS's instructions and Documentation; c The Hardware or Software has been repaired, altered or modified by someone other than ARRlS; d Purchaser does not notify ARRlS in writing of the error or defect within the applicable Warranty Period with sufficient information for ARRIS to identify and reproduce such error or defect or fails to return the defective Hardware or Software in accordance with the terms of this Agreement; or e ARRIS can demonstrate that the alleged error or defect in the Software or Hardware does not exist or was caused by Purchaser's or any third party's misuse, neglect, improper installation or testing, or negligent repair or any other cause beyond the range of the intended use, or by accident, fire, lightening or other hazard or act of God. THE LIMITED WARRANTY, LIMITED REMEDIES, WARRANTY DISCLAIMER AND LIMITED LIABILITY ARE FUNDAMENTAL ELEMENTS OF THE BASIS OF THE BARGAIN BETWEEN ARRIS AND CUSTOMER. ARRIS WOULD NOT BE ABLE TO PROVIDE THE PRODUCT WITHOUT SUCH LIMITATIONS.

Cadant® C4™ CMTS - Software License Agreement
EXCEPT AS SET FORTH IN THE WRITTEN SIGNED AGREEMENT ENTERED INTO BY ARRIS INTERNATIONAL, INC. ("ARRIS") AND PURCHASER ("PURCHASER"), USE OF THE SOFTWARE PROVIDED BY ARRIS IS SUBJECT TO THE FOLLOWING TERMS ("License Agreement"). IF PURCHASER DOES NOT AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE AGREEMENT, RETURN THE SOFTWARE AND ALL ENCLOSED DOCUMENTS OR MATERIALS TO ARRIS INTERNATIONAL, INC. FOR A FULL REFUND. USE OF THE SOFTWARE CONSTITUTES ACCEPTANCE OF THE TERMS HEREOF. 1. LICENSE TERMS Subject to the terms of this License Agreement, ARRIS International, Inc. (“ARRIS”) grants to Purchaser a perpetual, royalty-free, non-exclusive, non-transferable (except as set forth in Section 9.2) non-sub-licensable right and license to use the Cadant® C4™ CMTS Software (the “Software”) in connection with the Cadant family of products (the “System”), in binary object code form only. Purchaser may use any third party software products or modules supplied by ARRIS solely with the Software, unless the licensing terms of the third party software products or modules specify otherwise. Purchaser may not disclose the results of Software performance benchmarks to any third party without ARRIS' prior written consent. Purchasers are forbidden from offering the Software for resale under the terms of this Section. All rights not specifically granted to Purchaser herein are retained by ARRIS. 2. RESTRICTIONS Purchaser shall not, and shall not authorize any third party to; (i) make any copies of the Software, (ii) modify, decompile, disassemble, reverse engineer or otherwise attempt to derive any source code from the Software; (iii) transfer the Software to any third party without the prior written consent of ARRIS; (iv) export the Software or any of its underlying technology in contravention of applicable US and foreign export laws and regulations or (v) use the Software other than in connection with the System.

© 2005 ARRIS All rights reserved.

3. USE The right to use the Software, or any individual feature thereof, may be restricted by a measure of usage of applications based upon the number of devices, subscribers, or some similar measure. An expansion beyond a commercially reasonable usage level may require payment of an additional fee to ARRIS. 4. LIMITATIONS ON LIABILITY NEITHER ARRIS NOR ITS LICENSORS SHALL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, PUNITIVE, CONSEQUENTIAL, EXEMPLARY OR SPECIAL DAMAGES UNDER ANY THEORY OF LIABILITY, WHETHER ALLEGED AS A BREACH OF CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE AND REGARDLESS OF WHETHER SUCH DAMAGES ARE SUFFERED BY PURCHASER OR ANY OTHER USER OF THE SOFTWARE, OR ANY THIRD PARTY, EVEN IF ARRIS AND/OR ITS LICENSORS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL ARRIS SYSTEM'S TOTAL LIABILITY TO PURCHASER ARISING OUT OF OR PURSUANT TO THIS LICENSE AGREEMENT EXCEED THE AMOUNT PAID BY PURCHASER TO ARRIS FOR THE SOFTWARE. 5. TERM & TERMINATION. This License Agreement will take effect upon Purchaser acceptance of the terms hereof or upon Purchaser first use of the Software and will remain in force until terminated in accordance with this License Agreement. This License Agreement may be terminated by Purchaser at any time effective upon receipt by ARRIS of written notice thereof. ARRIS may terminate this License Agreement upon fifteen (15) days prior written notice based on Purchaser material breach of this License Agreement if such breach is not cured within such fifteen (15) day period. Notwithstanding the foregoing, this License Agreement shall terminate immediately upon Purchaser breach of any of the provisions of Section 2 above. 6. OWNERSHIP. Title, ownership rights, and all intellectual property rights in and to the Software and any accompanying materials or documentation, and any copy of the foregoing, shall remain the sole and exclusive property of ARRIS and/or its licensors. Purchaser agrees to abide by the copyright law and all other applicable laws of the United States. Purchaser acknowledges that the Software contains valuable confidential information and trade secrets of ARRIS and/or its licensors. 7. INDEMNIFICATION. Purchaser agrees to defend, indemnify and hold ARRIS harmless from and against any costs, losses, liabilities and expenses (including reasonable attorney's fees) arising out of or relating to (i) third party claims arising out of or related to Purchaser use of the Software in contravention to the terms of this Agreement, including without limitation, any and all claims, actions, suits, or proceedings alleging, fraud, breach of security, non-compliance with laws, breach of contract or negligence. 8. UNITED STATES GOVERNMENT RIGHTS. The Software provided under this License Agreement is commercial computer software developed exclusively at private expense, and in all respects are proprietary data belonging solely to ARRIS and/or it licensors. 9. MISCELLANEOUS. 9.1 If any term, condition, or provision in this License Agreement is found to be invalid, unlawful or unenforceable to any extent, the remaining terms, conditions and provisions will continue to be valid and enforceable to the fullest extent permitted by law. 9.2 Neither this License Agreement nor any rights under this License Agreement may be assigned or otherwise transferred by Purchaser, in whole or in part, whether voluntary or by operation of law without the prior written consent of ARRIS. Subject to the foregoing, this License Agreement

© 2005 ARRIS All rights reserved.

will be binding upon and will inure to the benefit of the parties and their respective successors and assigns. 9.3 This License Agreement (including any addenda hereto signed by both parties) represents the entire agreement of the parties with respect to the subject matter of this License Agreement and supersedes all previous communications, representations, understandings and agreements, either oral or written, between the parties with respect to said subject matter. 9.4 This License Agreement may not be amended, except in writing, signed by both parties. No terms, provisions or conditions of any purchase order, acknowledgment or other business form that Purchaser may use in connection with the acquisition or licensing of the Software will have any effect on the rights, duties or obligations of the parties under, or otherwise modify, this License Agreement, regardless of any failure of ARRIS to object to such terms, provisions or conditions. 9.5 This License Agreement shall be governed by and construed in accordance with the laws of the State of Georgia. Any suit brought in connection with this Agreement shall be subject to the exclusive jurisdiction of the State Court of Georgia or the Federal Courts for the Northern District of Georgia and Purchaser hereby agree and submit to the personal jurisdiction and venue thereof.

© 2005 ARRIS All rights reserved.

Table of Contents

1

About This Manual
Intended Audience Prerequisite Skill and Knowledge Purpose Conventions Used in this Document Admonishments Textual Conventions How to Contact Us 1-1 1-2 1-2 1-2 1-2 1-3 1-4

2

C4 CMTS Features
DOCSIS 2.0 Compliance Fault Detection and Recovery Interfaces and Protocols Security Features IP Filtering Options C4 CMTS Feature Descriptions by Software Release Feature Descriptions 2-1 2-2 2-3 2-3 2-3 2-4 2-8

3

C4 CMTS Specifications
Network Diagram C4 CMTS Specifications RF Electrical Specifications Maximum Density Scalability 3-3 3-4 3-6 3-7 3-7

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

1

Table of Contents

C4 CMTS

VoIP Call Capacities

3-8

4

C4 CMTS Power Requirements
Components of the Power System Power Protection Description 4-1 4-3

5

Installation Requirements
Safety Precautions Lifting Safety Electrical Equipment Guidelines Electrostatic Discharge (ESD) Preventing Electrostatic Discharge Damage Installation Checklist Tools Required Items Not Supplied Unpacking the C4 CMTS Module Protection Installation Considerations Rack Mounting Chassis Placement Power Requirements Cooling Requirements 5-2 5-2 5-3 5-3 5-3 5-4 5-4 5-5 5-6 5-7 5-7 5-7 5-7 5-8 5-8

6

Installing Modules and System Bring-up
Introduction Main Hardware Components Module Types and Chassis Slots—Front View Chassis — Rear View Recommended Order for Installing Chassis Components Recommended Chassis Unloading Order Grounding the Chassis Rack Mounting the C4 CMTS Power Conditioning Module (PCM) and Cabling 6-2 6-2 6-3 6-4 6-6 6-7 6-7 6-8 6-9

2

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Table of Contents

Power Protection Description Fan Modules and Cooling Air Filter Installing Modules in the C4 CMTS System Control Module (SCM) Fabric Control Module (FCM) Overview Fast Ethernet Network Access Module (NAM) Overview Gigabit Ethernet Network Access Module Overview Cable Access Module (1Dx8U CAM) Overview Cable Access Module (2Dx12U CAM) Overview Initial System Configuration Overview How to Set the SCM IP Address Using a Terminal Emulator

6-10 6-12 6-17 6-17 6-21 6-28 6-29 6-31 6-32 6-34 6-35 6-41 6-42 6-46 6-47 6-51 6-51 6-52

7 8

Clock Synchronization Protocol Host Names, User IDs, and Password Recovery
How to Administer the Host Name and User IDs How to Add and Delete Users Password Recovery 8-1 8-2 8-4

9

NAM Configuration
Fast Ethernet Network Access Module (NAM) Configuration Gigabit Ethernet Network Access Module (GigE NAM) Configuration NAM-Side IP Interface Bundling 9-2 9-4 9-7

10

Basic CAM Configuration
1Dx8U CAM 10-2

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

3

Table of Contents

C4 CMTS

2Dx12U CAM Rules and Restrictions for 2Dx12U CAM Configuration Basic Command Set for Bringing Up a 2Dx12U Migration from 1Dx8U CAMs to 2Dx12U CAMs Measuring SNR in the 2Dx12U CAM Clone Group Configuration Clone Group Configuration Recommendations Clone Group Operation Details Sample Clone Group Configurations Inter-MAC-Domain Clone Groups Modulation Profiles Adjusting Channel Settings in Response to Increased CM Scaling FlexCAM™ Hitless CAM Sparing Overview Configure Sparing Groups — Example Interface Bundling

10-4 10-4 10-7 10-13 10-23 10-27 10-28 10-29 10-30 10-31 10-32 10-40 10-41 10-41 10-43 10-47

11 12

Control Complex Redundancy Configuring Router Functionality
Interface Configuration Common Interface Configuring Commands Monitoring Interfaces Subinterfaces (Multiple VRIs per VRF) Routing Information Protocol, version 2 (RIP2) Open Shortest Path First (OSPF) OSPF Graceful Restart Loopback Interfaces for Routing Protocols Dynamic Route Redundancy Configuring IP Routes Route Redistribution Multicast Operations in the C4 CMTS IGMP Implementation 12-1 12-1 12-3 12-5 12-9 12-15 12-19 12-21 12-25 12-26 12-27 12-28 12-30

4

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Table of Contents

13

IP Packet Filtering, Throttling, and CAR
Overview of IP Packet Filtering Subscriber Filters Setting Default Filter Groups Debug IP Packet Capture Packet Throttling Committed Access Rate Global Rate Smoothing for TCP Traffic Feature 13-2 13-5 13-10 13-15 13-17 13-19 13-23

14 15

Service Class Names Authentication, Authorization, and Accounting (AAA)
AAA Feature Servers and Server Groups Secure Shell Protocol (SSH2) In-Band Management with ACLs Routing to a Null Interface Source Verification of Cable-side IP Addresses Upstream Load Balancing (ULB) DSx DQoS VoIP on the C4 CMTS C4 CMTS Advanced CM Configuration File Verification 15-2 15-5 15-14 15-22 15-24 15-25 15-27 15-29 15-31

16

PacketCable™ Services
PacketCable 1.x Overview PacketCable Multimedia Overview Configuration Procedures IKE and IPSec Configuration PacketCable Settings PC1.x Electronic Surveillance Electronic Surveillance Configuration Electronic Surveillance Logging Messages Running in a non-PacketCable Compliant Voice Environment 16-1 16-5 16-9 16-10 16-21 16-32 16-33 16-34 16-35

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

5

Table of Contents

C4 CMTS

Working with non-ARRIS MTAs in a non-PacketCable Compliant Voice System Working with ARRIS MTAs in a non-PC1.x Compliant System Converged Services

16-35 16-36 16-38

17

Baseline Privacy Interface (BPI)
Baseline Privacy Overview Baseline Privacy Operational Overview Baseline Privacy Setup Initial CMTS Base Table Setup BPI Initialized State Configuration Settings. Encrypted Multicast Setup Digital Certificates (BPI+ Only) Provisioning BPI X.509 Certificates Using Import/Export Commands Provisioning BPI X.509 Certificates Using CLI Commands Baseline Privacy Debugging Explanation of BPI Trap Codes CLI Commands for Baseline Privacy Configure Cable Command Show Cable Command Configure Interface Cable Command Show Interface Cable Command 17-1 17-2 17-4 17-4 17-9 17-10 17-14 17-15 17-17 17-20 17-24 17-28 17-28 17-29 17-30 17-32

18

DOCSIS Set-top Gateway (DSG) Configuration
Overview and Definitions Configuration Procedures Initial Configuration DSG Configuration Advanced DSG Configuration DS Cable Interface DSG Tunnel DSG Classifier DSG Configuration Scenarios Initial Setup for DSG 18-2 18-4 18-5 18-7 18-9 18-11 18-14 18-18 18-18 18-18

6

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Table of Contents

DSG Configuration Only Multicast Destination IP to RFC1112 DSG Tunnel MAC Multicast Destination IP to non-RFC1112 DSG Tunnel MAC Unicast Destination IP

18-20 18-20 18-23 18-25

19 20

Downstream Cable Parameters Upstream Modulation Parameters and Profiles
Differences Between the 1Dx8U and 2Dx12U Default Modulation Profiles Modulation Profiles: Default and User-defined 20-10 20-11

21 22

SNMP Configuration with CLI Flash Disk Description
Overview Virtual System Controller File System Administration File Transfers Hitless Reload/Upgrade Feature 22-1 22-4 22-5 22-7 22-9

23

Logging and the C4 CMTS
Event Messages How Event Messages Are Routed Event Management Subsystems Event Message Throttling Show Logging Commands Configuring Event Throttling Configuring Event Routing Generating Events and Traps SNMP Trap Examples Routing Events to Local Volatile and Non-Volatile Logs Displaying Events on the System Console Routing Events to the Monitor Routing Events to the History Log 23-1 23-2 23-3 23-4 23-5 23-9 23-11 23-15 23-16 23-17 23-18 23-19 23-20

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

7

Table of Contents

C4 CMTS

Logging OSPF Event Messages

23-21

24

Diagnostics
Diagnostic User Interfaces 24-2

25

CLI Overview
Access Levels and Modes CLI Command Modes CLI Syntax Conventions Designating MAC addresses and IP addresses Keyboard Shortcuts CLI Command Features CLI Help Feature CLI Filtering How to Use CLI Filtering 25-2 25-2 25-5 25-6 25-6 25-7 25-8 25-15 25-15

26 27

CLI Command Descriptions Standard and Cadant Enterprise MIBs
CMTS SNMP MIB Variable Descriptions Enterprise MIBs 27-2 27-3

8

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

List of Features and Fixes for 4.2

Advanced CM Configuration File Verification (TFTP Enforce) Associate ACL with SNMP Community String CLI - clear crypto sa CLI - configure cable dsg client-id-list <clientlist> CLI - configure cable dsg tunnel CLI - configure cable dsg ds-frequency-list CLI - configure cable dsg timer-list CLI - configure cable dsg tunnel <tunnelid> classifier <classid> CLI - configure cable dsg vsp-list CLI - configure cable filter group <group> index <index> log CLI - configure crypto dynamic-map

15-31 21-1 26-21 26-71 26-77 26-73 26-75 26-78 26-80 26-82 26-131

CLI - configure crypto dynamic-map <dyn-map-name> <seq-number> ipsec-isakmp match address 26-132 CLI - configure crypto dynamic-map <dyn-map-name> <seq-number> set peer 26-133

CLI - configure crypto dynamic-map <dyn-map-name> <seq-number> set security-association lifetime 26-134 CLI - configure crypto dynamic-map <dyn-map-name> <seq-number> set transform-set 26-135 CLI - configure crypto ipsec security-association lifetime seconds CLI - configure crypto ipsec transform-set CLI - configure crypto ipsec transform-set <trans-set-name> authentication CLI - configure crypto ipsec transform-set <trans-set-name> encryption CLI - configure crypto ipsec transform-set <trans-set-name> mode 26-145 26-137 26-138 26-139 26-140

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

i

List of Features and Fixes for 4.2

C4 CMTS

CLI - configure crypto isakmp enable CLI - configure crypto isakmp key CLI - configure crypto isakmp local-address <local-address> CLI - configure crypto isakmp policy CLI - configure crypto key export CLI - configure crypto key generate CLI - configure crypto key import CLI - configure crypto key zeroize CLI - configure crypto map <map-name> <0-255> ipsec-isakmp CLI - configure crypto map <map-name> <0-255> ipsec-isakmp dynamic CLI - configure crypto map <map-name> <0-255> ipsec-isakmp match address CLI - configure crypto map <map-name> <0-255> ipsec-isakmp set peer

26-141 26-142 26-143 26-144 26-145 26-146 26-147 26-148 26-149 26-150 26-151 26-152

CLI - configure crypto map <map-name> <0-255> ipsec-isakmp set security-association lifetime seconds 26-153 CLI - configure crypto map <map-name> <0-255> ipsec-isakmp set transform-set CLI - configure interface cable <slot>/<mac> cable downstream dsg dcd-enable CLI - configure interface cable <slot>/<mac> cable downstream dsg ds-frequency-list CLI - configure interface cable <slot>/<mac> cable downstream dsg no CLI - configure interface cable <slot>/<mac> cable downstream dsg timer-list CLI - configure interface cable <slot>/<mac> cable downstream dsg vsp-list 26-154 26-176 26-178 26-179 26-180 26-183

CLI - configure interface cable <slot>/<mac> cable dynamic-secret <lock | mark | reject> 26-209 CLI - configure interface cable <slot>/<mac> cable tftp-enforce 26-231

CLI - configure interface fastethernet <slot>/<port> ip access-group <acl-index> <in | out> 26-319 CLI - configure interface gigabitethernet <slot>/<port> ip access-group <acl-index> <in | out> 26-363 CLI - configure ip filter group <group> index <index> log CLI - configure ip ssh ciphers CLI - configure ip ssh idle-timeout 26-424 26-433 26-434

ii

ARRIS PROPRIETARY — All Rights Reserved

7/15/2005

C4 CMTS

List of Features and Fixes for 4.2

CLI - configure ip ssh login CLI - configure ip ssh max-auth-fail CLI - configure ip ssh password-auth CLI - configure ip ssh password-auth-req CLI - configure ip ssh port CLI - configure ip ssh port-forwarding CLI - configure ip ssh public-key-auth CLI - configure ip ssh public-key-auth-first CLI - configure ip ssh public-key-auth-req CLI - configure ip ssh restart CLI - configure ip ssh shutdown CLI - configure packetcable CLI - configure packetcable dqos shutdown CLI - configure packetcable dqos timer <t0 | t1> CLI - configure packetcable pcmm shutdown CLI - configure packetcable pcmm timer t1 <value> CLI - configure packetcable throttle CLI - configure snmp-server community CLI - reload <img_path> hitless CLI - show cable dsg CLI - show cable dsg client-id-list <clientlist> CLI - show cable dsg ds-frequency-list CLI - show cable dsg timer-list CLI - show cable dsg tunnel <tunnelid> CLI - show cable dsg tunnel <tunnelid> classifier CLI - show cable dsg tunnel-group CLI - show cable dsg vsp-list CLI - show crypto dynamic-map [tag <dynamic-map-name>] CLI - show crypto ipsec sa

26-435 26-436 26-437 26-438 26-439 26-440 26-441 26-442 26-443 26-444 26-445 26-480 26-481 26-482 26-489 26-490 26-491 26-553 26-620 26-642 26-646 26-648 26-650 26-653 26-654 26-652 26-655 26-727 26-728

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

iii

List of Features and Fixes for 4.2

C4 CMTS

CLI - show crypto ipsec security-association lifetime CLI - show crypto ipsec transform-set [tag <trans-set-name>] CLI - show crypto isakmp CLI - show crypto isakmp policy CLI - show crypto isakmp sa CLI - show crypto map [tag <map-name>] CLI - show interface cable <slot>/<mac> cable downstream dsg dcd CLI - show interface cable [<slot>/<mac>] cable downstream dsg CLI - show interface cable [<slot>/<mac>] cable downstream dsg verbose CLI - show interface fastethernet <slot>/<port> access-group CLI - show interface gigabitethernet <slot>/<port> access-group CLI - show ip ospf interface [brief] (PROD 70427) CLI - show ip ssh CLI - show ip ssh config CLI - show packetcable global CLI - show packetcable global dqos CLI - show packetcable global pcmm CLI - show packetcable transactions CLI - show snmp community CLI - show ssh host public-key CLI - trace logging packetcable <pcmm | dqos> <mtaip> Configuration File for Combined Voice and Data on the Same Upstream Debug IP Packet Capture DOCSIS Set-top Gateway Measuring SNR in the 2Dx12U CAM PacketCable Multimedia Overview Power levels for upstream channels on the same physical CAM connector.

26-732 26-733 26-734 26-735 26-736 26-738 26-761 26-758 26-760 26-785 26-786 26-817 26-829 26-830 26-864 26-866 26-867 26-868 26-896 26-831 26-965 16-38 13-15 18-1 10-23 16-5 10-4

PROD 60544 Sample output of "show cable modem detail" command updated to show CM capability and operation. Needed for DOCSIS 2.0. 17-21

iv

ARRIS PROPRIETARY — All Rights Reserved

7/15/2005

C4 CMTS

List of Features and Fixes for 4.2

PROD 64234 Power levels for upstream channels on the same physical CAM connector. PROD 65114 PacketCable Compliance Updated PROD 65842 DCDs configured on a per-interface basis, not for entire cable bundle PROD 66221 Problem with SCN params and DSG tunnels

10-4 16-4 18-5 18-15

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

v

List of Features and Fixes for 4.2

C4 CMTS

vi

ARRIS PROPRIETARY — All Rights Reserved

7/15/2005

List of Figures

3

C4 CMTS Specifications
Figure 3-1: Figure 3-2: The C4 CMTS (front view) Typical Cable Data Network Architecture 3-2 3-3

4

C4 CMTS Power Requirements
Figure 4-1: Figure 4-2: Figure 4-3: Figure 4-4: Figure 4-5: C4 CMTS Front Access Panels LED and Power Bus Switches C4 CMTS Power Feeds (chassis rear) Second Level - Internal Branch Fusing Power Control Button 4-2 4-3 4-4 4-5 4-6

5

Installation Requirements
Figure 5-1: Internal Air Flow (side view) 5-9

6

Installing Modules and System Bring-up
Figure 6-1: Figure 6-2: Figure 6-3: Figure 6-4: Figure 6-5: Figure 6-6: Figure 6-7: Front View of C4 CMTS C4 CMTS Chassis (rear view) Example of Old and New Front Filler Panels Location of Grounding Terminals Installing the Power Control Module (PCM) Cabling the PCM Example of Normal Speed Fan Module 6-3 6-5 6-6 6-8 6-10 6-11 6-13

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

1

List of Figures

C4 CMTS

Figure 6-8: Figure 6-9:

Example of High Speed Fan Module Installing the Fan Module

6-14 6-15 6-16 6-18 6-19 6-21 6-26 6-27 6-28 6-31 6-34 6-37 6-38 6-41 6-46 6-52 6-55

Figure 6-10: Air Flow Through the Chassis Figure 6-11: Installing the System Control Module Figure 6-12: Release Locking Latches in Order to Remove Module Figure 6-13: System Control Module (SCM) and PIC Figure 6-14: View of Pin-out of Rollover Cable Figure 6-15: Connecting the Console Port to a PC Figure 6-16: Fabric Control Module (FCM) and Filler Panel Figure 6-17: FastE NAM and PIC Figure 6-18: GigabitEthernet Network Access Module (GigE NAM) and PIC Figure 6-19: Gigabit Interface Converters (GBICs) Figure 6-20: Installing the GBIC Figure 6-21: 1Dx8U Cable Access Module (CAM) and PICs Figure 6-22: 2D12U Cable Access Module (CAM) and PIC Figure 6-23: Opening a Terminal Session on the C4 CMTS Figure 6-24: Sample Bootloader Dialog

79

NAM Configuration
Figure 9-1: Block Diagram of NAM-Side IP Interface Bundling 9-7

10

Basic CAM Configuration
Figure 10-1: One Way to Migrate Two 1Dx6 CAMs onto One 2Dx12U (example) 10-15

Figure 10-2: Migration Example: from 12 Upstreams on Two 1D/6U CAMs to One 2Dx12U 10-16 Figure 10-3: Two Examples of Slot Configuration after Migrating to 2Dx12U CAMs Figure 10-4: Network Example — Each CM Sees Multiple Downstreams Figure 10-5: Example of CAM Sparing Groups 10-17 10-31 10-43

12

Configuring Router Functionality
Figure 12-1: Example of Packet Flow Using Loopback Interface 12-23

2

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

List of Figures

115

Authentication, Authorization, and Accounting (AAA)
Figure 15-1: AAA Security Model 15-3

16

PacketCable™ Services
Figure 16-1: PacketCable Network Reference Architecture Figure 16-2: Foundations of PCMM Architecture Figure 16-3: Network Diagram of PCMM Implementation 16-3 16-6 16-8

Figure 16-4: An Example of Classification for PacketCable 1.x In a Combined Voice and Data Environment 16-40

17

Baseline Privacy Interface (BPI)
Figure 17-1: Example of Baseline Privacy Base Table 17-5

18

DOCSIS Set-top Gateway (DSG) Configuration
Figure 18-1: Logical devices in a DSG system Figure 18-2: Block Diagram of an Advanced DSG Configuration 18-2 18-10

22

Flash Disk Description
Figure 22-1: Flash Disk Partition Structure 22-2

23

Logging and the C4 CMTS
Figure 23-1: Event Management Subsystems on the C4 CMTS Figure 23-2: Show Logging Output Example Figure 23-3: Show Logging Throttle Output Example Figure 23-4: Show Logging History Output Example Figure 23-5: Show Logging History Last 10 Output Example Figure 23-6: Help Configure Logging Trap Output Example Figure 23-7: Show Logging Local Output Example 23-3 23-7 23-8 23-8 23-9 23-16 23-18

24

Diagnostics
Figure 24-1: C4 CMTS Diagnostic Software 24-3

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

3

List of Figures

C4 CMTS

Figure 24-2: CLI Output for Diagnostics Figure 24-3: Show Logging History Output Example (partial) Figure 24-4: Example of System Output for a Module that Failed Diagnostics

24-12 24-13 24-14

4

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

List of Procedures

6

Installing Modules and System Bring-up
Procedure 6-1 Procedure 6-2 Procedure 6-3 Procedure 6-4 Procedure 6-5 Procedure 6-6 Procedure 6-7 Procedure 6-8 Procedure 6-9 How to Rack Mount the C4 CMTS How to Install the Power Conditioning Modules (PCMs) How to Cable the PCM How to Install the Fan Modules How to Install the SCM How to Install the SCM Physical Interface Card (PIC) How to Cable the SCM How to Install the FastE NAM How to Install the GigE NAM 6-8 6-10 6-11 6-15 6-24 6-24 6-26 6-33 6-35 6-35 6-38 6-39 6-44 6-44 6-52 6-54

Procedure 6-10 How to Install the GigE NAM Physical Interface Card (PIC) Procedure 6-11 How to Install the GBICs Procedure 6-12 How to Remove a GBIC Procedure 6-13 How to Install the CAM Procedure 6-14 How to Install the CAM Physical Interface Card (PIC) Procedure 6-15 How to Open the Terminal Emulator Session Procedure 6-16 How to Modify Boot Parameters

7

Clock Synchronization Protocol
Procedure 7-1 Procedure 7-2 How to Configure a Time of Day (TOD) Clock Protocol How to Choose Network Time Protocol (NTP) for C4 CMTS 7-1 7-2

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

1

List of Procedures

C4 CMTS

8

Host Names, User IDs, and Password Recovery
Procedure 8-1 Procedure 8-2 Procedure 8-3 How to Configure a Host Name and Logging Host IP Address How to Configure Privilege Levels and Authentication How to Enable Password Recovery Using Application Dialog 8-1 8-2 8-4

9

NAM Configuration
Procedure 9-1 Procedure 9-2 Procedure 9-3 Procedure 9-4 How to Configure a Network Access Module How to Take a NAM Out of Service and Delete Its Slot How to Configure a Gigabit Ethernet Network Access Module How to Take a GigE NAM Out of Service and Delete Its Slot 9-3 9-4 9-5 9-6

10

Basic CAM Configuration
Procedure 10-1 How to Create and Enable a 1Dx8U CAM Procedure 10-2 Example of Growing and Enabling a 2Dx12U CAM with Logical Channels Procedure 10-3 Migrating from a 1Dx8U Chassis to a 2Dx12U Chassis Procedure 10-4 How to Align IM Opportunities for Clone Groups Procedure 10-5 How to Create and Apply a Modulation Profile to an US Port Procedure 10-6 How to Configure an Upstream (US) Channel Procedure 10-7 How to Activate a CAM Procedure 10-8 How to Take a CAM Out of Service and Delete Its Slot Procedure 10-9 Configuring the Two Sparing Groups Shown in the Example Procedure 10-10How to Fail Back Manually Procedure 10-11How to Delete a CAM Sparing Group Procedure 10-12How to Create Interface Bundles Procedure 10-13How to Remove Interface Bundles 10-3 10-9 10-18 10-29 10-33 10-34 10-39 10-39 10-43 10-45 10-46 10-47 10-48

11

Control Complex Redundancy
Procedure 11-1 How to Add a Control Complex (Change from Simplex to Duplex) Procedure 11-2 How to Change a Control Complex from Duplex to Simplex 11-2 11-3

2

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

List of Procedures

12

Configuring Router Functionality
Procedure 12-1 How to Monitor Interfaces Procedure 12-2 How to Enable Single Key Authentication Procedure 12-3 How to Enable Multiple Key Authentication (i.e., Key Chains) Procedure 12-4 How to Enable OSPF Procedure 12-5 How to Disable OSPF for an Interface Procedure 12-6 How to Disable OSPF (Globally) on the C4 CMTS Procedure 12-7 How to Add/Delete/View a Static IP Route to the C4 CMTS Procedure 12-8 How to Enable Multicast on a Cable Interface 12-3 12-13 12-14 12-16 12-18 12-18 12-26 12-31

13

IP Packet Filtering, Throttling, and CAR
Procedure 13-1 How to Add Filters to the CMTS 13-6

15

Authentication, Authorization, and Accounting (AAA)
Procedure 15-1 Setting up SSH on the C4 CMTS Procedure 15-2 PuTTY, SSH, Public Key Authentication 15-17 15-17

23

Logging and the C4 CMTS
Procedure 23-1 How to Route Events to the Console Procedure 23-2 How to Route Events to the Monitor Procedure 23-3 How to Configure the History Log 23-18 23-19 23-20

24

Diagnostics
Procedure 24-1 How to Restore Modules into Service 24-4

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

3

List of Procedures

C4 CMTS

4

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

1. About This Manual

Topics
Intended Audience Prerequisite Skill and Knowledge Purpose Conventions Used in this Document How to Contact Us

Page
1 2 2 2 4

In response to emerging IP-based data and voice services, ARRIS brings to market a next-generation, carrier-class Cable Data Network Solution — the Cadant C4 Cable Modem Termination System (CMTS). As of April 2005, there were more than 700 C4 CMTSs on four continents supporting 3.7 million subscribers. The C4 CMTS has been designed to meet the needs of the Multiple System Operator (MSO) in terms of system density, wire-speed performance, and reliability. The C4 CMTS enables MSOs to bundle high-speed data, voice, full-motion video, and other multimedia content to residential and business customers.

Intended Audience
This document is intended for MSO technical support personnel who are responsible for integrating, operating, and maintaining the C4 CMTS.

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

1-1

1 About This Manual

Prerequisite Skill and Knowledge
This document serves as an introduction to the C4 CMTS for all administrators and users of cable modem termination systems. Ideally, users of this documentation and equipment should have a basic knowledge of the following: • • • • RF measuring equipment Provisioning servers Command Line Interface (CLI) RF cable plant and operating methods

Purpose
This document provides a comprehensive view of the C4 CMTS including reference and procedural information required to manage and control the C4 CMTS.

Conventions Used in this Document
This section presents the textual conventions used in this documentation set.

Admonishments
There are three levels of admonishments used in this documentation. The first is a simple note. NOTE Notes are intended to highlight additional references or general information related to a procedure, product, or system. The international symbols, Caution and Warning, appear in this book when you must perform procedures involving risk.

1-2

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

AboutThis Manual From the File>Set-up menu choose… Time since the CMTS was last booted: 12 days. or damaging equipment. Textual Conventions The conventions used in this guide are shown in the following table: Table 1-1: Examples of Textual Conventions Type of text CLI commands and other user input Names of chapters and manuals Menu selections System responses and screen display Description Monospaced bold (courier) Example configure slot <13-16> type NAM chapter 1. Before you work on any equipment. 2: 8: 14 <hr:min:sec> Italicized text Plain-faced text Monospaced font (courier) Release 4. Read the accompanying instructions and proceed with caution.C4 CMTS CAUTION Cautions indicate risk of dropping traffic. Standard ARRIS PROPRIETARY — All Rights Reserved 1-3 . losing data.2. WARNING The warning symbol represents a risk of bodily injury or serious damage to the equipment. be aware of the hazards involved with electrical circuitry and fiber optics and follow standard procedures for preventing accidents and serious damage.

na@arrisi. G2 IMS® software.888.com +31 23. The Technical Support Contact information is summarized in the following table: Table 1-2: Product Technical Support Contacts C4 CMTS Support Information NORTH AMERICA E-mail Toll Free Phone Worldwide Phone Hours LATIN AMERICA E-mail Phone Hours EUROPE E-mail Phone Hours ASIA (except Japan) E-mail Phone Hours E-mail Phone Hours E-mail Phone Hours JAPAN . French) 08:30 to 17:30 pm CET techsupport.5628 9 am to 6 pm (09:00 to 18:00) techsupport. Spanish.2.com +81 92 473.4142 9 am to 5 pm (09:00 to 17:00) Tokyo local time techsupport.369.japan@arrisi.Tokyo Office techsupport.japan@arrisi.com +81 (0) 3 5371.cala@arrisi.9797 (North America Only) 1+678.5656 8 am to 8 pm (08:00 to 20:00) Eastern Standard Time 1-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .com +81 (0) 3 5371.com 1+.3880 (English.554.com +56.1 About This Manual How to Contact Us Product Information and Support If you have questions about the ARRIS C4 CMTS. or this guide.2671 9:30 am to 6 pm (09:30 to 18:00) Fukuoka local time JAPAN . pleases contact your ARRIS account representative.4142 9 am to 5 pm (09:00 to 17:00) Tokyo local time techsupport. installation procedures.Fukuoka Office techsupport.asia@arrisi.221.473.europe@arrisi.

visit our web site: http://www.To obtain pricing for on-site training and other training information.arrisi.com Release 4.com Comments on this Document Our goal has been to create a document that best fits your needs. instructor-led.morgan@arrisi.com and clicking on the link to the Customer Center. You may address comments or questions regarding this documentation directly to the Documentation and Training Manager: Jim Morgan ARRIS Customer Documentation and Training Manager PH: 770-622-8760 FX: 678-473-5218 jim. Standard ARRIS PROPRIETARY — All Rights Reserved 1-5 . Additional contact information can be obtained from the ARRIS web page at http://www.C4 CMTS Emergency support is available after normal business hours by calling the same numbers listed above. On-site training is available.arrisi. Web-based. and provisioning products. training center in Atlanta. data. Training Information ARRIS Training is the authorized organization for training on voice. We are interested in your suggestions for improving this document.S.2. and customized courses are available at our U.

1 About This Manual 1-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

the Cadant C4 CMTS. Release 4.C4 CMTS 2. configured with the higher density 2Dx12U CAM provides the most reliable and scalable CMTS solution currently available.0 requalification by CableLabs® with the new software upgrade designed to support DOCSIS Set-top Gateway (DSG) technology. C4 CMTS Features Topics C4 CMTS Feature Descriptions by Software Release Feature Descriptions Page 4 8 This chapter introduces the C4 CMTS and its features. and components. This chapter contains the following topics: • • Descriptive and reference information Features list DOCSIS 2. 2004. MSOs can provide their customers with advanced voice and high-speed data solutions.2. With this qualification.0 Compliance In December. Standard ARRIS PROPRIETARY — All Rights Reserved 2-1 . the Cadant C4 Cable Modem Termination System (CMTS) received DOCSIS® 2. Using it. functionality.

0 standard while maintaining all the DOCSIS 1. interactive gaming. This transition of all services to IP-based standards is expected to streamline operations and lower capital costs for cable operators. CRC. 32QAM. pings) Continuous system audits Multiple levels of error detection. 2-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Fault recovery on the C4 CMTS: • • • • Rapidly isolates faults Decreases diagnostic and repair time Reduces the probability of fault propagation Minimizes impact on subscriber services. The following enhancements are available to CMTSs and CMs that comply with the 2. provisioning and control of advanced set-top boxes from proprietary to standards-based protocols. and 64QAM Longer preamble to facilitate synchronization — up to 1536 bits Higher powered preamble — QPSK-1 Enhanced noise cancellation and error correction Synchronous-Code-Division Multiple Access (SCDMA) operation along with the standard TDMA and ATDMA techniques for combining CM signals onto a given upstream channel. allowing operators to transition the signaling. The DOCSIS 2. The growing demand for peer-to-peer file sharing.2 C4 CMTS Features The Cadant C4 CMTS supports DOCSIS Set-Top Gateway (DSG). and voice over IP telephony increases the need for upstream bandwidth.0 standard greatly improves performance in the upstream path of the cable network. loopbacks.0 functionality: • • • • • • • • Enhanced upstream capacity Greater maximum upstream throughput — up to 30.4 Mhz New upstream channel modulation rates: 8QAM.1 and 1.72 mbps per channel Greater upstream channel width — up to 6. Fault Detection and Recovery The C4 CMTS employs: • • • Advanced data-path integrity checks (parity.

see the appropriate draft documents of the Internet Engineering Task Force at www.0 and Cadant MIBS Command Line Interface (CLI) File Transfer Protocol (FTP) Telnet Routing Information Protocol (RIPv2) Open Shortest Path First (OSPFv2) Security Features Unique security measures ensure plant and subscriber integrity through: • • • • • • • • • • • DOCSIS 1. The primary protocols supported by the C4 CMTS include the following: • • • • • • • Simple Network Management Protocol (SNMP) — v1.1.ietf.2. Look for the latest version of DOCSIS Subscriber Management MIB. and v3 DOCSIS 1. Standard ARRIS PROPRIETARY — All Rights Reserved 2-3 . DOCSIS 2.org.1 1.C4 CMTS Interfaces and Protocols Open interfaces and protocols allow seamless integration with existing network management infrastructures. For information on the applicable standards. Release 4. v2c.1 BPI+ encryption Administrative isolation by means of a separate physical interface Packet filtering Proxy ARP Password and key authentication for RIP and OSPF Authentication using RADIUS Secure Shell (SSH) Access Control Lists (ACLs) Multi-stage Denial of Service throttling mechanisms in hardware and software TACACS+ Protocol throttling IP Filtering Options The IP filtering feature is dependent on the subscriber management MIB.

and 4.0: • • • • • • GigE Network Access Module (Gig-E NAM) Authentication using RADIUS Secure Shell (SSH) In-Band Management and Access Control Lists (ACLs) Upstream Load Balancing (ULB) Multiple syslog servers 2-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .1 support Maximum cable interface density per rack unit High scalability Guaranteed Service Level Agreements (SLAs) support IGMPv2 & Multicast Flow Support Carrier-class availability and operation Static Layer 3 Routing Layer 3 Router Functionality including • • • Release 3.0.2. plus the features of software Releases 3.2 aggregated Feature Set is comprised of the Baseline Feature Set.0 Features Router Information Protocol (RIPv2) Open Shortest Path First (OSPFv2) Equal Cost Multipath Load Balancing (ECMP) FlexCAM™ Technology for CAM sparing (hitless operation for sparing groups up to 7+1) Dynamic Route Redundancy Control Complex Redundancy The following features were added with Release 3.0. 4. Baseline Features The ARRIS C4 CMTS feature set includes: • • • • • • • • Complete DOCSIS 1.1. 3.2 C4 CMTS Features C4 CMTS Feature Descriptions by Software Release The ARRIS C4 CMTS Release 4.3. 4.

3 Features The following features or improvements have been added for release 3. Standard ARRIS PROPRIETARY — All Rights Reserved 2-5 . Authorization. and Ping CLI Improvements: • • • • • • • • • Extended ping command show ip interface brief show temperature reset all CMs traceroute CLI command configure authorization COS and 1.3: • • • • • • • • • • • • • • PacketCable Qualification Increased subscriber limits per chassis: 24K CM Increased VoIP Call Capacities Improved Password Recovery Loopback Interface Multiple Subinterfaces per VRF Loopback Interfaces for routing protocols Number of filters in group increased to 31 Support for Authentication. Traceroute.0 Modems configure logging priority configure privilege exec level Release 4. and Accounting (AAA) [RADIUS & TACACS+] In-Band Management: Access to the SCM via the loopback IP address Support for Packet Cable Automatic System Backup during Upgrade Improved Baseline Privacy Interface (BPI) Domain Name System (DNS) Support for Telnet.2.C4 CMTS Release 3.

• • • • • • Automatic fan speed control Encrypt the MD5 shared secret for routing protocols in CLI output Disable ICMP Unreachables OSPF "point-to-point" interface support Increased AC/DC power solution Voice call requirements: - At least 1.0: • • • • • • • • • • • 2Dx12U CAM — full DOCSIS 2. Each entry in the alphabetical list of commands is a hyperlink to the appropriate page in the manual.0 Features The following features or improvements have been added for release 4. and 3. 2Dx12U CM reset clear trap Flap List enhancements: • • • • percent of station maintenance ranging opportunities that receive a range request .2 C4 CMTS Features Release 4. CLI Command Descriptions.0 (A-TDMA and S-CDMA) Proprietary automatic ingress noise cancellation Flash disk re-partitioning Graceful restart with OSPFv2 Real-time FFT of upstream (compatible with C3 CMTS MIBs) NAM IP interface bundling Increased subscriber limits per chassis: 32. see Chapter 26.000 CMs per chassis.000 CMs per downstream (500 per upstream in 1x6 operation) Preemption of normal calls by new emergency calls when BW is limited Additional audits: FCM.5% At least 260 half-calls per downstream 2-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .000 MTAs per downstream At least 5. file system.number of power adjustments exceeding a threshold Number of CRC errors per CM (2D only) Number of bytes dropped per CM (congestion and policing) Virtual System Controller CLI Improvements: - show/copy running-config show cable qos profile assign and display in output name/description for each interface To look up syntax and parameters for individual CLI commands.000 BHCAs with completion rate of 99.

2: • • • • • DOCSIS Set-top Gateway (DSG) Agent Associate ACL with SNMP Community String Advanced CM Config File Verification Scalability — 52K CMs per chassis Modify overload control to ensure "older" CMs range/register in reasonable time through overload conditions (chassis reboot. etc.Lines/downstream 1800 Lines/C4 24000 .BHCA/downstream 5000 BHCA/C4 66600 . Standard ARRIS PROPRIETARY — All Rights Reserved 2-7 . CAM insertion. the per-chassis line and MTA limits must be reduced to 1000. Release 4.1 Features The following features or improvements have been added for release 4. If the system contains any FastENAMs.2 Features Committed Access Rate Global Traffic Shaping for TCP Traffic Remote Query of Cable Modems The following features or improvements have been added for release 4. Release 4.x Voice call requirements • • • • • • • - • MTAs /downstream (1D) 1000 MTAs/downstream (2D) 1500 MTAs/C4 20000 .C4 CMTS NOTE The voice call requirements are reduced by one-half in a mixed voice and data environment.Simultaneous half calls/downstream 260 Programmable unicast request opportunity polling interval NOTE The voice call requirements specifically assume that only GNAMs are used.) "Debug" IP Filter Packet Capture capability (ability to capture packet headers that match IP filters or similar functionality) PacketCable Multimedia Network side ACLs Support for 16 telnet sessions Clear the IP filter counters through the CLI Hitless software update PacketCable 1.1: • • • Release 4.2.

Equal Cost Multipath The Equal Cost Multipath (ECMP) feature allows an administrator to route designated traffic across multiple routes while balancing traffic across up to four equal cost routes. This includes: • Layer 3 Router Functionality including • • • • • • • Router Information Protocol (RIPv2) Open Shortest Path First (OSPFv2) Equal Cost Multipath Load Balancing (ECMP) FlexCAM™ Technology for “hitless” CAM sparing (hitless operation for sparing groups up to 7+1) Dynamic Route Redundancy Control Complex Redundancy Secure Shell In-band Management with ACLs Upstream Load Balancing Multiple Syslog Servers Each feature is explained in the following sections. For more information on the standard. Feature Descriptions In addition to the previously described features and functionality.2 C4 CMTS Features Certain features may impact software upgrade procedures. The C4 CMTS implements RIPv2. OSPF bases its path descriptions on link states that take into account additional network information. For more information related to upgrades or for non-conformance issues. this version supports subnet masks and Message Digest 5 (MD5) authentication. Unlike the original version of RIP. RIP requires little overhead and is easy to implement. OSPFv2 OSPF is a dynamic link-state routing protocol developed by the Internet Engineering Task Force and is published as RFC 2328. the following section describes the C4 CMTS feature set. This file is included on the software CD. Rather than counting the number of hops as a metric. see Request For Comments (RFCs) 2453 and 1058. OSPF also lets the user assign cost metrics to each interface so that some paths are given preference. If more than four equal cost routes are learned 2-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . see the Cadant® C4™ CMTS Software Upgrade Notes. RIPv2 RIP is a distance vector routing protocol that learns routes dynamically without provisioning.

A Control Complex consists of one SCM and one FCM. GigE NAM. the load through the equal cost routes is balanced. and CAMs).C4 CMTS by the C4. The C4 CMTS supports CAM sparing groups up to 7+1 in size (seven active CAMs backed up by one spare). The control complex redundancy feature provides 1+1 active/standby redundancy between two pairs of SCM/FCM modules. Each IP datagram is examined to determine its route according to the Destination IP address. Secure Shell The C4 CMTS Secure Shell protocol version 2 (SSH2) feature provides enhanced privacy and security. and The ability to permit or deny access to the SCM via the client cards from specified subnet or host addresses. Assuming an even distribution of source IP addresses. including: • • • • • In-Band Management with ACLs Secure encrypted connection capabilities using an SSH2 server User authentication by internal password External RADIUS password or user digital signatures (public keys) Secure connections to the C4 CMTS CLI and file systems Secure FTP (SFTP) Dynamic Route Redundancy Control Complex Redundancy The C4 CMTS offers enhanced network management with controlled access to the SCM via standard Access Control Lists (ACLs) for CMTS administrators. and routing. one active and one standby. If multiple equal cost routes are found. Hitless sparing occurs when an active CAM goes down and a spare CAM becomes active. The CMs remain on-line and do not have to re-range and re-register.2. Control Complex Redundancy (CCR) ensures high reliability for systemwide OAM&P. then the extra routes are not active. the route chosen is based on the source IP address of the packet. This feature provides: • • IP connectivity to the SCM through the client cards (NAM. Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 2-9 . FlexCAM Sparing Hitless CAM sparing is an important element of system reliability and greatly reduces subscriber impact and loss of traffic in the event of CAM failure. In a fully equipped chassis there are two Control Complexes. The update will only occur if a redundant route for a specific IP prefix exists in software. The Dynamic Route Redundancy feature allows the C4 CMTS to dynamically update a specific route in hardware based on a change in the network topology. The failure of an active SCM/FCM pair immediately causes a failover to the standby SCM/FCM pair. switching.

Multiple Syslog Servers The C4 CMTS has the ability to configure and send logging messages to up to eight syslog servers (hosts). The ULB feature is provisionable per cable group. The automatic decision to load balance is based on a comparison of the cumulative reserved bandwidth of upstream channels at the time a new CM is attempting to perform initial maintenance ranging.e. NOTE This feature should not be activated for cable groups with CMs that are already configured to connect to specific upstream channels. (i. 2-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . a downstream channel and all associated upstream channels that occupy the same physical cable).2 C4 CMTS Features Upstream Load Balancing The Upstream Load Balancing (ULB) feature provides upstream load balancing on registering CMs among upstream channels to which those CMs are physically attached.

This chapter contains the following topics: • • • Descriptive and reference information Physical design information Power and electrical requirements Release 4.2. Standard ARRIS PROPRIETARY — All Rights Reserved 3-1 .C4 CMTS 3. C4 CMTS Specifications Topics Network Diagram C4 CMTS Specifications RF Electrical Specifications Maximum Density Scalability VoIP Call Capacities Page 3 4 6 7 7 8 This chapter introduces the C4 CMTS and its features and functionality.

The PICs provide physical connectors for terminating cables from the subscriber and Internet networks. These are sometimes referred to as front cards. There are four main types of modules used to equip the slots in the front. are inserted in each slot from the rear of the chassis. Between the front and back slots is the midplane of the chassis. There are a total of twenty-one slots for modules. or PICs. Smaller modules. called Physical Interface Cards. Three C4 CMTS chassis can be mounted in a single 19-inch wide.3 C4 CMTS Specifications Figure 3-1 illustrates the front view of the C4 CMTS. sevenfoot standard rack. Figure 3-1: The C4 CMTS (front view) 3-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Figure 3-2 shows a typical cable data network architecture. DOCSIS defines the standard for communication among these elements.2.C4 CMTS Network Diagram A cable data network system consists of cable modems (CMs) at subscriber premises. The C4 CMTS provides data switching functions as well as the radio frequency (RF) interface to and from the cable plant. The data-over-cable management system provides both the end-to-end network management solution and the support for subscriber provisioning. TFTP Server TOD Server DHCP Server 10/100 Ethernet Switch Router Internet AC DC Power Converter CMTS CATV Network HFC Plant Cable Modem CPE Figure 3-2: Typical Cable Data Network Architecture Release 4. It also provides ethernet interfaces to the Internet Service Provider(s). a CMTS at the cable plant operations area. Standard ARRIS PROPRIETARY — All Rights Reserved 3-3 . a data-over-cable management software suite integrated with the operator's other management systems. and the HFC cabling that connects it all.

Class A) Network Interfaces The C4 CMTS is equipped with the following interfaces: • • • 10 Base-T (SCM Maintenance Port) 10/100 Base-T (FastE or GigabitE NAM) 1000 Base-TX. This offset from the operating range provides a cushion against multiple possible power cycles. First Edition Electromagnetic Compatibility The C4 CMTS meets the following: • • GR-1089-CORE. the C4 CMTS will not restart successfully if the voltage is not in the range of -44 to -67.1 (CISPR 22.or 23-inch rack.4" 20. Start-up voltage range: -44 to -67.3.5VDC Note: If powered down. range -44 to -72VDC Note: Once powered up the C4 CMTS will continue to operate if within this voltage range. • • • Safety The C4 CMTS meets the following safety standards: • • • UL60950 (1999) Third Edition CAN/CSA-C22. 1000 Base-LLX.5 Kg) • Power • Chassis Weight (fully equipped): 166 pounds Operating voltage: nominal -48 VDC. 1000 Base-SX.3 C4 CMTS Specifications C4 CMTS Specifications This section is a summary of the C4 CMTS physical characteristics and operating specifications. Class A) EN 300 386 v1. Issue 3 (FCC .Part 15.5VDC. Attempted start-ups at the voltage extremes are subject to power fluctuations that could result in multiple power cycles and damage to the equipment.2. No.0" (622 mm) (442 mm) (508 mm) (75.5" 17. Physical • • Mounting: Dimensions: 19. Chassis Power Consumption: 2800W maximum The -44V guaranteed operating limit translates to a maximum current draw of 64A at 2800W. 1000 Base-LX (GigabitE NAM) 3-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or stand-alone Height Width Depth 24. and information on compliance with regulatory standards. 950-95 IEC60950-1 (2001).

C4 CMTS Environmental Thermal — The C4 CMTS meets the following environmental standards: • NEBS GR-63-CORE.1E) Storage (Class 1. Standard ARRIS PROPRIETARY — All Rights Reserved 3-5 . non-condensing Long term: 5 to 85% Non-operating humidity: 5 to 95%. non-condensing Mechanical — NEBS GR-63-CORE ETS 300 019 • • In-use (Class3. ETS 300 019 • • Operating temperature: Short term: -5 to +55ºC Long term: +5 to +40ºC Non-operating temperature: -40 to +70ºC Operating humidity Short term: 5 to 90%.2) Transportation (Class 2.3) Other — NEBS Level 3 Criteria (SR-3580) Acoustic Noise Criteria: • • NEBS (GR-63-CORE) ETSI (ETS 300 753) Altitude Criteria (NEBS GR-63-CORE) Illumination Criteria (NEBS GR-63-CORE) Release 4.2.

8QAM.712 Mbps 55.056941 5.65 MHz 5 .x or 2. respectively. Table 3-2: Upstream RF Electrical Specifications Upstream frequency band: North America Europe Japan RF channel spacing Modulation types Raw bit rate Forward error correction 5 .952 The following table lists the upstream RF electrical specifications.5 dB 75Ω 5.857 MHz 112 . 16QAM Type 5 TLV: QPSK. Type-Length-Value (TLV) 4 or 5 are codes used in UCD messages to indicate DOCSIS 1. 16QAM.616 Mbps 50-61 dBmV < 14 dB in-band Adjustable to within +/-.55 MHz < 1 kHz Type 4 TLVa: QPSK. and 64QAM 30. 256QAM 64QAM: 256QAM: 64QAM or 256QAM: 30.0 compatibility.884 Mbps 41.858 MHz 250 kHz 64QAM. Table 3-1: Downstream RF Electrical Specifications Center frequency range: North America Europe Frequency step size Modulation types Annex B symbol rates in Msym/sec Annex A symbol rate in Msym/sec Raw bit rate: Annex B 64QAM 256QAM) Raw bit rate: Annex A 64QAM 256QAM) Output signal range Return loss Transmit output power accuracy Output impedance 91 .42 MHz 5 . 32QAM.3 C4 CMTS Specifications RF Electrical Specifications The following table lists the downstream RF electrical specifications.360537 6. 3-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .342 Mbps 42.72 Mbps max Reed-Solomon (T = 1-16) a.

These routes can be provisioned on different NAM ports with different weights. Standard ARRIS PROPRIETARY — All Rights Reserved 3-7 . This allows an MSO to set multiple routes to a single destination. Release 4. the CMTS can grow to meet evolving subscriber traffic considerations along with reducing inter-shelf cabling. Using multiple NAM ports within one CMTS chassis enables use of dynamic route redundancy. The C4 CMTS chassis supports up to 32 downstream channels and 192 upstream channels. and maintenance.C4 CMTS The following is a list of receiving input levels for upstream channels: Table 3-3: Receiving Input Levels for Upstream Channels Channel Width (kHz) 200 400 800 1600 3200 6400 Symbol Rate (ksm/sec) 160 320 640 1280 2560 5120 Maximum Range (dBmV) -16 to +14 -13 to +17 -10 to +20 -7 to +23 -4 to +26 -1 to +29 Maximum Density The C4 CMTS supports both small and large scale subscriber deployments. Up to three chassis can be installed in a standard 7-foot high. With the ability to accommodate many configurations. thus providing a NAM redundancy strategy. Scalability ARRIS offers a number of combinations of downstream to upstream channel ratios to improve scalability. Operating ratios of downstream to upstream channels range from 1:1 to 1:12. operations. assuming use of the 2Dx12U Cable Access Module. 19-inch wide frame. This leads to lower cost for installation. A fully configured rack supports a maximum of 96 downstream and 576 upstream channels.2.

: Centi-Calls per Second (CCS) per line: Hold time: Call Completion Rate: 1. If the system contains any FastE NAMs.000 66.5% 5. the per-chassis line and MTA limits must be reduced to 10.000. VoIP Call Capacities The following Voice over Internet Protocol hardware and call limits apply to C4 CMTSs configured for DSx/DQoS VoIP or PacketCable voice.000 CMs per chassis 128.000 1.600 260 These limits specifically assume that only GigE NAMs are used.000 Destination IP entries (using GigE NAM) 3. The Multimedia Terminal Adapter (MTA) is a telephony modem: MTAs per downstream (1D): MTAs per downstream (2D): MTAs per C4 CMTS: Lines per downstream Lines per C4 CMTS: 1.000 1.2 5 180 seconds 99.800 24.000 CMs/downstream (whether 1Dx8U or 2Dx12U CAM) Up to 500 CMs for each upstream of a 2Dx12U CAM configured for 1Dx6U service.3 C4 CMTS Specifications A fully equipped C4 CMTS chassis offering basic service will provide reasonable performance up to the following suggested subscriber limits: • • • • • 52.2 MHz upstream channel width Upstreams 0-5 on MAC domain 0. upstreams 6-11 on MAC domain 1 3-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .000 Busy Hour Call Attempts (peak 60-minute call loads supported) BHCA per downstream: BHCA per C4 CMTS: Simultaneous half-calls/downstream The assumptions for the call load are: Lines per sub.000 ARP cache entries 128. These limits also depend on the following: • • • • • MTAs/lines are distributed evenly across 4 upstreams per downstream 256QAM downstream 16QAM upstream 3.500 20.

Components of the Power System Power is filtered and conditioned by a Power Conditioning Module (PCM) for each feed. and all active circuitry for power distribution over a power bus. C4 CMTS Power Requirements Topics Components of the Power System Power Protection Description Page 1 3 The C4 CMTS requires two -48V power feeds. The PCM contains the power input connector.2. main breaker. NOTE Review the total current consumption of all equipment on the same line before supplying power to the C4 CMTS. Release 4. Avoid sharing a power source that requires large currents. In the event the A or B feed fails or is removed from service for maintenance. The source can be an external battery plant or independent AC/DC power supplies. named A and B.C4 CMTS 4. Standard ARRIS PROPRIETARY — All Rights Reserved 4-1 . the other feed continues to supply power to the C4 CMTS with no interruption in service.

The mid and lower matching panels flip open to allow access to the ejector clips for the front modules. • • • The top single panel flips up to reveal the power panel and power LEDs. Access to Power Panel Power Panel Access to Modules Modules Air Filter Fan Modules Figure 4-1: C4 CMTS Front Access Panels 4-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The chassis slot numbers are printed on it. as illustrated in Figure 4-1.4 C4 CMTS Power Requirements The PCM: • • • Soft starts the chassis on power up Filters noise and power disturbances from the power feeds Monitors the power draw of the chassis and shuts down a branch circuit in the event of a power fault Each PCM is removable and can be replaced without interrupting power to the C4 CMTS in a duplex power configuration. Front Panel Access Protective panels mounted on the front of the chassis flip open. Another small panel is found beneath the lower matching pane. it flips down to allow access to the air filter.

Standard ARRIS PROPRIETARY — All Rights Reserved 4-3 . The system alarm and power indicator LEDs are in the middle of this panel. A and B Power Feeds Power is supplied to the C4 CMTS via A and B feeds located at the rear of the unit.C4 CMTS Figure 4-2 shows the LEDs and power switches for Buses A and B. Release 4. The power feeds are protected by two 70-amp breakers located on the rear of the chassis. SYSTEM ALARMS CRITICAL ON OFF/ FAIL A B C D MAJOR ON OFF/ FAIL A B C D MINOR POWER Figure 4-2: LED and Power Bus Switches Power Protection Description The C4 CMTS chassis power configuration consists of three levels of protection: • • • A and B power feeds controlled by circuit breaker in the PCM Internal chassis branch fuses located in the PCM Fuses located on the front modules (These fuses are not field replaceable) The C4 CMTS must be installed only by trained service personnel who are familiar with the precautions required when working in a –48V DC power delivery environment.2. shown in Figure 4-3. This is the first level of protection. Power requirements are listed in C4 CMTS Specifications on page 3-4.

4 C4 CMTS Power Requirements They also serve as the master disconnect switch for the unit. The breakers protect the high current-carrying cables within the C4 CMTS and the power connectors located at the rear of the unit. POWER CABLE B POWER CABLE A Breaker switch for Power Module B Breaker switch for Power Module A Figure 4-3: C4 CMTS Power Feeds (chassis rear) 4-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

the next push turns it on). The entire feed for a side is turned on and off by pressing the power control button on the power panel. for example.2. A through D. the fuses protect the power distribution wiring and midplane circuitry from damage.C4 CMTS Internal Branch Protection Each A and B power feed is further divided into four internal chassis distribution branches. SYSTEM ALARMS CRITICAL ON OFF/ FAIL A B C D MAJOR ON OFF/ FAIL A B C D MINOR POWER Network Access Module (NAM) Network Access Module (NAM) 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Figure 4-4: Second Level . They are not field replaceable. Each push of the button toggles the power from that feed (one push turns it off. Each of these branches is protected by a 20-amp fuse located in the PCM. These feeds supply power to the C4 CMTS midplane and to all circuit modules. a damaged module or bent pin causes an electrical short. Power is distributed to the twenty-one slots by the four branches as shown in Figure 4-4. nor can they be reset.Internal Branch Fusing If. These fuses constitute the second level of protection. Standard ARRIS PROPRIETARY — All Rights Reserved 4-5 System Control Module (SCM) System Control Module (SCM) Fabric Control Module (FCM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Cable Access Module (CAM) Fabric Control Module (FCM) . Release 4.

4-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . FCM. These on-board module fuses are not field replaceable: if the fuse blows the module must be returned for repair. SYSTEM ALARMS CRITICAL ON OFF/ FAIL A B C D MAJOR ON OFF/ FAIL A B C D MINOR POWER Figure 4-5: Power Control Button Module (Board-level) Fuses The third level of protection is at the module level. NAM. • • • Each front module (CAM.4 C4 CMTS Power Requirements In the event of a power fault on a branch: • • • The electronic breaker for that branch detects the failure and removes power from that branch. or SCM) has two fuses that protect its internal circuitry. and the other on the circuit powered by the B bus. A system power alarm is generated. The green power OK LED for that branch is turned off and the corresponding red branch power fault LED is turned on. One fuse is located on the circuit powered by the A bus.

Release 4.2. NOTE Do not make any mechanical or electrical modifications to the CMTS equipment. Standard ARRIS PROPRIETARY — All Rights Reserved 5-1 . Installation Requirements Topics Safety Precautions Electrostatic Discharge (ESD) Installation Checklist Unpacking the C4 CMTS Installation Considerations Page 2 3 4 6 7 This chapter provides the operating precautions and installation requirements for the C4 CMTS.C4 CMTS 5. the C4 CMTS may not meet regulatory compliance. If modified.

not your back. The chassis is not intended to be moved frequently. follow these guidelines: • • • • • Always disconnect all external cables before lifting or moving the chassis. Lift the chassis from the bottom. • Lifting Safety A fully-equipped C4 CMTS weighs approximately 166 lbs. Before installing the C4 CMTS. Do not attempt to lift the chassis by yourself: have at least one other person assist you. grasping the underside of the chassis exterior with both hands. ensure that your site is properly prepared. Ensure that the voltage and frequency of your power source meets or exceeds the voltage and frequency listed on the equipment’s electrical rating label. • 5-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . When lifting the chassis or any heavy object. If you must bend down to lift the chassis. not at the waist. electric shock. to reduce the strain on your lower back muscles. please observe the following: • • • The C4 CMTS is intended to be installed only in restricted access areas for reasons of security and safety. or damage to the C4 CMTS and other equipment. Keep your back straight and lift with your legs.5 Installation Requirements Safety Precautions This section provides safety precautions for installing the C4 CMTS. When setting up the equipment. Foreign objects may produce a short circuit resulting in fire. Follow all warnings and instructions marked on the equipment. Never force objects of any kind through openings in the equipment because dangerous voltages may be present. bend at the knees. Never move suddenly or twist your body as you lift. Lift the chassis slowly. Ensure that your footing is solid and balance the weight of the object between your feet.

CAUTION Be sure to connect the chassis to ground before applying power or inserting modules. An ungrounded chassis may damage components. It may result in module failure or intermittent problems. Preventing Electrostatic Discharge Damage Electrostatic Discharge (ESD) can damage equipment and impair electrical circuitry. printed circuit modules. Never assume that power has been disconnected. The C4 CMTS contains replaceable. The chassis is equipped with four sockets in which you can ground plug-in wrist straps. wear an antistatic wrist or ankle strap whenever handling the modules or port adapters. Standard ARRIS PROPRIETARY — All Rights Reserved 5-3 . Although the metal faceplate helps to protect the printed circuit modules from ESD. missing safety grounds. Disconnect all power and external cables before moving the chassis. always check. Handle the modules by their latches and avoid touching the printed circuit board and connector pins. Ensure that the anti-ESD device makes good skin contact. ESD occurs when printed circuit modules are improperly handled. Electrostatic Discharge (ESD) The C4 CMTS is designed to operate in an area that is between 5 to 95 percent relative humidity. non-condensing. Do not work alone if potentially hazardous conditions exist. Examine your work area for possible hazards such as ungrounded power extension cables. Do not perform any action that makes the equipment unsafe or might create a potential danger to people.C4 CMTS Electrical Equipment Guidelines Follow these basic guidelines when working with any electrical equipment: • • • • • • Know where the emergency power-off switch is located for the room in which you are working. or wet floors.2. Modules are equipped with a metal faceplate that features Electromagnetic Interference (EMI) shielding and lever-action latches. Release 4.

attaching cables. page 6-51. Tools Required The following tools are required for installation: • • • #3 Phillips screwdriver for large bolts used for attaching to frame #2 Phillips screwdriver Digital volt meter 5-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and configuring software. Install the three fan modules Install the two Power Conditioning Modules Install the Physical Interface Modules (PICs) Install the client Modules Attach to DC power (See Chapter 2) Attach cables Attach to an operator console Power up the CMTS Configure the CMTS according to the instructions in Initial System Configuration. Table 5-1: Installation Checklist Completed ( ) Task Description Become familiar with component descriptions Unpack the CMTS according to the instructions in “Unpacking the C4 CMTS” on page 6 Obtain any necessary items not supplied to install the CMTS in your configuration Prepare the site for installation in accordance with placement and electrical considerations Install C4 CMTS in rack Attach the grounding cable.5 Installation Requirements Installation Checklist Installation involves mounting the unit in a rack. Follow the instructions in this section when installing the C4 CMTS for the first time. populating with client Modules and Physical Interface Cards (PICs).

Obtain these items before installation: • • • • • • Appropriate network cables Operator console or PC with asynchronous terminal emulation built in Duplex filter Splitters Coax cables 48 Vdc power supply Release 4.2.C4 CMTS Items Not Supplied The following items are not included with the C4 CMTS. Standard ARRIS PROPRIETARY — All Rights Reserved 5-5 .

Remove the remaining contents of the crate. 6 gauge. Then remove the protective foam from the unit. approx. Front modules are shipped in separate cartons. 24 inches) Two Power Conditioning Modules Two (2) power cables: one each for power feeds A (red. approx. Check the packing slip and verify its contents. use the following steps and checklist: • Inspect the shipping crate before removing the unit. Open crate and carefully remove the packaged unit inside. it typically ships with the following items. Use the checklist provided below to verify that the required items are present. • • • Table 5-2: Hardware Shipment Checklist ( ) One C4 CMTS chassis One (1) chassis ground cable (green. 50 ft) and B (blue. 4 gauge. request an agent of the carrier to be present before removing the C4 CMTS. approx. Installation is minimally a two-person operation. 50 ft) Modules for basic configuration (minimal requirement): • • • One System Control Module (SCM) and associated physical interface card (PIC) One Fabric Control Module (FCM) One Network Access Module (FastE NAM) or one Gigabit Ethernet Network Access Module (GigE NAM) and associated PIC One Cable Access Module (either a 1Dx8U or 2Dx12U CAM) and associated PIC Required Items • Seventeen (17) front filler panels Eighteen (18) rear filler panels (there is no PIC for the FCM) Three (3) fan modules One (1) air filter (installed) One (1) hardware installation kit One (1) ESD Wrist Strap One (1) rollover cable and adapter for console connection to SCM serial port 5-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Ensure the crate is right side up.5 Installation Requirements Unpacking the C4 CMTS When unpacking the C4 CMTS. If there is evidence of damage to the crate upon receipt. 6 gauge. If an entire C4 CMTS is ordered.

2. Place the heaviest units toward the bottom of the rack. keep them in these antistatic bags. Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 5-7 . Be sure the floor is capable of supporting the combined weight of the rack with the installed equipment. Chassis Placement Installation Area Select an appropriate installation area that is dry. and air conditioned. some C4 CMTS configurations are heavier than others. Do not remove modules from the antistatic bags unless properly grounded. Uneven mechanical loading of an equipment rack can be hazardous. wellventilated. relatively dust free. A total of three chassis can be installed in this equipment rack. Do not place these bags on exposed electrical contacts or else the modules may short circuit.C4 CMTS ( ) Documentation: • • Required Items (Continued) CD-ROM (standard) Paper (if ordered) Module Protection All spare modules are shipped in reusable anti-static shielding bags. compliant with EIA RS-310. Installation Considerations Rack Mounting The C4 CMTS is designed to be mounted in a standard 7-foot by 19-inch equipment rack. If modules are not immediately installed. Plan the installation so that the weight of the equipment is evenly distributed across the vertical height of the rack. Depending on the number of modules supported.

Clearance Allow sufficient clearance around the rack for maintenance. and back at the bottom of the unit and expels it out the sides and back at the top of the unit. Allow enough space around the C4 CMTS for adequate ventilation and do not block the air vents. assume 2800W for worst-case power dissipation when using 2Dx12U CAMs. The system will shut down if the voltage exceeds these limits. The operating range is -44 to -72V. The C4 CMTS draws cooling air in through the front. It is important to provide a balanced environment so the C4 CMTS performs properly. The Power Conditioning Modules in the C4 CMTS will limit the startup current to prevent false tripping of the circuit breakers. The -44V guaranteed operating limit translates to a maximum current draw of 64A at 2800W. Clear airflow must be maintained in these areas to ensure adequate ventilation. Be sure there is enough cable length available to pull the C4 CMTS out for repairs or adjustments if necessary. To determine cooling requirements. The supply voltage should be a nominal -48V. Power Requirements The C4 CMTS uses dual redundant -48V power feeds to supply electrical power to the system. The system is capable of operating from a single feed in case one of the feeds fails.5 Installation Requirements CAUTION The C4 CMTS generates a significant amount of heat. The system consumes a maximum of 2800W of power when equipped with the maximum number (16) of 2Dx12U CAMs. place the C4 CMTS near a wall or cabinet for normal operation and pull it out for maintenance (installing or moving port adapters. Inadequate ventilation could cause the system to overheat. Circuit breakers on the power feeds should be sized accordingly. If the rack is mobile. sides. If the C4 CMTS is installed in a closed or multi-unit rack 5-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and replacing or upgrading components). These values assume the worstcase cooling requirements when the maximum number of CAMs (16) are used. It is designed for long-term operation at ambient air temperatures ranging from 5-40°C. connecting cables. Cooling Requirements The C4 CMTS should be installed in a location with adequate ventilation.

Prevent excessive heat buildup in the rack. operation at excessive temperature accelerates the deterioration of components and adversely effects performance. the inlet air temperature could exceed the room ambient air temperature and/or the air flow may be reduced.C4 CMTS assembly. the fan modules: • • • Draw in air through the intake vent at the bottom of the chassis Moves the air across the internal components in order to cool them Moves air out the exhaust vent on the top rear of the chassis Front of Chassis Rear of Chassis Figure 5-1: Internal Air Flow (side view) Release 4. Fan Module Description As shown in Figure 1-1. In these cases the C4 CMTS requires a reduced maximum operating ambient air temperature. CAUTION As with all electrical equipment. Standard ARRIS PROPRIETARY — All Rights Reserved 5-9 .2.

5 Installation Requirements NOTE To ensure the proper air flow. make sure blank filler panels are installed in unoccupied chassis slots. It is also important to change the fan filter at least every two to three months. This grill is the primary heat vent for the chassis. Blocking it can cause overheating and card failure. CAUTION Care should be taken when dressing RF cables that they do not obstruct the grillwork at the top rear of the chassis. 5-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . ARRIS recommends a minimum 6-inch clearance around the top side and rear exhaust grillwork. depending on the air quality on site.

2. Standard ARRIS PROPRIETARY — All Rights Reserved 6-1 . Installing Modules and System Bring-up Topics Main Hardware Components Recommended Order for Installing Chassis Components Rack Mounting the C4 CMTS Power Conditioning Module (PCM) and Cabling Installing Modules in the C4 CMTS System Control Module (SCM) Fabric Control Module (FCM) Fast Ethernet Network Access Module (NAM) Gigabit Ethernet Network Access Module Cable Access Module (1Dx8U CAM) Cable Access Module (2Dx12U CAM) Initial System Configuration Page 2 6 8 9 17 21 28 31 34 41 46 51 Release 4.C4 CMTS 6.

and one 1Dx8U CAM or 2Dx12U CAM. Each fan module contains two fans. CAM configurations are dependent on the configuration of the cable plant of the subscriber network. When out-of-service. shows a steady green. marked front and rear Air filter (factory installed) There are various ways to equip a chassis. The module faceplate in each slot includes a label stating the module type and multiple LEDs to indicate the module’s status.6 Installing Modules and System Bring-up Introduction The following section lists the recommended order of installation for rack mounting the C4 CMTS and installing the various modules and components. When operational. one FCM. diagnostics in progress. the Power On LED is lit. Please read through this chapter and become familiar with the order of operation before you begin. 1. The minimal configuration consists of one SCM. or downloading software. The OOS LED glows a steady red to indicate failure and flashes red to indicate self-test. and the OOS display is off. one FastEthernet NAM or GigabitEthernet NAM. This chapter also includes procedures necessary for a minimal system configuration and bring-up. the Out-of-Service LED is lit. Main Hardware Components The C4 CMTS base system contains the following components: • • • • • • • • Chassis Configuration CMTS chassis Two Power Conditioning Modules (PCMs) – Power Feed A & Power Feed B Cable Access Module (1Dx8U or 2Dx12U) and associated Physical Interface Card (PIC) Network Access Module (FastE or GigE) and associated PIC Fabric Control Module (there is no FCM PIC) System Control Module and associated PIC Three fan modules (numbered 0. LED Description 6-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and 2).

Standard ARRIS PROPRIETARY — All Rights Reserved 6-3 .C4 CMTS Module Types and Chassis Slots—Front View The C4 CMTS chassis contains twenty-one vertical slots labeled 0-20.2. These slots are equipped for the following modules (or sometimes referred to as front cards): • • • • One or two System Control Modules One or two Fabric Control Modules One to four Fast Ethernet Network Access Modules or one or two Gigabit Ethernet Network Access Modules One to sixteen Cable Access Modules (1Dx8U or 2Dx12U) Following is an illustration of the front of the chassis. Figure 6-1: Front View of C4 CMTS Release 4.

Chassis — Rear View Physical Interface Cards (PICs) Smaller modules. The PICs provide physical connectors for terminating cables from the subscriber and Internet networks and enable the front modules to be replaced without having to remove cables. (Slot 16 can be equipped only with a FastE NAM or GigE NAM. Also the 1Dx8U CAM and 2Dx12U CAM use the same PIC. Slot 17 must be the first equipped.) Two FCMs in slots 17 and 18 (these slots can be equipped only with FCMs. If one of the slots in the sparing group is not equipped with a CAM. The FastE NAM and GigE NAM use the same PIC. each CAM serving as sparing group leader must have a sparing PIC in its slot. slots 14 or 16 or both may be equipped with GigE NAMs.) Two SCMs in slots 19 and 20 (these slots can be equipped only with SCMs. called Physical Interface Cards. 6-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .) NOTE Depending on the need. All slots in a spare group must be equipped with a PIC. Front View of C4 CMTS. Figure 6-2 shows the connections from the rear of the C4 CMTS. on page 3 is equipped with: • • • • 13 CAMs located in slots 0-12 Four FastE NAMs located in slots 13-16. or PICs. If CAM sparing is enabled. slots 13-15 can be configured for either CAMs or NAMs. Slot 19 must be the first equipped. it must still be equipped with a PIC in order to maintain connectivity across the sparing group.6 Installing Modules and System Bring-up The chassis example shown in Figure 6-1. are inserted in each slot from the rear of the chassis.

used for any unequipped front module slot. CAMs and SCMs. Filler panels are required for proper EMC emission levels and sufficient airflow to properly cool the C4 CMTS system. and CAMs (client modules) use the midplane to pass packets to the FCM. Standard ARRIS PROPRIETARY — All Rights Reserved 6-5 .C4 CMTS Spare PICs illustrating a 4 + 1 Sparing Group ARRIS PIC-CAM (SPARE) ARRIS PIC-CAM (SPARE) ARRIS PIC-CAM (SPARE) 1 2(Future) D0 -D1 Ethernet Ports:10/100 E 0. front and rear. a new front filler panel was required to help with Release 4.E 7 (Future) U 0 -U7 Figure 6-2: C4 CMTS Chassis (rear view) Midplane Between the front and back slots is the midplane of the chassis. The midplane connects the power conditioning modules and the client and control modules. With the introduction of the new 2Dx12U CAM.E3 E 4 . All unused module slots. must be equipped with filler panels.2. The midplane is a necessary point of communication for all modules inserted in the C4 CMTS. GigE NAMs. Rear filler panels . The FCMs use the midplane to pass packets to the NAMs. • • • • Filler Panels The power conditioning modules use the midplane to provide power to the rest of the system. The C4 CMTS has two types of filler panels: • • Front filler panels .used for any unequipped rear PIC slot. GigE NAMs. The NAMs. The SCMs and FCMs use the midplane to exchange control information and packets.

4 Install the three Fan Modules 5 Physical Interface Cards (PICs) — The PICs should always be loaded in order from left-to-right to avoid damage to the EMI spring gasket that resides on the faceplate of each PIC. 1 Rack mount the C4 CMTS. 6-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 3 The Power Conditioning Modules (PCMs) — these are installed in the lower rear section of the chassis. Once the chassis has been secured in the rack.6 Installing Modules and System Bring-up heat dissipation. The new filler panel has enhanced baffles which improve the air flow dynamics inside the chassis. you must securely ground the green ground cable on the chassis to an appropriate Earth/Safety ground. Old Filler Panel New Filler Panel Figure 6-3: Example of Old and New Front Filler Panels Recommended Order for Installing Chassis Components The following list is the recommended order of installation. Failure to cover empty slots reduces the air flow through the chassis and could result in overheating. 2 Attach the green ground wire to the chassis.

7 System Control Modules (SCMs) . Proceed carefully when inserting or removing modules to avoid damage to connectors. 11 Cable the PICs.Populate slot 17 first. 9 Network Access Modules (FastE or GigE NAMs). 3 Rear PICs should be unloaded in a right-to-left order. Standard ARRIS PROPRIETARY — All Rights Reserved 6-7 .C4 CMTS CAUTION Before removing or replacing any C4 CMTS modules. Release 4. Ideally. then slot 20. One is located on the side of the chassis and the other is located on the rear of the chassis between the PCMs (refer to Figure 6-4).2. • Grounding the Chassis The C4 CMTS chassis must be properly grounded. Storing Modules Retain the packaging in which each module was shipped and follow these guidelines for storing modules to avoid damage: • Store each module in a separate antistatic bag. Install the chassis side of the ground wire to either of these locations before installing the chassis into the rack. store the item in its antistatic bag within the protective packaging or padded box that the item was shipped. 8 Fabric Control Modules (FCMs) .Populate slot 19 first. 10 Connect power cables and apply power to the chassis. 6 Cable Access Modules (1Dx8U or 2D12U) — Start with the CAMS because they have the most connectors to align with the midplane. obtain and attach the proper ESD protection. 2 All other front cards should be removed in a left-to-right order to minimize the risk of damage to the components on the wire-side of each module. Avoid damaging the EMI spring gasket mounted on the faceplate of each PIC. then slot 18. There are two places you can connect the ground wire to the chassis. Load the left CAM slot to be used first and populate to the right. Do not store multiple modules or components in an antistatic bag or container where they can touch other items. Recommended Chassis Unloading Order The reverse order of loading applies with the following exceptions: 1 CAMs should always be removed in a right-to-left order.

6 Installing Modules and System Bring-up Figure 6-4: Location of Grounding Terminals Rack Mounting the C4 CMTS The following steps outline how to rack mount the C4 CMTS. 5 Place the C4 CMTS securely in the rack. 2 Be sure that the rack is bolted to the floor and secured if using telco-type racks. WARNING Ensure that the weight of the chassis does not make the rack unstable. See Grounding the Chassis on page 6-7. 6 Secure free end of green ground cable to an appropriate Earth/Safety ground. Free end of ground cable should extend to the back. End of procedure 6-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 4 Install rack bolts to secure the C4 CMTS in position. Procedure 6-1 How to Rack Mount the C4 CMTS 1 Attach the green ground cable to either the side or rear ground locations on the C4 CMTS chassis before placing the chassis in the rack. 3 Position the C4 CMTS in rack.

Power is filtered and conditioned by a Power Conditioning Module (PCM) for each feed. Standard ARRIS PROPRIETARY — All Rights Reserved 6-9 . main breaker.2. In the event the A or B feed fails or is removed from service for maintenance. The PCM contains the power input connector.Internal Branch Fusing. and all active circuity for power distribution of a power bus. Second Level . the other feed continues to supply power to the C4 CMTS with no interruption in service. Release 4. The source can be an external battery plant or independent AC/DC power supplies. Avoid sharing a power source that requires large currents.C4 CMTS Power Conditioning Module (PCM) and Cabling The C4 CMTS requires two -48V power feeds A and B. NOTE Review the total current consumption of all equipment on the same line before supplying power to the C4 CMTS. The PCM: • • • Soft starts the chassis on power up Filters noise and power disturbances from the power feeds Monitors the power draw of the chassis and shuts down a branch circuit (see Figure 4-4. on page 4-5) in the event of a power fault Each PCM is removable and can be replaced without interrupting power to the C4 CMTS in a duplex power configuration.

Installing the Power Control Module (PCM). It corresponds to the Bus A power panel LEDs and control switch located on the front of the chassis. 2 Align the PCM on the rails in the rear of the chassis and slide firmly into place.6 Installing Modules and System Bring-up Power Protection Description The C4 CMTS chassis power configuration consists of three levels of protection: • • • A and B power feeds controlled by circuit breaker in the PCM Internal chassis branch fuses located in the PCM Fuses located on the front modules (These fuses are not field replaceable) The C4 CMTS must be installed only by trained service personnel who are familiar with the precautions required when working in a –48V DC power delivery environment. the PCM can be inserted on either the left or the right: a The Power Conditioning Module on the right side of the chassis is named PCM A. From the rear. Slide PCM into chassis and hand-tighten the three screws Figure 6-5: Installing the Power Control Module (PCM) Procedure 6-2 How to Install the Power Conditioning Modules (PCMs) Refer to Figure 6-5. Power requirements are listed inC4 CMTS Specifications on page 3-4. 6-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . on page 6-10 and follow these steps to install the PCMs: 1 Be sure you are wearing an ESD strap when handling modules.

Standard ARRIS PROPRIETARY — All Rights Reserved 6-11 . 3 Hand tighten the three screws on each of the PCMs. plug it directly into the PCM Power Feed A. Release 4. Using the connectorized end of the red cable. It corresponds to the Bus B power panel LEDs and control switch located on the front of the chassis. Cabling the PCM. on page 6-11 and follow the steps below to cable the PCM.C4 CMTS b The Power Conditioning Module on the left side of the chassis is named PCM B. One end of each cable is connectorized and keyed for the power connector on the rear of the chassis.2. on page 6-11. See Figure 6-6. End of procedure Power Requirements The C4 CMTS must be connected to a protected DC power source that meets the following current requirements: • • Input voltage: A and B feed from –44V to -72V Current rating (of each feed): 70 amps POWER CABLE B POWER CABLE A Breaker switch for Power Module B Figure 6-6: Cabling the PCM Breaker switch for Power Module A Procedure 6-3 How to Cable the PCM Refer to Figure 6-6. Cabling the PCM. a b Make sure the breaker is in the OFF position before plugging in the power feed cables. 1 Two cables (one red and one blue) are included with the C4 CMTS.

plug it directly into the PCM Power Feed B. There are two types of fan modules. and 2. Fan Modules and Cooling The C4 CMTS contains three fan modules numbered 0. 6-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .6 Installing Modules and System Bring-up c Using the connectorized end of the blue cable. Each module contains a front and rear fan. Be sure to shut the breaker off for the unit and disconnect the -48V power cable before removing the PCM from the chassis. Maintenance personnel can replace the failed fan module without shutting down the entire system. the new high-speed fan module and the normal fan module. End of procedure CAUTION Do not connect the cables to a PCM that is not in a chassis. 1. A failing fan is easily identified by the System Fault LED on the System Control Module. Connect the white wire to the positive (+) or return side of the -48V supply. a b Connect the red wire to the negative (-) side of the -48V supply. 2 Each cable contains two 6-gauge wires (one red and one white) that must be hard-wired to the DC source by a qualified service electrician.

Given the high density (21 slots) of the C4 CMTS. How to Install the Fan Modules. Those chassis configured with only 1Dx8U CAMs can continue using the existing fan trays. all unused slots should be equipped with the new design front filler panels (Figure 6-3).To maximize air flow.2. Fan trays may be replaced using the installation guidelines contained in Procedure 6-4. the additional heat dissipation of the 2Dx12U CAM places the overall cooling requirements beyond the capability of the three fan trays previously used. Standard ARRIS PROPRIETARY — All Rights Reserved 6-13 .C4 CMTS Serial Number of the Fan Fan Speed Designation FAN ST ATUS FR O N T Front Fan S tatus Rear Fan Stat us RE A R Figure 6-7: Example of Normal Speed Fan Module These fans cool the system components by forcing air from the lower portion of the chassis through all system modules and exhausting it through the upper rear portion of the chassis. High Speed Fan Modules Increased power consumption creates more heat to dissipate. Release 4. Systems outfitted completely with 2Dx12U CAMs require new high-speed fan trays for increased air flow. The new fan modules are factory-labeled High-Speed Fan Tray. on page 6-15.

To verify the fan tray revision.6 Installing Modules and System Bring-up Chassis of hardware revision B05 or greater were shipped with high-speed fan trays. The label is visible on the top of the tray. Serial Number of the Fan Fan Speed Designation (High) HIGH S PE E D FAN FA N STATU S TRAY FR ON T Front Fan S tatus Rear Fan Stat us RE A R Figure 6-8: Example of High Speed Fan Module 6-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . unlock the fan tray and slide it out of its housing in the chassis approximately two inches. CAUTION Fan modules should not be mixed. Replace all three fan Modules.

2 Hand tighten the screw at the bottom of the module. 1 Align the fan module on the rails and slide firmly into chassis.C4 CMTS Figure 6-9: Installing the Fan Module Procedure 6-4 How to Install the Fan Modules Perform the following steps to install fan modules. Refer to Figure 6-9 to identify the location of the fan modules.2. Standard ARRIS PROPRIETARY — All Rights Reserved 6-15 . End of procedure Release 4. 3 Repeat steps 1 and 2 for the remaining fan modules.

The card Temperature object in the cardTable table in the cadEquipmentMib MIB module contains the current temperature of the associated slot. The temperature value read during the last 90-second poll is accessible via both the CLI and SNMP.6 Installing Modules and System Bring-up Temperature Monitoring The temperature of equipped chassis slot is monitored at approximately 90-second intervals. If enabled. Should a slot’s temperature fall below 20 degrees Celsius or exceed 70 degrees Celsius. The show environment CLI command will display the current temperature of each equipped slot. this feature causes fan speed to be raised or lowered by 10% of the maximum speed as needed. the card is powered down and a card TempOverHeatNotification SNMP trap is generated. Cooling Cooling is provided by forced air moving from the lower portion of the chassis through all modules and out through the upper rear grillwork of the chassis as illustrated in Figure 6-10 below. The C4 CMTS chassis can be configured for automatic control of fan speed. Front of Chassis Rear of Chassis Figure 6-10: Air Flow Through the Chassis 6-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . a TempOutOfRangeNotification SNMP trap is generated for that module. Onboard temperature sensors in the front modules are polled periodically. If a slot’s temperature exceeds 85ºC.

use a filler panel instead. PIC or filler panel. Standard ARRIS PROPRIETARY — All Rights Reserved 6-17 . Be sure that you have aligned the top and bottom edges in the correct matching tracks. on page 4-2). remove it from the chassis and try reinserting it. For ordering information contact your ARRIS sales representative. This grill is the primary heat vent for the chassis.) NOTE If you meet strong resistance when attempting to seat the module. Blocking it can cause overheating and card failure.C4 CMTS Air Filter The C4 CMTS comes equipped with an air filter mounted horizontally just above the fan assemblies and just below the chassis slots (see Figure 4-1.2. C4 CMTS Front Access Panels. 2 Align and insert module into proper slot. CAUTION Care should be taken when dressing RF cables that they do not obstruct the grillwork at the top rear of the chassis. Lock ejector levers before proceeding to the next module: red buttons will click audibly if module is completely seated in the slot and latch levers are closed. It is important to change the fan filter at least every two to three months. depending on the air quality on site. (The FCM does not have a PIC. Release 4. Installing Modules in the C4 CMTS Module Installation Overview Each module is installed in three basic steps: 1 Use proper ESD precautions before handling modules. The next section outlines how to install each module in the C4 CMTS. 3 Install proper PIC or filler panel in the corresponding rear slot of the chassis. Replacement filters may be ordered from ARRIS in kits of four — normally a year’s supply for one chassis.

please see the procedures for each modules found later in this chapter. see Initial System Configuration on page 6-51. Once modules are physically installed. the top and bottom latch mechanism will be the same for all modules. For specific installation steps. 6-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . ARRIS Module Guide Figure 6-11: Installing the System Control Module Installation procedures for all modules and their related components follow. for provisioning procedures.6 Installing Modules and System Bring-up Installation Diagram Although Figure 6-11 shows the SCM.

Pull both latch levers at the same time then slide module from its slot. Standard ARRIS PROPRIETARY — All Rights Reserved 6-19 .2. Always operate both (top and bottom) ejector levers at the same time when seating or releasing the module.C4 CMTS Figure 6-12 illustrates the locking latch mechanism on module faceplates. Push button of bottom latch downward. Closed Open F ro nt Vie w Side View Figure 6-12: Release Locking Latches in Order to Remove Module Release 4. The red button in each latch must be pushed before the ejector levers can be operated to release the module. 14 15 Open Closed To release latches. push red button of top latch upward. Once installed the module is locked in place.

g. One Gigabit Ethernet (GigE) Network Access Modules located in slot 14 or 16. or 1 GigE NAM in slot 14 and 2 FastE NAMs in slots 15 and 16. One to four FastE Network Access Modules (NAMs) located in slots 1316. • These slots can be equipped only with FCMs. . - • If you anticipate creating CAM sparing groups in the future. 14.e. slot 16. The Cadant C4 CMTS can support 2 FastE NAMs plus 1 GigE NAM in slots 13. port 0 is the 10/100 port. Slot 17 must be the first equipped.Note that slots 13-15 can be configured for CAMs or NAMs (see NAM slot info below) Two System Control Modules (SCMs) in slots 19 and 20. Two Fabric Control Modules (FCMs) in slots 17 and 18. - - The slots to the immediate left of GigE NAMs (i.. The slots to the immediate left (13 and 15) of equipped GigE NAMs cannot be FastE NAMs. leave at least slots 0 and 8 available for spare CAMs for 1 for 7 sparing. CAUTION Before removing or replacing any C4 CMTS modules.Slots 13-15 can be configured for either CAMs or FastE NAMs depending on need. and port 1 is the GigE NAM port. For all GigE NAM CLI commands. obtain and attach an antistatic grounding wrist or ankle strap to protect against damage to components resulting from static electricity. etc. 13 or 15) can be CAMs or left blank. or two GigE NAMs in slots 14 and 16. 6-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . • Place the first FastE NAM in slot 16 because it can be equipped only with a NAM. Continue population to the left.6 Installing Modules and System Bring-up Provisioning Rules for Slots Follow these guidelines for mounting the front modules: • 1-16 Cable Access Modules (1Dx8U or 2Dx12U CAMs) located in slots 0-15. and 16. respectively. • These slots can be equipped only with SCMs. slot 15. . e. Slot 19 must be the first equipped.

unlit 10 Base-T Port (RJ-45) RS-232 Serial Port E thernet MAC ADDRESS L in k RS-232 Figure 6-13: System Control Module (SCM) and PIC Act Slot 20 Slot 19 Release 4.2.C4 CMTS System Control Module (SCM) Front Rear PIC-SCM (E) ARRIS PIC-SCM (O) PIC-SCM ARRIS ARRIS OOS Out of Service Alarm Power Active NETWORK CLOCK NETWORK CLOCK ALARM POWER ACTIVE Network Clock (future) LE D TEST LED Test REMOTE ALARMS REMOTE ALARMS Remote Alarms (future) 10 Base-T Port ETHERNET ETHERNET MAC Address Activity Status: Passing data .lit Otherwise .lit Otherwise . Standard ARRIS PROPRIETARY — All Rights Reserved 6-21 .unlit Link Status: Equipped/connected .

The SCM provides the ON/OFF power control for all client modules in the C4 CMTS. 115200 . 57600. 38400. If the simplex SCM is removed. There is only one port but it can be reached through either one of two RJ45 connectors — one in front and one in back. Telnet processing SSH processing FTP processing 6-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The SCM in slot 19 is paired with a Fabric Control Module (FCM) in slot 17.One maintenance Ethernet interface One bi-directional fabric port A system maintenance processor The Ethernet connection requires a 10 baseT. CAUTION Removing the SCM in a simplex configuration (one SCM and one FCM) will shut down the C4 CMTS. Primary Software Function The primary software function on the System Control Module includes: • • • • • • • • • • • • • • Persistent store management System maintenance control Monitoring the Fabric Control Module Monitoring all client modules SNMP agent System wide data distribution Alarms monitoring and management Overload control Audit control Billing and measurement data Common Operation Administration Maintenance and Provisioning (OAM&P) and infrastructure software functions. Slot 19 is reserved for the System Control Module (slot 20 is for its spare). then the power converters on all client modules are shut off. Only one of these maintenance Ethernet interfaces on the SCM (front or rear) may be used at a time.6 Installing Modules and System Bring-up The System Control Module supports: • Two maintenance ports • • One maintenance RS-232 interface which supports Baud rate speeds of 9600. half duplex connection. 19200.

C4 CMTS • • • • • • LED Status RADIUS processing TACACS+ processing PacketCable COPS PacketCable IPSec processing PacketCable/VoIP Connection Management PacketCable Gate Control The LED status descriptions for the System Control Module are listed in Table 6-1 below: Table 6-1: LED Status Descriptions—System Control Module LEDs Power Active Out of Service System Alarm Link Ethernet Activity Module Status Off On On On On Off Off Off Off On Off Off On On Off On (green) Off On Slot not powered Powered. The fan controller is a daughter board that is only visible when the PIC is removed from the slot. or running tests (not passing traffic) and not active.2. Powered. on page 6-21 shows an example of the front faceplate of the SCM along with the rear PIC for the SCM. SCM PIC Considerations Release 4. The SCM PIC used in slot 20 has neither the fan controller nor the printed MAC address. System Control Module (SCM) and PIC. Testing the LED functionality on a chassis should be performed upon initialization. in-service. but standby Powered but out of service and not active Powered. This MAC serves as the basis for all generated MAC addresses in the chassis. LED Test Button The SCM provides an LED Test button in order to verify the functionality of all active LEDs in the chassis. or systemlevel fault detected. initializing. functional. The slot 19 SCM PIC is also equipped with a fan controller. and in service (normal operational state) Layer 2 connectivity established On (amber) Active traffic being passed Figure 6-13. and then on a regularly scheduled basis in order to ensure alarms and service changes are duly noted. The SCM PIC in slot 19 comes equipped with a MAC address and a printed label. Standard ARRIS PROPRIETARY — All Rights Reserved 6-23 .

remove the panel. 7 When ready to attach the console management cables. 6-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 2 If a filler panel is installed in the front module slot. refer to Procedure Procedure 6-7. 3 Grasp the front of the module with both hands and align the module between the guides in slot 19. 2 Grasp the front of the module with both hands and align the PIC between the guides in the corresponding slot in the rear of the chassis. 6 For a duplex configuration. This PIC must be installed in slot 19 whether the configuration is simplex or duplex. 4 With the ejector levers fully open. move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. How to Cable the SCM. The other SCM PIC is labeled PIC SCM (E) and should be installed in slot 20.6 Installing Modules and System Bring-up Procedure 6-5 How to Install the SCM Perform the following steps to install the SCM: 1 Wearing an antistatic wrist strap (or foot strap). insert a second SCM in slot 20. on page 6-26. 3 To ensure proper seating of the ejector levers. remove the panel. One is equipped with a daughter board for the fan controller and is labeled PIC SCM (0). Repeat Steps 3-6 if it does not. connect the strap to one of the ESD points on the chassis. The teeth of the ejector levers will engage the seating rails and the module will click into place if it is seated correctly. End of procedure Procedure 6-6 How to Install the SCM Physical Interface Card (PIC) NOTE There are two types of SCM PIC. Perform the following steps to install the SCM Physical Interface Card (PIC): 1 If a filler panel is installed in the rear PIC slot. slide the module all the way into the slot. 5 Flip the ejector levers toward each other to close and lock the module in the slot. Press firmly with equal pressure top and bottom to align the module with the midplane connector.

and the RJ-45–to–DB-9 female DTE adapter is shown in Table 6-2 as follows: Table 6-2: Cabling and Console Port Signaling Using a DB-9 Adapter RJ-45–to–DB-9 Terminal Adapter (connected to Rollover Cable) DB-9 Pin Pin 8 Pin 6 Pin 2 Pin 5 Pin 5 Pin 3 Pin 4 Console Port (DTE) Signal RTS (Request to Send) DTR (Data Terminal Ready) TxD (Transmit Data) GND (System Ground) GND (System Ground) RxD (Receive Data) DSR (Data Set Ready) RJ-45–to–RJ-45 Rollover Cable RJ-45 Pin Pin 11 Pin 2 Pin 3 Pin 4 Pin 5 Pin 6 Pin 7 RJ-45 Pin Pin 8 Pin 7 Pin 6 Pin 5 Pin 4 Pin 3 Pin 2 Console Device Signal CTS (Clear to Send) DSR (Data Set Ready) RxD (Receive Data GND (System Ground) GND (System Ground) TxD (Transmit Data) DTR (Data Terminal Ready) Release 4. The front panel connector on the System Control Module (in slot 19) is designed to connect directly to a host device with the supplied cable and adapter. The module will click into place if it is seated correctly. The pinouts for the asynchronous serial console port. End of procedure Connecting the Operator Console This section gives a detail description of the cabling for the operator console. Repeat Steps 2-5 if it does not. the RJ-45–to–RJ-45 rollover cable.2. Standard ARRIS PROPRIETARY — All Rights Reserved 6-25 .C4 CMTS 4 Slide the PIC all the way into the slot. The operator console is necessary to initially power up and configure the C4 CMTS. Use an asynchronous terminal or a PC with asynchronous terminal emulation software. pressing firmly with equal pressure top and bottom to align the module with the midplane connector 5 Flip the ejector levers toward each other to close and lock the module in the slot. Do not attach the console to any other network interface.

3 Plug the other end of the RJ-45 cable into the RJ-45–to–DB-9 adapter. –to2 Using the supplied cable.6 Installing Modules and System Bring-up Table 6-2: Cabling and Console Port Signaling Using a DB-9 Adapter (Continued) RJ-45–to–DB-9 Terminal Adapter (connected to Rollover Cable) DB-9 Pin Pin 7 Console Port (DTE) Signal CTS (Clear to Send) RJ-45–to–RJ-45 Rollover Cable RJ-45 Pin Pin 8a RJ-45 Pin Pin 1 Console Device Signal RTS (Request to Send) a. RJ-45–to–RJ-45 rollover cable and RJ-45–to–DB-9 female connector. Pin 1 is on the left when the RJ-45 connector tab is facing down as shown in the following graphic: Figure 6-14: View of Pin-out of Rollover Cable Procedure 6-7 How to Cable the SCM Perform the following steps to cable the operator console. 4 Plug the adapter into your operator console. Pin 1 is connected internally to pin 8. 10 BaseT. plug the RJ-45 end into the RS-232 connection on the front of the SMC. 1 Locate the supplied 8-foot shielded Ethernet. 6-26 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

power on the chassis and boot the software using the procedures in Initial System Configuration on page 6-51. Perform initial setup by entering CLI commands on the operator console.2. Standard ARRIS PROPRIETARY — All Rights Reserved 6-27 .C4 CMTS 5 When you are ready to begin configuring the C4 CMTS. End of procedure The following figure illustrates a console port connection: RJ-45 to RJ-45 roll-over cable CMTS RJ-45 to DB-9 adapter PC Figure 6-15: Connecting the Console Port to a PC Release 4.

6 Installing Modules and System Bring-up Fabric Control Module (FCM) Front Rear Filler Panel ARRIS OOS Out of Service POWER Power Active ACTIVE Figure 6-16: Fabric Control Module (FCM) and Filler Panel 6-28 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

In a duplex system. RIPv2) ARP processing VRF processing IGMP processing DHCP processing ICMP processing The LED status descriptions for the Fabric Control Module are listed in Table 6-3 below: Table 6-3: Fabric Control Module LED Status Descriptions Front LED Power Active Out of Service Module Status Off Off Off Chassis or slot not powered Release 4.C4 CMTS Overview The Fabric Control Module provides internal communication between all client modules within the C4 CMTS. both the SCM slots. and to the spare FCM slot Slot 17 is reserved the Fabric Control Module (slot 18 is for its spare). Primary Software Function The primary software function on the Fabric Control Module includes: • • • • • • • • • LED Status FCM control FCM hardware table management Common Operation Administration Maintenance and Provisioning (OAM&P) and infrastructure software functions Routing Protocols (OSPFv2. One FCM supports: • • The shared memory fabric Bi-directional fabric ports to - all CAM and NAM slots. the processors on the SCM module(s). and the processors on the FCM module(s). NAM module(s). This second control complex remains in standby mode until a switch-over occurs. Together the pair comprise a control complex. The FCM shared memory fabric is used to steer all data and control packets between CAM module(s).2. a second control complex is created by adding an SCM to slot 20 and an FCM to slot 18. Standard ARRIS PROPRIETARY — All Rights Reserved 6-29 . The Fabric Control Module in slot 17 is paired with a System Control Module in slot 19.

in-service. 6-30 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and Layers 2 and 3 switching and router functions between input and output ports within the chassis. in-service (normal operational state) Powered. Place a filler panel in this rear slot. standby Powered. Fabric Control Module (FCM) and Filler Panel.6 Installing Modules and System Bring-up Table 6-3: Fabric Control Module LED Status Descriptions Front LED Power Active Out of Service Module Status On On On Switch Fabric On Off Off Off Off On Powered.4 Gbps shared memory fabric that provides all of the connectivity. or initializing. If only one is to be installed. The FCM does not have a rear PIC. then slots 17 (FCM) and 19 (SCM) should be equipped first. FCM and SCM Pairing Considerations A C4 CMTS must have FCMs and SCMs operational and installed in any one or both of the following two configurations: Table 6-4: Operational FCM and SCM Pairing If FCM is installed and operational in Slot 17 Slot 18 then SCM should be installed and operational in Slot 19 Slot 20 Figure 6-16. out-of-service. Each SCM-FCM pairing constitutes a control complex. One FCM must be present and operational in either Slot 17 or 18 for the CMTS to function. and not active. At the core of the C4 CMTS is a high performance 6. on page 6-28 shows an example of the front faceplate of the FCM. forwarding. This shared memory fabric resides on the Fabric Control Module.

2. The amber LNK-OTHER indicator is not supported. (Not supported by Fast E NAM) Figure 6-17: FastE NAM and PIC Release 4. the link is valid and the port is set to either 100/full. 10/Half or 100/Half. The Activity LED indicator is Green during bursts of traffic in either direction. If the Link LED is red. 10/Full. the port is Out of Service.C4 CMTS Fast Ethernet Network Access Module (NAM) Front Rear PIC-NAM ARRIS OOS Out of Service (Not supported by FastE NAM) POWER Power 10/100 Ethernet Ports E0 E1 E2 E3 When the Link LED is green. Standard ARRIS PROPRIETARY — All Rights Reserved 6-31 .

Downloading data from SCM. it is specific to Ethernet or similar interfaces. One FastE NAM supports four bi-directional 10/100 Base-T ports. on page 6-35 6-32 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Figure 6-17. Refer to Procedure 6-10. Primary Function The primary function of the Network Access Module includes: • • Service-flow management to monitor Quality of Service guarantees Standard EtherLike-MIB and IF-MIB control and monitoring of the four ethernet interfaces The IF-MIB does both monitoring AND control of the interfaces at an abstract level. The EtherLike-MIB is for monitoring only. FastE NAM and PIC. status. on page 6-31 shows an example of the front faceplate of the NAM along with the rear PIC. The NAM is used for command. Up to four FastE NAMs can be placed in slots 13-16. and statistics access into the Ethernet controller chip. • LED Status Counts collection The LED status descriptions for the Network Access Module are listed in Table 6-5 below: Table 6-5: Network Access Module LED Status Descriptions Front LEDs Power Out of Service Module Status On Flashing On On Off On On Flashing Powered and in normal service state Module power is off: either slot is not provisioned or module has been disabled.6 Installing Modules and System Bring-up Overview The Network Access Module (NAM) provides the network interface functionality in various configurations. How to Install the GigE NAM Physical Interface Card (PIC). initializing or running diagnostics. Powered and out of service. There are two basic models: FastE and GigE NAM. NOTE Both the GigE and the FastE NAM use the same Physical Interface Card (PIC).

connect the strap to one of the ESD points on the chassis. The module will click into place if it is seated correctly. 6 Flip the ejector levers toward each other to close and lock the module in the slot. 5 Slide the module all the way into the slot. remove the panel. 3 Grasp the front of the module with both hands and align the module between the guides in slot 15. Repeat Steps 3-6 if it does not.2. on page 6-35 Release 4.C4 CMTS Procedure 6-8 How to Install the FastE NAM Perform the following steps to install the FastE NAM. Refer to Procedure 6-10. How to Install the GigE NAM Physical Interface Card (PIC). 1 Wearing an antistatic wrist strap (or foot strap). pressing firmly with equal pressure top and bottom to align the module with the midplane connector. 4 To ensure proper seating of the ejector levers. End of procedure NOTE Both the GigE and the FastE NAM use the same Physical Interface Card (PIC). Standard ARRIS PROPRIETARY — All Rights Reserved 6-33 . move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. 2 If a filler panel is installed in the front module slot.

the link is valid and the port is set to 100/full. If red.6 Installing Modules and System Bring-up Gigabit Ethernet Network Access Module Front Rear Gigabit Ethernet Ports: PIC-NAM ARRIS OOS Out of Service GBIC0 The GigE port status indicator is green if the link is true. POWER Power (Not supported by GigE NAM) 10/100 Ethernet Ports E0 When the Link LED is green. When the Link LED is green/red (amber). the link is valid and the port is set to either 10/full. (Not supported by GigE NAM) The Activity LED indicator is Green during bursts of traffic in either direction. 10/half. the port is considered Out of Service due to either a broken connection or a disabled port. the port is Out of Service. If the Link LED is red. Figure 6-18: GigabitEthernet Network Access Module (GigE NAM) and PIC 6-34 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or 100/half.

5 Slide the module all the way into the slot. GigE NAMs can be placed only in slots 14 and 16. 6 Flip the ejector levers toward each other to close and lock the module in the slot. 1 Wearing an antistatic wrist strap (or foot strap).C4 CMTS Overview The Gigabit Ethernet Network Access Module (GigE NAM) provides the C4 CMTS with a Gigabit Ethernet Network Side Interface (NSI). The module will click into place if it is seated correctly. 2 If a filler panel is installed in the front module slot. Repeat Steps 3-6 if it does not. No other module type is allowed in those slots. 3 Grasp the front of the module with both hands and align the module between the guides in slot 14 or 16. move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. 4 To ensure proper seating of the ejector levers. The GigE NAM also provides a single 10/100 Ethernet (E0) interface. End of procedure Procedure 6-10 How to Install the GigE NAM Physical Interface Card (PIC) NOTE The GigE NAM and the FastE NAM both utilize the same PIC. connect the strap to one of the ESD points on the chassis. 1 Wearing an antistatic strap. but has a single port (GBIC1) and works at 1G baud. Release 4. Procedure 6-9 How to Install the GigE NAM Perform the following steps to install the GigE NAM. Perform the following steps to install the GigE NAM PIC. remove the panel. pressing firmly with equal pressure top and bottom to align the module with the midplane connector. Standard ARRIS PROPRIETARY — All Rights Reserved 6-35 . The slot to the immediate left of a GigE NAM (slots 13 and 15) must either remain empty or be occupied by a CAM. This interface functions logically in the same manner as the 10/100 Ethernet interfaces provided by the FastE NAM.2. connect the strap to one of the ESD points on the chassis.

install the Gigabit Interface Converter (GBIC). 5 Slide the PIC all the way into the slot. remove the panel. move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot.6 Installing Modules and System Bring-up 2 If a filler panel is installed in the rear PIC slot. End of procedure 6-36 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 3 Grasp the front of the module with both hands and align the PIC between the guides in the corresponding slot (either 14 or 16). 4 To ensure proper seating of the ejector levers. 6 Flip the ejector levers toward each other to close and lock the module in the slot. Repeat Steps 3-6 if it does not. pressing firmly with equal pressure top and bottom to align the module with the midplane connector. 7 Once the PIC has been installed. The module will click into place if it is seated correctly.

SX GBIC Module (Short Haul . Standard ARRIS PROPRIETARY — All Rights Reserved 6-37 . This transceiver has a Duplex-SC style connector.10 KM) . This GBIC itself performs auto-negotiation and the far end device must be set to auto-negotiation. This transceiver has a duplex-SC style connector. The following list describes the four different configurations currently supported by the C4 CMTS: 1550 nm Single mode GBIC 1310 nm Single mode GBIC 850 nm Multi-mode GBIC 1000 Base-T Active Copper GBIC Figure 6-19: Gigabit Interface Converters (GBICs) • LLX GBIC Module (Long Haul .The TX GBIC Module is a 1000Base-T Copper GBIC Transceiver and is used with Cat 5e cable extending up to 100 meters. • • • NOTE GBIC support for the Gigabit Ethernet NAM (GNAM) has the following caveat: When using the TX GBIC Module (1000Base-T Copper GBIC). LX GBIC Module (Medium Haul .The LLX GBIC transceiver has a long wavelength (1550 nm) laser and is used with 9µ (micron diameter) single-mode fiber than can extend up to 60km. the port duplex configuration needs to be set to full.2.C4 CMTS Gigabit Interface Converter (GBIC) Install the GBICs after the GigE NAM and PIC are installed.550 Meters) .A multi-mode SX GBIC transceivers has a short wavelength (850nm) laser and is used with 50µ (micron diameter) or 62µ multi-mode fiber than can extend up to 550m.The Single-Mode LX GBIC transceiver has a Long Wavelength (1310 nm) laser and is used either with 9µ (micron diameter) single-mode fiber that can extend up to 10km or with 50µ or 62µ multi-mode fiber that can extend up to 550m. This transceivers has a duplex-SC style connector. It has an RJ45 style connector. Installation procedures for all GBICs are the same.70 KM) . TX GBIC Module (up to 100 Meters) . Release 4.

6 Installing Modules and System Bring-up PIC-NAM ARRIS Figure 6-20: Installing the GBIC NOTE Do not remove the protective plugs from the GBIC until you are ready to attach the appropriate fiber-optic cable. 2 Remove the GBIC from its protective packaging. Procedure 6-11 How to Install the GBICs Follow these steps to install the GBIC into the GigE NAM PIC: 1 Wearing an antistatic wrist strap (or foot strap). The GBIC is keyed to prevent incorrect insertion. 6-38 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . connect the strap to one of the ESD points on the chassis. 3 Grip the sides of the GBIC with your thumb and forefinger and insert it into the top GBIC slot on the rear GigE NAM pic.

5 miles (70 km) LX-GBIC Single-mode LLX-GBIC Single-mode 1310 nm MMF SMF 1550 nm SMF Release 4. microns 62.5 62. End of procedure GBIC Port Cabling Table 6-6 lists the GBICs and their respective cable lengths and types. 2 Release the GBIC from the slot by simultaneously squeezing the two tabs (one on each side of the GBIC). The laser radiation used in these facilities is not visible and may cause permanent damage. End of procedure WARNING Do not look directly into fiber optic cables or ports. especially to the eye. A flap drops down to protect the internal connector.0 50. Procedure 6-12 How to Remove a GBIC Follow these steps to remove a GBIC from the GigE NAM PIC: 1 Disconnect the cable from the connector on the GBIC.0 9 9 Modal Bandwidth.5 50. Standard ARRIS PROPRIETARY — All Rights Reserved 6-39 .808 ft (10 km) 43. MHz • km 160 200 400 500 200 400 500 -N/A Cable Distance in feet (meters) 722 ft (220 m) 902 ft (275 m) 1640 ft (500 m) 1804 ft (550 m) 1804 ft (550 m) 1804 ft (550 m) 1804 ft (550 m) 32.C4 CMTS 4 Slide the GBIC through the flap covering the opening and into the slot until it clicks and locks into place. 3 Slide the GBIC out of the slot.0 62.2.5 50. 4 Return the GBIG to its protective package.0 50. Table 6-6: GBIC Port Cabling Specifications GBIC SX-GBIC Multi-mode Wavelength 850 nm Fiber Type MMF Core Size.

then ARRIS strongly recommends the use of enhanced Category 5 cabling (Cat5e) that meets the requirements of Addendum 5 to ANSI/TIA/EIA-568-A. then the existing Cat5 cabling should be verified to ensure that performance meets the minimum recommendations of TSB95 prior to attempting to support the Gigabit Ethernet protocol. If Category 5 cable is already installed.” Sept. This cabling will provide additional headroom and more flexibility for supporting 1000baseT applications. This addendum defines the Cat5e additional performance requirements. 6-40 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .6 Installing Modules and System Bring-up NOTE When using the LX GBIC with MMF that is 62. [TIA/EIA/TSB95 = “Additional Transmission Performance Guidelines for 4-pair 100 W Category 5 Cabling. ARRIS recommends installing a mode-conditioning patch cord between the GBIC and the MMF cable on both the transmit and receive ends of the link. Recommended Cabling for 1000Base-T Applications The 1000Base-T Copper GBIC transceiver has an RJ45 style connector.5 microns in diameter. 1999]. including those for the minimum equal level far-end crosstalk (ELFEXT) loss and return loss. If installing new Category 5 cabling.

C4 CMTS Cable Access Module (1Dx8U CAM) Front Rear PIC-CAM (E) ARRIS PIC-CAM (O) PIC-SCM PIC-SCM ARRIS ARRIS PIC-CAM SPARE ARRIS OOS Downstream: Port 0 .2.available Port 1 .not available Out of Service D0 D0 D1 D1 POWER Power U0 U0 U1 U1 U2 DOW N TES T (.30 dV) Downstream Test Upstream: Port 0-7 . Standard ARRIS PROPRIETARY — All Rights Reserved 6-41 .available U3 U3 U4 U4 U5 U5 U6 U6 U7 U7 Even Odd Spare Figure 6-21: 1Dx8U Cable Access Module (CAM) and PICs Release 4.

They provide a power level that is 30 dB (± 3 dB) less than the configured downstream signal strength. Maintenance & Provisioning (OAM&P) including initialization and fault recovery code. Administration. Upstream and Downstream Policing Operations. and counts collection. Slots 0 through 12 are reserved for the Cable Access Module (CAM) only.32-10.24 Mbps upstream channels (numbered 0-7) All Cable Access Modules support software selectable output from 91-857 MHz center frequency for the downstream channel. 6-42 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Connection Admission Control (CAC) PacketCable DSx processing • • • • CAC is a proprietary means of controlling set-up and distribution of service flows across the shared resources in a cable data network. Slot 13. CM Upstream Bandwidth Scheduling (MAPs). Downstream testing at these points does not interfere with CAM functionality. These test points are not meant to be used for signal calibration or for detecting signal spurs. Payload Header Suppression (PHS). 14 and 15 can be used for a CAM or a NAM. Primary Software Function The primary software function on the Cable Access Module includes: • • • CM Ranging and Registration MAC Address Learning DOCSIS Functionality: Packet Classification. Packet defragmentation. One Cable Access Module supports: • • One 30-42 Mbps downstream cable IF channel with integrated upconverter Eight 0. When the test ports are not in use. Baseline Privacy Interface (BPI+). Downstream Test Ports in CAM Faceplate The CAM faceplate test points are meant to verify the presence of a downstream signal.6 Installing Modules and System Bring-up Overview The Cable Access Module provides subscriber-side interface functionality and control of the CMTS downstream power and frequency in various configurations. Dynamic Signaling (DSx). packet de-concatenation. Service Flows. 75 Ohm terminations should be in place.

In this case. and Spare. initializing or running diagnostics. the Sparing LEDs of the PICs of the failed CAM are and its group leader CAM are on. Downloading data from SCM.C4 CMTS LED Status The LED status descriptions for the CAM are listed in Table 6-7 below: Table 6-7: 2Dx12U Cable Access Module LED Descriptions Front LEDs Power On Flashing Persistent Fast Flashing On On Out of Service Off On Module Status Powered and in normal service state Flashing = 1. Odd. Powered and out of service. Under normal conditions all Sparing LEDs will be off. Order any system upgrades with this even/odd pairing in mind. CAM PIC LED Status The LED status descriptions for the CAM PIC are listed in Table 6-8 below: Table 6-8: CAM PIC LED Descriptions If CAM PIC LED Is… Then F-Connector Supports… On (green) On (amber) Off CAM Sparing PIC LED Status active downstream channel active upstream channel no active channel All three types of CAM PICs are equipped with a Sparing LED at the bottom of the faceplate. there is a serious power problem. When a CAM in a sparing group fails. Standard ARRIS PROPRIETARY — All Rights Reserved 6-43 . These PICs have offsetting upstream connectors in order to facilitate cabling. 1Dx8U Cable Access Module (CAM) and PICs. the other for odd. On On Flashing Physical Interface Cards There are three types of CAM PICs: Even. If fast flashing persists for more than 2 seconds.6 second period. The two basic variations of the Physical Interface Card for the CAM are illustrated in Figure 6-21. Fast flashing = 6 times/second. Module power is off: either slot is not provisioned or module has been disabled. These LEDs show which CAM in a sparing group has failed and which CAM is its group leader.2. A third type of PIC used behind CAMs is the CAM sparing PIC. It is required only for those CAMs acting as spares in a sparing group. One is intended for even-numbered slots. Normal when card is first powered or restored. traffic is transferred to its sparing group leader. Release 4. on page 6-41.

2 If a filler panel is installed in the rear PIC slot. remove the panel. connect the strap to one of the ESD points on the chassis. 6-44 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 4 With the ejector levers open. The module will click into place if it is seated correctly. pressing firmly with equal pressure top and bottom to align the module with the midplane connector. The RF connectors are offset on the even and odd PICs to allow for easier cabling.6 Installing Modules and System Bring-up Procedure 6-13 How to Install the CAM Perform the following steps to install the CAM: 1 Wearing an antistatic wrist strap (or foot strap). connect the strap to one of the ESD points on the chassis. move them to an outward position slightly less than perpendicular to the faceplate before seating the module in the slot. Repeat Steps 3-5 if it does not. pressing firmly with equal pressure top and bottom to align the module with the midplane connector. End of procedure NOTE There are different CAM PICs for even and odd numbered slots and for the spare group leader. 5 Flip the ejector levers toward each other to close and lock the module in the slot. 5 Slide the PIC all the way into the slot. remove the panel. 2 If a filler panel is installed in the front module slot. slide the module all the way into the slot. The CAM sparing PIC must be used in any slot in which you provision a CAM sparing group leader. Procedure 6-14 How to Install the CAM Physical Interface Card (PIC) 1 Wearing an antistatic wrist strap (or foot strap). 4 To ensure proper seating of the ejector levers. 3 Grasp the front of the module with both hands and align the PIC between the guides in the corresponding rear slot. 3 Grasp the front of the module with both hands and align the module between the guides of the desired slot.

Standard ARRIS PROPRIETARY — All Rights Reserved 6-45 .C4 CMTS 6 Flip the ejector levers toward each other to close and lock the module in the slot.2. End of procedure NOTE Repeat Procedures 6-13 and 6-14 for additional Cable Access Modules. Release 4. The module will click into place if it is seated correctly. Repeat Steps 3-6 if it does not.

6 Installing Modules and System Bring-up Cable Access Module (2Dx12U CAM) Front Rear ARRIS PIC-CAM (E) PIC-CAM (O) PIC-SCM PIC-SCM ARRIS ARRIS PIC-CAM SPARE ARRIS OOS Out of Service Downstream: Port 0 .30 dV ) Downstream Test D2 Upstream: Port 0-7 .available D0 D0 D1 D1 POWER Power U0 U0 U1 U1 D1 U2 DOW N TES T (.available Port 1 .available U3 U3 U4 U4 U5 U5 U6 U6 U7 U7 Even Odd Spare Figure 6-22: 2D12U Cable Access Module (CAM) and PIC 6-46 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

ATDMA. or TDMA&ATDMA Release 4. Typically. each physical upstream channel can be subdivided into two logical upstream channels (numbered 0 and 1). The share of upstream bandwidth allocated to each of the two logical channels changes according to the requests made by the modems on each logical channel. or Europe: • • • • 5-42 MHz (DOCSIS) 5-55 MHz (Japan) 5-65 MHz (EuroDOCSIS) Multiple logical channels per physical upstream channel If desired.72 Mbps physical upstream channels (numbered 0-11) Range of upstream frequencies configurable for North America. ATDMA.32-30. Standard ARRIS PROPRIETARY — All Rights Reserved 6-47 . They are subchannels that dynamically share the upstream channel’s bandwidth using time division multiplexing. Each 2Dx12U CAM supports: • Two 30-42 Mbps downstream IF channels with integrated upconverters. and TDMA&ATDMA. Japan. It also provides improved spectral efficiency (bits/Hz) in upstream carriers. • Four channel types are supported: TDMA. SCDMA. one logical upstream channel would be SCDMA and the other would be configured for either TDMA. with configurable downstream center frequencies from 91857 (North America) or 112-858 (Europe) MHz Eight upstream physical connectors (numbered 0-7) Up to twelve 0.0 functionality including ATDMA and SCDMA plus PHY-layer ingress cancellation and a number of other key features. This new functionality enables the use of parts of the spectrum previously unavailable due to noise.2.C4 CMTS Overview The 2Dx12U Cable Access Module provides full DOCSIS 2.

Baseline Privacy Interface (BPI+). packet de-concatenation. Administration. Module power is off: either slot is not provisioned or module has been disabled. Payload Header Suppression (PHS). initializing or running diagnostics. Packet defragmentation. Downloading data from SCM. Odd. These test points are not meant to be used for signal calibration or for detecting signal spurs.6 Installing Modules and System Bring-up Primary Software Function The primary software function on the Cable Access Module includes: • • • CM Ranging and Registration MAC Address Learning DOCSIS Functionality: Packet Classification. Connection Admission Control (CAC) PacketCable DSx processing • • • • CAC is a proprietary means of controlling set-up and distribution of service flows across the shared resources in a cable data network. there is a serious power problem. Normal when card is first powered or restored. The LED status descriptions for the CAM are listed in Table 6-9 below: Table 6-9: 2Dx12U Cable Access Module LED Descriptions Front LEDs Power On Flashing Persistent Fast Flashing On On Out of Service Off On Module Status Powered and in normal service state Flashing = 1. Powered and out of service. and counts collection. Service Flows.6 second period. Upstream and Downstream Policing Operations. Maintenance & Provisioning (OAM&P) including initialization and fault recovery code. CM Upstream Bandwidth Scheduling (MAPs). Dynamic Signaling (DSx). Downstream testing at these points does not interfere with CAM functionality. and Spare. Downstream Test Ports in CAM Faceplate The CAM faceplate test points are meant to verify the presence of a downstream signal. If fast flashing persists for more than 2 seconds. LED Status On On Flashing Physical Interface Cards There are three types of CAM PICs: Even. When the test ports are not in use. Fast flashing = 6 times/second. 6-48 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 75 Ohm terminations should be in place. They provide a power level that is 30 dB (± 3 dB) less than the configured downstream signal strength.

the ARRIS 2Dx12U CAM provides channel utilization statistics that can help operators characterize the noise on an HFC plant. In this case. These LEDs show which CAM in a sparing group has failed and which CAM is its group leader.x. Order any system upgrades with this even/odd pairing in mind. and multiplexing techniques deliver the best signal-tonoise ratios. Standard ARRIS PROPRIETARY — All Rights Reserved 6-49 . the Sparing LEDs of the PICs of the failed CAM are and its group leader CAM are on. Although not a function of the DOCSIS standard. Under normal conditions all Sparing LEDs will be off. traffic is transferred to its sparing group leader.2. on page 6-46. The 2Dx12U Ingress Cancellation feature provides administrative control over certain proprietary capabilities of the Broadcom BCM3140 dualchannel burst receiver. these techniques will be the basis for channel optimization and frequency agility features. One is intended for even-numbered slots. Digital signal processing techniques are used to measure SNRs with increased accuracy and to report on problems at the channel and even CM levels. Expected in release 5. Upon entry into the 2Dx12U CAM. It is not capable of providing perfect immunity and should not be considered a substitute for practical HFC plant maintenance activities. CAM PIC LED Status The LED status descriptions for the CAM PIC are listed in Table 6-10 below: Table 6-10: CAM PIC LED Descriptions If CAM PIC LED Is… Then F-Connector Supports… On (green) On (amber) Off CAM Sparing PIC LED Status active downstream channel active upstream channel no active channel All three types of CAM PICs are equipped with a Sparing LED at the bottom of the faceplate. 2D12U Cable Access Module (CAM) and PIC. The BCM3140 has an ingress cancellation block that analyzes the noise environment of an upstream channel.C4 CMTS The two basic variations of the Physical Interface Card for the CAM are illustrated in Figure 6-22. A third type of PIC used behind CAMs is the CAM sparing PIC. It then suppresses narrow-band ingress or adjacent-channel interference. These PICs have offsetting upstream connectors in order to facilitate cabling. It is required only for those CAMs acting as spares in a sparing group. modulation rates. This can help determine which frequencies. NOTE Ingress cancellation technology benefits cable operators by improving the immunity of upstream carriers to normal plant noise. the entire available spectrum of each upstream input port is digitized. the other for odd. Advanced Spectral Analysis 2Dx12U Ingress Noise Cancellation Release 4. When a CAM in a sparing group fails.

The results of any given analysis are applied to every burst up to the next unused burst. This implies that the potential accuracy of the canceller is directly proportional to the frequency of unused bandwidth allocations. this could have a negative impact on throughput. however. Depending on the nature of the noise. an increase in potential accuracy does not necessarily result in a proportional increase in processing gain. 32. It can be enabled for any upstream channel using QPSK or QAM 8. 6-50 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . These bursts have an SID that is not assigned to any service flow. or 64. Analysis only occurs during unused burst intervals. On the other hand. if the frequency of ingress analysis bursts is set too high. analysis rates that are smaller than the average ingress duration have little effect. 16.6 Installing Modules and System Bring-up This feature enables the CMTS operator to perform the following tasks: • • • Enable or disable ingress cancellation on a per-receiver basis Control the amount of bandwidth allocated to ingress canceller operation Monitor processing gain attributed to ingress cancellation By default ingress cancellation is disabled because it consumes bandwidth. Since real-world ingressors are static over relatively long intervals (ranging from milliseconds to minutes).

2. Local and Remote Access to the SCM The SCM serial port is necessary for booting up the system. The base configuration database is present in the System Control Module (SCM) persistent memory — the flash disk. When the C4 CMTS initializes from the base configuration database. Remote management from any Internetconnected host is supported once In-Band Management is enabled. local access to the SCM is restricted to any host on the local subnet associated with the SCM ethernet interface. system administrators can manage the C4 CMTS remotely. When management through a Network Access Module (NAM) interface is enabled. After this procedure is completed. technical support personnel will be able to administer the C4 CMTS using either the ethernet (telnet) port or serial port of the SCM. all packets to the SCM are dropped except those whose source IPs are approved by the ACL. you should have completed the installation steps provided in the beginning of this chapter. Configuration procedures begin once the SCM and FCM are active. When remote SCM access is enabled. the next-hop gateway is redefined to the internal ethernet port of the Fabric Control Module (FCM). Release 4. and other parameters to customize the C4 CMTS for use in your LAN and time zone. Standard ARRIS PROPRIETARY — All Rights Reserved 6-51 . The installation sequence ends upon successful boot-up of the C4 CMTS to its base configuration. The next section of this chapter contains the procedure for initially setting the system clock. the SCM’s IP address. a system administrator can access the SCM through the ethernet port from any locally connected host. accessing the SCM through any NAM interface. The base configuration is the minimum data needed to initialize and configure the C4 CMTS. After that. the SCM and Fabric Control Module (FCM) become active. System administrators who are connected through a local network router will no longer be able to access the SCM through the SCM ethernet port. Consequently. C4 CMTS Base Configuration The C4 CMTS ships with a configuration database that contains all data required to initialize the C4 CMTS. they should also enable Access Control Lists (ACLs) for security. If the ACL feature is enabled. If users choose to enable remote management.C4 CMTS Initial System Configuration Overview To properly configure the C4 CMTS.

Procedure 6-15 How to Open the Terminal Emulator Session Perform the following steps in their proper sequence. Locations of files may also differ. type RJ45. 1 Connect the cable (supplied) from a serial port of a PC (COM1 or COM2) to the lower connector (type RS232) on the faceplate of the SCM. is an ethernet port. After setting the IP addresses through the serial port of the SCM. you can telnet in to the C4 CMTS system via the SCM ethernet port. 6-52 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The two ports are clearly labeled on the faceplate. RJ-45 to RJ-45 roll-over cable CMTS RJ-45 to DB-9 adapter PC Figure 6-23: Opening a Terminal Session on the C4 CMTS NOTE The PCs at your site may be equipped with operating systems and application software different from the ones chosen here as examples. The upper connector.6 Installing Modules and System Bring-up How to Set the SCM IP Address Using a Terminal Emulator The following procedure outlines how to set up a command window using a terminal emulator application such as TeraTerm or Microsoft’s HyperTerm. please consult the vendor-specific documentation. For help with the emulator of your choice.

for example. and SSH.2. Release 4. COPS. End of procedure Enhanced Baud Rates The following enhanced baud rates are available for the serial port: • • • • • 9600 (default) 19200 38400 57600 115200 The baud rate can be changed using the following command: configure line console 0 speed <speed> In-band Versus Out-of-band Management Management consists of tasks related to configuration. carries system and subscriber management information.C4 CMTS 2 Open the terminal emulator application. RADIUS. If your emulator gives you the option to echo typed characters locally. turn it off. It supports access to management protocols via the loopback IP address through any CAM or NAM port. SNMP. 6 Save your terminal emulator. NTP. 4 Configure the serial port using these settings: Bits per second Data bits Parity Stop bits Flow control 9600 baud (default) 8 None 1 Xon/Xoff 5 The C4 CMTS is already set to echo entries. management packets to all destinations are routed through the FEP. Out-of-band — management traffic is carried on a physically or logically separate network. It uses some or all of the following protocols: telnet. and performance. 3 Specify a serial port (usually COM1 or COM2) to be used in this connection. security. as opposed to subscriber traffic. SYSLOG. FTP. in other words. Users must decide whether to use in-band or out-of-band management. TACACS+. • Management traffic. therefore. The administrative terminal is physically connected to the Front Ethernet Port (FEP). accounting. • In-band — management traffic is carried on the same network as subscriber traffic. system administration. You may be asked to give the session a name. c4link. Standard ARRIS PROPRIETARY — All Rights Reserved 6-53 .

press m within five seconds and then follow the prompts to enter Modify mode. 1 Power cycle the C4 CMTS. The system bootloader script with its default parameters scroll rapidly across the screen.255.255.19 255. The initialization screen pauses to give you a chance to enter modify mode. you are prompted to accept the default values or modify the following parameters: • • • • • Password recovery (second dialog only) Enable ethernet port of the SCM (default = disabled) Change IP address of the SCM ethernet port Change subnet mask for the above IP address Specify a default gateway router and its IP address 6-54 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . configure interface ethernet 19/0 ip address 10. Once in Modify mode.0. on page 6-55. The chassis modules go out of service.0.0 configure interface ethernet 19/0 active ip 10.0.0. Connect to the C4 CMTS using the terminal you created in Procedure 6-15.0.6 Installing Modules and System Bring-up Configuring IP Addresses for Out-Of-Band Management The following series of commands provides an example of how to configure the IP addresses of the SCM modules for out-of-band management.0.0.0 configure interface ethernet 20/0 active ip 10. NOTE In the step that follows. 2 When you see the To change any of this… line.1 Procedure 6-16 How to Modify Boot Parameters Use this procedure to set customize parameters on the C4 CMTS for use in your LAN.0.0.255.0.21 255.20 255.0 10.255.0 configure interface ethernet 20/0 ip address 10.0.255. you will power cycle the chassis.21 255.255.255.0 0.255.0.0.0. See Figure 6-24.0 configure ip route vrf management 0. Sample Bootloader Dialog.

press <m> and <RETURN> key within 5 seconds ################################################################## ################################################################## m (M)odify any of this or (C)ontinue? [M] Figure 6-24: Sample Bootloader Dialog Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 6-55 . End of procedure Look for this line Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0.0.0 Subnet mask for the above IP address: 0.0.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset.2.0.C4 CMTS 3 Change bootloader parameters to suit your site and application.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0.0.0. start-up code will wait 5 seconds ------------------------------------------------------------------################################################################## ################################################################## To change any of this.

6 Installing Modules and System Bring-up 6-56 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Procedure 7-1 How to Configure a Time of Day (TOD) Clock Protocol The TOD server provides the time of day to cable modems and other customer premises equipment (CPE) devices connected to the Cadant C4 CMTS cable interfaces. Standard ARRIS PROPRIETARY — All Rights Reserved 7-1 . you may operate the C4 CMTS on local clock without synchronizing it to a network. Clock Synchronization Protocol Introduction If desired.2. 1 Configure the TOD server IP address and protocol for Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) commands: configure tod server <ip address of server> {tcp|udp} 2 Configure the C4 CMTS to use the TOD time synchronization protocol: configure clock network tod 3 Confirm the current clock network protocol as well as the local time using the following command: show clock detail End of procedure Release 4.C4 CMTS 7. If you intend to enable PacketCable. The cable modem uses the ToD server to get the current date and time to accurately time-stamp its Simple Network Management Protocol (SNMP) messages and error log entries. you must choose either Time of Day (TOD) or Network Time Protocol (NTP) as your synchronization protocol. If you choose to synchronize the C4 CMTS to a network time server. you must use NTP.

In other words.. 32. This reduces the amount of time the C4 CMTS needs to synchronize its local clock. The optional minpoll. 64 … 2048. 26 … 211. 25. maxpoll. 2 Use one of the following commands to configure the C4 CMTS as an NTP client listening to a broadcast or multicast server. This means that the C4 CMTS clock is synchronized to the NTP server. which equal 16. The optional prefer parameter designates the association with this server as the preferred time sync source unless the server is unreachable. or if is to be part of an NTP manycast group: configure ntp server <ip-address> broadcast configure ntp server <ip-address> multicast configure ntp server <ip-address> manycast 3 Set the NTP re-synchronization timer: configure ntp minpoll <4. go to step 2. otherwise. the possible values are 24. This is the most common NTP configuration for the C4 CMTS. 1 Configure the NTP client: configure ntp server <ip address> [burst] [prefer] [minpoll <4-11>] [maxpoll <4-11>] [version <3 |4>] Where 4-11 are exponents of 2. but does not synchronize itself to the C4 CMTS.11> configure ntp maxpoll <4. The C4 CMTS becomes an NTP unicast client of the remote server at ipaddress. NOTE PacketCable requires the use of NTP for network synchronization.. The optional burst parameter forces the C4 CMTS to send a sequence of time sync messages over a short period at each poll interval. and version parameters can be used to override the default parameters set by the config ntp minpoll | maxpoll | version commands on a per server basis if necessary.11> 7-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .7 Clock Synchronization Protocol Procedure 7-2 How to Choose Network Time Protocol (NTP) for C4 CMTS The purpose of this procedure is to configure the C4 CMTS as an NTP client. The remote server distributes time synchronization to the C4 CMTS. Use step 1 if the NTP client is unicast.

the possible values are 24.MAXPOLL must not exceed 11 (that is 211 or 2048 seconds. US US US US US US US US US US US US US US US US US US US US US US +404251-0740023 +421953-0830245 +381515-0854534 +364947-0845057 +394606-0860929 +382232-0862041 +411745-0863730 +384452-0850402 +415100-0873900 +450628-0873651 +470659-1011757 +394421-1045903 +433649-1161209 +364708-1084111 +332654-1120424 +340308-1181434 +611305-1495401 +581807-1342511 +593249-1394338 +643004-1652423 +515248-1763929 +211825-1575130 America/New_York Eastern Time America/Detroit Eastern Time . NTP.Wisconsin border America/North_Dakota/Center Central Time . the new CLI command configure ntp minpoll <4 … 11> sets the default minimum polling interval in the same way. The CLI command configure ntp maxpoll <4 … 11> has a default value of 10. Therefore.Indiana . 18. 14. 8. 3. 26 … 211.south Idaho & east Oregon America/Shiprock Mountain Time . maxpoll.Kentucky . 21. 2. 4 Configure the time zone: When no parameter is given (or invalid input is detected). 22.Kentucky .North Dakota . and version is 4. 16. and version parameters that will be assumed by subsequent configure ntp server | peer commands. 13.Wayne County America/Indianapolis Eastern Standard Time . 64 … 2048. 9.west Alaska America/Adak Aleutian Islands Pacific/Honolulu Hawaii Please select a time zone location by line number:(122) 9 Release 4. These commands are used to set the default values for NTP minpoll.2.most locations America/Louisville Eastern Time .Indiana .Alaska panhandle America/Yakutat Alaska Time .Indiana . 25. 4. 15.Michigan .Navajo America/Phoenix Mountain Standard Time .Starke County America/Indiana/Vevay Eastern Standard Time . where minpoll is strictly less than or equal to maxpoll. In the example given below the time zones for the USA are requested. 10. 5. which equals approximately 34 minutes). Standard ARRIS PROPRIETARY — All Rights Reserved 7-3 . In interactive mode.most locations America/Indiana/Marengo Eastern Standard Time . 17. 20. C4 clock timezone Enter country name or 2 letter code: US 1.Arizona America/Los_Angeles Pacific Time America/Anchorage Alaska Time America/Juneau Alaska Time .C4 CMTS Where 4-11 are exponents of 2.Crawford County America/Indiana/Knox Eastern Standard Time . Also. The local TZ name may then be selected by line number from the displayed list of TZ names for that country. In other words. this command enters interactive mode. a list of available canonical time zone (TZ) names is displayed based on a given country name or ISO3166 country code.Louisville area America/Kentucky/Monticello Eastern Time .Alaska panhandle neck America/Nome Alaska Time . 11.Michigan .Indiana . PacketCable requires that the maximum interval between consecutive attempts to synchronize the C4 CMTS local time of day clock must not exceed one hour. 19.Switzerland County America/Chicago Central Time America/Menominee Central Time . 32.Oliver County America/Denver Mountain Time America/Boise Mountain Time . 7. maxpoll is 10. 12. which equal 16. Default for minpoll is 6. 6.

Examples of canonical TZ names are Europe/Paris. or GMT offset e. When a GMT offset is given.3 connection type: tcp These commands select the local TZ and DST rules based on canonical <TZ name> or GMT offset. the local TZ is set accordingly. This includes automatic adjustment of local time for TZ & DST and setting of the time zone abbreviation according to the rules. the built-in local TZ and Daylight Saving Time (DST) rules for that time zone location name are activated. By requesting CLI help on the command you can see that you can also configure the time offset using Greenwich Mean Time: configure clock timezone ? WORD country name/zone location e. if applicable) from Greenwich: configure clock timezone GMT[+|-hh[:mm]] Use the no form of the command to disable the time zone setting: configure clock [no] timezone Use the following command to display the clock configurations and the time: show clock detail 2004 August 4 09:53:39 CDT (DST) Network time sync protocol is TOD TOD Server IP Address: 10. but no DST adjustments are made when local time is displayed or logged.50. America/Chicago.g. 5 Configure the C4 CMTS to use NTP network synchronization: configure clock network ntp 6 Confirm the NTP configuration: show ntp <associations |defaults> Where: associations displays the status of NTP associations defaults displays default settings for NTP minpool. The TZ and DST adjustments are made automatically whenever the local time is displayed or logged (see show clock detail or show log history command). America/Chicago.g. When a canonical <TZ name> is given.7 Clock Synchronization Protocol Chicago is selected. GMT-6 <cr> Use the following command to set the time zone offset in hours (and minutes. maxpool.28. and version 7-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or Asia/Hong_Kong.

you must first disable it before adjusting the clock on the C4 CMTS. The output of show clock detail also shows the TZ abbreviation and the current DST/STD time status.C4 CMTS For example: show NTP defaults minpoll=6 maxpoll=10 ver=4 End of procedure Show Clock Commands Use the following commands to view NTP status: show clock show clock detail show clock GMT show ntp These commands display the local date and time in one-second resolution when the TOD client is active and in 1 millisecond resolution when the NTP client is active. use show clock GMT. Standard ARRIS PROPRIETARY — All Rights Reserved 7-5 .2. Manually Adjusting the C4 CMTS Internal Clock If there is an active network time protocol. If you wish to see the time expressed as Greenwich Mean Time. 1 Use the following command to disable network synchronization: config clock no network 2 Manually set the C4 CMTS internal clock: config clock set yyyy:mm:dd:hh:mm:ss Release 4.

7 Clock Synchronization Protocol 7-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

1 Configure a hostname for the C4 CMTS you wish to define: configure hostname <name> Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 8-1 . Host Names. The following procedure outlines steps required for these features. Procedure 8-1 How to Configure a Host Name and Logging Host IP Address The host name is used in command prompts and system messages.2.C4 CMTS 8. The logging host receives and stores logging messages. configure the preferred hostname and logging host for your C4 CMTS. and Password Recovery Topics How to Administer the Host Name and User IDs How to Add and Delete Users Password Recovery Page 1 2 4 How to Administer the Host Name and User IDs Before configuring the modules and remaining equipment and interfaces. User IDs.

2 The C4 CMTS does not route event messages to a syslog server unless the IP address of that server is configured. the entire string must be enclosed in quotation marks. configure username <userid> password <password> NOTE If spaces are required in either the password or username string. This command can also be used to modify the password for an existing C4 CMTS user.8 Host Names. It can contain any character. In this procedure authentication is set to local and a privilege level is assigned to certain CLI commands. This procedure is meant as an example that 8-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Use the following command to configure the logging host (syslog server): configure logging host <ip address> Where ip address represents the IP address of the syslog server. User IDs. and Password Recovery Where name = a user-defined host name between 1 and 255 characters in length. End of procedure How to Add and Delete Users Each user must have a unique system login account in order to gain access to the C4 CMTS and to the command line interface (CLI). Use the following command to add a user name and password that includes spaces: configure username KatyTech password mohawk_lily Use the following command to delete a user from the C4 CMTS: configure no username <userid> Procedure 8-2 How to Configure Privilege Levels and Authentication For security reasons users may configure CLI command authentication. Add or Delete Users Use the following command to add new users.

2. then levels 0-7 must all use the password to access privileged commands. modulation profiles. The next chapter outlines the sequence and procedures for configuring the modules. Standard ARRIS PROPRIETARY — All Rights Reserved 8-3 . see Configuring Passwords and Privileges. for example. If you select level 7. 2 To set the authentication method to the local list of users and passwords: configure authentication testlist1 local Where testlist1 is an example of a name for this method list 3 Configure the telnet and console access to use the authentication method above for login and enable access: configure line console 0 1 authentication testlist1 login-authentication enable-authentication configure line vty 0 6 authentication testlist1login-authentication enable-authentication 4 (Example) Set the privilege level to 8 for the configure command: configure privilege exec level 8 configure 5 (Example) To set the privilege level to 9 for all configure interface cable commands. and interfaces on the C4 CMTS. enter the following three commands: configure privilege exec level 9 configure configure privilege exec level 9 configure interface configure privilege exec level 9 configure interface cable 6 Confirm your changes: show privilege exec configure 7 If desired. page 25-11. Release 4.C4 CMTS users may follow according to their needs for authentication and authorization. For more information. 1 Create the password and set the privilege level required to use the password in order to access privileged commands: configure enable password <password> privilege <0-15> Where privilege is a number 0-15. use the following command to review privilege levels for other commands: show logging End of procedure This ends the pre-configuration section.

reboot the SCM to enable authentication. type M for Modify. refer to the first five numbered steps in this procedure. There are six basic steps in this procedure. The bootloader dialog again prompts you to Modify or Continue. Finally. Once you have the console command prompt. NOTE Password recovery is allowed only through the console. 3 At the prompt “Enable Password Recovery?” type Y. execute the write memory command to save your changes. 6 The SCM has rebooted and is in-service. Note the bold text in blue which refers to the password recovery steps. 8-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . You must wait for the dialog to run a second time. 5 The CMTS warns you that authentication has been disabled. You can then change the configuration to your liking and reboot the SCM one more time to restore the lab to its normal state with required user authentication. Rebooting the SCM does not help if the previous user has executed the write mem command.8 Host Names. when prompted to modify or continue. also in blue. You have full CLI access. When you have finished making changes. 2 In the second bootloader dialog. The numbered callouts. Type c to continue. pages 8-5 to 8-7) consists of excerpts from the bootloader and application dialogs. 1 Allow the bootloader dialog to run once and to finish. After performing password recovery you also have access to all the CLI commands without having to supply the enable password. and Password Recovery Password Recovery In certain situations a system user may be prevented from logging in because a previous user has changed the password or something in the configuration. Procedure 8-3 How to Enable Password Recovery Using Application Dialog The sample system output (Sample Bootloader Dialog for Password Recovery. User IDs. create a login (username) and a password. The password recovery option enables you to access the CLI at the console without having to supply a user ID or password. 4 You are now in password recovery mode.

0.0.0.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset.0. Standard ARRIS PROPRIETARY — All Rights Reserved 8-5 .0.C4 CMTS Sample Bootloader Dialog for Password Recovery Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset. press <m> and <RETURN> key within 5 seconds ################################################################## ################################################################## SCM BOOT1 image built Mon Jun 21 11:12:11 CDT 2004 version: CMTS_BOOT1 • • Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0.0 Subnet mask for the above IP address: 0.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0.0.0 Subnet mask for the above IP address: 0. start-up code will wait 5 seconds 1 Release 4.0.0.2.0.0. start-up code will wait 5 seconds ------------------------------------------------------------------################################################################## ################################################################## To change any of this.0.

press <m> and <RETURN> key within 5 seconds ################################################################## ################################################################## 3 4 (M)odify any of this or (C)ontinue? [M]c SCM card software version CMTS_V04.0.01.0 Front Ethernet will be in Half Duplex Mode IP address of default gateway to other networks: 0. built on Tue Jul 6 22:01:48 CDT 2004 • • 8-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .0 Subnet mask for the above IP address: 0.0.8 Host Names. User IDs.0 FACTORY PARAMETERS: Model Number: 8400005E01 Serial Number: 02251CMB0002 PCB Revision: E17 PIC PARAMETERS: Model Number: Unknown Serial Number: Unknown PCB Revision: XXXX PARAMETERS: After board is reset. press <m> and <RETURN> key within 5 seconds ################################################################## ################################################################## m (M)odify any of this or (C)ontinue? [M]m For each of the following questions. and Password Recovery 2 ------------------------------------------------------------------################################################################## ################################################################## To change any of this.0.0. you can press <RETURN> to select value shown in brackets.xx.0. FRONT ETHERNET INTERFACE PARAMETERS: IP address for the System Controller's ethernet port: 0.0. start-up code will wait 5 seconds ------------------------------------------------------------------################################################################## ################################################################## To change any of this. or you can enter a new value PASSWORD: Enable Password Recovery ? [No] yes User will be automatically authenticated upon boot FRONT ETHERNET INTERFACE PARAMETERS: • • Copyright (c) 2000-2004 Cadant Inc ------------------------------------------------------------------START-UP MODE: Run the Bootloader application PASSWORD Password recovery is enabled.00.

Reboot this SCM to enable authentication End of procedure Release 4.C4 CMTS 5 Please wait for 5 seconds until initialization completes Warning: Authentication has been disabled for console access.2. Standard ARRIS PROPRIETARY — All Rights Reserved 8-7 .

User IDs.8 Host Names. and Password Recovery 8-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

command syntax.C4 CMTS 9. The following procedures use the show linecard status command to verify that modules return to normal. Before Using CLI Commands If you are unfamiliar with the Command Language Interface (CLI). Gigabit Ethernet Network Access Module. Standard ARRIS PROPRIETARY — All Rights Reserved 9-1 . CLI Overview It provides an introduction to CLI access modes. The following is a list of the possible service states with a brief description for each.2. read Chapter 25. Table 9-1: Module Service State Descriptions Operational States IS In service Description Service States of Modules Release 4. NAM Configuration Topics Page 2 4 7 Fast Ethernet Network Access Module (NAM) Configuration Gigabit Ethernet Network Access Module (GigE NAM) Configuration NAM-Side IP Interface Bundling NOTE Only the Cable Access Module. that must also be configured. and shortcuts. If you want Control Complex Redundancy. and the Network Access Module require customer configuration.

9-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Table 9-2: Port Service State Descriptions Port Operational State IS OOS-MAN OOS-AUTO Port is in service Port out of service — shut down manually Port is out of service for some reason other than manual: it was not shut down manually Description Fast Ethernet Network Access Module (NAM) Configuration Introduction The following procedure provisions a chassis slot for a FastE NAM and then puts that module into service. One FastE NAM supports four bi-directional 10/100 Ethernet ports.9 NAM Configuration Table 9-1: Module Service State Descriptions Operational States IS-INIT OOS-MAN OOS-FLT OOS-DGN OOS-DNLD OOS-PUMP Description In service — undergoing initialization Out of service — shutdown manually Out of service — faulted Out of service — undergoing diagnostics Out of service — undergoing software download Out of service — FPGAs are being distributed Service States of Ports The following list of possible port states. NOTE See the Guidelines for NAM and GigE NAM Configuration. The NAM is used for command. and statistics access into the Ethernet controller chip. There are two basic models: FastE and GigE NAM. The Network Access Module (NAM) provides the network interface functionality in various configurations. These are displayed using the show port status command. page 9-5 for additional provisioning information. status.

3 Verify status of NAM: show linecard status The following is a sample of the system response showing the line that pertains to the NAM: 14 NAM (4FE) Up IS Simplex 02251CBE0001 ENAM-01040W/G02 NAM/NAM Where: 14 = the slot number in this example NAM (4FE) = type of module (NAM with 4 FastEthernet ports) Up = the Administrative State IS = In Service operational state Simplex = NAM redundancy is not enabled 02251CBE0001 = the serial number of the board ENAM-01040W/G02 = the hardware revision of this board NAM/NAM = the slot provisioning / type of card detected 4 Configure the IP address on the fastEthernet port: configure interface fastEthernet <slot>/<port> ip address <ip> <mask> 5 Put NAM ports in service: configure interface fastEthernet <slot>/<port> no shutdown Where: 0-3 is the valid port range for the NAM. Standard ARRIS PROPRIETARY — All Rights Reserved 9-3 .2. 6 Verify status of NAM ports: show port status Release 4.C4 CMTS Procedure 9-1 How to Configure a Network Access Module Use the following procedure to configure a slot and activate a NAM in the C4 CMTS. it may take several minutes to boot. 2 Put the NAM in service: configure interface fastEthernet <slot> no shutdown Normally. Configure a slot for the NAM using the following command: configure slot <slot> type NAM Where: valid slots are 13-16 for the NAM. 1 Slots 13-15 can be configured for use by either a NAM or a CAM. Slot 16 is reserved for NAM modules. depending on need. it takes the NAM about 30 seconds to boot. If the FPGAs need to receive a new software load.

If desired. set operating mode to full or half duplex: configure interface fastEthernet <slot>/<port> duplex [full | half | auto] Where: valid port range is 0-3. the NAM fastEthernet ports are set to auto-negotiate. 8 Repeat steps 1 through 6 as necessary for additional NAM ports. The GigE NAM also provides a single 10/100 Ethernet (E0) interface. 7 By default. For more details. This interface functions logically in the same manner as the 10/100 Ethernet (Fast Ethernet) interfaces provided by the FastE NAM. but has a single port (GBIC1) and works at 1 gigabaud. The slot to the immediate left of a GigE NAM (slots 13 and 15) must either remain empty or be occupied by a CAM. GigE NAMs can only be configured in slots 14 and 16. End of procedure Procedure 9-2 How to Take a NAM Out of Service and Delete Its Slot 1 Take the NAM out of service: configure interface fastEthernet <slot> shutdown Where: slot is a value from 13-16 2 Verify module status: show linecard status The system response should confirm that the module is out of service. 3 Delete the slot: configure no slot <slot> Where: slot is a value from 13-16 End of procedure Gigabit Ethernet Network Access Module (GigE NAM) Configuration The GigE NAM provides the C4 CMTS with a Gigabit Ethernet Network Side Interface (NSI). page 6-20 9-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . No other module type is allowed in those slots. see Provisioning Rules for Slots.9 NAM Configuration The NAM port configured in the previous step should be IS (in service).

it takes the GigE NAM about 30 seconds to boot. The following guidelines apply to NAM and GigE NAM configuration: • • • • • For all GigE NAM CLI commands. The C4 CMTS can support 2 FastE NAMs plus 1 GigE NAM in slots 13. Standard ARRIS PROPRIETARY — All Rights Reserved 9-5 . 14. and any protocol support that is NAM-interface based. status commands (show port status. but may take several minutes if a new software load must be distributed to the FPGAs. Guidelines for NAM and GigE NAM Configuration There are restrictions involving the simultaneous equipage of the GigE NAM and FastE NAM. page 9-3. use steps 4 to 6 of How to Configure a Network Access Module. with a GigE NAM depending on need. or 1 GigE NAM in slot 14 and 2 FastE NAMs in slots 15 and 16. Release 4.2. If slots 14 and 16 are both equipped with GigE NAMs. then slots 13 and 15 can be used for CAMs or left empty. or both 14 and 16. Configure either slots 14 or 16. 3 Put the GigE NAM module in service: configure interface gigEthernet <slot> no shutdown Normally. This includes the configuration of the interface. Procedure 9-3 How to Configure a Gigabit Ethernet Network Access Module Use the following procedure to configure a slot and activate a GigE NAM in the C4 CMTS. 2 (optional) To configure the FastEthernet 10/100 port (14/0 or 16/0). 1 Configure a slot for the GigE NAM using the following command: configure slot <slot> type GNAM Where valid slots are 14 and 16 for the GigE NAM. see List of CLI Commands to find the config interface gigabitEthernet commands. The basic CLI command for GigE NAM configuration is: configure interface gigabitEthernet <slot>/<port> [duplex | ip | proxy arp | [no] shutdown | speed] For information on these parameters. and 16 respectively.C4 CMTS The Gigabit Ethernet Network Access Module is provisioned in much the same way as FastE NAM. The slot to the immediate left of a GigE NAM cannot be equipped with a FastE NAM. show linecard status). and port 1 is the GigE NAM port. port 0 is the fastEthernet 10/100 port.

9 NAM Configuration 4 Verify status of GigE NAM: show linecard status 5 Configure the IP address on the GigE NAM: configure interface gigabitEthernet <slot>/1 ip address <ip> <mask> 6 Put GigE NAM ports in service: configure interface gigEthernet <slot>/1 no shutdown Where valid slots are 14 and 16 and 1 is the valid port for the GigE NAM. 1 Take the GigE NAM out of service: configure interface gigEthernet <slot> shutdown Where: slot = 14 or 16 for the GigE NAM. End of procedure Procedure 9-4 How to Take a GigE NAM Out of Service and Delete Its Slot Use this procedure to take a GigE NAM and the slot it resides in out of service. 2 Verify module status: show linecard status The system response should confirm that the module is out of service. 3 Delete the slot: configure no slot <slot> Where: slot = 14 or 16 for the GigE NAM. End of procedure 9-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 7 Verify status of GigE NAM ports: show port status The GigE NAM port configured in the previous step should be IS (in service). 8 Repeat steps 1 through 6 if a second GigE NAM is desired.

etc.C4 CMTS NAM-Side IP Interface Bundling This feature is similar to CAM interface bundling in that it bundles NAM IP interfaces. This application permits MSOs to offer advanced PSTN services using VoIP over packetized networks such as an HFC plant. Since the bundling consists of layer 2 interfaces below layer 3 interfaces. redundant ethernet links to the NCSG. the gateway assists the CMTS by sending at least three gratuitous ARPs after reconfiguring its interfaces.) operate properly with a NAM bundle. In the C4 CMTS this has to be done at layer 3. Depending on different failure scenarios. See Figure 9-1. CPU 1 CPU 2 M1 MEDIA 1-16 M 16 NCSG (GATEWAY) GIG-E 1 GIG-E 2 GNAM C4 CMTS GNAM Figure 9-1: Block Diagram of NAM-Side IP Interface Bundling Release 4.2. the C4 CMTS IP bundle must accept an IP address that moves to a new MAC address. The two redundant ethernet links operate in an active/standby mode. It must also accept an IP/MAC binding that stays the same while moving to a new ethernet interface. The duplicated gateway processor cards share a single IP address and support from 1-16 media modules (cards). The purpose is to create bridging functionality for links connecting the C4 CMTS to a Network-Based Call Signaling Gateway (NCSG). multiple VRFs. Each of the media modules has its own IP address and must be reachable from either processor. depending on which one is active. and the duplex processor and multiple media cards on of the NCSG. This IP address may also move to a new ethernet interface. There are no switches or other equipment between the CMTS and the gateway platform. RIP. Standard ARRIS PROPRIETARY — All Rights Reserved 9-7 . The bundling includes NAM interfaces on the CMTS side. In each of these cases. all IP functionality (OSPF.

9-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .9 NAM Configuration CLI Commands for NAM-Side IP Bundling To display information on configured IP interface bundles. and the MAC addresses of the individual interfaces in the IP bundles. enter the following command: show ip bundle To configure IP interface bundles for a fastE NAM: configure interface fastethernet <slot>/<port>[. use the following command: show ip interface NOTE IP packets leaving an IP interface bundle all show the same MAC address. and the bridge group leaders of IP interface bridge groups.subif#] no ip bundle To show the IP interfaces for all the client cards. the show ip interface command displays an unused MAC address for all NAM interfaces that are in the bundle but are not the master. Thus.subif#] no ip bundle To configure IP interface bundles for a GigE NAM: configure interface gigabitethernet <slot>/<port>[.

creating clone groups. as well as examples of procedures for migrating to denser configurations. Release 4. Basic CAM Configuration Topics 1Dx8U CAM 2Dx12U CAM Migration from 1Dx8U CAMs to 2Dx12U CAMs Clone Group Configuration Modulation Profiles FlexCAM™ Hitless CAM Sparing Interface Bundling Page 2 4 13 27 32 41 47 This section provides basic examples of slot equipage and CAM configuration for the two models of CAM. Standard ARRIS PROPRIETARY — All Rights Reserved 10-1 . and creating interface bundles.C4 CMTS 10. enabling CAM sparing groups.2. customizing modulation profiles. It also provides more detailed procedures for CAM configuration.

13 10-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . configure interface cable 1/0 cable downstream modulation 256qam The default power-level is 500.255.10.10.1 255.11. The downstream and upstream 0 are provisioned.255.12. configure interface cable 1/0 cable downstream power-level 550 configure interface cable 1/0 cable upstream 0 frequency 18000000 configure interface cable 1/0 cable upstream 0 modulation-profile 1 configure interface cable 1/0 cable upstream 0 power-level 0 configure interface cable 1/0 ip address 10. configure slot 1 type 1D8U configure interface cable 1/0 cable downstream frequency 321000000 The default modulation type is 64QAM.10 Basic CAM Configuration 1Dx8U CAM Short Example of 1Dx8U CAM Configuration The following series of commands is meant as an example. all the upstream and downstream channels associated with it are added with default settings. When you create a CAM.0 configure interface cable 1/0 cable upstream 0 no shutdown configure interface cable 1/0 no shut configure interface cable 1 no shutdown configure interface cable 1/0 cable bundle master configure interface cable 1/0 cable helper-address 10. In this example slot 1 is configured for a 1Dx8U CAM. In this example the downstream is configured to use 256QAM.

8U) CAM (1D. 1FE) (1D. 2 Verify that the slots are provisioned as desired: show linecard status The following output text provides an example of the system response to the show linecard status command: Slot Description 0 1 2 13 14 15 16 CAM (1D. configure slot <0-15> type 1D8U Slots 13-15 can be configured for use by either a NAM or a CAM.C4 CMTS Procedure 10-1 How to Create and Enable a 1Dx8U CAM 1 Configure a slot for the CAM using the following command. Provision other slots (0-15) individually as needed. 8U) (4FE) Admin State Up Up Up Up Up Up Up Oper State IS IS IS IS IS IS IS Duplex State Standby Active Active Active Simplex Active Simplex Serial Number 02321CBD0047 HKD10068 02321CBD0010 03051CBD0027 002201CBG001 3163100499 3123100438 HW Version CAM-01081N/J04 8400002G01/G06 CAM-01081N/J03 CAM-01081N/L05 GNAM-GB010W/B13 8400002G01/G06 ENAM-01040W/F04 Prov/Det Type CAM/CAM CAM/CAM CAM/CAM CAM/CAM NAM/NAM CAM/CAM NAM/NAM End of procedure Release 4.2. 8U) CAM NAM CAM NAM (1D. 8U) (1GE. Standard ARRIS PROPRIETARY — All Rights Reserved 10-3 . 8U) CAM (1D.

The C4 CMTS displays the following error message when the user attempts to change an upstream power level to a value that is not valid for that attenuator configuration: Upstream channel power level conflict with another channel using the same connector.10 Basic CAM Configuration 2Dx12U CAM The guidelines and procedures in this section are specific to the 2Dx12U CAM.4 MHz -1 0 1 2 Atten. Slot Provisioning The 2Dx12U must be grown in a CAM slot provisioned for a 2Dx12U. upstreams. Rules and Restrictions for 2Dx12U CAM Configuration Before growing and configuring a 2Dx12U CAM with its downstreams. No mixing is allowed in the sparing groups. If all channels are enabled then at least one physical connector will receive more than one upstream channel There must be no frequency overlap among the upstream channels using the same connector. If inserted in a slot configured for a 1Dx8U. if desired.) 200 kHz -16 -15 -14 -13 400 kHz -13 -12 -11 -10 800 kHz -10 -9 -8 -7 1. CAM sparing can only be done by like cards: a 1Dx8U can spare for a group consisting only of 1Dx8Us and a 2Dx12U can spare only for a group consisting of 2Dx12Us.6 MHz -7 -6 -5 -4 3. Guidelines for mapping upstream channels to physical connectors: • • Any upstream or all of the upstreams can be connected to any one of the physical upstream connectors There are 8 physical connectors and 12 upstream channels on the 2Dx12U. See Table 10-1 for valid upstream channel power levels when the attenuator is set to 12 dB.2 MHz -4 -3 -2 -1 6. dBa 12 12 12 12 Upstream (US) Channel to Physical Connector Mapping • • 10-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . logical channels. Upstream channels connected to a single physical connector may vary according to channel width and power levels according to the values accepted by the user-configured attenuation level. Table 10-1: US Power Levels Attenuated to 12 dB (approx. please consider the following rules and restrictions. and. either 12 or 28 dB. and Table 10-2 for valid values when the attenuator is configured for 28 dB. it remains OOS.

) 200 kHz -12 -11 -10 -9 -8 -7 -6 -5 -4 -3 -2 -1 400 kHz -9 -8 -7 -6 -5 -4 -3 -2 -1 0 1 2 800 kHz -6 -5 -4 -3 -2 -1 0 1 2 3 4 5 1.4 MHz 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 Atten.6 MHz -3 -2 -1 0 1 2 3 4 5 6 7 8 3. Release 4.4 MHz 3 4 5 6 7 8 9 10 11 12 13 14 Atten.) 200 kHz 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 400 kHz 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 800 kHz 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 1. Standard ARRIS PROPRIETARY — All Rights Reserved 10-5 . dBa 12 12 12 12 12 12 12 12 12 12 12 12 NOTE: All upstream Rx (receive) values are measured in dBmV. a.6 MHz 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 3.C4 CMTS Table 10-1: US Power Levels Attenuated to 12 dB (approx. Table 10-2: US Power Levels Attenuated to 28 dB (approx.2.2 MHz 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 6.2 MHz 0 1 2 3 4 5 6 7 8 9 10 11 6. dBa 28 28 28 28 28 28 28 28 28 28 28 28 28 28 28 NOTE: All upstream Rx (receive) values are measured in dBmV. Power after attenuation may vary slightly from one CAM to another. Power after attenuation may vary slightly from one CAM to another. a.

2.x and 2.x modems assigned to that path will not register.1 There are four types of logical upstream channels: • Type 1 = TDMA (DOCSIS 1.10 Basic CAM Configuration Upstream to MAC Domain Mapping Guidelines for mapping upstream channels to MAC domains (downstreams): • • Any or all of the 12 upstream channels (numbered 0–11 in CLI syntax) can be associated with either downstream Changing the upstream parameters of a channel or channels on MAC 0 does not affect the channels on MAC domain 1.x) If logical channels are to be used. the same upstream channel. that is.0–11. must have the same channel width and map size Channel numbering in UCD messages uses these conventions: • Channel IDs 1–12 for the logical channels numbered 0. - NOTE If an upstream channel is configured for only Type 3A or 3S.x) Type 3S = SCDMA only (DOCSIS 2. a total of 24 per CAM Both logical channels on the same physical receiver.x mixed) Type 3A = ATDMA only (DOCSIS 2. Logical Channels These are the restrictions on logical channels: • • • The 2Dx12U supports two logical channels per upstream. 10-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or 3A.0 Channel IDs 13–24 for the logical channels numbered 0. ARRIS recommends that one of the two be Type 1. and changing the upstream parameters of a channel or channels on MAC 1 does not affect the channels on MAC domain 0. then any DOCSIS 1.x) Type 2 = TDMA & ATDMA mixed (DOCSIS 1.1–11. and the other one be Type 3S.

Standard ARRIS PROPRIETARY — All Rights Reserved 10-7 .2. The values chosen are meant as a useful example.C4 CMTS Basic Command Set for Bringing Up a 2Dx12U The set of commands provided in Table 10-3 is the bare minimum for turning up a 2Dx12U CAM in a given slot. You are not required to use the same values for these commands. Release 4.

to service. Configure secondary IP address for CAM 8. Restore upstream channel 6 of CAM 8.128 secondary configure interface cable 8/0 cable helper-address 10. Configure upstream channel 6 of CAM 8. configure interface cable 8/0 no shutdown mac-port configure interface cable 8/1 no shutdown mac-port configure interface cable 8/0 cable upstream 0 no shutdown configure interface cable 8/1 cable upstream 6 no shutdown configure interface cable 8 no shutdown show interface cable 8 Restore mac domain 8/0 (that is.102.21.50. mac domain 1.255. downstream 0) to service. to service. slot 8.129 255. Assign IP and Helper Addresses to CAM configure interface cable 8/0 ip address 10.128 configure interface cable 8/0 ip address 10. Add mac-domain 8/1 to cable bundle 8/0. Restore mac domain 8/1 to service. Configure the CAM helper address for CAM 8. mac domain 0. mac domain 0. mac domain 1.255. Configure upstream channel 0 of CAM 8. configure interface cable 8/1 cable downstream no shutdown Restore port 8/1 to service.1 255.255. Set downstream frequency to 333 MHz for slot 8 mac domain 1 (downstream 1). Purpose Configure the Upstream Frequencies and Connectors configure interface cable 8/0 cable upstream 0 connector 0 configure interface cable 8/0 cable upstream 0 frequency 12000000 configure interface cable 8/1 cable upstream 6 connector 6 configure interface cable 8/1 cable upstream 6 frequency 12000000 Assign upstream channel 0 of CAM 8. to connector 6. Assign upstream channel 6 of CAM 8.10 Basic CAM Configuration Table 10-3: Example of Basic Command Sequence for Turning up a 2Dx12U in Slot 8 Command Configure the Slot configure slot 8 type 2D12U Provision slot 8 as a 2Dx12U slot. Confirm channel settings for slot 8.2. Configure the Downstream Frequencies configure interface cable 8/0 cable downstream frequency 321000000 configure interface cable 8/1 cable downstream frequency 333000000 Set downstream frequency to 321 MHz for slot 8 mac domain 0 (downstream 0). to use frequency 12 MHz. to use frequency 12 MHz.255.3 Configure primary IP address for CAM 8. as cable bundle master. to connector 0. Set up the Cable Bundle configure interface cable 8/0 cable bundle master configure interface cable 8/1 cable bundle 8/0 Put CAM in Service configure interface cable 8/0 cable downstream no shutdown Restore port 8/0 to service. See example below.2. Restore module in slot 8 to service. Designate slot 8. mac domain 1.21. mac domain 0. port 0. Restore upstream channel 0 of CAM 8. 10-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

2. Range = 500-610. Default = 2.C4 CMTS show interface cable 8 DS 8/0 8/1 US 8/0/U0 Oper Annex Freq(Hz) Mod Power Clone Spare State Type (. Default = 3. Default = tdma. Table 10-4: Accepting Default Parameters for Cable Downstream and Upstream Channels Command configure interface cable <slot/mac domain> cable downstream annex B configure interface cable <slot/mac domain> cable downstream modulation 64qam configure interface cable <slot/mac domain> cable downstream power-level 500 configure interface cable <slot/mac domain> cable upstream 0 modulation-profile 2 configure interface cable <slot/mac domain> cable upstream 0 channel-type tdma configure interface cable <slot/mac domain> cable upstream 0 channel-width 3200000 configure interface cable <slot/mac domain> cable upstream 0 power-level 0 Purpose Accept default annex for downstream and associated upstreams. Accept default downstream modulation type. Release 4. Procedure 10-2 Example of Growing and Enabling a 2Dx12U CAM with Logical Channels By default all 2Dx12U upstreams are set to modulation profile 2 (TDMA.2 MHz. Range = -4 to 26 dBmV if channel width is 3. Standard ARRIS PROPRIETARY — All Rights Reserved 10-9 . Default = 500. Accept default channel width. QPSK). Power range varies with channel width selection. Accept default modulation profile. Accept default upstream channel type. Accept default downstream power level. In each command the default values can be replaced as needed. Default = 0. Accept default upstream power level. in tenths of dBmV.2 MHz.1dBmV) Enable Group IS B(US) 321000000 q64 500 true IS B(US) 333000000 q64 500 true Conn Oper Chan State Type 0 IS tdma Freq(Hz) Channel Mini Mod Power Cable Width Slot Prof (dBmV) Group 12000000 3200000 4 2 0 - Table 10-4 shows the commands to restore default values for a number of upstream and downstream parameters. Default = DOCSIS (North American) frequency ranges. These are the settings which most users will choose for basic configuration.

Use preconfigured ATDMA modulation profile SCDMA modulation profile 2D12U CAM TDMA modulation profile 1D8U CAM TDMA modulation profile TDMA-ATDMA modulation profile You may use these ready-made modulation profiles or use them as the starting points for creating your own customized profiles.Use preconfigured iuc . 2 (optional) Use the following command to display help text regarding preconfigured modulation profiles: configure cable modulation-profile 100 ? Where: 100 is an arbitrary mod profile ID number Sample system response: C4-8# configure cable modulation-profile 100 ? atdma .1.Use preconfigured tdma-1d8u . Annex B (North America) is the default. Japan.Use preconfigured tdma-atdma .Use preconfigured tdma . and modulation: configure cable modulation-profile 6 tdma qam-16 5 Provision slot (15 is used in this example) for a 2D CAM: configure slot 15 type 2D12U 10-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or Europe: configure cable freq-range <european | japanese | north-american> | no Where: no = no frequency range override In other words. and modulation: configure cable modulation-profile 37 scdma qam-64 4 Configure a second modulation profile ID number. 1 Choose the upstream frequency range that corresponds to North America.IUC type scdma . See configure interface cable <slot> cable downstream annex. this command is disabled and the upstream frequency range is determined by the Annex setting. 3 Configure a desired modulation profile ID number. channel type.10 Basic CAM Configuration NOTE Those users who do not wish to implement logical channels can use this procedure but should ignore all steps that add or provision upstream n. channel type.

1 modulation-profile 37 Release 4.0 logical channels and profile 37 to the .C4 CMTS 6 Assign a downstream frequency to MAC domain 0 in that slot: configure interface cable 15/0 cable downstream frequency 357000000 7 Assign a downstream frequency to MAC domain 1: configure interface cable 15/1 cable downstream frequency 369000000 The two commands that follow can be entered as one single command as in step 8.2.0 modulation-profile 6 configure interface cable 15/1 cable upstream 6. Standard ARRIS PROPRIETARY — All Rights Reserved 10-11 . configure interface cable 15/0 cable upstream 0 configure interface cable 15/0 cable upstream 0 connector 0 8 Assign an upstream to MAC 0 and to a physical connector: configure interface cable 15/0 cable upstream 0 connector 0 9 Assign an upstream to MAC 1 and to a physical connector: configure interface cable 15/1 cable upstream 6 connector 6 10 Set the upstream frequency for 15/0 upstream 0: configure interface cable 15/0 cable upstream 0 frequency 8400000 11 Set the upstream frequency for 15/1 upstream 6: configure interface cable 15/1 cable upstream 6 frequency 14800000 Perform step 12 only to set channel-type and mod-type to values other than the defaults.0 modulation-profile 6 configure interface cable 15/0 cable upstream 0. Step 12 assigns modulation profile 6 to the .1 modulation-profile 37 configure interface cable 15/1 cable upstream 6.1 logical channels. 12 Assign modulation profiles to the logical channels of the of the two upstreams you provisioned: configure interface cable 15/0 cable upstream 0.

assign IP helper address to 15/0: configure interface cable 15/0.1 255.50. assign IP address and mask to 15/0: configure interface cable 15/0.64.224.0 cable helper-address 10.34.10 Basic CAM Configuration 13 Enable upstream logical channel 0 on 15/0: configure interface cable 15/0 cable upstream 0.1 on 15/0: configure interface cable 15/0 cable upstream 6.134. 21 If not done already.1 no shutdown 17 Enable the downstream in 15/0: configure interface cable 15/0 cable downstream no shutdown 18 Enable the mac-port in 15/0: configure interface cable 15/0 no shutdown mac-port 19 Enable the downstream in 15/1: configure interface cable 15/1 cable downstream no shutdown 20 Enable the mac-port in 15/1: configure interface cable 15/1 no shutdown mac-port NOTE If you have not configured IP addresses for the CAM. 10-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .3 23 Assign IP address and mask and helper address to 15/1 as in steps 21 and 22 above. modems will range but not register.1 no shutdown 15 Enable logical upstream channel 6.0 no shutdown 14 Enable logical upstream channel 1 on 15/0: configure interface cable 15/0 cable upstream 0.0 ip address 10.255.0 22 If not done already.0 on 15/1: configure interface cable 15/1 cable upstream 6 no shutdown 16 Enable logical upstream channel 6.

Those channels that must change frequency are shown with the notation f1=>F2. 1FE) A B A B 2Dx12U Ingress Noise Cancellation The following CLI command is used to enable ingress cancellation: configure interface cable <x>/<y> cable upstream <z> ingress-cancellation [ interval <unsigned int> ] [ size <unsigned int> ] For more information. The original frequency is denoted f1. RF cable connectors 3 and 7 are left as spares. Two upstreams with different frequencies are placed on each used connector. see 2Dx12U Ingress Noise Cancellation.C4 CMTS 24 Enable the CAM in slot 15: configure interface cable 15/0 cable downstream no shutdown 25 Verify that the slots are provisioned as desired: show linecard status End of procedure The following output text provides an example of the system response to the show linecard status command: 0 1 2 3 14 15 16 17 18 19 20 CAM CAM CAM CAM NAM CAM NAM FCM FCM SCM SCM (2D. Standard ARRIS PROPRIETARY — All Rights Reserved 10-13 . 12U) (1GE. 1FE) (2D. (2D.2. Only six connectors of the 2Dx12U CAM are used. (2D. Migration from 1Dx8U CAMs to 2Dx12U CAMs The illustration in Figure 10-1 shows an example of how to migrate the upstreams from two 1x6 CAMs onto a single 2Dx12U CAM. (2D. 12U) 12U) 12U) 12U) Up Up Up Up Up Up Up Up Up Up Up IS IS IS IS IS IS IS IS IS IS IS Standby Active Active Active Simplex Active Simplex Active Standby Active Standby 04211CMD0018 04261CMD0032 04121CMD0005 04051CMD0013 03181CBG0021 04051CMD0012 02201CBG0013 03121CBR0023 03121CBR0044 02231CBM0018 03031CBM0049 CAM-01122W/F05 CAM-01122W/F06 CAM-01122W/E06 CAM-01122W/D15 GNAM-GB010W/D04 CAM-01122W/D16 GNAM-GB010W/B10 FCM-30640W/E06 FCM-30640W/E06 SCM-00440W/G06 SCM-02440W/B02 CAM/CAM CAM/CAM CAM/CAM CAM/CAM NAM/NAM CAM/CAM NAM/NAM FCM/FCM FCM/FCM SCM/SCM SCM/SCM (1GE. Release 4. page 6-49.

10 Basic CAM Configuration Advantages: • • • • • Uses all 12 upstream receivers in 2D:12U Same arrangements for D0 and D1 upstreams in 2D:12U Supplies 2 upstream logical channels to every Fiber Node 2 spare F connectors on 2D:12U CAM Utilizes ULB (upstream load balance) Disadvantages: • Requires 2:1 combiners on existing cables 10-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

C4 CMTS 1x6 CAMs used 34 MHz for all upstreams. F2 = 38 MHz F connectors Blade 1 1x6 --. Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 10-15 . Instead of showing a network diagram it shows the slot configuration before and after.D0 RF 1 Node #7 Node #8 Node #9 Node #10 Node #11 Node #12 f1 4 f1=>F2 f1 5 f1=>F2 f1 f1=>F2 6 7 spare RF 2 RF 3 RF 4 f1 F2 f1 F2 f1 F2 U6 U7 RF 5 U8 MAC Domain U9 1 U10 U11 RF 6 RF 7 f1 F2 Figure 10-1: One Way to Migrate Two 1Dx6 CAMs onto One 2Dx12U (example) Figure 10-2 shows the same migration example. 2Dx12U CAMs use 38 MHz for 2nd channel of each combiner.D0 M ulti US Fre q pe r M AC Dom ain D0 = 781 Mhz D1 = 781 Mhz U0 = 34 Mhz U1 = 38 M hz U2 = 34 Mhz U3 = 38 M hz U4 = 34 Mhz U5 = 38 M hz U6 = 34 Mhz U7 = 38 M hz U8 = 34 Mhz U9 = 38 M hz U10 = 34 Mhz U11 = 38 M hz Node #1 Node #2 Node #3 Node #4 Node #5 Node #6 f1 0 f1=>F2 f1 f1=>F2 f1 f1=>F2 2 3 spare 1 DS 0 DS 1 Crossbar (configurable) RF 0 f1 F2 f1 F2 U0 U1 U2 MAC Domain U3 0 U4 U5 Blade 2 1x6 --. f1 = 34 MHz.2.

In the upper example. In the lower example a total of 12 upstreams are migrated onto two 2Dx12U CAMs.10 Basic CAM Configuration 0 D0 1 2 3 4 SLOTS R F D0 D1 0 1 2 3 4 U0 U1 U2 U3 U4 U5 U6 U7 C O N N E C T O R S Two CAMs 1D/6U KEY: Upstream at 34 MHz Upstream at 38 MHz 0 1 2 3 4 5 6 7 U0 U1 U2 U3 U4 U5 U6 U7 U8 U9 U10 U11 One 2Dx12U CAM — 12 Upstreams MAC DOMAIN 0 MAC DOMAIN 1 Figure 10-2: Migration Example: from 12 Upstreams on Two 1D/6U CAMs to One 2Dx12U Figure 10-3 provides two more examples of slot equipage and upstream channel utilization when migrating from a 1Dx8U chassis to a chassis equipped with 2Dx12U CAMs. In this case each mac domain (downstream) is left with four upstreams to preserve the network topology. 10-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . a total of 32 upstreams are migrated to four 2Dx12U CAMs.

C4 CMTS SLOTS 0 D0 1 2 3 4 5 6 7 8 9 RF Numbers 0 D0 D1 1 2 SLOTS 3 4 5 6 7 8 9 U0 U1 U2 U3 U4 U5 U6 U7 U0 U1 U2 U3 U4 U5 U6 U7 Eight (8) 1Dx8U CAMs Four (4) 2Dx12U CAMs 0 D0 1 2 3 4 5 6 7 8 9 D0 D1 0 1 2 3 4 5 6 7 8 9 U0 U1 U2 U3 U4 U5 U6 U7 U0 U1 U2 U3 U4 U5 U6 U7 Three (3) 1Dx8U CAMs Two (2) 2Dx12U CAMs Figure 10-3: Two Examples of Slot Configuration after Migrating to 2Dx12U CAMs Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 10-17 .2.

8 Verify that each 2Dx12U CAM has the correct PIC. 7 Insert 2Dx12U CAMs into the desired slots. 2 Repeat the step above for each remaining CAM until all have been shut down. 5 Write memory write memory 6 Physically remove all 1D CAMs.10 Basic CAM Configuration Procedure 10-3 Migrating from a 1Dx8U Chassis to a 2Dx12U Chassis This procedure assumes that your chassis and PICs are of the minimum required hardware revision and that you are replacing all 1Dx8U CAMs in the chassis with 2Dx12U CAMs. Sparing group leaders must be equipped with sparing PICs. 3 Degrow 1D slots: configure no slot <slot> 4 Repeat step 3 for each remaining CAM slot. 10 Configure the first 2Dx12U CAM and its downstream and upstream channels using the following commands: configure slot <slot> type 2D12U configure interface cable <slot>/0 no shutdown mac-port configure interface cable <slot>/0 cable downstream frequency 321000000 configure interface cable <slot>/0 cable downstream no shutdown configure interface cable <slot>/1 no shutdown mac-port configure interface cable <slot>/1 cable downstream frequency 321000000 10-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 9 Re-cable downstream and upstream channels as needed. 1 Shutdown the first of the 1D Cams: configure interface cable <slot> shutdown Where <slot> is the lowest numbered CAM.

2. Standard ARRIS PROPRIETARY — All Rights Reserved 10-19 .C4 CMTS configure interface cable <slot>/1 cable downstream no shutdown configure interface cable <slot>/0 cable upstream 0 configure interface cable <slot>/0 cable upstream 0 modulation-profile 2 configure interface cable <slot>/0 cable upstream 0 frequency 12000000 configure interface cable <slot>/0 cable upstream 0 connector 0 configure interface cable <slot>/0 cable upstream 0 no shutdown configure interface cable <slot>/0 cable upstream 1 configure interface cable <slot>/0 cable upstream 1 modulation-profile 2 configure interface cable <slot>/0 cable upstream 1 frequency 16000000 configure interface cable <slot>/0 cable upstream 1 connector 0 configure interface cable <slot>/0 cable upstream 1 no shutdown configure interface cable <slot>/0 cable upstream 2 configure interface cable <slot>/0 cable upstream 2 modulation-profile 2 configure interface cable <slot>/0 cable upstream 2 frequency 12000000 configure interface cable <slot>/0 cable upstream 2 connector 1 configure interface cable <slot>/0 cable upstream 2 no shutdown configure interface cable <slot>/0 cable upstream 3 configure interface cable <slot>/0 cable upstream 3 modulation-profile 2 configure interface cable <slot>/0 cable upstream 3 frequency 16000000 Release 4.

10 Basic CAM Configuration configure interface cable <slot>/0 cable upstream 3 connector 1 configure interface cable <slot>/0 cable upstream 3 no shutdown configure interface cable <slot>/0 cable upstream 4 configure interface cable <slot>/0 cable upstream 4 modulation-profile 2 configure interface cable <slot>/0 cable upstream 4 frequency 12000000 configure interface cable <slot>/0 cable upstream 4 connector 2 configure interface cable <slot>/0 cable upstream 4 no shutdown configure interface cable <slot>/0 cable upstream 5 configure interface cable <slot>/0 cable upstream 5 modulation-profile 2 configure interface cable <slot>/0 cable upstream 5 frequency 16000000 configure interface cable <slot>/0 cable upstream 5 connector 2 configure interface cable <slot>/0 cable upstream 5 no shutdown configure interface cable <slot>/1 cable upstream 6 configure interface cable <slot>/1 cable upstream 6 modulation-profile 2 configure interface cable <slot>/1 cable upstream 6 frequency 12000000 configure interface cable <slot>/1 cable upstream 6 connector 4 configure interface cable <slot>/1 cable upstream 6 no shutdown configure interface cable <slot>/1 cable upstream 7 configure interface cable <slot>/1 cable upstream 7 modulation-profile 2 configure interface cable <slot>/1 cable upstream 7 10-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

2. Standard ARRIS PROPRIETARY — All Rights Reserved 10-21 .C4 CMTS frequency 16000000 configure interface cable <slot>/1 cable upstream 7 connector 4 configure interface cable <slot>/1 cable upstream 7 no shutdown configure interface cable <slot>/1 cable upstream 8 configure interface cable <slot>/1 cable upstream 8 modulation-profile 2 configure interface cable <slot>/1 cable upstream 8 frequency 12000000 configure interface cable <slot>/1 cable upstream 8 connector 5 configure interface cable <slot>/1 cable upstream 8 no shutdown configure interface cable <slot>/1 cable upstream 9 configure interface cable <slot>/1 cable upstream 9 modulation-profile 2 configure interface cable <slot>/1 cable upstream 9 frequency 16000000 configure interface cable <slot>/1 cable upstream 9 connector 5 configure interface cable <slot>/1 cable upstream 9 no shutdown configure interface cable <slot>/1 cable upstream 10 configure interface cable <slot>/1 cable upstream 10 modulation-profile 2 configure interface cable <slot>/1 cable upstream 10 frequency 12000000 configure interface cable <slot>/1 cable upstream 10 connector 6 configure interface cable <slot>/1 cable upstream 10 no shutdown configure interface cable <slot>/1 cable upstream 11 configure interface cable <slot>/1 cable upstream 11 modulation-profile 2 Release 4.

10.32.1 255. configure interface cable <slot>/0.50.255.0.0 cable helperaddress 10. 12 Grow the ip addresses for the first CAM and configure it as the cable bundle master.3 configure interface cable <slot>/0.0.1 255.0 configure interface cable <slot>/0.255.0 ip address 10.0 secondary configure interface cable <slot>/0.10.0 cable dhcp-giaddr policy configure interface cable <slot>/0 cable bundle master 13 Write memory write memory 14 Reload commit reload commit End of procedure 10-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .10 Basic CAM Configuration configure interface cable <slot>/1 cable upstream 11 frequency 16000000 configure interface cable <slot>/1 cable upstream 11 connector 6 configure interface cable <slot>/1 cable upstream 11 no shutdown configure interface cable <slot>/0 no shutdown mac-port configure interface cable <slot>/1 no shutdown mac-port configure interface cable 1 no shutdown 11 Repeat the commands in step 10 for each remaining 2Dx12U CAM.0.0 ip address 10.28.

respectively. it is important to know that what was accumulated in these registers and how time averaging affects the accumulations. Standard ARRIS PROPRIETARY — All Rights Reserved 10-23 . Setting the average time window too small would give a confusing result. then it may filter out the noise spikes. A separate method is used to measure the SNR of the individual cable modem (CM). If this time averaging window is set to too large.2. the current reading of the T_LT_SLCR_ERR or C_LT_SLCR_ERR directly determines the value of the SNR. The SNR reading for the CM is derived from the ratio (snrcnt/snracc) of these two counts taken from the primary SID of the CM. then the SNR reading becomes unstable because of the rapid jumping in its average slicer errors. Similarly. TDMA Average Long Term Signal Symbol Slicer Error and SCDMA Average Long Term Signal Symbol Slicer Error. If this average window size is too small. At this time. Both registers. have their own programmable time averaging windows in terms of the number of upstream decoded signal symbols. For each upstream SID.C4 CMTS Measuring SNR in the 2Dx12U CAM For the upstream channel Signal-to-Noise Ratio (SNR).000 symbols. BCM3140. Each time that a user reads the SNR from an upstream channel. there is an associated MIB table residing in SDRAM 0 that is assigned to the BCM3214 chip. both registers are set to have time averaging windows of 10. The 32-bit MIB snrcnt stores the Accumulated Symbol Slicer Error and snracc stores the Accumulated Burst Count. In order to understand how the SNR is calculated. The former is used for TDMA/ATDMA upstream channels while the latter is used only for SCDMA channels. We are looking for SNR here not the quality of demodulation. Release 4. This setting effectively filters out the rapid jumping of the average slicer errors between the upstream bursts. The names of these registers are T_LT_SLCR_ERR and C_LT_SLCR_ERR. T_LT_SLCR_ERR and C_LT_SLCR_ERR. the settings of time averaging windows are hard coded: there is no MIB to change the current symbol size setting. The SNR reading for a TDMA/ATDMA upstream logical channel is derived from the value in the T_LT_ SLCR_ERR register while the SNR reading for an SCDMA upstream logical channel is derived from the value in the C_LT_ SLCR_ERR register. the ratio of snrcnt/snracc from a primary SID directly determines the SNR reading of the CM. The average slicer error is the result of the demodulation of the upstream burst. In the current C4 CMTS implementation. TDMA Average Long Term Signal Symbol Slicer Error and SCDMA Average Long Term Signal Symbol Slicer Error are implemented as two 16-bit registers in the upstream PHY chip. Two parameters are used to calculate the SNR for a CM -the Accumulated Symbol Slicer Error and the Accumulated Burst Count. there are two independent measurement sources.

then the reading of this register actually reflects the upstream noise condition ten minutes ago. It becomes the continually updated window averaging of 10. this register is continuously updated because ranging messages are occurring on the channel all the time. which means that the initial SNR reading of an SCDMA channel has a maximum value of 43. the SNR reading may stay the same a time during DSG registration.. then only some of its average slicer errors (1 to 32768) get accumulated into register C_LT_SLCR_ERR. then its average slicer error (1 to 32768) gets accumulated into register T_LT_SLCR_ERR.1 dB. If an upstream burst is of type TDMA/ATDMA.000 symbols. and 10) go into C_LT_SLCR_ERR. If the last burst received was ten minutes ago. it returns the average slicer error of the past 10. It starts to accumulate the slicer error as soon as there is a demodulated upstream burst. because the analog upstream carrier is a constant signal. The actual reading is not available until enough symbols are accumulated. Once that happens the register reading no longer equals zero. Additionally the average slicer error for all ranging bursts of type SCDMA gets accumulated in this register. The SNR of a traditional analog channel is calculated differently. just as it is with its TDMA counterpart.00 dB when: The logical upstream channel is not in service (IS state). and 4) go into T_LT_SLCR_ERR.000 symbols. No noise is detected if the ingress occurs while there is no upstream burst present in the channel. It reflects the true slicer error once it accumulates enough symbols. The upstream channel SNR in the C4 CMTS measures the noise condition when data traffic is present on the upstream channel.10 Basic CAM Configuration The initial value of the T_LT_SLCR_ERR register is 0. For an SCDMA upstream channel. For instance. an upstream channel with DOCSIS Set-top Gateway (DSG) only may not see any upstream activities once they are registered. Please note that when you read the upstream channel noise using SNMP or the show. or 10-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The initial value of the C_LT_SLCR_ERR register is 1 instead of 0. It also implies that the SNR reading may stay constant for a long period of time if there is no data traffic. 9. Each time it reads the register. and the reading is updated as more and more upstream bursts arrive. commands of the CLI interface of the C4 CMTS. while the slicer errors of the SCDMA ranging bursts (IUC = 3.000 symbols up to the last burst received. the time averaging window is set to 10. the SNR reading is 0. The slicer errors of SCDMA data bursts (IUC = 8. As long as there are some modems registered on the TDMA/ATDMA channel. Therefore. not when the upstream channel is idle. This implies that we measure the SNR for payload data bursts for an SCDMA channel only. If an upstream burst is of type SCDMA..

SNR readings truly reflect upstream channel conditions. If a collision occurs. The C4 CMTS software starts to calculate this SNR once the snracc is greater than 20 bursts. The snrcnt and snracc are straight accumulators with no time averaging function. For example. on the order of ten seconds. In the course of normal operations. You can verify this by looking up the upstream channel MIB for IUC3 collisions. It is also possible that the demodulator is out of sync with the symbol clock. no slicer errors of any data bursts are used for CM SNR measurements. which leads to an unreal SNR level. or the symbol FIFO in the upstream PHY chip may overflow.2. However. The modem can transmit its RNG-REQ at all possible power levels allowed for in the DOCSIS specification. It could be the result of an error or lockup condition of the upstream PHY chip. This may cause the SNR readings to jump around. This low SNR reading does not necessarily reflects the real condition of the upstream channel.C4 CMTS No modem is registered on the logical upstream channel. initial ranging bursts on the upstream channel are not subject to power control. Furthermore. its symbol slicer error estimation malfunctions and it generates a huge value. The slicer errors of ranging bursts (IUC = 3 and 4) are also included in the MIB variables. Under some conditions. or its pointer may be off by a couple of positions. the initial ranging messages are subject to collisions when two or more modems try to transmit at the same time. most of which have already been covered above. The SNR will return back to normal level once the burst collision rate comes down to less than 10%. which indicates that the upstream channel is not operational at all. under some rare conditions. the SNR readings for a cable modem change slowly. For example. Standard ARRIS PROPRIETARY — All Rights Reserved 10-25 . a sudden drop of SNR could be an indication that all or some of the modems have fallen off the upstream channel and are all attempting to re-range. Please note that such SNR degradations do not apply to SCDMA channels. Therefore. Once the PHY chip gets into such critical error state. This can happen for a short period of time (a couple of minutes) if hundreds of cable modems are trying to register simultaneously. of the primary SID. snrcnt and snracc. the SNR readings can vary greatly from the expected range. Their SNR measurement are based on data bursts with established power control and are free from burst collisions. Various fault tolerance functions have been implemented Release 4. The SNR reading may hover around 15dB for a few minutes then gradually rise. However. the SNR reading may go down all the way to less than 10 dB. The collision of 50% of the bursts of the initial ranging message can cause more than a 10dB drop in the SNR readings. There are a few shortcomings. the slicer error can become huge. and so on. the US channel frequencies may overlap. Since station maintenance has a long interval.

Please see the CLI output below: show cable noise cable 13/0 CAM/DS/US SNR(dB) MicroReflection FEC_Unerrored FEC_Corrected FEC_Uncorrected --------------------------------------------------------------------------------13/0/0.6 0 5328 0 0 13/0/2. The CLI command show cable noise… lists these FEC counts along with the SNR reading for each logical upstream channel. the upstream channel is still in good shape because the RS decoder has been able to correct all FEC errors. the FEC code blocks counts that were corrected and not corrected by the RS decoder.0 0 5140 0 0 13/0/1. 10-26 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .1 0 4566 0 1 13/0/5. the pre-MAC block in the CAM drops packets with uncorrected FEC blocks. The SNR column lists the average SNR reading from the past 10.0 37. As long as there are no counts in the FEC_Uncorrected column. Under this condition.1 0 5708 0 1 13/0/4. the count in the FEC_Corrected column may start to increase. The FEC_Unerrored column lists the total FEC code blocks received without error since last CLI command.6 0 6002 0 1 13/0/3. respectively. As the channel becomes nosier. the FEC_Uncorrected count may start to increase.0 40.0 40. Besides the SNR measurement. the SNR should be generally higher than 35 dB and there should be no errors counted in the FEC_Corrected and FEC_Uncorrected columns.0 37.0 40. but is not supported in release 4. There should be no dropped data packets in the upstream direction as long as the count of the FEC_Uncorrected column is zero. the C4 CMTS uses FEC counters to provide additional information to describe the condition of an upstream channel. When it reaches approximately 30 dB. since the last CLI command. The proper response functions are also implemented to bring the upstream receiver back to normal working state. the SNR reading starts to go lower. When the SNR reading goes down to below 25 dB.000 upstream signal symbols up to the last burst received. the FEC_Corrected and FEC_Uncorrected columns list.0 37. In an upstream channel in good working condition.x.1 0 5338 0 3 NOTE The MicroReflection column is shown in the table. Similarly.10 Basic CAM Configuration in the C4 CMTS to monitor and detect these known critical error conditions.

an upstream channel requires the SNR level of at least 15 dB to see some upstream bursts. Clone Group — A clone group is a set of upstream channels in a MAC domain (associated with the same downstream channel) that are split into different cable groups. It is possible to have the downstream channels from two different CAMs in the same cable group. An upstream channel is associated with a single downstream channel that carries its UCD and MAP messages to the cable modems. You should ping a modem on that upstream channel to verify the channel condition and correct the error. Cable operators may use clone groups to control the number of subscribers per cable group. there may be an error or lockup condition in the PHY or MAC module in the CAM. This will be discussed in the sections to follow. but it is not recommended. Clone Group Configuration It is common practice for cable operators to deploy a plant topology that uses clone groups. Under such conditions. If the SNR column shows a single-digit reading. the FEC counts (corrected and uncorrected) may make no sense. Inter-MAC-Domain Clone Groups — (formerly known as InterCAM Clone Groups) A network topography in which multiple downstream channels from the C4 CMTS are combined onto the same facility. Release 4.2. Standard ARRIS PROPRIETARY — All Rights Reserved 10-27 . One disadvantage of clone groups is the potential for upstream RF interference if the clone groups are improperly configured.C4 CMTS In general. An example is given in Figure 10-4. The modems in that cable group receive multiple downstreams but can only transmit to a limited number of upstream receivers. DOCSIS® recommends that the upstreams in the clone group be configured with the same frequency. page 10-31. Cable Group — A cable group is a physical cable containing one or more downstream channels and one or more associated upstream channels. Clone groups are used when the set of upstream channels associated with the same downstream channel are split into different cable groups. Terminology MAC Domain — A downstream channel and its associated upstream channels. Channel frequencies must be unique: they must not overlap or be reused within the cable group. Clone groups result in different physical upstream paths for upstream channels that share the same downstream. They can also be used to share a single upstream path among multiple downstreams. Another reason to use clone groups is that there may be a limited number of good upstream frequencies available in a cable group.

0 applications using Multiple Logical Channels there are additional clone group guidelines: • • When using Multiple Logical Channels. the C4 will align the Initial Maintenance start times for all logical channel zeroes. Do not mix CAM types. Thus it sometimes happens that an initializing modem can lock onto one downstream in the group. All the U1 channels will be configured the same. for example. Guidelines for Inter-MACDomain Clone Groups Inter-MAC-Domain (formerly known as InterCAM) Clone Groups must work across all homogeneous groups of downstream channels. Thus the user should provision the logical channels across clone groups such that the logical channel zeroes are cloned. for a more complete description of how the C4 CMTS directs the modem to listen to the correct downstream channel. and the logical channel ones are cloned. U0 of the first CAM in the downstream grouping has the same parameters as the other U0 channels in the downstream grouping. For DOCSIS 2.10 Basic CAM Configuration This feature does not require that all 1-12 upstreams on a given CAM be clones of one another: they can have different frequencies and channel widths. and so on. In such a topography the cable modems can lock onto any downstream during ranging. For example. there are separate Initial Maintenance opportunities for each logical channel. and must work across 2D downstream channels belonging to the same CAM. • ARRIS recommends the following procedure to ensure proper clone group behavior to avoid upstream RF interference. and similarly for all logical channel ones. but can only transmit onto a single physical upstream. but send its range requests to an upstream channel of a different CAM. It is recommended that the set of upstream channels of each CAM sharing this downstream facility be cloned. page 10-31. Clone Group Configuration Recommendations NOTE Clone groups must be comprised of all 1Dx8U or all 2Dx12U CAMs. 10-28 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . See Inter-MAC-Domain Clone Groups. For Clone Group purposes. Homogeneous in this context means that the downstream channels are all either 2Dx12U downstreams or all 1Dx8U downstreams.

• Clone Group Operation Details When a clone group exists. will be the same duration. This provides faster Initial Ranging and Registration of modems. The modem can then switch to the correct UCD and MAPs and continue the initialization process. This will avoid interference with other upstream data. It may randomly respond to the UCD and MAP of channel U0 when it is physically connected to U1.C4 CMTS Procedure 10-4 How to Align IM Opportunities for Clone Groups 1 Enable clone group operation on the downstream configure interface cable <slot/port> cable downstream clone-group-enable <true|false> Where: true = aligned (default: this is required for clone groups) false = not aligned. the DS carries Upstream Channel Descriptors (UCDs) and Upstream Bandwidth Allocation (MAP) information to all cable groups for all US channels in the MAC domain. this will align the start of the Initial Maintenance regions across all of the upstreams associated with the downstream. Standard ARRIS PROPRIETARY — All Rights Reserved 10-29 . and will be at the same frequency across all the cloned upstreams. The CMTS will hear this initial Range Request through channel U1 (provided the clone group is configured as Release 4. The upstream receiver will be able to properly decode an Initial Range Request even if the modem selected a different upstream’s UCD. The CMTS will indicate the proper upstream Channel ID to the modem in the Range Response. A cable modem attempting to initialize does not know which cable group it is in.2. When set to true. 2 Configure all the upstream channels in the clone group with the same values for the following parameters: - frequency modulation-profile channel-width mini-slot-size End of procedure By following these recommendations the following is achieved: • The Initial Maintenance regions will start at the same time.

If the clone group configuration recommendations are not followed. modulation-profile. Each clone group has two upstream channels. one per cable group. the frequencies for these remaining two clone groups should NOT be used for other services in cable group 2. one with five upstream channels. channelwidth. The upstream channels are divided into five clone groups each with unique frequencies. but the CMTS will respond with a Range Response indicating upstream U1. The eight upstream channels belong to one clone group. 10-30 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . In cable group 1 the five upstreams each belong to a clone group. However. Here are a few examples of recommended configurations: • • Eight Cable Groups each having one upstream channel. The downstream clone-group-enable flag is set to true. and mini-slot-size. In cable group 2. Each clone group has four upstream channels. the operator should keep the US channel frequencies separate between the MAC domains.10 Basic CAM Configuration recommended above). The modem may have to continue trying initial Range Requests until it selects the UCD matching its physically connected channel. Two Cable Groups each having four upstream channels. one per cable group. At this point the CM recognizes the upstream channel mismatch and begins using the UCD and MAP for the correct channel. • The following example is possible but not recommended: • Two Cable Groups. In each example all the upstream channels in a clone group are configured with the same frequency. the three upstreams are assigned to three of the five clone groups. The CMTS does not know if the CM has responded to the wrong UCD. Four Cable Groups each having two upstream channels. The CM can continue with Station Maintenance and Registration on channel U1. Sample Clone Group Configurations There are many possible configurations involving clone groups for a 1Dx8U MAC domain. The upstream channels are divided into four clone groups. The upstream channels are divided into two clone groups. U1. one with 3 upstream channels. This is required because Clone Groups are not supported for upstream channels from different MAC domains. Additionally it may take longer for the modems to complete initial ranging. The remaining two clone groups in cable group 2 do not have upstreams. then the CM’s initial Range Request may interfere with other legitimate traffic at the frequency of the selected UCD. If multiple MAC domains (downstream channels) are included in a cable group.

Node D0 U0 US Receiver U7 CAM 0 D0 U0 US Receiver U7 CAM 1 Node CMs CMs Figure 10-4: Network Example — Each CM Sees Multiple Downstreams Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 10-31 . it recognizes when a modem is listening to an incorrect downstream and instructs it to tune to the correct downstream frequency. Inter-MAC-Domain Clone groups are used in topologies such as the one illustrated in Figure 10-4. Because the modems see multiple downstreams they can lock onto the wrong one. Some modems that are not fully DOCSIS-compliant may not register at all.C4 CMTS Inter-MAC-Domain Clone Groups If the C4 CMTS is not properly configured for downstream clone groups. Since their upstreams are physically separated from their downstreams they transmit on the correct upstreams while listening to the wrong downstream.2. Once the C4 CMTS is properly configured. the cable modems will be slow to range and register.

Modulation Profiles The pre-defined modulation profiles discussed in this section are used as a means to define the values of the several parameters needed to configure an upstream (US) channel.10 Basic CAM Configuration Feature Requirements The Inter-MAC-Domain Clone Group feature requires certain configurations: • • • Clone-group-enable must be set to true Users must comply with the recommendations for clone groups (See Clone Group Configuration Recommendations. see chapter 20. page 10-28) Initial Maintenance (IM) opportunities must be aligned across all downstreams (The insertion-interval and max-round-trip-delay parameters must be the same for all downstreams). it responds with a downstream frequency override in the Range Response message it sends to the ranging modem. The modems relay this DS Channel ID when they send their RNG-REQ (range request) messages. Default Modulation Profiles There are two default modulation profiles. For information on upstream parameters. This alignment of IM opportunities in the MAPs sent by all downstream channels is made possible because the client card timestamps and the standby SCM are all synchronized to the active SCM clock. and on using canned profiles to create new profiles. 10-32 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . If the Downstream Channel ID included in the range request does not match the downstream associated with the receiver. number 2 is used with 2Dx12U CAMs. Upstream Modulation Parameters and Profiles. These modulation profiles are each given an ID number. Number 1 is used with 1Dx8U CAMs. a comparison of the default profiles. When the C4 CMTS realizes that a modem is listening to the wrong downstream. This forces the modem to switch to the downstream frequency specified in the Range Response message and re-range. The C4 CMTS includes a unique Downstream Channel ID in each UCD. the C4 CMTS knows that this modem is listening to the wrong downstream. They can be modified or used as a starting point to create other modulation profiles for upstream channel definitions that better suit the customers’ applications and environments.

Upstream Modulation Parameters and Profiles for a complete listing. Table 10-5: Existing or New Modulation Profile IF YOU SPECIFY AN existing modulation profile ID unused modulation profile ID THEN THE PROCEDURE WILL change an existing modulation profile add a new modulation profile 1 Use the following command to alter an existing modulation profile or create a new one (default modulation-profile id = 1 or 2): configure cable modulation-profile <id> iuc <interval usage code> [mod <qpsk|qam8|qam16|qam32|qam64|qam128>] [pre-len <preamble len>] [diff <true|false>] [fec-tbytes <no of bytes>] [fec-len <FEC code word length>] [seed <scrambler seed>] [burst-len <max burst len>] [last-cw <true|false>] [scrambler <true|false>] [guard-time-size <0|8–96|no>] [int-depth <depth>] [int-blocksize <blocksize>] [pre-type <preamble type>] [tcm <on|off>] [int-stepsize <stepsize>] [spreader <on|off>] [subframe-code <subframe size>] [channel-type <tdma|atdma|scdma|tdmaandatdma>] NOTE Default values for the various modulation profile parameters may change according to the IUC is selected.C4 CMTS Procedure 10-5 How to Create and Apply a Modulation Profile to an US Port This procedure can be used to modify existing modulation profiles or to add new ones. Release 4. Modulation profiles must be created and then associated with specified upstream ports. See chapter 20. Standard ARRIS PROPRIETARY — All Rights Reserved 10-33 .2.

default settings are applied. Valid Center Frequencies In the first step. The first valid center frequency in Hertz is 5.Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod ---------------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 2 8 F T . The overall upstream bandwidth in North America is from 5–42 MHz.3 initialRanging tdma qpsk 128 F 5 34 338 0 48 F T . By not executing the optional steps.6 longData tdma qpsk 80 F 8 220 338 0 8 T T .10 Basic CAM Configuration 2 Use the following command to apply an existing modulation profile to an upstream port.000. configure interface cable <slot>/<port> cable upstream <port. The last valid frequency is 42. 3 Verify the parameters of the new (modified) modulation profile: show cable modulation-profile <modulation-profile id> The system response is similar to the following output: Modulation profile 1 Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--.- End of procedure Procedure 10-6 How to Configure an Upstream (US) Channel Perform this procedure for US channel 0 and repeat as necessary for channels 1–11 on this CAM.logical channel number> modulation-profile <modulation-profile id> The C4 CMTS confirms the creation (or modification) of the modulation profile: Modulation profile id set to n Where: n = the number of the modulation-profile created or modified.000 plus ½ (channel width).000. set the center frequency of the upstream channel. 10-34 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . the command must be repeated for each upstream port.) Some steps are optional. (Valid range for US channels = 0–11.000 minus ½ (channel width).5 shortData tdma qpsk 72 F 6 75 338 12 8 T T . The range of valid center frequencies varies according to the channel width selected.4 periodicRanging tdma qpsk 128 F 5 34 338 0 48 F T . Do not enter a range of ports.

2. These are the overall upstream range of frequencies.4 MHz width. America) DOCSIS (Japan) EuroDOCSIS (Europe) 200000 400000 800000 1600000 3200000 6400000b 5100000 5200000 5400000 5800000 6600000 8800000 41900000 41800000 41600000 41200000 40400000 38800000 54900000 54800000 54600000 54200000 53400000 51800000 64900000 64800000 64600000 64200000 63400000 61800000 a. Range of Valid Center Frequencies for DOCSIS and EuroDOCSIS Upstream Channels. in Japan from 5–55 MHz. 800000. NOTE The Command Line Interface (CLI) supplies meaningful error messages for some but not all invalid combinations of channel width and frequency. 1600000. Release 4. In Japan the range is from 5100000 to 54900000. and 6400000 represent the valid values for channel bandwidth in Hz. If the CLI has no error message to give. 2 If desired. To calculate valid center frequencies refer to Table 10-6. Only DOCSIS 2. on page 10-35. See Table 10-6.C4 CMTS The 2Dx12U CAM supports the extended Annex B upstream bandwidth used in Japan: from 5–55 MHz. Standard ARRIS PROPRIETARY — All Rights Reserved 10-35 . Table 10-6: Range of Valid Center Frequencies for DOCSIS and EuroDOCSIS Upstream Channelsa If channel width is… Then first valid center frequency is… And the last valid center frequency is… DOCSIS (N. Overall upstream frequencies in DOCSIS range from 5–42 MHz.0 channels can use the 6. b. It also supports Annex A (EuroDOCSIS). 400000. 3200000. in EuroDOCSIS from 5–65 MHz. 1 (Required) Set the center frequency of the US port in Hertz (default = 12000000): configure interface cable <slot>/<port> cable upstream <port> frequency <5100000-64900000> Where 5100000 to 41900000 is the range of valid center frequencies in Hz in North America. set US channel width in Hertz (default = 3200000): configure interface cable <slot>/<port> cable upstream <port> channel-width {200000 | 400000 | 800000 | 1600000 | 3200000 | 6400000} Where 200000. Center frequencies range from 5100000 to 64900000. a generic SNMP-level message is displayed. which is 5–65 MHz.

Table 10-7: Rx Power Ranges for US Channel Widths US Channel Width in kHz 200 400 800 1600 3200 6400 Valid Rx Power Range (dBmV) -16 to 14 -13 to 17 -10 to 20 -7 to 23 -4 to 26 -1 to 29 NOTE Resetting the receive power level in a single step from minimum to maximum in a given power range may prevent CM range requests from being received. This level may prove unsuitable for operation for a given cable plant. 3 If desired. or 6400000 Hz. For example. which equals 6 dBmV): configure interface cable <slot>/<port> cable upstream <port> max-power-adj <power adjustment> 10-36 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .10 Basic CAM Configuration NOTE If the channel type is set to SCDMA. The C4 CMTS avoids this by resetting the power in one or more steps according to the max-power-adj parameter found in the C4 CMTS cable upstream provisioning file. if the US channel bandwidth is 3200 kHz and the power level is reset from -4 to 26 dBmV. for example. the valid range varies according to the upstream bandwidth. change the maximum power adjustment parameter using the following command (range = 1–48. then the CMs might not register. default = 24 units. Setting the Rx Power Levels The C4 CMTS is shipped with its receive power levels set to a default of 0 dBmV. change the input Rx power to any level from -16 to 29 dBmV (default = 0 dBmV). the C4 CMTS automatically adjusts the receive power to the nearest valid value. 3200000. then you would want to lower the expected receive power level. As shown in Table 10-7. the loss on a given node were so great that the CMs could not transmit a strong enough signal to reach the C4 CMTS at 0 dBmV. then the channel width must be set to 1600000. If. configure interface cable <slot>/<port> cable upstream 0 power-level <-16 to 29> If the width of a channel is changed and the receive power level is no longer valid. 4 If desired.

CAC thresholds affect all cable groups and persist even Release 4. enable or disable equalizer coefficient for this port. 10 If desired. 7 If desired.2. The start value must be less than or equal to the end value. configure interface cable <slot>/<port> cable upstream <port> rangebackoff <0-16>-<0-16> Where: the first <0-16> is the valid range for the start value the second <0-16> is the valid range for the end value. put US port in service: configure interface cable <slot>/<port> cable upstream <port> no shutdown CAC Overload Thresholds The following step allows you to change upstream Connection Admission Control (CAC) thresholds. set US power levels (default = 0): configure interface cable <slot>/<port> cable upstream <port> power-level <power level in dBmV> 9 If desired. configure interface cable <slot>/<port> cable upstream <port> pre-eq-enable <true|false> Where: true = enabled and false = disabled. 6 If desired. set the start and end values for range backoff parameter (default = 2-7): You must enter the start and end values separated by a dash. select modulation profile ID (default = 1 or 2): configure interface cable <slot>/<port> cable upstream <port> modulation-profile <profile id> Where: <profile ID> = the modulation profile numeric identifier 8 If desired. set the start and end values for databackoff parameter (default = 2-8): configure interface cable <slot>/<port> cable upstream <port> databackoff <0-16>-<0-16> Where: the first <0-16> is the valid range for the start value the second <0-16> is the valid range for the end value. The immediate effects of these thresholds are listed in Table 10-8.C4 CMTS Where: power adjustment = Maximum size of the CMTS range response power adjustments in 1/4 dBmV units. the start value must be less than or equal to the end value. 5 If desired. Standard ARRIS PROPRIETARY — All Rights Reserved 10-37 .

and any other features configured to use these settings. a log message is generated. 1–11. Packet Cable. on this CAM.25 microsecond ticks> (default = 4) threshold-power-offset <threshold value> (default = 24). End of procedure 10-38 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . change the overload threshold levels: configure interface cable <slot>/<port> cable upstream <port> level{1|2|3}-threshold <percent> 12 If desired. configure interface cable <slot>/<port> cable upstream [map-size <size in 800 microsecond ticks> ] [mini-slot-size <number of 6. and other features to prevent overallocation of bandwidth. modify some or all of the following parameters for this US channel: • • • map-size <size> (default = 4) mini-slot-size <number of 6. reserved bandwidth exceeds this level a log message is generated. Packet Cable. CAUTION Changing CAC threshold settings will affect the performance of all cable groups and can have an impact on Upstream Load Balancing. new service flows are denied and a log message is generated.10 Basic CAM Configuration if no cable groups are configured. 11 If desired.25 microsecond ticks>] [threshold-power offset <threshold-power-offset>] 13 Repeat this procedure as needed for the remaining US ports. Table 10-8: Overload Threshold Defaults and their Effects Threshold Level 1 Level 2 Level 3 Default Value 80% 95% 1000% Effect As soon as min. CAC thresholds can be used by Upstream Load Balancing.

3 Remove the slot from service: configure no slot <slot> End of procedure Release 4.C4 CMTS Procedure 10-7 How to Activate a CAM 1 The following command brings the CAM online: configure interface cable <slot> no shutdown Where: slot = the number of the slot. 1 Take the CAM out of service: configure interface cable <slot> shutdown 2 Verify module status: show linecard status The system response should confirm that the module is out of service. 2 Restore (bring up) the downstream channel: configure interface cable <slot>/<port> cable downstream no shutdown 3 Bring up the upstream channel: configure interface cable <slot>/<port> cable upstream <port> no shutdown 4 Repeat step 3 as needed for additional upstream channels. Standard ARRIS PROPRIETARY — All Rights Reserved 10-39 . 0-15. 5 Restore the mac-port: configure interface cable <slot>/<port> mac-port no shutdown End of procedure Procedure 10-8 How to Take a CAM Out of Service and Delete Its Slot This procedure is used to remove a CAM and the slot it resides in out of service.2.

If BPI+ is enabled on modems. use 40 centisecond insertion interval when supporting 500-1000 modems. No logical channels. e. use 40 centisecond insertion interval. the Ranging Interval can be left at the default value of 2400 centiseconds. f.10 Basic CAM Configuration Adjusting Channel Settings in Response to Increased CM Scaling Table 10-9 presents recommendations for channel parameters with respect to cable modem scaling and feature loads. 10-40 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . CAM sparing is not robust above 5400 CMs. If BPI+ is enabled on modems. If CAM Sparing is not configured. Table 10-9: Recommended Settings as Cable Modem Scaling Increases Cable Modems per CAM Up to 1000b 1000-2000c 2000-3000 3000-4000 2D-12U 4000-5000 2D-12Ud 5000-6000 2D-12Ue Ranging Backoff 2-5 3-7 5-9 5-9 5-9 5-9 Interval in Centisecs Insertion 10-40 20-40 40 40 40 40 Ranginga 2400 1500-2400 1500 1500 1500 1500 BPI? OK OK OK OK OK No CAM Sparing Yes Yes Yes Yes Yes Yesf/No Service Flow BW/Data Upstream Rate Priority Restrictions Any Any Any Any Any Priority 0 None None None None None ≤ 1 packet per second a. No logical channels and no load balancing over 5400 CMs/CAM. Reducing the Ranging Interval is done for the purpose of improving CAM Sparing results on larger scale systems b. d. c.

the C4 CMTS does not accept the command to remove the failed CAM from the sparing group. Failback from the spare CAM to a recovered CAM can be set to take place automatically or manually. taking over for the spare. Cable modems do not have to re-range or reregister. You must first fail back to the original CAM. When a failover occurs. CAM sparing is an important element of system reliability. the CMs remain online. the C4 CMTS automatically reconfigures the spare CAM to take over the functions of the failed module. Definitions Failover — Active CAM fails and the spare CAM takes over Failback— The recovered CAM becomes active. When an active CAM goes down. This includes configuration of downstream and upstream channels and port administrative status. then you can remove it from the sparing group. It greatly reduces customer impact and loss of traffic in the event of CAM failure.2. the spare CAM remains the active module or automatically switches back to the original active CAM once that CAM comes back online. They do not have to re-range and re-register. Depending on how you configure the C4 CMTS. Standard ARRIS PROPRIETARY — All Rights Reserved 10-41 . repaired. Benefits of Hitless CAM Sparing A great benefit of Hitless CAM Sparing is the minimal subscriber impact upon CAM failure. When an active CAM in a spare group fails. or replaced. NOTE If a CAM has failed over to the sparing CAM. and they sustain minimal subscriber impact.C4 CMTS FlexCAM™ Hitless CAM Sparing Overview CAM sparing minimizes traffic loss and customer impact in case of a board failure. The spare CAM is used until the failed module is diagnosed. and they incur minimal data loss. The service outage is minimized because intervention by maintenance personnel is not required. Other benefits of hitless CAM sparing include: • • • Uninterrupted service to the subscriber if a CAM goes down in the middle of a session where the end user is sending or receiving data System administrators can take active CAMs out of service without serious impact Reduces the amount of down time in the event of CAM failure Release 4. the spare CAM takes over — almost seamlessly. The cable modems that were connected to the upstream and downstream channels on the failed CAM are immediately connected to the spare CAM.

8 dB for the first slot. Guidelines for CAM Sparing Groups A sparing group consists of one spare CAM (the sparing group leader) and one to seven active CAMs protected by the sparing group leader. The sparing leader CAM must be in the lowest numbered (left most. UGS/AD. Any CAM can be used as sparing group leader.10 Basic CAM Configuration The goal of CAM sparing is to preserve data flows such as UGS. that the signal is weakened. you must replace the sparing PIC with a regular PIC.5 dB for every other intervening slot. CAMs from two different sparing groups can not be interspersed. If you decide to turn a sparing CAM into an active one. but it must be the first CAM added to the group.1 dB loss per slot. the loss would be . See Figure 10-5. The downstream signal experiences approximately . Consider the case of a sparing group consisting of a spare in slot 0 and CAMs 1-7. a 2D CAM can spare only for other 2D CAMs. best effort. Although station maintenance begins immediately and compensates for the loss. as seen from the front of the chassis) slot of the spare group.) CAMs are not required to be part of a sparing group. and the group must be homogenous. there is roughly a . there would be 7 x 0. All protected members of the sparing group must be in consecutive slots to the right of the sparing leader. 10-42 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . • The sparing group leader must have a special Physical Interface Card called a sparing CAM PIC. This longer path produces some signal loss.5). or a total of 3. and other subscriber services. For the upstream signal.8 + (6 x 0. The sparing group is named for the lowest slot in the group — the slot of the sparing group leader. • • • • • Calculating Signal Loss during Failover When failover occurs the RF signal to the failed CAM is rerouted from the PIC of the failed CAM through the intervening PICs and backplane to the PIC of the now-active spare CAM. there is a period of at least a few seconds. • A sparing group must be homogenous: it must contain either all 1Dx8U or all 2Dx12U CAMs. If CAM 7 failed.8 dB. voice calls. The sparing group leader is not a different type of 1D or 2D CAM. page 10-43. In other words. The presence of a Gigabit Ethernet NAM in slot 14 does not prevent a CAM in slot 15 from being added to a spare group to the left of the GigE NAM. A 1D CAM can spare only for 1D CAMS. If CAM 7 failed. (The GigE NAM PIC in slot 14 serves this function if a CAM is present in slot 15.1 dB additional loss in the upstream. All slots between the spare CAM and the last or right most member of its sparing group must have rear PICs installed. depending on the number of modems supported. plus .

Lower frequencies experience less loss. Finally. Many other configurations are possible. Configure Sparing Groups — Example Figure 10-5 is a representation of two N+1 CAM sparing groups. or to create several smaller sparing groups. You may choose not to provide redundancy for one or more CAMs.. as seen in Figure 10-5. It features 7+1 and 6+1 sparing in a fully loaded chassis using Gigabit Ethernet NAMs. This arrangement is meant as an example only. then slot 14 must be included in the loss calculation. Release 4. This takes into account board-to-board variation and operation at the highest available frequency..C4 CMTS These calculations of upstream and downstream loss are based on a worst-case scenario. SPARING GROUP 1 1Dx8U SPARING GROUP 2 2Dx12U C O N T R O L C O M P L E X S P A R E C A M 1D C A M 1D C A M 1D C A M 1D C A M 1D C A M 1D C A M 1D C A M 1D S P A R E C A M 2D C A M 2D C A M 2D C A M 2D C A M 2D C A M 2D G I G E N A M C A M 2D G I G E N A M 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 . if the sparing group includes a CAM in slot 15 with a NAM in slot 14.2. Figure 10-5: Example of CAM Sparing Groups Procedure 10-9 Configuring the Two Sparing Groups Shown in the Example Use this procedure to create the CAM sparing groups shown in the example shown in Figure 10-5. Standard ARRIS PROPRIETARY — All Rights Reserved 10-43 .

and that slots 1-7 are equipped with regular CAM PICs. If necessary. shut down slot 0: configure no shut slot 0 2 Create sparing group 0 by adding the CAM in slot 0 as the spare: configure interface cable 0 spare-group 0 [manual|auto] Where manual or auto indicates the failback mode chosen. Auto fallback switches service back automatically as soon as there is a CAM in service in the slot that failed.10 Basic CAM Configuration 1 The sparing group leader must be the first CAM added to a new sparing group. Manual fallback requires a user to enter a CLI command to switch service from the spare CAM back to a restored or replaced CAM. 3 At the rear of the chassis verify that slot 0 is equipped with a sparing leader. The interface (slot) must be shut down in order to add the leader to the group. 4 Add the CAM in slot 1 to sparing group 0: configure interface cable 1 spare-group 0 5 Add the CAM in slot 2 to sparing group 0: configure interface cable 2 spare-group 0 6 Add the CAM in slot 3 to sparing group 0: configure interface cable 3 spare-group 0 7 Add the CAM in slot 4 to sparing group 0: configure interface cable 4 spare-group 0 8 Add the CAM in slot 5 to sparing group 0: configure interface cable 5 spare-group 0 9 Add the CAM in slot 6 to sparing group 0: configure interface cable 6 spare-group 0 10 Add the CAM in slot 7 to sparing group 0: configure interface cable 7 spare-group 0 11 Grow slot 0 in order to return it to service: configure slot 0 type CAM 12 Display the sparing groups to confirm the creation of the sparing group 0: show spare-group 13 (If necessary) shut down slot 8: configure no shut slot 8 14 Create sparing group 8 by adding the CAM in slot 8 as its sparing leader: configure interface cable 8 spare-group 8 [manual|auto] 10-44 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Standard ARRIS PROPRIETARY — All Rights Reserved 10-45 . and that slots 9-13 and 15 are equipped with regular CAM PICs. Add the CAM in slot 15 to sparing group 8: configure interface cable 15 spare-group 8 22 Grow slot 8 in order to return it to service: configure slot 8 type CAM 23 Display the sparing groups to confirm the creation of the sparing group 8: show spare-group End of procedure Procedure 10-10 How to Fail Back Manually If you have configured a CAM sparing group for manual failback. 16 Add the CAM in slot 9 to sparing group 8: configure interface cable 9 spare-group 8 17 Add the CAM in slot 10 to sparing group 8: configure interface cable 10 spare-group 8 18 Add the CAM in slot 11 to sparing group 8: configure interface cable 11 spare-group 8 19 Add the CAM in slot 12 to sparing group 8: configure interface cable 12 spare-group 8 20 Add the CAM in slot 13 to sparing group 8: configure interface cable 13 spare-group 8 21 Slot 14 in this example is occupied by a Gigabit Ethernet NAM. 15 At the rear of the chassis verify that slot 8 is equipped with a sparing leader PIC. Release 4. 1 Verify that the original CAM is in-service: show linecard status The original CAM must be IS (in-service).2. user traffic is handled by the spare CAM until it is manually forced back to the original CAM.C4 CMTS Where: manual or auto is the failback mode chosen.

2 Take the sparing group leader out of service: configure interface cable <leader slot> shutdown 3 Delete the sparing group leader: configure interface cable <leader slot> no spare-group <leader slot> 4 Display the sparing groups to confirm the deletion of the desired group: show spare-group End of procedure 10-46 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 1 Delete a member of the sparing group: configure interface cable <member slot> no spare-group <leader slot> Repeat this command for each of the remaining CAMs in the sparing group.10 Basic CAM Configuration 2 Restore user traffic to the original CAM: configure interface cable slot <slot> shutdown Where: slot = the slot number of the sparing group leader 3 Restore the CAM sparing leader to service: configure interface cable slot <slot> no shutdown Where: slot = the slot number of the sparing group leader End of procedure Procedure 10-11 How to Delete a CAM Sparing Group There is no one-step command for deleting a CAM Sparing Group.

but it does not have to be physically present in the slot.C4 CMTS Interface Bundling Introduction Interface bundling enables the same Layer 3 IP Subnet information to be used across multiple CAMs.2. Standard ARRIS PROPRIETARY — All Rights Reserved 10-47 . NOTE The CAMs in an interface bundle do not have to be of the same type. ensure the C4 CMTS has at least two CAMs available. 1 Configure a cable interface as the master for this interface bundle. The cable bundle master must be provisioned. The bundle may contain both 1Dx8Us and 2Dx12Us. Procedure 10-12 How to Create Interface Bundles To configure an interface bundle. This feature conserves IP addresses and reduces administration and configuration effort. 3 Confirm that the cable bundle has been created: show cable bundle End of procedure Release 4. configure interface cable <slot>/<port> cable bundle master 2 Configure a second cable interface to be a part of the previously created bundle number by entering the following command: configure interface cable <slot>/<port> cable bundle <master slot>/<master port> Where: <master slot>/<master port> designate the master cable interface defined in the first step.

show cable bundle End of procedure 10-48 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 1 Remove the cable interface from the bundle master by entering the following command: configure no interface cable <slot/port> cable bundle master Where <slot/port> is the interface assigned to the bundle master in previous procedure. follow the steps below. 2 Unassign the master cable interface from the interface bundle by entering the following command: configure no interface cable <master slot>/<master port> cable bundle master 3 Remove the IP address from the cable bundle by entering the following command: configure no interface cable <master slot>/<master port> ip address <ip address> <subnet-mask> 4 Show the cable bundle to ensure no cable bundles are configured.10 Basic CAM Configuration Procedure 10-13 How to Remove Interface Bundles To remove interface bundles.

C4 CMTS 11. Static Release 4. switching. The standby control complex is usually the SCM in slot 20 and its associated FCM in slot 18. In order to have control complex redundancy (CCR) the C4 CMTS must be a duplex system. The control complex redundancy feature provides 1+1 active/standby redundancy between two pairs of SCM/FCM modules. CCR ensures high reliability for system-wide OAM&P. first assign the SCM IP addresses. and routing. These are identified as static (stationary) or loopback IP addresses. one is active the other is standby. The SCM in slot 19 and the FCM in slot 17 make up the control complex in a simplex system. Control Complex Redundancy A control complex consists of one SCM and its associated FCM. Key characteristics of control complex redundancy include: • • • • CCR IP Address Definitions Little or no customer impact on any SCM or FCM failure (hardware or software) Hot standby SCM/FCM pair with complete replication of configuration and customer data Fault correlation between active and standby SCM/FCM pairs Software infrastructure support for replication of software components between active and standby SCM/FCM pairs When using CCR. Each is explained in relationship to the CCR system configuration. Standard ARRIS PROPRIETARY — All Rights Reserved 11-1 . In a duplex C4 CMTS both control complexes are equipped.2. The failure of an active SCM/FCM pair immediately causes a failover to the standby SCM/FCM pair. Static IP addresses are assigned to the SCMs in slots 19 and 20.

Typically 0 is used for the SCM.0 <next hop ip address> vrf management SCM Loopback Interface When in a duplex configuration.e. is used to access the active SCM.0. 1 Configure a second SCM slot: configure slot 20 type SCM 2 Configure a second FCM slot: configure slot 18 type FCM 3 Put the SCM in slot 20 in service: configure interface system-controller 20 no shutdown 11-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . no matter which slot it resides in. This procedure assumes that the original control complex (i.0 0. page 11-2. the C4 CMTS requires a third SCM IP address.0. use the following command: configure ip route 0. called the SCM loopback interface. the SCM in slot 19 and the FCM in slot 17) are in service.0. the gateway. Use the procedure How to Add a Control Complex (Change from Simplex to Duplex).0. This IP address. you must convert a simplex chassis to a duplex chassis. Use the following command to assign an IP address to the SCM loopback interface: configure interface loopback <0-15> ip address <ip address> Where 0-15 is the number of the loopback interface.11 Control Complex Redundancy Use the following command to configure the SCMs in slots 19 and 20s: configure interface ethernet 19/0 ip adress <ip address> <subnet mask> configure interface ethernet 20/0 ip adress <ip address> <subnet mask> Gateway To configure the IP address of the default virtual router. Before creating an active/standby relationship between control complexes. Procedure 11-1 How to Add a Control Complex (Change from Simplex to Duplex) Use this procedure to add a redundant control complex.

If necessary you may access the standby SCM using its static IP address. but it would use the same SCM loopback IP address for the active SCM. 1 Take the FCM in slot 18 out of service: configure interface fabric 18 shutdown Release 4.2. This is the one assigned to the SCM in slot 19 or 20. an active telnet session would have to be restored. configure interface loopback <0-15> ip address <ip address> Where 0-15 is the number of the loopback interface. 9 Save the duplex configuration to memory: write memory 10 Reset the chassis: configure reset system End of procedure Procedure 11-2 How to Change a Control Complex from Duplex to Simplex Use this procedure to change your system back to a simplex configuration. You must telnet into the loopback IP in order to enter commands for the active SCM. The SCM loopback IP address allows administrative functions and telnet sessions to learn only one IP address. 6 Insert an FCM in slot 18. 7 Configure the IP address of the second SCM in slot 20: configure interface ethernet 20/0 ip adress <ip address> <subnet mask> NOTE When the C4 CMTS is equipped with a duplex control complex. 8 Assign an IP address to the SCM loopback interface. Standard ARRIS PROPRIETARY — All Rights Reserved 11-3 . Typically 0 is used for the SCM. If a failover occurs to the standby SCM. whichever slot is inactive. the active SCM cannot be reached directly.C4 CMTS 4 Put the FCM in slot 18 in service: configure interface fabric 18 no shutdown 5 Insert an SCM in slot 20.

4 Physically remove the SCM from slot 20. 5 Take slots 18 and 20 out service: configure no slot 18 configure no slot 20 6 Save the simplex configuration to memory: write memory 7 Reset the chassis: configure reset system End of procedure 11-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .11 Control Complex Redundancy 2 Take the SCM in slot 20 out of service: configure interface system-controller 20 shutdown 3 Physically remove the FCM from slot 18.

Interface Configuration Common Interface Configuring Commands This section describes common interface commands which support IP address and helper syntaxes for the Cable Access Module in the C4 CMTS. Standard ARRIS PROPRIETARY — All Rights Reserved 12-1 . The C4 CMTS supports 1024 IP addresses in the routing tables. Release 4. Configuring Router Functionality Topics Interface Configuration Routing Information Protocol. version 2 (RIP2) Open Shortest Path First (OSPF) Loopback Interfaces for Routing Protocols Dynamic Route Redundancy Multicast Operations in the C4 CMTS Page 1 9 15 21 25 28 This section outlines the basic configuration tasks required to implement routing (layer 3) functionality in the C4 CMTS.2.C4 CMTS 12.

configure interface cable 5/0 ip address 10. configure interface cable <slot/port> ip address <ipAddr> <mask> [secondary] [dhcp-giaddr] Secondary IP addresses become candidates for the dhcp-giaddr field if and only if the keywords secondary and dhcp-giaddr are both used.10. This command assumes the default route table. Policy Operation — When the DHCP Relay Agent is defined for Policy operation on a specific CAM physical interface. If multiple secondary IP addresses are defined for dhcp-giaddr support.1.12 Configuring Router Functionality How to Configure CAM Interface for DHCP Policy The following command is accepted only for provisioned CAM slot/port combinations in the system. the Primary IP address of the interface is used to populate the gi_addr field of all DHCP messages originating from either CMs or Hosts (CPEs).10. a designated secondary IP address of the interface is used.1.0 secondary dhcp-giaddr Configure the Helper (DHCP) Addresses The following command defines the cable-helper information for a CAM slot/port. this command defaults to a value of any. It enables DHCP policy for this interface — secondary IP addresses are candidates for the dhcp-giaddr field. End of procedure 12-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . then the DHCP Relay Agent uses roundrobin selection. choosing the next entry in the list with each new DHCP transaction. configure interface cable <slot/port> cable helperaddress <DHCP Server Ip Addr> [cable-modem|host|any] If no host type is specified.1 to the 5/0 CAM interface. the Primary IP address of the interface is used to populate the gi_addr field of all DHCP messages originating from CMs. Configure DHCP Relay Agent Mode for CAM Port The DHCP Relay Agent needs to be enabled for each CAM port as follows: config interface cable <slot/port> cable dhcp-giaddr {primary | policy} Primary Operation — When the DHCP Relay Agent is defined for Primary operation on a specific CAM physical interface. This command assigns an IP address to the CAM interface and determines its DHCP policy. For Hosts (CPEs). The command in the example below assigns an IP address of 10.255.1 255.255.

C4 CMTS Monitoring Interfaces After configuring the C4 CMTS interfaces. VRF: default. IP Address: 10.8.3 for Traffic Type "any" Directed Broadcast is disabled ICMP unreachables are always sent Multicast reserved groups joined: None Source-verify is disabled InOctets = 1806792717 OutOctets = 1806887391 InUcastPkts= 89728067 OutUcastPkts= 89728076 InDiscards = 0 OutDiscards = 0 InErrors = 1 OutErrors = 0 fastEthernet 14/0.108. Procedure 12-1 How to Monitor Interfaces Execute the following steps from the SCM prompt to verify traffic is being routed through the C4 CMTS. you may view the counters for these interfaces by using the procedures in this section. IP Address: 10.2/26 Secondary IP Address(es): No Secondary Addresses ACL(s): 1 Physical Address: 00:01:5c:00:03:e4 MTU is 1500 Directed Broadcast is disabled Release 4.0.1/19 Secondary IP Address(es): 10.58.2. VRF: default.1/19 ACL(s): 1 Physical Address: 00:01:5c:00:03:c2 MTU is 1500 DHCP Policy mode is enabled DHCP Server Helper Address(es): 10.64. Once traffic is generated. 1 To display information about the virtual interfaces in the system. Standard ARRIS PROPRIETARY — All Rights Reserved 12-3 .64. including data counts: show ip interface The output will look similar to the following (only a portion of output is shown): cable 1/0.108. the system is ready to route traffic.50.

5c22.9 InOctets = 1871861709 OutOctets = 3785434150 InUcastPkts= 3927416868 OutUcastPkts= 22518478 InDiscards = 0 OutDiscards = 0 InErrors = 13931 OutErrors = 0 2 To display all interface information about the physical ports in the system.0. including byte and packet counts: show interface The counts displayed will be the same as those described below except that each count represents the data for one physical interface (only a portion of output is shown): C4# show interface cable 5/0 mac-port AdminState:Up OperState:IS Physical Address: 0001.5c22.12 Configuring Router Functionality ICMP unreachables are always sent Multicast reserved groups joined: 224.0.49e0 MTU is 1500 InOctets = 7098 OutOctets = 5738 InUcastPkts = 67 OutUcastPkts= 44 InDiscards = 0 OutDiscards = 0 Type: Type:100 BaseT 3 To display information about active and inactive routes: show ip route detail The output will look similar to the following: 12-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .49ca MTU is 1500 InOctets = 4047 OutOctets = 5606 InUcastPkts = 20 OutUcastPkts= 23 InDiscards = 0 OutDiscards = 0 InErrors = 0 OutErrors = 0 InFiltered = 1 ProtThrottle: DHCP = 0 ARP = 0 fastEthernet 13/0 AdminState:Up OperState:IS Physical Address: 0001.

70. and as a consequence to a single VRF. The default VRF is the global VRF that is always present in the C4.0. For broadcast DHCP packets that have a source IP address of 0. See chapter 23.0 240. An additional CLI command is used to reassign it to a non-default VRF. ============== 0. the following rules apply: If the DHCP packet is sourced from a CM. This classification to a subinterface will be based solely on the source IP address and source physical port of the packet.224. Subinterfaces (Multiple VRIs per VRF) A subinterface is a Virtual Router Interface (VRI).255.192.0.64.192. Note that upon creation of a subinterface.0.64.C4 CMTS C4# show ip route detail VRF Name ======== default default default default default default default IP Route Dest.255. The C4 system administrator must also be allowed to change the association between a subinterface and a VRF.0. then the packet will classify to the lowest numbered Release 4. Logging and the C4 CMTS.70.70. Standard ARRIS PROPRIETARY — All Rights Reserved 12-5 .0.0 10.64. it is implicitly associated with the default VRF.255.192.0 255.0. It can neither be created nor destroyed.120.192.0 0.0 Act === No Yes No Yes Yes Yes Yes PSt === OOS IS OOS IS IS IS Next Hop ======== 10.255. per cable-side physical interface.0 10.1 10.0.0.70.0 255. The relationship of a subinterface to a VRF is many-to-one when viewed from the perspective of a single CAM physical interface or cable bundle.0.2 10.0.0.70.0 IP Route Mask ============= 0. a logical layer 3 interface.120.0.0 255.224.1 224.0 0.0. Multiple subinterfaces may be defined on a single CAM interface and associated with the same VRF.224. In previous software releases they were associated with one and only one VRF (Virtual Routing and Forwarding).0 10.1 10.120.0.224.0.192.224.0.0.0 Dist ==== 20 10 0 0 0 0 0 Protocol Route Age ======== ============ netmgmt 0 00:00:00 netmgmt 0 00:00:00 local 0 00:00:00 local 0 00:00:00 local 0 00:00:00 local 0 00:00:00 local 0 00:00:00 Interface ========= fastE 13/0 fastE 15/0 fastE 13/0 fastE 15/0 cable 1/0 cable 1/0 End of procedure NOTE For more detailed information on the output for these and other monitoring commands.120.0 10.224.0 255.2. Each ingress cable-side IP packet must classify to one and only one subinterface.1 10.0 224.70.2 10. Multiple subinterfaces may be defined per physical port and associated with the same VRF such that there is a many-to-one relationship between subinterfaces and VRFs.

A secondary command is required to move a subinterface to a nondefault VRF. then the packet must be classified to the subinterface of the CPE’s associated CM. The rules state that all subinterface IP addresses associated with the default VRF will automatically be exported to all other non-default VRFs and all subinterface IP addresses defined for non-default VRFs will be automatically imported into the default VRF. The sum of all subinterface ip addresses for all the VRFs may not exceed the total C4 system limitation of 1023 IP addresses. these rules apply to the primary and secondary IP addresses associated with each subinterface. it will forward the packet using for its giaddr the primary or a secondary address. If the DHCP packet is sourced from a CPE. The DHCP Relay Agent supports the definition of 10 DHCP Server IP addresses per subinterface. DHCP lease Query (cable source verify) functionality and DHCP Server IP address definitions IP filter groups Directed broadcast support RIP and OSPF IGMP IRDP SCM access. The following items may be provisioned per subinterface: • • • IP addresses. depending on the dhcp-giaddr mode of the • 12-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . • • • • • The C4 CMTS supports up to 150 subinterfaces The subinterface will be associated with the default VRF upon creation. There is a limit of 8 VRFs per C4 CMTS. both primary and secondary DHCP Relay Agent including: primary/policy mode selection. In particular. The DHCP Relay Agent classifies ingress CM DHCP packets to the lowest numbered subinterface associated for each unique DHCP Server IP address.12 Configuring Router Functionality subinterface that has a DHCP-Server defined. secondary dhcp-giaddr identification. The 1023 limit represents all primary and secondary IP addresses associated with each subinterface. Rules of Operation and Guidelines for Subinterfaces • The import/export rules with respect to VRFs will be followed for subinterfaces. When the DHCP Relay agent is forwarding a packet originating from a CPE.

This allows MSOs to provide a service where different CPEs behind a single cable modem could be serviced by different ISPs on different subinterfaces. then the DHCP Relay agent will forward a packet originating from a CPE to each unique DHCP server IP address for CPEs using for its giaddr the primary address or a secondary address.x. of the subinterface associated with the CM that the CPE is behind. DHCP servers from the ISP are used to hand out the IP addresses for CPEs.x) IP addresses associated with any subinterface that is moved into the default VRF. and the subinterfaces for CPEs would be provisioned with DHCP servers marked for use with CPEs only (although DHCP server addresses could be the same values). • If there are no DHCP servers for CPEs defined for the subinterface associated with the CM that a CPE is behind. in other words. it provides a mechanism where different giaddrs could be sent to different DHCP servers by defining those DHCP servers on different subinterfaces. Multiple subinterfaces can be associated with the same cable bundle and VRF.x. Each of the subinterfaces may have a unique CM and CPE IP filter group association. They can be defined for the following C4 physical interface types: - Cable FastE NAM GigE NAM Subinterfaces may be used to create a network topology in which the MSO can offer subscribers a choice of ISPs with unique subnet ranges for each ISP.0. the DHCP packets will classify to the slot/port. since it is the lowest subinterface with a defined DHCP Server address. • Subinterfaces can not be defined for SCM ports. In addition. Example: If the command config router rip network 10. The slot/port. It is also assumed that the MSO does not wish to define multiple VRFs.0 subinterface. For example.2. The packet will be forwarded to each unique DHCP server IP address for CPEs provisioned on that subinterface.C4 CMTS subinterface. whereas the MSO’s DHCP server is used for CMs. that is. The subinterfaces for CMs would be provisioned with DHCP servers marked for use with CMs only. Note that each cable-side subnet range is unique from the perspective of the C4.0.0 has been executed. the lowest numbered subinterface provisioned with that server address. Standard ARRIS PROPRIETARY — All Rights Reserved 12-7 . It would require the CMTS to be provisioned so that the CMs and CPE would be on different subinterfaces.0 subinterface should be viewed as Release 4. then all net10 interfaces are running RIP and will automatically advertise interface (10. Per-subscriber ISP determination is based on a mapping between the CM’s MAC address and the ISP. depending on the dhcp-giaddr mode of the subinterface. When the CM initiates a DHCP transaction.

the CM will be assigned an IP address based its ISP association. the DHCP Relay Agent will forward the northbound DHCP messages to only the DHCP Servers defined for the subinterface. with the implication that the MSO DHCP Server definition is defined for CM use only. the message is sent only to the ISP DHCP Server. Based on CPE classification. The DHCP server never provides an IP address to a CM for this subnet. Note that a /30 subnet mask is used for the primary IP address and no secondary IP addresses is present.0/16 subnet is used.<subif#>] ip vrf forwarding <vrf name> Associates the subinterface with a VRF. Upon completion of the DHCP transaction. As such.0.10. show ip interface Shows subinterfaces with byte and packet counts in and out.0.<subif#>] 12-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . configure interface <type> <slot>/<port>[. The sole purpose of this subinterface to help facilitate CM initialization. In particular. Table 12-1: CLI Commands for Subinterface Command Purpose Where subif# is a range of values from 0-254 Defines a subinterface for a given slot and port. The C4 system administrator still has the ability to identify secondary IP addresses within a subinterface as candidates for DHCP giaddr use. configure interface <type> <slot>/<port>[. the C4 CMTS classifies the transaction to a particular subinterface based on the CPE’s CM. then the giaddr used to identify the C4 is based on the secondary IP address of the subinterface. For ISP1 the 10.0. When a CPE starts a DHCP transaction.0.20. only CM initiated DHCP messages that have the source IP address set to 0.0 should map to this subinterface.0/16 subnet is used and for ISP2 the 10.12 Configuring Router Functionality the interface used for all unmapped traffic. When DHCP policy is active for the subinterface.

A value of 15 hops is the longest route permitted. configure ip rip RIP has been enabled Disabling RIP on the C4 CMTS — Use the following commands to disable RIP: configure ip no rip RIP has been disabled Validate RIP status: show ip vrf Virtual Router Details: Name Index =============== ========== default 1 OSPF ==== no RIP === yes Enabling RIP for a Network — By default. Enabling RIP on the C4 CMTS — By default. Because it learns routes dynamically without provisioning. This is not a stepby-step procedure. RIP requires little overhead and is easy to implement. Unlike the original version it supports subnet masks and Message Digest 5 (MD5) authentication. RIP is disabled on the C4 CMTS. RIP is disabled for all networks. RIP uses aging algorithms to eliminate invalid routes from its tables. Release 4. see RFCs 2453 and 1058.C4 CMTS Routing Information Protocol. RIP-related CLI Commands The following commands are grouped for convenience. version 2 (RIP2) Overview RIP is a distance vector routing protocol. Standard ARRIS PROPRIETARY — All Rights Reserved 12-9 . once the hop count value reaches 16 the route is considered unreachable. It remains a popular routing protocol. Each route in a RIP routing table is assigned a hop count of 1-16. As the topology of a network changes some routes become invalid.2. Enter the following command to enable RIP globally. For more information on the standard. RIP version 2 (RIP2) is used by the C4 CMTS. Entries in the RIP routing tables are updated as needed. Enabling RIP for a network does not affect the global enable/disable state on the C4 CMTS. RIP uses a single criterion for determining the best available route — hop count. especially for small networks.

71. VRF default: Route invalidation interval is set to 180 seconds.0. This interface is part of a network which was enabled (10.0.71. an interface with an IP address 10.0. for example). Disabling RIP for a Network — Use the following command to disable RIP for the network: configure router rip no network <network address> Where <network address> represents the IP prefix of the desired network.71. End of example 12-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Confirm that RIP is enabled for the network: show ip rip The output should look something like the following: RIP Interfaces Interface VRF 10.0.12 Configuring Router Functionality To enable RIP for a network.2 is actively running RIP.71.2 default Df Met Auth Mode 1 disabled 1 disabled Auth Key State active disabled In this instance.71.2 default 10.64. RIP disabled Confirm that RIP is disabled for the network: show ip rip SCM# show ip rip RIP Interfaces Interface VRF Df Met Auth Mode Auth Key 10.2 default 1 disabled RIP Timers VRF default: Update interval is set to 30 seconds. This interface is part of a network which was disabled (10. VRF default: Route flush interval is set to 120 seconds.2 default 1 disabled 10.0. SCM# State disabled disabled In this instance.0.71.71. enter the following command: configure router rip network <network address> Where <network address> is the IP prefix of the desired network. an interface with an IP address 10.71.0 for example).64.2 is not running RIP.0.

Configuring RIP passive mode on an interface — Enter the following command: configure router rip passive-interface <slot/port> Where <slot/port> is the slot and port of the physical interface on which to set passive RIP operations.2.0.71. RIP interface set passive Confirm that RIP is running in passive mode on an interface: show ip rip The output should look similar to the following: RIP Interfaces Interface VRF 10. Setting the default route metric — Use the following command to set the default route metric: configure interface <cable | fastEthernet> <slot/port> ip rip default-metric <0-16> Where 0-16 are default metrics available Default metric is 1 Verify the default metric is changed to match the value entered: show ip rip Release 4. each interface running RIP advertises an available default route. the default route is not advertised.64.2 default Df Met 1 1 Auth Mode disabled disabled Auth Key State passive disabled In this instance. Disabling RIP on this passive interface — Use the following command to disable the RIP passive interface previously set: configure router rip no passive-interface <slot/port> RIP interface disabled Default Route Processing By default.71. system administrators can set an interface to operate in passive RIP mode.2 is running RIP in passive mode.71. with a metric of 1. Standard ARRIS PROPRIETARY — All Rights Reserved 12-11 . Because default route propagation must be controlled carefully. If the default route metric is set to 0. static or learned via RIP.0.C4 CMTS Passive RIP Operation In order for an interface to receive and process RIP messages but not advertise its routes. an interface with an IP address 10. system administrators can set the metric to be used for default route advertisements on a per interface basis.2 default 10.

2 default Df Met 1 1 Auth Mode text disabled Auth Key testkey1 State active disabled End of example 12-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .71. Every RIP message sent on this interface contains this key and every incoming message received is validated based on it having this key. Confirm that the interface is set up to do plain text authentication: show ip rip RIP Interfaces Interface VRF 10.64.12 Configuring Router Functionality RIP Interfaces Interface VRF 10.71. Enabling plain text authentication — Enter the following command to enable plain text authentication for a given interface: configure interface <cable | fastEthernet> <slot/port> ip rip authentication mode text Authentication mode is plain text Creating the plain text password — Enter the following command to set authentication.0.71. By default it is disabled on each interface. configure interface <cable | fastEthernet> <slot/port> ip rip authentication key <testkey1> Authentication key is testkey1 Where testkey1 is a 1-16 character text string used for authentication. The key can be up to 16 characters long. This section contains CLI commands used to set RIP authentication.2 default 10. Two different types of RIP authentication are available: • • Plain Text Authentication Plain text password MD5 digest with either single or multiple keys.71.2 default Df Met Auth Mode Auth Key 1 disabled State 1 disabled disabled End of example RIP Authentication RIP authentication may be enabled for each active or passive interface running RIP in order to add security to RIP communication.2 default disabled 10.0.64.

2. The next section discusses single key authentication. never ages out. As a result. the key ID associated with the key must be set to 0 on all peer routers. it identifies the authentication mismatch and drops the message. or all the RIP routes age out of the routing tables on the C4 CMTS. Similarly. The key is used to verify the MD5 has of each encrypted packet. all RIPv2 packets that are received by the C4 CMTS interfaces for which MD5 is enabled. For RIP with MD5 to interoperate with other routers. If a router or host attempts to provide the C4 CMTS with RIP information and it does not have the correct MD5 hash. therefore. Routers that receive these encrypted RIPv2 packets must have the same key associated with the incoming interface. RIP routes sent by the C4 CMTS to adjacent peer routers age out five minutes after the last authenticated RIP message was received. If the C4 CMTS is running RIPv2 with MD5 authentication and the system time is changed to an earlier time. Procedure 12-2 How to Enable Single Key Authentication Use this procedure to configure single key MD5 authentication. This interface uses an infinite send and receive lifetime key and. the system administrator can define a single key for a specified physical interface. 1 Set the single key authentication node on the physical interface: configure interface <cable | fastEthernet> <slot/port> ip rip authentication mode md5 Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 12-13 . the external router must be set up to send and receive either using one key or multiple keys. Single Key Authentication For single key MD5 authentication. the packet is dropped and an error message is logged. NOTE The C4 CMTS uses its system time as the MD5 message sequence number. This key is used to generate an MD5 hash which is appended to all outgoing RIP packets originating from the C4 CMTS. communication with peer routes cease until either the system time reaches it previous point. These encrypted packets allow the C4 CMTS to communicate securely with other routers in the network. In this configuration.C4 CMTS MD5 Digest Authentication Message Digest 5 (MD5) authentication allows a System Administrator to encrypt RIPv2 packets based on an interface-specific key. must have the key associated with that interface applied to all RIPv2 packets. If a router receives a RIP message with a non-matching key. take care when changing the system time to an earlier time.

.2 default 10.71.0. 1 Create a key chain and key: configure key chain <key chain name> key <key id> keystring <key> Where key chain name = a text string up to 16 characters long key id = number between 0 and 255 and key = a text string up to 16 characters long.2 default Df Met 1 1 Auth Mode md5 disabled Auth Key testkey2 State active disabled End of procedure Multiple Key Authentication In order for RIP to support multiple keys.e. 3 Confirm that the interface is set up to do MD5 digest authentication: show ip rip RIP Interfaces Interface VRF 10. To remove a key chain and all its keys: configure no key chain <key chain name> 2 Enable MD5 digest authentication with multiple keys for a given interface: configure interface <cable | fastEthernet> <slot/port> ip rip authentication mode md5 12-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Every RIP message sent on this interface contains a digest and every incoming message received is validated based on its digest. For MD5 to interoperate. Otherwise the MD5 functionality works as described in the single key mode. The key can be up to 16 characters long.71.64. Procedure 12-3 How to Enable Multiple Key Authentication (i. Key Chains) Use this procedure to enable multiple key authentication. a key chain must have been previously configured with at least one key. the keys in the C4 CMTS key chain must match the keys in the external router.12 Configuring Router Functionality Authentication mode is keyed MD5 digest 2 Create the MD5 key: configure interface <cable | fastEthernet> <slot/port> ip rip authentication key <key> Authentication key is testkey2 where testkey2 is a 1-16 character text string used for the key id.

the router that is directly attached to it immediately sends a Link State Advertisement (LSA) to its neighbor routers.2. disable RIP authentication: configure interface <cable | fastEthernet | gigabitEthernet> <slot/port> no ip rip authentication key-chain <keychain1> End of procedure Open Shortest Path First (OSPF) Overview OSPF is a dynamic link state routing protocol developed by the Internet Engineering Task Force (IETF). The key chain can be up to 16 characters long and determines which key is used for sending and receiving. Link State Routing Protocol Description The OSPF routing protocol maintains a link state database of all subnets available on the network.2 default Df Met Auth Mode 1 md5 Auth Key testkeychain State active 5 If desired. If a link goes down. OSPF: • • • • Supports Classless Inter-Domain Routing (CIDR) Provides for routing update authentication Uses IP multicast when sending/receiving the updates Responds quickly to topology changes with a smaller amount of routing protocol traffic The OSPFv2 specification is published as Request For Comments (RFC) 2328. Standard ARRIS PROPRIETARY — All Rights Reserved 12-15 . Release 4. Information about the link state propagates throughout the network. This includes details about which routers are attached to the links. Each router reviews its database and re-calculates the routing table independently. 4 Confirm that the interface is set-up for MD5 digest authentication: show ip rip RIP Interfaces Interface VRF 10.C4 CMTS 3 Enable the key chain (created in step 1) on the same interface: configure interface <cable | fastEthernet | gigabitEthernet> <slot/port> ip rip authentication keychain <keychain1> Where <key> is the name of the key chain to use.71.0.

OSPF also lets the user assign cost metrics to each interface so that some paths are given preference. Configuring for OSPF This section outlines the tasks required to configure a network and C4 CMTS for OSPF. The sequence includes: 1 Reviewing a network diagram for interface information and architecture 2 Enabling OSPF globally 3 Configuring the network according to standard configuration parameters (set router id) 4 Verifying OSPF is running as configured. OSPF uses a user-defined cost for each interface. This metric could be the same as number of hops if each interface along the route uses a cost of 1. The C4 can distribute packets across at most 4 ECMP routes. Rather than counting the number of hops as a metric. Procedure 12-4 How to Enable OSPF Use this procedure to enable OSPF on the C4 CMTS. The procedures and commands in this section assumes that IP addresses have already been configured for the network and OSPF interfaces. RIP). The cost of the route displayed by the show ip route command is the sum of the interface costs. ECMP OSPF also has the concept of ECMP (Equal Cost MultiPath) routes. netmgmt. OSPF. Different routing protocols use different types of metrics. It is beyond the scope of this User Guide to supply recommendations for reviewing network architecture for all OSPF configuration possibilities. 12-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and secondly on route cost. ECMP routes can also be used with static routes.12 Configuring Router Functionality Routing Metrics A router learns multiple paths to a particular destination network and chooses the path with the best metric in its routing table. This cost is added together for each hop when calculating the cost of a route. These are routes to the same destip (destination IP address) and prefix which use different next hop IPs but the same cost. OSPF bases its path descriptions on link states that take into account additional network information. however. The C4 bases its choice of best route first on route type (local. the following sections identify the CLI commands required for basic OSPF configuration on the C4 CMTS.

1. Enter the following command to enable OSPF for an interface: configure router ospf vrf default network <network address> area <area-id> Where <network address> and <area-id> can be specified as either a decimal value or as an IP address.1 is the router id 2 By default. Values are 1 (internal route) or 2 (external route). Enter the following command to enable OSPF: configure router ospf vrf default enable The output should indicate the following: OSPF has been enabled 3 By default. Default is 0. Default is 0. Checksum 0x0 Number of new originated LSAs 2 - Release 4. Enabling OSPF for an interface does not affect the global enable/disable state on the C4 CMTS.subnets (optional) is used for redistributing routes into OSPF. 5 Validate OSPF status: show ip ospf The output should indicate as follows: Router VRF default with ID 255. the scope of redistribution for the specified protocol.1. and subnets: configure router ospf vrf default redistribute connected metric <n> metric-type <type> tag <n> subnets Where the values and defaults are as follows: metric (optional) is the metric used for redistributed route. .255.1.255.2.tag (optional) is the 32 bit decimal value that OSPF attaches to the external route. Values 0-4294967295. OSPF is disabled for all interfaces.C4 CMTS 1 Enter the following command to give the default router an identification number: configure router ospf vrf default router-id 1. Standard ARRIS PROPRIETARY — All Rights Reserved 12-17 . Default is 2. .e.1. OSPF is disabled on the C4 CMTS. tags.metric-type (optional) is the external link type associated with the default route advertised into the OSPF routing domain. . CAMs) and to redistribute the default ospf route based on metric-types.1 where 1.255 Only cost is used when choosing among multiple ASexternal-LSAs Exit overflow interval 0 seconds Number of external LSA 0. 4 Enter the following command to advertise routes for the locally connected interfaces (i.

255. see chapter 23. The output should confirm the following: OSPF disabled 2 Confirm that OSPF is disabled for the network: show ip ospf The output should be similar to the following: Router VRF default with ID 255.12 Configuring Router Functionality Number of received LSAs 5 6 Confirm that OSPF is enabled for the interface: show ip ospf interface End of procedure Procedure 12-5 How to Disable OSPF for an Interface 1 Use the following command to disable OSPF for an interface: configure router ospf no network <ip-address> <wildcard-mask> area <area-id> Where <ip-address> is the IP prefix of the desired network interface <wildcard-mask> is the IP address type mask that includes “don’t care bits” and <area-id> is the area that is to be associated with the OSPF address range.255. Procedure 12-6 How to Disable OSPF (Globally) on the C4 CMTS 1 Use the following commands to disable OSPF: configure router ip no ospf enable 12-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .255 (disabled) End of procedure NOTE For more information regarding logging OSPF event messages. Logging and the C4 CMTS.

Initialization does not cause the CMTS to enter graceful restart. This LSA is the primary signal to all adjacent neighbors that an OSPF graceful restart session is beginning. OSPF causes routers to avoid a restarting router by requiring its neighbors to reissue their Link State Advertisements (LSAs).” Without graceful restart. This feature builds upon the capabilities of the Control Complex Redundancy (CCR) feature and existing OSPF functionality. The C4 CMTS separates traffic and control data: hardware processes the user traffic and the FCM processor handles the control data. OSPF avoids the restarting router to minimize the possibility of routing loops and/or black holes caused by lack of database synchronization. called grace-LSA.2. Routers capable of graceful restart must continue to forward data even while their control processors reset or restart. Release 4. With graceful restart enabled the C4 CMTS checkpoints to the standby FCM.C4 CMTS OSPF has been disabled 2 Validate OSPF status: show ip ospf The output should indicate as follows: Router VRF default with ID 255.255 (disabled) End of procedure OSPF Graceful Restart Graceful restart is an enhancement to the OSPF routing protocol that enables compliant routers to forward data even during restarts.255. Grace-LSAs are in fact special opaque LSAs. OSPF intentionally routes around a restarting router while it rebuilds its link-state database. and all learned OSPF IP routes are copied to the standby FCM. Standard ARRIS PROPRIETARY — All Rights Reserved 12-19 . under normal operation. while ignoring all links to the restarting router.255. It is based on the separation of control and forwarding tasks by the router. is defined. The C4 CMTS enters a graceful restart session in response to a CCR failover. In the C4 CMTS OSPF graceful restart is on by default and will always send a grace-LSA. According to RFC 3623. “OSPF protocol presents a problem to graceful restart whereby. NOTE Only a duplex C4 CMTS can enter graceful restart. In keeping with RFC3623 a new type of LSA.

If this RFC is not supported by all routers.g. and view the ospf settings. set the timeout. a CCR failover event may be viewed as a restart of the protocol. The OSPF enhancements for graceful restart are as follows: • A router attempting a graceful restart originates link-local OpaqueLSAs (called Grace-LSAs from this point on) announcing its intention to perform a graceful restart within a specified amount of time. The usefulness of graceful restart in the C4 CMTS is limited to those routers that support RFC 3623. causing a network-wide topology change. OSPF neighbor state Full).12 Configuring Router Functionality To achieve complete graceful restart within the OSPF domain.e. respectively: configure interface [cable|fastEthernet | gigabitEthernet] ip ospf graceful-restart-timeout <timeout> [no] show ip ospf int 12-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The following events indicate a network topology change and imply an exit from the graceful restart state: • • • • C4 CMTS OSPF known local interface state change C4 CMTS route redistribution change (new/changed type 5/7 LSA) C4 OSPF provisioning change (e. In this period these routers are in a sort of “helper mode. the router's neighbors continue to announce the restarting router in their LSAs as if it were fully adjacent (i. but only if the network topology remains static. all neighbor routers adjacent to the C4 CMTS must support RFC 3623. new OSPF interface) Receipt of an LSA not consistent with its pre-start router LSA (restart router only) NOTE Graceful restart as defined by RFC 3623 is not the same as the Cisco proprietary feature called “Nonstop Forwarding”.. During the grace period.” • Related CLI Commands Use the following commands to enable graceful restart.

2. Automatic import of the loopback interface into the SCM protocol stack is consistent with existing in-band management functionality. socket-layer accessibility. At worst. Standard ARRIS PROPRIETARY — All Rights Reserved 12-21 . This interface has all the characteristics of a physical interface IP address. When in-band management is enabled. If this is not done. Definitions Loopback interface — A logical IP interface that is not associated with any one physical interface. NOTE The in-band management feature must define the default route to route over a particular loopback interface. It must be reachable via any active physical interface. all FCM-based interface IP addresses are imported into the SCM to allow SCMbased applications to process traffic destined for one of the C4 interface IP addresses. Active IP address — The IP address that is associated with the FEP of the active SCM. the FCM will not route IP datagrams destined for the active IP address to the SCM.C4 CMTS Loopback Interfaces for Routing Protocols This section deals with the FCM-based loopback interface that may be used by OSPF. including packet counts. It must be used for out-of-band SCM management only. admin provisioning. Packet redirection from the FCM to the SCM is a hardware decision based on the IP packet type. because the FCM will not route floater IP traffic to the SCM. This new interface type has a presence on the SCM when in-band management is enabled. The active IP address is the one given to the FEP of the active SCM. and so on. then in the best case asymmetrical routing back to the SCM may occur. Currently. This will ensure that the floater IP address is not used as the source for SCM-originated IP datagrams. Abbreviations: FEP Front Ethernet Port FCM Fabric Control Module SCM System Control Module ECMP Equal Cost Multi-Path AS Autonomous System LSA Link State Advertisement Release 4. formerly called the floater IP. application servers will not be able to respond to the C4.

it will be associated with the default VRF. Example of Packet Flow Using Loopback Interface.f. ECMP is available.h> area <areaID>. ranging from 0-15.c. If OSPF is enabled on the loopback interface. • • • • • Figure 12-1. on page 12-23. no physical interface is taken OOS. a loopback may reside in only one area. In this figure the “floater” IP address is used for out-of-band management. this implies a host address. This network topology shows the loopback interface used as the “forwarding address” of OSPF Type-7 LSAs that advertise CAM-side prefixes. depicts a network configuration where a loopback interface is defined for in-band management. loopback interfaces associated with the default VRF are imported into the SCM’s protocol stack. If the loopback is taken down. Like physical interfaces. When in-band management is enabled. If multiple loopback interfaces exist. Routing protocols (RIPv2 or OSPFv2) will not advertise the active IP address.12 Configuring Router Functionality Characteristics of the Loopback Interface Observe the following guidelines when configuring and administering loopback interfaces: • • • • • The C4 CMTS supports 16 unique loopback interfaces. from the 6509 to the C4.b.d> <e. the network associated with the loopback address must be advertised in a router LSA. The active IP address will not have a presence on the FCM. The subnet mask may be /32. Upon creation of a loopback interface.g. 12-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . the lowest value loopback interface is used as the source IP address for SCM-originated IP datagrams. The existing ospf command must be used: network <a. Since the loopback interface IP address was previously announced in a Router LSA and is part of the OSPF AS. for packets destined for RIP advertised networks.

0 E=0 (Type 1 metric).10 Figure 12-1: Example of Packet Flow Using Loopback Interface Release 4.2/19 GigEthernet 10.0.9.130.10.1/19 192.100.1/24 CM+Router 10.0. Standard ARRIS PROPRIETARY — All Rights Reserved 12-23 .255.255.1.80.1 OSPF RIPV2 Client/Server SCM Apps RIP Route Redistribution into OSPF 2 Pv RI ets CM ac k P Loopback 10.130.10.1.2/19 SCM In-band Management FCM Interface / loopback IP Addresses Out-of-band Management SCM Interface or floater IP Address Loopback 10.1 0 FCM GigEthernet 10.9.9.32.2/19 SCM 1 10.10 CPE 192.20 CPE 192.64.0.80.1.1/19 SCM 1 10.1 RIP Pa v2 CM cke ts CAM 3/0 Cable Bundle Master: 3/0 10.80.100.64.C4 CMTS LS Age Options | LS Type List State ID Advertising Router LS Sequence Number LS CheckSum Length Network Mask Metric Forwarding Address External Route tAG 0 N/P (Type-7-LSA) 192.1.9.0 C4s Router ID 0x80000001 OSPF-NSSA ECMP available Switch Bridge 36 255.100.10.0.2.20 CAM 5/0 CM+Router 10.130. TOS 0. cost 1 10.80.

The IP address and mask are not required configure interface loopback <0…15> [ ip address <address> <netmask> ] [shutdown] [no] Defines the syntax to assign an IP address to a loopback interface and admin state (shutdown or restored to service). either one may be used to define the active IP address. then it will default to the mask of the SCM interface ip address. show ip ospf interface [brief] Shows all loopback interfaces that have OSPF enabled. configure interface ethernet <slot>/0 active ip <address> [<netmask>] 12-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .12 Configuring Router Functionality Table 12-2: CLI Commands for Active and Loopback Interface Command Purpose Defines the active (floater) IP address on the SCM. configure interface ethernet <slot>/0 no active ip [<address> [<netmask>]] Removes the active IP address associated with the SCM FEP. If the IP mask is not provided. show ip route [detail] Shows loopback interfaces as local routes with no physical interface defined. Valid slot numbers are 19 and 20. configure interface loopback <loopback number> ip vrf forwarding <vrf_name> Moves a loopback interface to the VRF specified. No other OSPF parameters are configurable. show ip interface Shows loopback interfaces with byte and packet counts in and out. configure interface loopback <0…15> ip ospf cost <metric> Defines the OSPF cost to reach the loopback interface.

This feature allows the C4 to load balance traffic on an IP prefix basis across four unique routes. • The cost of an active route is updated and as a consequence it is no longer the least cost route. Equal Cost Multi-Path (ECMP) Load Balancing. The cost of a route is determined by the protocol type and metric. The following events cause the C4 CMTS to recalculate the least cost route and potentially update the hardware forwarding engine. Local 2. then only the least cost routes are considered. Load balancing can be done on any NAM or CAM interface. All routes over the physical interface are marked as inactive and are replaced by a redundant route for each IP prefix assuming one exists. Protocol precedence is not changeable within the C4. These redundant routes may be set up to ensure that a NAM card failure does not prohibit the C4 CMTS from continuing to pass data. RIP routes have the least. It takes precedence over the metric value. In this case the C4 defaults to the previously described DRR functionality. RIP or OSPF network topology change may cause the C4 CMTS to pick an alternative route if the protocol running determines that a route it advertised is no longer reachable. RIP • • • Release 4. The update only occurs if a redundant route for a specific IP prefix exists in software. Note that the unique routes must be of the same cost.C4 CMTS Dynamic Route Redundancy The Dynamic Route Redundancy (DRR) feature allows the C4 CMTS to dynamically update a specific route in hardware based on a change in the network topology. If multiple routes to a specific prefix exist with different metrics or protocol types. Here are the protocol rankings: 1. The C4 CMTS installs the least cost route from a pool of redundant routes to the specific IP prefix. Static 3. This first piece of information that must be considered when determining the cost of a route is the protocol type. This implies that the next-hop associated with a redundant route must be associated with a network that is defined on a second NAM card. OSPF 4. The physical interface associated with a route is taken out of service. where sub-optimal routes are only used if the least cost route(s) become inactive.2. but most users will opt to use it on the NAM interfaces. Load balancing is achieved by examining the source IP address of the IP datagram when determining which of several routes to use. Standard ARRIS PROPRIETARY — All Rights Reserved 12-25 . as it is implemented in the C4 CMTS. Local routes have the greatest precedence when determining a least cost route. is a natural extension to Dynamic Route Redundancy.

To configure a NAM onto the C4 CMTS. the next step is to route the NAMs to the respective router.12 Configuring Router Functionality Configuring a NAM Interface This section outlines commands required to configure a NAM to route traffic to network routers. 2 To delete an IP Route: configure no ip route <dest route prefix> <dest route mask> <next-hop ip addr> 3 To display the IP Routes: show ip route End of procedure 12-26 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Use the following command to configure a route: configure ip route <dest route ip addr> <dest route mask> <next-hop ip addr> [metric] End of example Configuring IP Routes Procedure 12-7 How to Add/Delete/View a Static IP Route to the C4 CMTS 1 To add an IP Route: configure ip route <dest route prefix> <dest route mask> <next-hop ip addr> [metric <0-255>] Where the value assigned to the metric parameter defines the weight or cost of the route. Configuring a Route From the NAM to a Router Once all of the NAM cards have been configured. This assumes that the all network IP addresses have been configured previously and in accordance to a network diagram or site survey. use the following command: configure interface fastethernet <slot/port> ip address <ip address of the NAM interface> <subnet mask> This command line may be repeated for as many NAM cards to be configured on the C4 CMTS (configurable only in slots 13 through 16).

Use the following command to configure a RIP distribution list: configure router rip distribute-list Use the following command to redistribute routes from a static or connected domain to a RIP domain: configure router rip redistribute OSPF Commands — Use the following command to enter the command mode for OSPF: configure router-ospf The system displays config-router-ospf at the command line prompt. You must first enter the correct mode using the following command: configure router rip The system displays config-router-rip at the command line prompt. may be run at the same time. This feature supports route redistribution at the following levels: • • • • • From static to RIPv2 From connected (local) to RIPv2 From static to OSPF From connected (local) to OSPF From RIPv2 to OSPF This feature supports different types of distribution lists (filtering): • • • CLI Commands RIP input (per interface or global) RIP output (per interface or global) Route redistribution RIPv2 to OSPF Use the following command to display IP routes: show ip route RIPv2 Commands — The redistribution commands are second level. Standard ARRIS PROPRIETARY — All Rights Reserved 12-27 . The C4 CMTS currently supports two unique routing protocols: RIPv2 and OSPF. Both dynamic routing protocols. In addition. RIPv2 and OSPF. Local (C4 interface networks) and Static (Net Management) routes may be imported into a protocol domain. Release 4.2.C4 CMTS Route Redistribution Route redistribution is defined as the ability to import and export IP routing information from one routing protocol domain to another.

see chapter 26. While using an Internet browser. Multicasting sends the data only to those interfaces on which there are hosts that have requested it. CLI Command Descriptions.12 Configuring Router Functionality Use the following command to redistribute routes from a static. Another example of this application would involve a cable broadband subscriber. which sends an IGMP join message to the next hop router that is set up to be an IGMP querier. Unlike unicasting. Application Scenarios For example. And unlike broadcasting. The source of this multicast traffic sends data to this group address. it does not flood a network by sending packets to all the hosts when they are meant only for some. The virtual path between the requesting subscriber and the sender is then set up by the next hop router. connected. This multicast group has an associated group address. In order to receive a multicast service. Her PC becomes a member of the multicast group by sending an Internet Group Management Protocol (IGMP) join message to the C4 CMTS. 12-28 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The sender is not required to belong to the group: a multicast server can transmit to the group without belonging to it. Then the subscriber begins to receive the multicast video she clicked on. a subscriber is web-surfing and clicks on an on-demand video that she wants to view. multicasting does not send the same data as many times as there are recipients. The join is then proxied on a proxy interface. Hosts that do not belong to the group do not process this data. or RIP domain to an OSPF domain: configure router ospf redistribute For information on CLI command syntax and parameters. What is IP Multicast? IP Multicast is an Internet technology that permits a sender to send data (either clear or encrypted) simultaneously to many hosts. End of procedure Multicast Operations in the C4 CMTS This section describes the C4 CMTS implementation of multicasting as it relates to the handling and forwarding of IP multicast traffic. he might click on an icon or online advertisement to receive real-time news updates or to listen to an online music concert. hosts must join a multicast group. Any host belonging to the group processes the multicast data. In this case the icon or ad contains embedded data containing the correct group address and code to tell the C4 CMTS to add this host to the group.

C4 CMTS Multicasting suits applications in which the same data must be communicated to many hosts in a timely and efficient manner. 1989. Host Extensions for IP Multicasting. the membership group does not list the IP addresses of the individual hosts: It is important to understand that an IP host group address is not bound to a set of IP unicast addresses. rather than a list of the members' individual IP or Ethernet addresses. Network protocols such as Internet Group Management Protocol (IGMP). Standard ARRIS PROPRIETARY — All Rights Reserved 12-29 . Aug. Once IGMP is enabled on an interface. (from RFC 1112. which is taken from RFC 1112: Release 4. An interface may belong to any number of multicast groups. Routing Information Protocol (RIP). a multicast router attached to an Ethernet need associate only a single Ethernet multicast address with each host group having local members. Multicast traffic is often used for network equipment communication protocols. IGMP must be enabled for each interface that uses multicast. One of the ethernet ports on the NAM must be designated as an IGMP proxy interface. Membership groups must be assigned a Class D address. Some examples: • • • • • Multicast in the Cable Data Industry Colleges use it for distance learning — college courses or training delivered to anyone having a reliable Internet connection Large companies with multiple campuses use it for employee training and corporate addresses Groups can use it for teleconferencing (if combined with VoIP) Hotels and other chains use it to download software updates from headquarters to hundreds of reservations terminals simultaneously Retailer chains use it to update price lists quickly and simultaneously at all their locations. Traffic sent to a multicast group can be received by multiple interfaces. If the multicast group is not directly connected to the server. As explained in RFC 1112. The multicast routers do not need to maintain a list of individual members of each host group.2. and Open Shortest Path First (OSPF) all communicate via multicast. S. For example. The range is stated in the next paragraph. Deering) In order for IGMP multicast to work on the C4 CMTS. then a proxy interface is needed. it starts querying hosts for information on their multicast memberships.

S.0.0. The proxy interface must have IGMP enabled.12 Configuring Router Functionality In Internet standard “dotted decimal” notation.0 is guaranteed not to be assigned to any group.0. see RFCs 2236 and 2933. Proxy Interface Any one.0. The C4 CMTS operates in active mode. Baseline Privacy Interface (BPI).0. See Encrypted Multicast Setup. page 17-10. of the NAM ports on the C4 CMTS can be designated to proxy IGMP traffic for one or more interfaces.0. The C4 CMTS can add encryption and authorization to multicast data over a DOCSIS® cable interface. This is used to address all multicast hosts on the directly connected network. It also complies with DOCSIS 2.255. For an overview of standards related to IGMP.0. The dynamic operation operates only on modems running in BPI+ mode.1 is assigned to the permanent group of all IP hosts (including gateways).0 to 239. host group addresses range from 224. and 224.255 are reserved for protocol use and can not be joined by hosts. IGMP Implementation Internet Group Management Protocol (IGMP) is a IP protocol for managing multicast groups on the Internet.255. Nor can traffic be forwarded between interfaces. 1989.0.0 to 224. it performs the following functions: • • • Stops querying hosts for multicast membership information Becomes a host member for all active group memberships on the interfaces for which it is the proxy Forwards all multicast traffic going to or coming from joined multicast hosts on the C4 CMTS proxied interfaces. Host Extensions for IP Multicasting.0I01-011231. Aug. A thorough description of BPI+ encryption as performed by the C4 CMTS is given in chapter 17. DOCSIS® Compliance for IGMP The DOCSIS® Specifications (SP-RFIv1. The addresses of other well-known. permanent groups are to be published in “Assigned Numbers”. Static operation operates with modems in either BPI or BPI+ mode. The encryption may be added statically (provisioned) or dynamically. Encryption 12-30 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Annex E) describe IGMP DOCSIS® 1.0. The address 224. (from RFC 1112.0.255.1 requirements as either Passive or Active operation modes. Deering) Addresses in the range from 224. There is no multicast address (or any other IP address) for all hosts on the total Internet. Once an interface becomes a proxy interface. but only one.1-106-001215 and SP-OSSIv2.0.

Other slot/port combinations will also work. and of NAM slot 14 and port 0 for the proxy interface. Multicast CLI Commands. Release 4.2. 1 Enable multicast for the cable interface: configure interface cable 6/0 ip igmp 2 Enable multicast for the IGMP proxy interface: configure interface fastethernet 14/0 ip igmp 3 Assign the proxy interface for the cable interface: configure interface cable 6/0 ip igmp proxy-interface 14/0 End of procedure Table 12-3. A brief explanation of the purpose of each command is included.C4 CMTS Procedure 12-8 How to Enable Multicast on a Cable Interface This procedure serves to enable multicast on a given cable interface and to designate its proxy interface. on page 12-32 lists the commands that are directly related to the multicast feature. The use of CAM slot 6 and port 0 for the cable interface. Standard ARRIS PROPRIETARY — All Rights Reserved 12-31 . are meant as examples.

The service flow associated with this group map is des56 encrypted by configure interface cable <slot/port> cable privacy default. Set the query max response time Default = 1 seconds. the service flow is non-encrypted multicast [no] map <SAId> <group address> <group mask> and the SAId value is unused.subif#]] ip [no] igmp configure interface gigabitethernet <slot> [/port. Range = 1-255. Set the proxy interface (must be a NAM interface) [no] Remove the proxy interface Set the query interval Default = 125 seconds.12 Configuring Router Functionality Table 12-3: Multicast CLI Commands Purpose Add a cable privacy multicast authorization.[. Set the robustness Default = 2.subif#]] ip igmp configure interface cable <slot/port> ip igmp lastmember-query <last member query interval> configure interface cable <slot/port> ip igmp [no] proxy-interface <slot/port> configure interface cable <slot/port> ip igmp queryinterval <query interval> configure interface cable <slot/port> ip igmp query-maxresponse-time <time> configure interface cable <slot/port> ip igmp robustness <robustness> show interface cable <slot>/<ds> cable privacy multicast-authorization show interface cable <slot>/<ds> cable privacy multicast map show ip igmp groups [slot/port] show ip igmp interfaces [slot/port] 12-32 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Range = 0-255.[. Range = 0 to (232 .1). [des56 | none] [no] Remove a cable privacy multicast SA mapping Enable IGMP on the interface [no] Disable IGMP on the interface Set the last member query interval Default = 10 seconds. Display the cable privacy multicast authorization information Display the cable privacy multicast group/key mappings Show the IGMP multicast group membership status Show the IGMP interface configurations configure interface fastethernet <slot> [/port. If 'none' is set. Range = 0-255. [no] Remove a cable privacy multicast authorization CLI Command configure interface cable <slot/port> cable privacy multicast [no] authorization <SAId> <MAC address> Add a cable privacy multicast static SA mapping. Only static SAIds use authorizations.

Release 4. Separate configuration files referencing different filter groups could be used as part of a multiple ISP application. Standard ARRIS PROPRIETARY — All Rights Reserved 13-1 . Throttling. IP Packet Filtering.2. and CAR Topics Overview of IP Packet Filtering Setting Default Filter Groups Debug IP Packet Capture Packet Throttling Committed Access Rate Global Rate Smoothing for TCP Traffic Feature Page 2 10 15 17 19 23 Filtering out packets destined for infrastructure components allows an MSO to reduce the risk of outside break-ins and to reduce the risk of denial-of-service-attacks.C4 CMTS 13.

13-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . All IP filters in a group are tested for a match in priority order. or modify an individual filter of a filter group. numbers 1-1023 pertain to defined filter groups. If there is a match.13 IP Packet Filtering. or captures the packet. The 1Dx8U and 2Dx12U both keep match counts for packets that match each filter. The index numbers also specify the order in which the filters of a filter group are applied. When an IP filter matches an incoming frame. The filters in each group are kept in a prioritized list. but the 2Dx12U also increments a byte count for each match. passes. and CAR Overview of IP Packet Filtering The IP Filtering feature as it is implemented in the C4 CMTS is a proprietary extension of IP filtering. Throttling. a match count for this IP filter is incremented and the frame is passed or dropped depending on the action programmed for this IP filter. The C4 CMTS supports 1. The number 0 means that no filter group applies. Cable modem configuration files refer to a filter group number from 0-1023. IP filters are configured in groups.023 filter groups each containing up to 31 filters. and individual MAC domains. drops. All IP filter fields and groups work the same for US and DS flows. depending on how the filter is configured. IP filter — A provisionable software mechanism which examines the header of each TCP-IP packet and looks to match the contents of any or all of the fields listed below. and. the C4 CMTS increments the counts for this filter. This number is called its index and is necessary to add. starting with index number one and ending with number thirty-one. and the first one to satisfy the matching requirements is used as the one and only match. IP filters can be provisioned to match the following: • • • • • • • • Source IP address (32 bits) (maskable) Destination IP address (32 bits maskable) Transmission Control Protocol (TCP) flags (6 bit) (bit-maskable) Upper Layer Protocol (8 bits) Ethernet Type (16 bits) Type Of Service (TOS) (8 bits) (bit-maskable) Source Port (16 bits) Destination Port (16 bits) Every filter in a filter group is identified by a number from 1-31. delete.

0.0. If these parameters specify filter groups. If these TLVs are not present. Each modem is assigned four separate filter groups: • • • • upstream traffic from the modem downstream traffic to the modem upstream traffic for CPEs behind the modem downstream traffic to the CPEs behind the modem.0 src-mask 0. When a modem registers. A packet matches a filter if all of the values of the filter fields match the values in the corresponding packet fields.0. filter groups are assigned for that cable modem. then these filter groups are used for the modem.0.C4 CMTS When a CM is registered.0.0 dest-mask 0. the modem configuration file can have TLVs in it that instruct the CMTS to set up IP filtering for that modem. two sets of data are used to determine if IP filtering is to be applied to the modem. The syntax of the filter command is… configure ip filter group <group number> index <index> [parameter name <value>] Common Upper Layer Protocol Filters The following table provides name and description for common IP.0 dest-addr 0.0. First. Table 13-1: Common ULP Filters Name src-addr 0.0.0.2. Standard ARRIS PROPRIETARY — All Rights Reserved 13-3 . then the system-wide parameters specifying default filter groups are examined. ULP.0 ulp 1 ulp 6 ulp 17 ulp 256 ulp 257 port 23 port 25 port 68 port 67 Description any host source any host source any host destination any host destination ICMP TCP UDP any protocol UDP and TCPa telnet SMTP bootpc bootps Release 4. and port filtering parameters.

13-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . These default filters do not depend on the IP filters created in software.0. If this feature has been disabled.255.0/8 (loopback) 240. Throttling. use the following command to re-enable the default in order to drop directed broadcasts: configure interface <interface> <slot/port> no ip directed-broadcast However.0/4 (experimental) The following ranges of source IP addresses are dropped: • • How to Re-enable Default for Directed Broadcasts 224.255.0. The following ranges of source and destination IP addresses are dropped: • • • 0.255. DHCP traffic with destination IP address 255.13 IP Packet Filtering.255 (mask) The C4 CMTS drops all directed broadcasts by default.0/8 (0 addresses) 127. To enable both UDP and TCP filtering in the same filter. and CAR Table 13-1: Common ULP Filters Name port 69 port 137 port 138 port 139 port 2301 port 206 port 65536 tftp Microsoft SMB Microsoft SMB Microsoft SMB Compaq Insight Manager Apple Ethertalk any port Description all ports listed in /etc/services on any UNIX system all protocols listed in /etc/protocols on any UNIX system a. use the following command and then define the desired filter: configure operation mode enbudptcpfltr Default IP Filters The C4 CMTS is configured by hardware design to drop certain ranges of IP addresses. and destination port 67 is allowed to pass to the DHCP relay agent.0.0.255.0/4 (multicast) 255.0.255.0.0.0. source port 68.

Standard ARRIS PROPRIETARY — All Rights Reserved 13-5 . and Destination Parameters The optional parameters controlled by this command for a particular filter are listed below. Source. then all packet ULP values are considered a match. which acts as a match-all or wildcard. The match-all value for the ULP field is 256. the packet is dropped or accepted by the first matching filter. The command syntax for each parameter is in the column to the right: • • • • • • • • • • • • Source IP address Source IP mask Destination IP address Destination IP mask Type of service Type of service mask TCP flag TCP flag mask Source port Destination port Filter action: drop or accept Upper level protocol (ULP) [src-addr <IP address>] [src-mask <IP mask>] [dest-addr <IP address>] [dest-mask <IP mask>] [tos <TOS>] [tos-mask <TOS mask>] [tcp-flag <TCP flag>] [tcp-flag-mask <TCP flag mask>] [src-port <source port>] [dest-port <destination port>] [action <drop|accept>] [ulp <Upper Level Protocol>] The source and destination port fields of a filter can be given the value of 65536. the filter action is applied to that packet. Release 4.C4 CMTS Subscriber Filters Subscriber IP Filter Parameters The C4 CMTS has the ability to block unwanted subscriber traffic. The filters (indexes) in a filter group are applied in order starting with the lowest index number and proceeding to the highest. Once a matching filter is found for a packet. the following parameters apply: • • • Modems must reregister or be enabled (per modem) in the MIB in order to use the filter Filters are applied after a valid SID (Service IDentification) is assigned Filters can be modified with new rules applied dynamically NOTE If a filter group has been applied to a registered modem and a new filter index is added to that group. Type of Service. If the ULP field in the filter is set to 256. for example. the remaining filters in that group are not applied to the packet. then any value in a source port fields of the packets is considered a match. the modem does not have to re-register for that filter index to be enabled. In other words. of the filter is set to 65336.2. If the source port field.

d dest-mask 255. combined UDP and TCP filtering is enabled. otherwise it is cleared. index 1 13-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . If the bit is set.0 action drop The system responds: IP packet filtering rule has been specified for group 1. a bit field (enbudptcpfltr) has been added to an object (cadSysSpOperMode) in the CADANT-CMTS-SYSTEM-MIB. Throttling.0.c. To enable/disable this bit.0 CMs in DocsQosServiceFlowEntry (adjrxpwrctl) Allow adjustment of rx power control by mod type (enbudptcpfltr) Allow combining of Udp and Tcp messages in same filter (upce) Enable Upstream Packet Classification Enforcement (cmstatusoperational) Allow modem status at the CMTS to reach operational(8) (cpeNacksForceCmReset) Force CM reset upon receiving 3 consecutive CPE NACKs (docsis20test) DOCSIS 2. 1 Add a filter to drop packets destined for a given destination address: configure ip filter group 1 index 1 dest-addr a. use the following command: configure [no] operation mode enbudptcpfltr The default for this command is On.13 IP Packet Filtering.0 Testing (pocoUpstreamFifoFullFatal) Force card recovery on poco upstream fifo full error (broadcomPktReadyFullFatal) Force card recovery on broadcom packet ready full error (spiLockupFatal) Force card recovery on spi lockup error End of Example Procedure 13-1 How to Add Filters to the CMTS Use the following procedure to add filters using the CLI. This bit is used to enable and disable the ability to filter on UDP and TCP messages with the same filter.b. Use the following command to show the current states of the ULP operation modes: show operation mode The output is similar to the following sample: C4-8# show Enabled : Enabled : Enabled : Disabled : Enabled : Enabled : Disabled : Enabled : Enabled : Enabled : operation mode (dqossf10cms) Allow 1. and CAR Upper Layer Protocol Traffic Policing In order to filter on UDP and TCP traffic using the same filter.255.

C4 CMTS NOTE All IP filter parameters that are not specified are set to match-all. This value must be entered in hex in the command line. The command syntax requires hexadecimal values.255. Standard ARRIS PROPRIETARY — All Rights Reserved 13-7 . The tcp-flag is a subset of tcp-flag-mask.0. It is based on the values of the TCP flags fields: tcp-flag and tcp-flag-mask. respectively.d src-mask 255.b. configure ip filter group 1 index 5 ulp 6 tcp-flag 80 tcp-flag-mask 84 action accept Where 80 is in hex code = 128 (decimal) 84 is in hex code = 132 (decimal) 6 Add a filter to drop UDP packets with a destination port of 50.0 action drop 3 Add a filter to drop IP packets with a TOS value of 4: configure ip filter group 1 index 3 tos 4 tos-mask <00ff> action drop Where: allowed) 4 = the tos value (00-ff is the range of hexadecimal values 4 Add a filter to drop TCP/UDP packet with a Source Port of 100: configure ip filter group 1 index 4 src-port 100 action drop 5 The command in this example is used to add a filter to accept TCP packets.c. Values of the associated flags are added together to determine the value of the tcp-flag-mask. The decimal and binary equivalents are added for your convenience: urgent = 80 (hex) = 128 (decimal) = 10000000 (binary) ack = 40 (hex) = 64 (decimal) = 01000000 (binary) push = 20 (hex) = 32 (decimal) = 00100000 (binary) reset = 10 (hex) = 16 (decimal) = 00010000 (binary) syn fin = 08 (hex) = 8 (decimal) = 00001000 (binary) = 04 (hex) = 4 (decimal) = 00000100 (binary) A value of 132 (decimal) designates packets with urgent (128) and fin (4) flags.2.000: configure ip filter group 1 index 20 ulp 17 dest-port 50000 action drop Where ulp 17 is the Upper Layer Protocol (packet type) for UDP Release 4. 2 Add a filter to drop a given source address: configure ip filter group 1 index 2 src-addr a.

0 ulp 257 tos 0 tos-mask 0 src-port 136 dest-port 136 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 3 dest-addr 0.0.0.0.0 src-mask 0.0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 137 dest-port 137 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 4 dest-addr 0.0.0 dest-mask 0.0 dest-mask 0.0. and CAR 7 Add a filter to drop all TCP packets from a given source port and to a given destination port: configure ip filter group 1 index 1 ulp 6 src-port nnn dest-port nnn action drop Where: nnn is the number of a port ulp 6 is the Upper Layer Protocol (packet type) for TCP 8 Add a filter to drop all UDP packets meant for a given destination port: configure ip filter group 1 index 1 ulp 17 dest-port nnn action drop Where nnn is the number of a port ulp 17 is the Upper Layer Protocol (packet type) for UDP 9 Display setup information for a given IP packet filter: show ip filter group <group number> index <index> If the group and index numbers are valid.13 IP Packet Filtering.0.0 dest-mask 0.0 ulp 257 tos 0 tos-mask 0 src-port 135 dest-port 135 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 2 dest-addr 0.0 dest-mask 0.0. the system responds with information about the filter in question.0.0.0.0.0 dest-mask 0.0.0. Throttling.0.0.0.0 dest-addr 0.0 ulp 257 tos 0 tos-mask 0 src-port 139 dest-port 139 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 6 dest-addr 0.0.0 dest-mask 0.0.0.0.0 dest-mask 0. address configure ip filter group 2 index 1 dest-addr 0.0.0. Example of a Filter The series of commands below creates a filter designed to drop netbios traffic and allow all other traffic from a CPE with a 24.0 ulp 257 tos 0 tos-mask 0 src-port 138 dest-port 138 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 5 dest-addr 0.0.0.0.0 ulp 257 tos 0 tos-mask 0 src-port 445 dest-port 445 tcp-flag 0 tcp-flag-mask 0 action drop configure ip filter group 2 index 7 src-addr 24.0.0.0.0.0 ulp 256 tos 0 tos-mask 0 action accept Confirm your results with the following command: show ip filter group 2 13-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

0/0 0.0/0 2 3 0.0/0 2 5 0.0/0 0.0/0 ULP --257 257 257 257 257 257 256 TOS ----00/00 00/00 00/00 00/00 00/00 00/00 00/00 SPort DPort TCP Action ----.0.0.0.0 Destination mask: 0.0.0/0 0.0.0/0 0.0.0.0 Source mask: 0.00 drop 139 139 00.0 Destination address: 0.0.00 drop 445 445 00.00 drop .0.0.0.0/0 2 4 0.0/0 Destination -----------------0.0.----.00 drop 136 136 00.0.C4 CMTS System response: C4# show ip filter group 2 Grp Idx Source ---.0.----.00 drop 137 137 00.0. Standard ARRIS PROPRIETARY — All Rights Reserved 13-9 .0.0.0/0 0.00 drop 138 138 00.0.0.2.0/0 2 7 24.0.0.0.0.0/0 2 6 0.0.-----------------2 1 0.0.-----135 135 00.0.0.0.0.0/0 2 2 0.0.0.0. accept Matched ------0 0 0 0 0 0 0 The following command displays the settings for filter index 1 of group 2 in verbose mode: show ip filter group 2 index 1 verbose IP Filter Group For Group 2 Index 1 Source address: 0.0/0 0.0.0 ULP: 257 TOS: 00 TOS mask: 00 Action: drop Number of times rule was matched: 0 Source Port: 135 Destination Port: 135 TCP Flag Value: 0x00 End of procedure Release 4.0.0.--.0.

A value of 0 in the <0-1023> field indicates no filter group applies. the Purpose … default-cpe-control {on|off} configure subscriber default-[name] filter groups go into effect upon the next registration of a modem.* a. Use the following command to turn CPE control on or off: configure subscriber [default-cpe-control <"on"|"off">] Filters and filter groups may be created in advance. and CAR Setting Default Filter Groups Default filter groups are used when no groups are specified in the TFTP file. If modems are registered before IP filtering is enabled.13 IP Packet Filtering. Any modems that register or re-register after packet filtering is enabled are affected by the filters. filters are applied to modems as they range and re-register. Throttling. … default-sub-grp-down <0-1023> CPEa. but not applied. Default = off. 13-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Defaults apply to all parameters if not specified in the cable modem config file.* Identifies the default filter group assigned to downstream traffic going to CMs. Setting a default group to “0” means no filter group applies. … default-max-cpe <1-23> … default-cpe-ip-learn {on|off} Enables or disables learning of CPE IP addresses. Set Defaults and Enable Packet Filtering Use the following commands to set defaults for registering modems: configure subscriber <default parameter> The default parameters are described in Table 13-2. Once default-cpe-control is turned on. It is used to show the IP address of a CPE.* Identifies the default filter group assigned to upstream traffic from CMs. the show cable modem interfaces cpe-ip command does not work. Defines maximum number of IP addresses allowed behind the CM. their packets will not be affected by the packet filters. Filters may also be enabled in the MIB. if the default-cpe-control is set to off. If packet filtering is turned off (default-cpe-control = off). Table 13-2: Default Settings for IP Filtering Parameter configure subscriber … Enables or disables IP filtering. … default-sub-grp-up <0-1023> … default-cm-grp-down <0-1023> … default-cm-grp-up <0-1023> Identifies the default filter group assigned to downstream traffic going to Identifies the default filter group assigned to upstream traffic from CPE hosts. Recommended setting: on. When enabled.

0. Use the following sequence of commands (or scripting) as an example of filter group configuration: # <MGMT SN> = Management Subnet Network Address # <MGMT SNM> = Management Subnet Network Mask # Turn on ULP 257 mode config operation mode enbudptcpfltr # Assign default-sub-grp-down to filter group 1 config subscriber default-sub-grp-down 1 # Assign default-sub-grp-up to filter group 2 config subscriber default-sub-grp-up 2 # Assign default-cm-grp-down to filter group 3 config subscriber default-cm-grp-down 3 # Assign default-cm-grp-down to filter group 4 config subscriber default-cm-grp-up 4 # Turn on filtering configure subscriber default-cpe-control on # Turn on filtering configure subscriber default-cpe-ip-learn on #filter group 1 for default-sub-grp-down #drop microsoft netbios transport config ip filter group 1 index 1 ulp 257 src-port 65536 dest-port 137 action drop config ip filter group 1 index 2 ulp 257 src-port 65536 dest-port 138 action drop config ip filter group 1 index 3 ulp 257 src-port 65536 dest-port 139 action drop #drop compaq insight manager config ip filter group 1 index 4 ulp 17 src-port 65536 dest-port 2301 action drop #drop apple ethertalk config ip filter group 1 index 5 ulp 17 src-port 65536 dest-port 206 action drop #allow icmp to management subnet config ip filter group 1 index 6 src-addr <MGMT SN> srcmask <MGMT SNM> dest-addr 0.0 dest-mask 0.0 dest-mask 0.0.0 ulp 1 action accept #allow udp from management net config ip filter group 1 index 7 src-addr <MGMT SN> srcmask <MGMT SNM> dest-addr 0.2.0. Standard ARRIS PROPRIETARY — All Rights Reserved 13-11 .0.0.0.C4 CMTS IP Packet Filtering Configuring Example Command Sequence (Script) This scenario assumes that the CAM is in-service and that its RF parameters have been set.0.0.0 ulp 17 action accept #drop all other bootp Release 4.

0.255.0 src-mask 255.16.255 ulp 17 src-port 68 dest-port 67 action accept #allow bootp to mgmt net config ip filter group 2 index 7 src-addr 0.168.255.0.255.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0.0.0.13 IP Packet Filtering.240.0 dest-mask 0.0 srcmask 0.0.0. and CAR config ip filter group 1 index 8 ulp 17 src-port 65536 dest-port 67 action drop config ip filter group 1 index 9 ulp 17 src-port 65536 dest-port 68 action drop #drop 10.0 action drop #filter group 2 for default-sub-grp-up #drop microsoft netbios transport config ip filter group 2 index 1 ulp 257 src-port 65536 dest-port 137 action drop config ip filter group 2 index 2 ulp 257 src-port 65536 dest-port 138 action drop config ip filter group 2 index 3 ulp 257 src-port 65536 dest-port 139 action drop #drop compaq insight manager config ip filter group 2 index 4 ulp 17 src-port 65536 dest-port 2301 action drop #block apple ethertalk config ip filter group 2 index 5 ulp 17 src-port 65536 dest-port 206 action drop #allow bootp config ip filter group 2 index 6 src-addr 0.0 srcmask 0.x 192.x.x.0 srcmask 0.0.0 src- 13-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .0.16.x.0 srcmask 255.0 action drop config ip filter group 1 index 11 src-addr 172.0.0 src-mask 255.0.0.0 dest-addr 0.0.0.x addresses config ip filter group 1 index 10 src-addr 10.0 dest-addr 0.0.0.0 dest-mask 0.0.0.0.0.0.0 action drop config ip filter group 1 index 12 src-addr 192.0.0.x. Throttling.0.0 dest-addr <MGMT SN> dest-mask <MGMT SNM> ulp 1 action accept #allow dns to mgmt net config ip filter group 2 index 9 src-addr 0.0.168.0 dest-addr <MGMT SN> dest-mask <MGMT SNM> ulp 17 src-port 65536 dest-port 67 action accept #allow icmp to mgmt net config ip filter group 2 index 8 src-addr 0.0 dest-addr 255.255.0.0.0.255 dest-mask 255.0.255.0.x and 172.

0 action drop #filter group 3 for default-cm-grp-down #allow all from mgmt net config ip filter group 3 index 1 src-addr <MGMT SN> srcmask <MGMT SNM> dest-addr 0.0.0 srcmask 255.0.0.0.0.0.0 src-mask 255.0 dest-addr <MGMT SN> dest-mask <MGMT SNM> ulp 17 src-port 65536 dest-port 53 action accept #drop all other traffic to mgmt net config ip filter group 2 index 10 src-addr 0.C4 CMTS mask 0.0.x.0.0.0.0 srcmask 0.0 dest-addr <MGMT SN> dest-mask <MGMT SNM> ulp 17 action accept #alow icmp to mgmt net config ip filter group 4 index 2 src-addr 0. Standard ARRIS PROPRIETARY — All Rights Reserved 13-13 .0 action accept #drop rest config ip filter group 3 index 2 action drop #filter group 4 for default-cm-grp-up #allow upd to mgmt net config ip filter group 4 index 1 src-addr 0.0.0. Release 4.0 srcmask 0.0.0.x 192.2.0 dest-mask 0.0.16.x.168.0 dest-addr 0.255.0.0 dest-mask 0.240. The subscriber management MIB provides a more secure mechanism because the network operator controls the physical access to the CMTS.0.0.0.0 dest-addr <MGMT SN> dest-mask <MGMT SNM> action drop #drop 10.0 dest-mask 0.0 srcmask 0.0.0 dest-addr 0.16.0 action drop config ip filter group 2 index 13 src-addr 192.x.0.0.0.0.x addresses config ip filter group 2 index 11 src-addr 10.0.0.0.0.0.0 dest-addr 0.0.0 dest-addr <MGMT SN> dest-mask <MGMT SNM> ulp 1 action accept #drop rest config ip filter group 4 index 3 action drop Per-Interface / Per-VRF Filtering This feature enhances the ability of MSOs to filter out malicious data. but is actually provided by the subscriber management MIB.0.0 dest-mask 0.168.x.0.0.0.0 src-mask 255.0. especially from subscribers who have tampered with cable modem software in order to disable IP packet filtering.0. The IP packet filtering described above duplicates the functions of the DOCSIS® cable management MIB.0.0 action drop config ip filter group 2 index 12 src-addr 172.x and 172.0. Per-interface / per-VRF packet filtering can be used to ensure that packets from a malicious user who has hacked into the CM software will not be given access to the network infrastructure.

The provisioning system identifies which subinterface each modem resides on. This capability exists today in any system compliant with DOCSIS® 1.e. However. Throttling. it is doing DHCP).<vrf>] subscriber default-sub-grp-up <group> config interface cable <slot>/<port>[. the per-subinterface filter groups are not used if filter groups are assigned in the modem configuration file. each subinterface is paired one-toone with a VRF) environment. It then uses the modem to which the CPE is attached to determine the CPE’s subinterface. and CAR In a multiple subinterface (currently. An enhancement added to the per-subinterface (VRF) IP filtering feature is the ability to assign default IP filter groups based on the subinterface. they are used in place of the system-wide default filter groups. which it must do to assign the IP address. If per-subinterface filter groups have been assigned. since CPE assignment to a subinterface would take place when it gets its IP address. modems on each subinterface could be assigned modem configuration files that specify filter groups that are specific for that subinterface. For CPEs. the CPE's filter group will change if the CPE is in a different subinterface than the modem and that subinterface has default values that are different from the modem’s.<vrf>] subscriber default-sub-grp-down <group> config interface cable <slot>/<port>[. it initially uses the CPE filters associated with the modem's subinterface.<vrf>] subscriber default-cm-grp-up <group> 13-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Once it obtains an IP address. The following CLI commands assign default filters for a sub-interface: config interface cable <slot>/<port>[. and derived from the IP address of the CM or CPE.13 IP Packet Filtering.1. the assignment using these new subinterface level filter group parameters would take place when an IP address is assigned by DHCP. If a CPE doesn't have an IP address when it is first learned (i.<vrf>] subscriber default-cm-grp-down <group> config interface cable <slot>/<port>[. in addition to when the CPE is learned.

it can only match and take action if none of the filters above it find a match. The information captured by hardware and stored in a First In First Out (FIFO) buffer for each packet is called a capture entry. then a new IP filter can be created which does the matching and capturing. the action of that filter will override the actions of those behind it. A capture entry contains the following: • • A capture entry header containing some information specific to this packet Up to the first 100 Bytes of the captured packet This capture entry is read out of the FIFO by software so it can be parsed and reformatted to display as much or as little of the gathered information as desired. If the first filter in a group to satisfies the matching conditions then it is the one and only one to match. This is true regardless of how the IP filters Drop/Pass action is set. Release 4.2.C4 CMTS Debug IP Packet Capture The IP Packet Capture feature allows the user to select an existing IP filter and add an attribute (sets a debug_capture flag bit in hardware) to capture information about incoming frames that are matching this particular filter. The capture entry header reveals where the match physically occurred. So whenever a packet matches the new filter. If an IP filter with the appropriate matching parameters is not currently in the filter group. Channel ID. some of the capture data is discarded. Standard ARRIS PROPRIETARY — All Rights Reserved 13-15 . it has priority over the filters listed behind it. if a filter is added to the end of the list in a group. destinations and protocols. Any number of IP filters can be set to capture information about the frames they are matching. Capturing the first 100 bytes of a packet provides sufficient information about sources. It also provides Trigger function type. The capturing of frame data occurs whenever an IP filter matches and its debug_capture hardware flag is set. When a new IP filter is added to the front of the group. Likewise. All of the frame information for all of the IP filters set to collect information is aggregated in the capture buffer. Obviously if too many IP filters are enabled to capture frame data and there is heavy traffic load. and can be used to reference count information associated with the IP filter and group that matched. and other pertinent information. NOTE Exercise caution when adding new IP filters: they may affect the actions of existing IP filters. Functionality is identical for both US and DS IP filters.

13 IP Packet Filtering. It logs the interface on which the packet was received. if appropriate.e. It also logs the source of the capture. The log keeps a counter that shows how many packets were dropped from the log. There is however a practical limit as to how many flows can be monitored and how much traffic can be passed from the hardware up to the software. including the direction. and CAR There is no limit in software to the number of IP filters that can be enabled for packet capture. i. Throttling. In the case where a packet capturing filter matches so many packets that the hardware and software cannot process them. then these packets will be dropped from the log. and ULP. use the following command: configure no {cable|ip} filter log The logging of captured packets is turned on with the following commands: configure [no] logging debug ip packet brief [slot <slot>] The command above uses the brief option. it simply means that these packet captures were not included in the log. DIP. the hardware and software that gather the packets only allow as many through as can currently be processed. System performance and throughput will not suffer even if IP filters capture too many packets. IP filter group/index). This limit is difficult to define since it is based on several variables.. configure [no] logging debug ip packet detail [slot <slot>] 13-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . CLI Commands Use the following command to enable an IP filter to capture packets and send them to the capture FIFO: configure {cable|ip} filter group <group> index <index> log Use the No version of the previous command to disable IP packet capture for a particular filter: configure [no] {cable|ip} filter group <group> index <index> log To disable packet capture on all filters. The Debug IP Packet Capture utility has been designed to be non-interfering. Though it is possible to configure IP filters that capture huge numbers of packets.e. i. and the SIP. This does not mean that the packets were prevented from reaching their destinations. All IP filters could be triggering packet captures. have the debug_capture bit asserted.

dhcp. including whether packet capture is enabled: show {cable|ip} filter Packet Throttling Packet throttling prevents or limits the impact of denial of service (DoS) attacks. the C4 can continue to function as a router during malicious attacks. This feature allows the C4 to select and police packets destined for the FCM processor according to packet protocol type.igmp. Release 4.Protocol (arp. limited to the length that the hardware supports in the capture FIFO. which corresponds to the detail option. valid range = 0-65535 0 = “allow none”. Packet throttling for the SCM is indiscriminate: you can throttle the overall packet rate but not individual packet types. Sample system response: List Elements .other) Not specifying will set the global throttle rate FCM Protocol Policing This feature is also known as Improved Denial-of-Service Attack Protection.icmp. use the following command: configure slot 19 proto-throttle-rate <packets> Where slot number = 19 or 20 packets = (packets per second).ospf. By selectively throttling undesired protocol packets. Use the following command to set global or protocol-specific packet throttling for the FCM: configure slot <slot number> proto-throttle-rate <packets/second> {igmp|dhcp|arp|rip|ospf|other} Where slot number = 17 or 18 for the FCM packets per second = a valid range of 0-65535 0 = “allow none”. logs the contents of the packet. Use the following command to display provisioning for filters. The C4 CMTS has the ability to throttle the rate at which packets are forwarded to the SCM modules.rip.2. This alleviates the impact of various denial of service (DOS) attacks because critical packets continue to be processed by the C4. Standard ARRIS PROPRIETARY — All Rights Reserved 13-17 .C4 CMTS The second version of the command. To configure protocol throttling for the SCM.

Use the following command to display protocol-throttling settings and counts: show proto-throttle-rate The following is a example of the system output: Protocol Throttle Rates ----------------------FCM global packet rate: ARP packet rate: DHCP packet rate: ICMP packet rate: OSPF packet rate: RIP packet rate: IGMP packet rate: FCM other packet rate: SCM global packet rate: Protocol Received Counts -----------------------FCM global packets passed: FCM global packets dropped: ARP packets passed: ARP packets dropped: DHCP packets passed: DHCP packets dropped: ICMP packets passed: ICMP packets dropped: OSPF packets passed: OSPF packets dropped: RIP packets passed: RIP packets dropped: IGMP packets passed: IGMP packets dropped: FCM other packets passed: FCM other packets dropped: Protocol Sent Counts -------------------FCM global packets: ARP packets: DHCP packets: ICMP packets: OSPF packets: RIP packets: IGMP packets: 900 700 500 100 100 100 100 0 900 packets/second packets/second packets/second packets/second packets/second packets/second packets/second packets/second packets/second 401 0 2 0 0 0 0 0 399 0 0 0 0 0 0 0 packets packets packets packets packets packets packets packets packets packets packets packets packets packets packets packets 326 47 0 0 0 279 0 packets packets packets packets packets packets packets 13-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and CAR If none of the optional protocol types are specified. Throttling.13 IP Packet Filtering. the command serves to set the global throttle rate (total of all packet types) allowed through the FCM.

This command can be entered multiple times for an interface. The C4 CMTS must be equipped with one or more GNAMs to enable this feature. it does not remove any ACLs that are referred to by the rate limiting commands. while packets that exceed the acceptable limits are dropped. Aggregate bandwidth rate limits match all of the packets on an interface. Standard ARRIS PROPRIETARY — All Rights Reserved 13-19 . Granular bandwidth rate limits match a particular type of traffic based on precedence. The rate-limiting feature of CAR manages the access bandwidth policy for a network by ensuring that packets falling within specified rate limits are sent. application port. Provides the ability to define Layer 3 aggregate or granular incoming or outgoing (ingress or egress) bandwidth rate limits and to specify traffic handling policies when the traffic either conforms to or exceeds the specified rate limits. Use the following command to display the rate limits on the specified interface: show interface gigabitethernet <slot>/<port> rate-limit Release 4. After a packet has been classified. IP address. the rate-limiting function of CAR does the following: • • Allows control over the maximum rate of traffic sent or received on an interface. Specifically. Use the following command to delete all rate limiting information for an interface with the following CLI command: configure interface {gigabitEthernet | fastEthernet} <slot>/<port> no rate-limit {input | output} This command above removes the rate limiting information. traffic matching that classification can be rate limited. or other criteria specifiable by access lists or extended access lists. It enables you to classify packets using policies based on physical port.2. source or destination IP address. CLI Commands and Examples The Committed Access Rate feature is configured with the following CLI command: configure interface {gigabitEthernet | fastEthernet} <slot>/<port> rate-limit {input | output} [access-group acl-index] bps burst-normal burst-max conform-action action exceed-action action This command is supported for GNAM interfaces only.C4 CMTS Committed Access Rate Committed Access Rate (CAR) is a rate-limiting feature for policing traffic. IP protocol type. or other parameters. Each time it is entered a new set of rate limit constraints is added to the end of a list of rate limits.

0 bytes. action: drop current burst: 0 bytes last cleared 00:03:59 ago matches: access-group 102 params: 10000000 bps. 2812500 limit. action: drop current burst: 0 bytes last cleared 00:03:59 ago Output matches: all traffic params: 15000000 bps. action: drop current burst: 0 bytes last cleared 00:03:59 ago Use the following command to display the rate limits counts on the specified interface: show interface gigabitEthernet 14/1 rate-limit counts Slot/ Port 14/1 14/1 14/1 14/1 Dir Access Group In 101 In 102 In All Out All Rate Limit bps 20000000 10000000 80000000 150000000 -----Conform-----packets bytes 3 189 0 0 5 315 0 0 -----Exceed------packets bytes 0 0 0 0 0 0 0 0 Use the following command to provision a standard ACL: configure access-list acl-index {deny | permit} source [source-wildcard] Where the acl-index = 1-99. action: transmit exceeded 0 packets. 0 bytes. 0 bytes. action: drop current burst: 0 bytes last cleared 00:03:59 ago matches: all traffic params: 8000000 bps. 24000 limit. 32000 extended limit conformed 3 packets. 16000 limit. 32000 extended limit conformed 0 packets. 13-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 315 bytes. and CAR Sample output: gigabitEthernet 14/1 Input matches: access-group 101 params: 20000000 bps.13 IP Packet Filtering. 2812500 extended limit conformed 0 packets. 0 bytes. 24000 extended limit conformed 5 packets. action: transmit exceeded 0 packets. 24000 limit. 0 bytes. action: transmit exceeded 0 packets. Throttling. action: transmit exceeded 0 packets. 0 bytes. 189 bytes.

the C4 CMTS supports the additional optional parameter string [operator [port]] after both the source.2. When an ACL is used for rate limiting. If a packet matches a deny entry. If an access list is not present. configure access-list <ext-acl-num> <permit | deny > {{protocol-ip <src-ip | dst-ip>} | {tcp <src-ip> <srcoper> <dst-ip> <dst-oper> <opt>} | {udp <src-ip> <srcoper> <dst-ip> <dst-oper> <opt>} | {icmp <src-ip> <dstip> <opt> [type [code]]} | {igmp <src-ip> <dst-ip> <opt> [type]} | {num <src-ip> <dst-ip> <opt>}} The full command is used to assign the extended ACL index in the range of 100-199. If no matches are found. See the CLI Command Reference Manual for command syntax. classification for that ACL stops and the packet is not policed for that ACL. or to make a remark). if a packet matches a permit entry. the rate-limit command acts as if no access list is defined and all traffic will be rate limited accordingly. CAR supports protocol values in an extended access list of the following protocols: • • • • • • ip tcp udp icmp igmp or an integer in the range from 0 to 255 representing an Internet protocol number. then rate limiting is applied to the packet and processing stops. to configure the action (permit or deny policing. Use the following commands to create a extended access list. and to configure the desired protocol. Release 4.C4 CMTS Use the following command to provision an extended ACL: configure access-list acl-index {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence][tos tos] [fragments] Where the acl-index = 100-199. then the packet passes without any rate limiting. and the additional optional parameter [established].and destination-wildcard options. If the protocol value in an extended access list is tcp. Standard ARRIS PROPRIETARY — All Rights Reserved 13-21 .

and a total of 128 access list entries per GNAM in each direction. or police. 13-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Use the clear counters {gigabitEthernet | fastEthernet} <slot>/<port> command the clear the rate limit counters for the specified interface. A message type is a number from 0 to 15. The type is a number from 0 to 255. the C4 CMTS supports the additional optional parameter string [operator [port]] after both the source. and CAR If the protocol value in an extended access list is udp. ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code. drop. The GNAMs count the number of packets and bytes that conform to the rate limit and the number of packets and bytes that exceed to the rate limit. The GNAMs support classification actions on matching packet of pass.000. If the protocol value in an extended access list is icmp. IGMP packets can be filtered by IGMP message type. The range extends up to 1 Gbps. If the protocol value in an extended access list is igmp. The GNAM supports a total of 64 access list entries per interface in each direction. the C4 CMTS supports the additional optional parameter string [icmp-type [icmpcode]].and destination-wildcard options. ICMP packets can be filtered by ICMP message type. and a programmable maximum burst in kBytes (max burst). Use the following command to delete all rate-limiting information for an interface: configure no access-list acl-index Use the show access-list command to display an access-list and its options.13 IP Packet Filtering. with a range of 0 to 375. The number of access list entries for an interface is the sum of the number of access list entries in each access group assigned to an interface for rate limiting.000. The code is a number from 0 to 255. Throttling. The interface rate limiting policers of the GNAMs are based on a leaky bucket function with a programmable leak rate specified in bits per second. Multiple rate limits can be specified for a single interface. the C4 CMTS supports the additional optional parameter string [igmp-type]. The GNAMs support separate actions for conforming traffic (packets when the leaky bucket depth is less than the max burst size) and exceeding traffic (packets when the leaky bucket depth is greater than the max burst size).

3 The nature of the upstream channel causes TCP ACKs to bunch together. the aggregated rate is compared to the preset rates and the new aggregate rate is set at the closest step above the measured rate. 2 When the max rate limit is reached.C4 CMTS Global Rate Smoothing for TCP Traffic Feature This feature applies to both models of CAM.2. Another algorithm is used to determine maximum rate throttling and is similar to the aggregate rate smoothing algorithm. increasing the damage done by reason number 2. This causes data transmissions to come in clusters. the cable modem and the mapper effectively shape the traffic. It forces TCP into a slow rate of growth and guides the TCP rate smoothly to the desired max rate. Aggregate Rate Smoothing — This function slowly ramps up the rate of the aggregate throughput of the downstream pipe. At the end of the averaging period. causing it to throttle back. This gives an early feedback to TCP. using the same rate. reducing throughput. Early Drop Mechanism — This function drops a packet when the rate has climbed over the maximum. TCP then essentially halts until the dropped packets are retransmitted. An algorithm calculates the average aggregate rate over a one second period. The aggregate rate is calculated at every packet arrival. In the upstream direction. Basically the maximum rate is selected: it is the maximum rate detected in the one second interval. the 1Dx8U and the 2Dx12U. Standard ARRIS PROPRIETARY — All Rights Reserved 13-23 . several packets in a row are usually dropped. Release 4. This type of traffic control already is very effective in maximizing the TCP throughput. The chief causes of this reduction are the following: 1 The rate sent over a flow can go from zero to full rate instantly. All TCP flows are throttled. not policed. minimizing the TCP fast-ramp reaction when a file transfer is started. TCP then assumes a fast pipe is available and it increases its rate very quickly. minimizing dropped packets. but before hard rate limiting kicks in. so the upstream is not susceptible to these three effects. It is used in algorithms to control the length of the idle period following each packet. Global Rate Smoothing reduces the adverse effects of the standard policer on downstream TCP traffic. In previous releases under certain conditions the interaction between the policing algorithm of the C4 CMTS and Transmission Control Protocol (TCP) produced undesirable effects in the downstream flow. but it is not calculated in the same way.

and CAR These two mechanisms. Non-TCP packets are always policed to the max rate. are used for TCP traffic only. meaning all violating packets are dropped and all non-violating packets are passed. End of procedure Recommended Settings for Throttle Control The following are recommended proto-throttle-rate settings for various router configurations.13 IP Packet Filtering. Aggregate Smoothing and Early Drop. Throttling. Use the following commands for simplex router configuration: configure slot 17 proto 2000 configure slot 19 proto 100 Use the following commands for simplex router configuration with IGMP enabled: configure slot 17 proto 750 configure slot 19 proto 100 Use the following commands for CCR router configuration: configure slot 17 proto 2000 configure slot 18 proto 2000 configure slot 19 proto 100 configure slot 20 proto 100 Use the following command for CCR router configuration with IGMP enabled: configure slot 17 proto 750 configure slot 18 proto 750 configure slot 19 proto 100 configure slot 20 proto 100 End of Examples 13-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Silver would be fine for most subscribers: it would be much faster and more reliable than dial-up service. The config files use this information as part of setting up the service flows that govern the levels of service awarded to cable modems. From a subscriber’s perspective. They would benefit from higher bandwidth even during peak access times. Service Class Names Introduction Service Class Names (SCNs) are names that serve as handles for Quality of Service (QoS) parameter sets that can be used to simplify configuration. Service Flows (SFs) contain classifiers which determine which packets are included in the SF. Service Class Names are intended to be visible to external Operations Support Systems (OSSs). each with minimum and maximum guaranteed data rates. silver. They impact billing operations because they identify SF counters that are used in the MIBs and in the billing records. SCNs identify the QoS parameter sets that are stored in the C4 CMTS.2. Standard ARRIS PROPRIETARY — All Rights Reserved 14-1 . Their upstream and downstream rates would be much lower. Depending on how the MSO sets it up. and billing rates. gold. and bronze. service classes refer to different levels of service.C4 CMTS 14. for example. Release 4. priorities. An MSO might choose to offer its subscribers three classes of service and call them. The QoS parameter set determines how the packets in the SF are treated. NOTE If there are parameters defined in the config file but also defined in an SCN referenced by that config file. Bronze Service might be satisfactory for mail but not for web surfing. Subscribers opting for Gold Service would pay a premium and would be given priority over others. The SCNs are referenced by configuration files when defining service flows. Bronze subscribers would pay a minimum rate. the config file parameters override those found in the SCN.

• The Service Class Name is expanded to its defined set of QoS parameters at the time the C4 CMTS successfully admits the service flow. QoS Parameters Included in a Service Class Name. A Service Class Name (SCN) is an ASCII string associated with a predefined set of Quality of Service (QoS) parameters provisioned in the C4 CMTS. SCN Example The following examples illustrate scenarios in which service class names are assigned into tiered services – for example Gold. a high-priority flow GoldDown—Scheduling Type = 7 (BE).14 Service Class Names NOTE The service class names used in this section are provided as an example only.1I07-010829. Section 8 and Appendix C. a highpriority flow 14-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . SP-RFIv1. This CM management system would define SCNs and define CM configurations as part of a service-level definition process. For greater detail on these parameters. Traffic Priority = 5. Traffic Priority = 5. NOTE SCNs may be configured in the C4 CMTS via SNMP using a CM management system. refer to CableLabs’ Radio Frequency Interface Specification. When a cable modem registers. its configuration file causes a service flow to be created using the QoS parameters defined by its SCN. these SCNs typically correspond to advertised levels of subscriber service Has a maximum length of 15 characters and is case-sensitive. A Service Class Name: • • • • Enables billing and other Operations Support Systems (OSSs) to distinguish service flows by SCN Simplifies the CM configuration file Simplifies the TFTP configuration file Allows higher-layer applications to create a service flow by Service Class Name. Gold Example — This service class may be structured as follows: • • GoldUp—Scheduling Type = 7 (BE). The MSO may name and configure service class names according to their preference or standard. on page 14-3. The SCN is named in the configuration file. Silver and Bronze. The QoS MIB defines the parameters listed in Table 14-1.

a strict priority flow. This rate expresses an upper boundary. Traffic Priority = 3. not a guarantee that the rate is available. a strict priority flow configured for G. This could have a Traffic Priority = 2. VoIPdown—Scheduling Type = 0. a WRR flow. Traffic Priority = 7. [min-res-rate <value>] Specifies the minimum rate. Traffic Priority = 3. Each tiered service could have flow parameters adjusted to provide greater throughput for higher tiers. Allows service flows to be given priority for delay and buffering. Traffic Priority = 2. MPEGup—Scheduling Type = 4 (rtPS). a mediumpriority flow. a WRR flow. This parameter is the rate parameter R of a token-bucket-based rate limit for packets. a lowpriority flow. FTPdown—Scheduling Type = 0. the C4 CMTS may reallocate the excess. maximum length = 15 characters. R is expressed in bits per second. Traffic Priority = 6. • • • Table 14-1: QoS Parameters Included in a Service Class Name Parameter Keyword Syntax All Flows ServiceClassName (SCN) Priority name <service class name> [priority <priority>] A predefined Quality of Service that is applied to cable modems by a configuration file and used to encode a Service Flow according to the parameter values found in the SCN. The C4 CMTS uses this field to assign traffic priorities. reserved for this Service Flow. If CM requests less bandwidth than this minimum. a lowpriority flow. Traffic Priority = 1. which are implemented using a queuing system. a mediumpriority flow. Traffic Priority = 1.C4 CMTS Silver Example — This service class may be structured as follows: • • SilverUp—Scheduling Type = 7 (BE). Extra service flows could be added using the following service class examples: • • • VoIPup—Scheduling Type = 5 (UGS-AD). a strict priority flow. Standard ARRIS PROPRIETARY — All Rights Reserved 14-3 .2. Purpose MaxTrafficRate MaxTrafficBurst MinReservedRate [max-tr-rate <value>] [max-tr-burst <value>] Specifies the token bucket size B (in bytes) for this Service Flow. This name is case sensitive. Bronze Example — This service class may be structured as follows: • • Additional SCN Examples BronzeUp—Scheduling Type = 7 (BE). FTPup—Scheduling Type = 3 (nrtPS).711 voice. SilverDown—Scheduling Type = 7 (BE). MPEGdown—Scheduling Type = 0. a strict priority flow. Release 4. in bits/sec. BronzeDown—Scheduling Type = 7 = (BE).

the value of this parameter indicates the maximum number of Active Grants per Nominal Grant Interval. If this parameter is omitted. Specifies the nominal interval (in units of microseconds) between successive data grant opportunities for this Service Flow. without negatively impacting existing sessions.14 Service Class Names Table 14-1: QoS Parameters Included in a Service Class Name (Continued) Parameter MinReservedPkt Keyword Syntax [min-res-pkt <value>] Purpose Specifies an assumed minimum packet size (in bytes) for which the Minimum Reserved Traffic Rate will be provided. This parameter is calculated from the FC byte of the Concatenation MAC Header to the last CRC in the concatenated MAC frame. fragmented. This is intended to enable the addition of sessions to an existing UGS Flow via the Dynamic Service Change mechanism. This parameter is typically suited for Real-Time and Non-Real-Time Polling Service. [adm-tmout <value>] <value> Specifies the duration that the C4 CMTS MUST hold resources for a Service Flow’s Admitted QoS Parameter Set while they are in excess of its Active QoS Parameter Set. SchedulingType [type <value>] NomPollInterval [poll-int <value>] TolPollJitter UnsolicitGrantSize NomGrantInterval [poll-jitter <value>] [grant-size <value>] [grant-int <value>] TolGrantJitter [grant-jitter <value>] GrantsPerInterval [grants-per-int <value>] TosAndMask TosOrMask [and-mask <value>] [or-mask <value>] RequestPolicyOct [req-policy <value>] Downstream Flow Only Parameters MaxLatency [max-lat <value>] Maximum downstream latency — a service commitment by CMTS to forward a packet received on a network side interface to the RF interface within the specified number of microseconds. the CMTS MUST change the active and admitted QoS Parameter Sets to null. Required for UGS and UGS/AD Specifies the maximum amount of time (in microseconds) that the transmission opportunities may be delayed from the nominal periodic schedule for this Service Flow. Specifies the unsolicited grant size in bytes. Specifies which upstream scheduling service is used for upstream transmission requests and packet transmissions. whether requests for this Service Flow may be piggybacked with data and whether data packets transmitted on this Service Flow can be concatenated. Required for UGS and UGS/AD For UGS. For UGS/AD. the value of this parameter indicates the actual number of data grants per NominalGrant Interval. Specifies which IUC opportunities the CM uses for upstream transmission requests and packet transmissions for this Service Flow. Specifies the nominal interval (in units of microseconds) between successive unicast request opportunities for this Service Flow on the upstream channel. Specifies the maximum amount of time that the unicast request interval may be delayed from the nominal periodic schedule (measured in microseconds) for this Service Flow. or have payload headers suppressed. ActiveTimeout Specifies the maximum duration resources remain unused on an active Service Flow. If [active-tmout <value>] there is no activity on the Service Flow within this time interval. 14-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . IP Type of Service overwrite. Enables CMTS to overwrite original Type of Service (ToS) byte with new value. Indicates direction: 1 = downstream 2 = upstream AdmittedTimeout dir Upstream Flow Only Parameters MaxConcatBurst [max-burst <value>] Specifies the maximum concatenated burst (in bytes) which a Service Flow is allowed. then the Best Effort service MUST be assumed.

Each advertised subscriber service should have a corresponding Service Class Name.2. These SCNs are called on by the configuration files used to register CMs and by the C4 CMTS to build Service Flows for subscribers. configure qos-sc name VoIPG711 min-res-pkt 0 configure qos-sc name VoIPG711 grant-size 109 configure qos-sc name VoIPG711 grant-int 10000 configure qos-sc name VoIPG711 grant-jitter 1000 configure qos-sc name VoIPG711 grants-per-int 1 configure qos-sc name VoIPG711 max-lat 0 configure qos-sc name VoIPG711 active-tmout 0 configure qos-sc name VoIPG711 adm-tmout 200 configure qos-sc name VoIPG711 type 6 configure qos-sc name VoIPG711 req-policy 000001ff configure qos-sc name VoIPG711 and-mask 00 configure qos-sc name VoIPG711 or-mask 28 configure qos-sc name VoIPG711 dir 2 Release 4. Table 14-2: Examples Tiered Services and Bit Rates Name GoldUp GoldDown SilverUp SilverDown BronzeUp BronzeDown Direction upstream downstream upstream downstream upstream downstream Maximum Traffic Rate in Kbps 192 1024 128 512 64 256 Commands for Adding Service Class Names (VoIP Example) Use the following CLI commands to add a VoIP Service Class conforming to the G. Standard ARRIS PROPRIETARY — All Rights Reserved 14-5 .C4 CMTS Table 14-2 compares typical throughputs of sample service classes.711 standard.

14 Service Class Names 14-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

and Accounting (AAA) Topics AAA Feature Servers and Server Groups Secure Shell Protocol (SSH2) In-Band Management with ACLs Routing to a Null Interface Source Verification of Cable-side IP Addresses Upstream Load Balancing (ULB) DSx DQoS VoIP on the C4 CMTS C4 CMTS Advanced CM Configuration File Verification Page 2 5 14 22 24 25 27 29 31 Release 4.C4 CMTS 15.2. Standard ARRIS PROPRIETARY — All Rights Reserved 15-1 . Authentication. Authorization.

including the amount of time spent on the system. the services accessed. Maintain standardized. Authorization. authentication — the process of identifying an individual. The C4 supports a single console line (the SCM serial port). and several virtual terminal lines (telnet sessions). centralized security accounting records. The model distinguishes authentication (verification of a user’s identity) from authorization (verification that a user’s actions are permissible) and offers accounting services with respect to both. AAA allows a customer to: • • • Definitions and Abbreviations Maintain a central database of user IDs. but also enable centralized administration of security policies across a network of heterogeneous elements. Moreover. passwords. Figure 15-1 provides a network-level illustration. accounting — the process of tracking an individual's activity while accessing a system’s resources. RADIUS — Remote Authentication Dial-In User Service TACACS+ — Terminal Access Controller Access Control System Plus vty — Virtual terminal The AAA Model The AAA security model is an architectural framework for the implementation and management of common security functions within a network of heterogeneous elements. and amount of data transferred. Customize access policies for the C4 command set. authorization. and accounting capabilities of the C4 CMTS through the introduction of the RADIUS and TACACS+ protocols. authorization — the process of granting individuals access to system resources or functions based on the level of service assigned to them. and authentication policies. 15-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . These protocols not only standardize the interface to a network element’s AAA capabilities. line — a point of origin for CLI sessions. user groups.15 Authentication. and Accounting (AAA) AAA Feature The AAA feature enhances the authentication. usually based on a username and password. the model separates security policy from policy enforcement thereby enabling a distributed security scheme with centralized policy management for each independent function.

Similarly. TACACS+ supports full payload encryption via Message Digest version 5 (MD5).2.. Information regarding each authentication or authorization exchange is forwarded to accounting servers where historical records of user activity are maintained. AAA Protocols Several protocols are available for client/server communications in an AAA security implementation including TACACS+ and RADIUS. RADIUS supports only MD5-based encryption of transmitted passwords. For example. an element can defer login authentication to a remote authority but authorizes each command locally based on element-specific policy such as the user’s privilege level. from a password file) but defers authorization to an external server on a per-command basis. RADIUS is more complex and is based on UDP protocol. an element can authenticate locally (e.C4 CMTS login attempt Router Authentication Servers Authorization Servers login attempt command xyz C4 CMTS Accounting Servers Figure 15-1: AAA Security Model In Figure 15-1. It supports request/response transactions for authentication and accounting only. simple authorization is included as part of the authentication process. authorization. Standard ARRIS PROPRIETARY — All Rights Reserved 15-3 . Note that the AAA model itself does not demand a distributed security scheme but simply offers enough flexibility to accommodate it. TACACS+ is a TCP-based protocol supporting distinct request/response transactions for authentication. With RADIUS. Any or all of the AAA functions can be administered locally at an element. Release 4. and accounting.g. the C4 CMTS and the Router are AAA clients that defer login authentication and command authorization responsibilities to remote servers.

and line password. idle timeout. pagination. privilege level) as directed by the server and initiates the service. successful authentication represents the start of service and session termination represents the end of service. Cisco refers to these interfaces as “lines” and provides AAA configuration capabilities on a perline basis. the client drops the connection. AAA Functions Supported by the C4 CMTS 15-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Both protocols employ a similar mechanism in which the client autonomously forwards start-of-service and end-ofservice information to an accounting server. On acceptance. The initial introduction of AAA security in the C4 CMTS includes the AAA security model itself and the RADIUS and TACACS+ protocols. and Accounting (AAA) Both RADIUS and TACACS+ offer authentication for a wide variety of user services including login. each may require a different level of AAA services or possibly none at all.g. while RADIUS supports shell accounting only. TACACS+ supports both shell and command accounting. Authorization.g. entering enable mode). PPP. session timeout. the reason for termination. With TACACS+.15 Authentication. the server may add additional arguments to the command line or may even override the entire argument list. This information can include the number of bytes or packets transmitted or received. For command accounting. successful authorization represents the start of service and command completion represents the end of service. servercontrolled challenge-response mechanism in which the server may issue any number of challenges to a user prior to accepting or rejecting a service request. the elapsed time in seconds. Since the C4 CMTS does not support network-based services such as PPP or SLIP. SLIP. Otherwise. the client forwards each user command along with any associated arguments to the server where the accept/reject decision is made.. Both employ an unbounded. The line interface is also the target of non-AAA configuration parameters such as data rate. privilege-level change (e. the client establishes the service parameters (e. For shell accounting. session timeout value.. Since each interface offers a different level of physical security. idle timeout value. RADIUS supports authorization indirectly through the parameterization of the user session at the conclusion of successful authentication. etc. and password change. Line Interfaces Login and enable services are available via telnet sessions over the SCM maintenance ethernet interface and via the SCM console. If the server rejects a service request. Cisco’s line interface model is included as part of this feature. The client is responsible for executing the accepted command with the server-supplied argument additions or overrides. Only TACACS+ directly supports authorization for user activities via independent request/response transactions.

Key capabilities include: • • • • • • • • • • • • Configuration of login authentication methods on a per-line basis Configuration of enable authentication methods on a per-line basis Line-based authentication Enable-based authentication Local authentication Authentication via TACACS+ Authentication via RADIUS Configuration of authorization methods on a per-interface basis Local authorization Authorization via TACACS+ Shell and command accounting via TACACS+ Shell accounting via RADIUS Servers and Server Groups RADIUS Servers and Server Groups RADIUS uses UDP/IP for all client/server communication and requires MD5-based encryption of any transmitted user password.2. Some network architectures may require multiple servers for reliability purposes. A RADIUS client must therefore be provisioned with server-specific parameters such as IP address. Only command services are considered for authorization for similar reasons. Standard ARRIS PROPRIETARY — All Rights Reserved 15-5 . Other architectures may require independent RADIUS servers (or server clusters) for each supported AAA function. and shared secret. Release 4. port numbers.C4 CMTS only login and enable services are considered for authorization.

timeout value. A single RADIUS server may be assigned to multiple server groups. shared secret. port number. By default no TACACS+ servers exist. the skeleton database does not contain TACACS+ server configuration information. The C4 CMTS supports six independently configurable TACACS+ servers. Configuration information must include the group name and a list of RADIUS servers belonging to the group. A TACACS+ client must therefore be provisioned with server-specific parameters such as IP address. By default no RADIUS server groups exist. By default no TACACS+ server groups exist. the skeleton database does not contain RADIUS server group configuration information.15 Authentication. Support for three independently configurable TACACS+ server groups. and Accounting (AAA) The C4 CMTS supports six independently configurable RADIUS servers. and timeout value. This facilitates support of backup servers. By default no RADIUS servers exist. the skeleton database does not contain TACACS+ server group configuration information. Authorization. authorization port number. All TACACS+ server and server group configuration information must persist across system reboots and power-cycles. Support for two independently configurable RADIUS server groups. The current implementation of RADIUS has the following characteristics: • Configuration information must include the server’s IP addresses. Server and server group configuration information persists across system reboots and power-cycles. port number. A single TACACS+ server may be assigned to multiple server groups (multiple TACACS+ server groups may share common backup servers). • • • • 15-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Some network architectures may require multiple servers for reliability purposes. the skeleton database does not contain RADIUS server configuration information. The current implementation of TACACS+ has the following characteristics: • • Configuration information must include the server’s IP addresses. and shared secret. Other architectures may require independent TACACS+ servers (or server clusters) for each AAA function. shared secret. and retransmission limit. Configuration information must include the group name and a list of TACACS+ servers belonging to the group. accounting port number. • • • • • TACACS+ Servers and Server Groups TACACS+ uses TCP/IP for all client/server communication and requires payload encryption via MD5.

As with authentication. The C4 CMTS supports six independently configurable authentication method lists. or to the local logging function of the C4 CMTS.2. The authorization method lists have the following characteristics: • Configuration information must include the list’s name and an ordered list of authorization methods (TACACS+. RADIUS. authentication may be assigned to several of these methods in order of preference such that method n is employed if method n-1 is not available. The authentication method lists have the following characteristics: • Configuration information must include the list’s name and an ordered list of authentication methods (TACACS+. and none). local. the enable password. plus two additional lists for testing configuration changes. plus one additional list for testing configuration changes). This ordered list of methods is referred to as an authorization method list. local password file. As with authentication and authorization. and none). no authentication method lists exist. • • Accounting Method Lists The accounting function may be assigned to one or more TACACS+ server groups. no authorization method lists exist. By default. the skeleton database does not contain authentication method list configuration information. or the local user/password file.C4 CMTS Authentication Method Lists The authentication function may be assigned to one or more TACACS+ server groups. This provides four independent lists for console and vty login and enable authentication. This ordered list of methods is referred to as an authentication method list. line password. By default. The system must be capable of maintaining unique parameter values for at least six authentication method lists. • • Authorization Method Lists The authorization function may be assigned either to one or more TACACS+ server groups or to the privilege level associated with the current user ID. Moreover. to one or more RADIUS server groups. Standard ARRIS PROPRIETARY — All Rights Reserved 15-7 . The C4 CMTS supports three independently configurable authorization method lists. to one or more RADIUS server groups. or to any of several local methods including the line password. (two independent lists for console and vty authorization. Authorization method list configuration information persists across system reboots and power-cycles. the skeleton database does not contain authentication method list configuration information. Authentication method list configuration information persists across system reboots and power-cycles. accounting Release 4. enable password. authorization may be assigned to multiple methods in order of preference such that method n is employed if method n-1 is not available.

while a vty line is a CLI session over telnet. the skeleton database does not contain authentication method list configuration information. a user logged in on vty 0 may disable/enable pagination without disturbing the state of pagination on vty 1 through vty 6. The following points are a summary of the provisioning of the line interfaces: • The C4 CMTS supports eight independently configurable lines: one console line and seven vty lines. A console line is a CLI session over the SCM’s console port. The C4 currently supports two types of lines: console lines and vty (virtual terminal) lines. • • Lines A line is any point of origin for a CLI session. Accounting method list configuration information persists across system reboots and power-cycles. The accounting method lists have the following characteristics: • Configuration information must include the list’s name and an ordered list of accounting methods (TACACS+. plus two additional lists for testing configuration changes). and Accounting (AAA) may be assigned to multiple methods in order of preference such that method n is employed if method n-1 is not available. no accounting method lists exist. Configuration information must minimally include session timeout. 15-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . This ordered list of methods is referred to as an accounting method list. By default. and password. pagination mode. This allows an operator to modify the configuration of a given line without affecting the configuration of other lines of the same type. RADIUS. and none) (four independent lists for console and vty shell and command accounting. All lines are independently configurable. Authorization. idle timeout.15 Authentication. For example. local. The C4 CMTS supports six independently configurable accounting method lists.

The idle timeout provides the maximum idle time in seconds. A value of zero (default) indicates no pagination. The configuration of login authentication.2. The password provides the line password used for authentication if line-based authentication is active. • By default. any command may be entered on any line without challenge. the line password is undefined. This implies that telnet services are not available on the C4 by default. access to any of the configured lines is granted without challenge. A value of zero (default) indicates no timeout. By default. it is subject to authentication rather than authorization. Note that this does not include the “enable” command. shell accounting. Until enable authentication is manually configured. Vty lines are not new-start configuration ports and are not necessarily physically secure. accounting is disabled on all lines. • Release 4. Until authentication is manually configured. • By default. access to enable mode on any of the configured lines is granted without challenge.C4 CMTS The system must be capable of maintaining unique parameter values for one console line and seven vty (telnet) lines numbered 0 through 15. • By default. Until accounting is manually configured... authentication information. baud rate). The enable command represents a change of privilege level. Since console 0 is the new-start configuration port and is physically secure. no authentication or authorization activities may generate accounting records. This includes line-specific parameters (e. time-outs. authorization. and accounting information. A value of zero (default) indicates no timeout. • • The console line’s data rate is configurable. Standard ARRIS PROPRIETARY — All Rights Reserved 15-9 . • All line configuration information persist across system reboots and power-cycles. By default.g. They exist only if they are manually configured. authorization information. enable authentication. and command accounting services are supported on a per-line basis. therefore. Until authorization is manually configured. no vty lines exist. it exists by default (i.e. The session timeout provides the maximum session length in seconds. • By default. The pagination mode provides the number of lines of consecutive output to display before pausing and prompting. enable authentication is disabled on all lines. login authentication is disabled on all lines. one console line exists. authorization is disabled on all lines. as part of the skeleton database). • By default.

6 use the default timeout and retransmit values of 5 and 3. Each group may be configured with a group name and one or more TACACS+ servers. Servers 10.9.6 are assigned to RADIUS server group group1. authorization port number.8. while server 10.7 key hostRadKey configure radius host 10.8. If the detail keyword is added.7 configure radius group group1 host 10. then utilization and performance measurements are also displayed for each RADIUS server.8.9.9. Each server may be configured with an IP address. Authorization. and 10.8.9.9.7.9.8.9.6 key hostRadKey configure radius host 10. and timeout value.8. All hosts are automatically assigned to the TACACS+ server group named default. shared secret.8. Use the following command to display all configured RADIUS server groups. the members of each group.7 and 10.10. configure tacacs [no] { group string host ipAddress | host ipAddress [key string] [port integer] [timeout integer] [single-connection]} 15-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . shared secret.6 This sequence defines three RADIUS servers .8. and the operational parameters of each group member. 10. and Accounting (AAA) Common CLI Commands for AAA Use the following command to configure RADIUS servers and server groups.7 and 10.9. and retransmission limit. All severs are members of the default RADIUS server group. show radius [detail] Use the following command to configure TACACS+ servers and TACACS+ server groups.9. accounting port number. TCP port number.9.8.9.8.8. timeout value.9.15 Authentication.8. while servers 10.8. All servers are automatically assigned to the RADIUS server group named default.5 key hostRadKey timeout 2 retransmit 5 configure radius group group1 host 10.9.6. configure radius [no] { group string host ipAddress | host ipAddress [key string] [hidden] [auth-port integer] [acct-port integer] [timeout integer] [retransmit integer] } Consider the following examples: configure radius host 10. Each server may be configured with an IP address. Each group may be configured with a group name and one or more RADIUS servers.5 uses a timeout value of 2 and a retransmit value of 5.5 – all of which use the same shared secret (hostRadKey).

8. and the operational parameters of each group member.9.6 are assigned to TACACS+ server group group1. The order of keywords specifying authentication methods is significant in that method n is applied if and only if method n1 is unavailable.8.8.10.9. Standard ARRIS PROPRIETARY — All Rights Reserved 15-11 . Servers 10.8.5 uses the timeout value of 40. Use the following command to display all configured TACACS+ server groups. If the detail keyword is added. The first list specifies two authentication methods: the default TACACS+ server group and the local user/password file.5 – all of which use the same shared secret (hostTacKey).7 and 10.5 key hostTacKey timeout 40 configure tacacs group group1 host 10.7 configure tacacs group group1 host 10.9.9.6 use the default timeout value of 0 which implies no timeout. All severs are members of the default TACACS+ server group.9.8.6 This sequence defines three TACACS+ servers . 10.9.9. then utilization and performance measurements are also displayed for each TACACS+ Server.9. and finally no authentication. show tacacs [detail] Keywords specifying authentication methods may appear in any order. while servers 10.C4 CMTS Consider the following examples: configure tacacs host 10. while server 10.8. The second list specifies four authentication methods: RADIUS server group group1.8. the members of each group.8.8. and they may be repeated. the line password. and 10.9.7 key hostTacKey configure tacacs host 10.8.9.8.7 and 10.6 key hostTacKey configure tacacs host 10.9.9.9. TACACS+ server group group2.2.7. configure [no] authorization listName [local] [tacacs {groupName | default}] [none] Release 4. configure [no] authentication listName [line] [enable] [local] [radius {groupName | default}] [tacacs {groupName | default}] [none] The following commands are valid examples: configure authentication list1 tacacs tac_default local configure authentication list2 radius group1 tacacs group2 line none They define two authentication method lists: list1 and list2.8.6.8.

Use the following command to configure accounting method lists: configure [no] accounting listName [local] [radius {groupName | default}] [tacacs {groupName | default}] As with authentication and authorization. The order of keywords specifying authorization methods is significant in that method n is applied if and only if method n-1 is unavailable. and they may be repeated. The second list forwards accounting records to RADIUS group1 or to TACACS+ group2 if RADIUS group1 is unavailable. the keywords specifying accounting methods may appear in any order. the commands shown in Table 15-1 are possible: Table 15-1: Examples of Commands for Configuring Console Port and Telnet Sessions Command configure line console 0 configure line vty 0 15 configure line vty 1 Purpose To configure the SCM console port To configure all telnet sessions To configure the second telnet session only Each of these commands should cause the CLI to enter line configuration mode where any of the remaining parameters may be set or unset. Authorization. and Accounting (AAA) As with authentication. The order of keywords specifying accounting methods is significant in that method n is applied if and only if method n-1 is unavailable. The following commands are valid examples: configure accounting list1 tacacs default local configure accounting list2 radius group1 tacacs group2 They define two accounting method lists: list1 and list2. The first list forwards accounting records to the default TACACS+ group or to the local log if the default TACACS+ group is unavailable. and they may be repeated. either consoles or virtual terminals (VTYs): configure line { console | vty } startLine [endLine] [no] [session-timeout integer] [idle-timeout integer] [length integer] [password [hidden] string] ] [speed integer] [authentication [login | enable] authenticationList] [authorization authorizationList] [accounting {shell | command integer} [stop-only] accountingList] Since the C4 currently supports a single console port and up to seven telnet sessions.15 Authentication. the keywords specifying authorization methods may appear in any order. Use the following command to configure lines. 15-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Table 15-2: RADIUS Default Values Command Keyword Description Default Value Group Host Key [hidden] Auth-port Acct-port Timeout Retransmit TACACS+ Defaults RADIUS Server Group Name IP address of RADIUS Server Shared Secret Specifies whether the specified key is encrypted. in seconds. that the C4 CMTS will wait for a response from the server before attempting a retransmission Number retransmissions before C4 CMTS declares server unreachable default None None 1812 1813 5 3 The following table lists default values for the TACACS configuration commands. for details. Standard ARRIS PROPRIETARY — All Rights Reserved 15-13 . that the C4 CMTS waits for a response from the server before aborting a TACACS transaction. RADIUS server’s UDP port number for authentication RADIUS server’s UDP port number for accounting Time. CLI Command Descriptions.2. configure enable password <myEnablePassword> Use the following command to add a local user password: configure user <someUser> password <somePassword> RADIUS Defaults The following table lists default values for the RADIUS configuration commands. default None None 49 3 Release 4. in seconds. See configure enable in chapter 26. Table 15-3: TACACS+ Default Values Command Keyword Description Default Value Group Host Key Port Timeout TACACS Server Group Name IP address of TACACS Server Shared Secret TACACS server’s TCP port number Time.C4 CMTS Use the following command to view the status of the active lines: show line [detail] Enabling CLI Password Control for Privileged Commands Use the following command to set a password or encrypted password for granting access to privileged commands.

You may use the following commands to enable SSH: configure crypto key generate dsa configure ip ssh no shutdown Finally. Arcfour. Feature Description SSH is a secure user authentication and connection protocol that operates over TCP/IP. and Accounting (AAA) Table 15-3: TACACS+ Default Values Command Keyword Description Default Value Single-connect If true. 15-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or can be configured to replace them SSH clients connect to SSH servers using TCP port 22 SSH multiplexes multiple sessions over a single TCP port. false Secure Shell Protocol (SSH2) The Cadant C4 CMTS Secure Shell protocol version 2 (SSH2) feature provides enhanced privacy and security. etc. UDP is not supported. SSH uses encryption to secure all traffic in the connection Connection cipher is auto-negotiated from a list of candidates such as 3DES. use show processes | include ssh to verify that the ssh daemon has started. or user digital signatures (public keys) Secure connections to the Cadant C4 CMTS CLI and file systems. Look for the line beginning with ipssh. including: • • • • Setting up the SSH Server Secure encrypted connection capabilities using an SSH2 server User authentication by internal password External RADIUS authentication. Authorization. Diffie-Hellman key exchange establishes the transmission key for the SSH session SSH can use passwords or user public keys to authenticate users The Cadant C4 CMTS SSH2 server supports secure CLI login and FTP services only. Blowfish. The following characteristics apply to the Cadant C4 CMTS implementation of SSH2: • • • • • • • • SSH can work with insecure legacy remote connection protocols such as Telnet and FTP. indicates that the server supports multiplexing multiple TACACS+ sessions over a single connection.15 Authentication. TACACS+ authentication.

Secure CRT & SecureFX for Windows.2. To generate the DSA public and private keys. and PuTTY. and maintain the SSH2 server. SSH2 Security Highlights and Compatibility SSH2 allows for the following security features: • • • • • • CLI Commands User passwords may be authenticated via RADIUS Users can be authenticated via user public keys (instead of only passwords) User passwords and enabling authorizations may be authenticated via TACACS SSH2 is not backward compatible with SSH1 The Cadant C4 CMTS supports SSH protocol version 2 (SSH2) only SSH2 clients include openSSH for Unix. Use the following command to restart the SSH2 server after a configuration change: configure ip ssh restart The default settings will change only when the SSH2 server restarts.C4 CMTS NOTE Secure CLI will look and perform the same as existing CLI. the SSH2 server creates a CLI shell process. operate. Users must enter an enabling password to execute configuration commands. All existing sessions are terminated on a restart. After successful user authentication.2. Secure FTP (SFTP) is not available with Release 4. use the configure crypto key generate dsa command. CLI commands are provided to configure. Management Commands — Use the following command to display active SSH sessions: show ip ssh Use the following command to display the SSH server configuration: show ip ssh config Starting an SSH2 server Use the following command to start the SSH2 server configure ip ssh no shutdown NOTE This will fail if no server host keys have been installed. login is available after restart is complete (generally under 1 second). Standard ARRIS PROPRIETARY — All Rights Reserved 15-15 . Release 4.

Openssh and SSH2/IETF key formats are not supported in software release 4. The default is all ciphers: configure ip ssh [aes] [blowfish] [cast] [arcfour] [3des] Use the following command to allow or disallow password authentication: configure ip ssh [no] password-auth Use the following command to allow or disallow user digital signature (public key) authentication.pem where the User Name is the user’s login name. follow these steps: 1 Only a DER-encoded key is supported by the C4 CMTS.15 Authentication. 2 Upload the user's DSA format PEM-encoded public key file into the following location on the C4 CMTS: /system/sec/ssh/user. 3 The user public file must have the following naming convention: <User Name>. configure ip ssh [no] public-key-auth Managing User Public Keys To add a user public key to the Cadant C4 CMTS. The default is zero. and Accounting (AAA) NOTE Use the configure ip ssh shutdown command carefully.2. you will not be able to use the SSH2 client to issue the restart command. Configuring Server Commands The commands in this section are used to change the SSH server's default settings. Authorization. Use this first command to change the default port from 22 to another port number: configure ip ssh port <port> Use the following command to set the time in minutes the session can remain idle before it will timeout. If the SSH2 server is shutdown. 15-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . which stands for unlimited — no amount of idle time will cause the session to timeout: configure ip ssh idle-timeout <minutes> Use the following command to list the available ciphers. 4 Use legacy FTP to upload the user's public key file only — do not upload the private key file! Verification of SSH and PuTTY Setup Use the following to procedures to set up SSH on the C4 CMTS and to use the PuTTy utility for public key authentication. DER-encoded keys must be in PEM format.

C4 CMTS Procedure 15-1 Setting up SSH on the C4 CMTS 1 Create the directory /system/sec/ssh/server 2 Execute the command: configure crypto key generate dsa 3 Execute the command: configure ip ssh no shutdown 4 Execute the command: configure ip ssh restart End of procedure Procedure 15-2 PuTTY. enter one. SSH. C4. 3 You will be prompted for a pass phrase. If not. 4 Execute the command: openssl dsa -in id_dsa. If you entered a pass phrase when the key was created. overwrite it.pem Replace <username> with the desired username. Public Key Authentication Follow this procedure if you wish to connect securely to the C4 CMTS using PuTTY and SSH with public key authentication: 1 Telnet to a Unix machine which is configured with openSSL crypto and sshkeygen utilities. Standard ARRIS PROPRIETARY — All Rights Reserved 15-17 . you will be prompted to enter it again. If you want to be prompted for this pass phrase when you authenticate to the C4 CMTS. If id_dsa. Release 4. it must be at least 4 characters long.pem already exists. for example.pem -outform PEM -pubout -out <username>.2. you can hit enter twice.pem will be the private key file. The pass phrase is the SSH password.pem The file id_dsa. login: serial pwd: serial 2 Execute the command: ssh-keygen -t dsa -f id_dsa.

DER-encoded keys must be in PEM format. This is this user's public key file and must be FTP'd to the C4 CMTS running SSH. Login with <username>.ppk file you converted with PuTTYgen). 11 Connect to the C4.chiark. whatever filename you called the . Enter the IP address. Authorization. restart the SSH server: configure ip ssh restart 7 From your PC. 2 Update the server DSA format PEM encoded public and private key files into any location on the C4 CMTS.pem".ppk or something that correlates it with the username you entered above. Place the file in /system/sec/ssh/user. Name of 'Saved Session' file and save your profile. 10 From your PC. Go back to 'Sessions'.2. 15-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . 6 At the C4 CMTS. Create a profile for connecting to the SSH server. run PuTTYgen. Proceed to login to the C4 CMTS in the same way as with telnet. 9 Click the "Save private key" button to save the private key file with a ". Open the private key file you created above called id_dsa. You may have to create the /user directory. 3 Import the keys into the MIB tables for use during CCR soft-switches with the following commands: configure crypto key import public-key {path}/{filename} configure crypto key import private-key {path}/{filename} 4 Use legacy FTP to upload the server’s private key file. open PuTTY. This is PuTTY's private key file format and is different from OpenSSH and ssh. SSH.ppk" extension. Select Connection --> SSH --> Auth. Openssh and SSH2/IETF key formats are not supported in software release 4.pem public key file you FTP’d to the C4 CMTS. End of procedure Storing Server Private Keys To store a private key to the Cadant C4 CMTS follow these steps: 1 Only a DER-encoded key is supported by the C4 CMTS. If you entered a pass phrase when the key was created you will be prompted to enter it again. call it <username>.html 8 On the menu bar select Conversions --> import key.com (IETF SECSH).org. and Accounting (AAA) 5 A file will be created called "<username>. and in the “Private key file for authentication” browse to the public key file (the . If you entered a pass phrase you will be prompted to enter this as well.15 Authentication.uk/~sgtatham/putty/download.pem.greenend. PuTTYgen can be downloaded from http://www. On the left side of the PuTTY window you will see a pane called “Category”.

the client can choose whether or not to use password authentication. If not required. If both password and public key authentications are disallowed then all client authentication requests will be rejected. this command requires public key authentication to be performed first. If not required. Port forwarding is allowed. The server requires public key authentication before a client is considered logged in. Default is allowed. Available ciphers are aes. If disallowed then any public key authentication from the client is rejected. No new hardware is needed to support this feature. Release 4. cast.C4 CMTS Feature Dependencies No alarms are associated with the C4 CMTS SSH feature. the client can choose whether or not to use public key authentication. If disallowed. If disallowed. User public key authentication is allowed. Default is not required. Legacy Telnet sessions on port 23 are allowed. Standard ARRIS PROPRIETARY — All Rights Reserved 15-19 . This counter is for both public key and password authentication failures. Password authentication is allowed. Default is 0 (unlimited). blowfish. Public-key-auth must be allowed. Default is all ciphers are available. Default is allowed. If both password and public key authentications are disallowed then all client authentication requests will be rejected. password-auth must be allowed. Comment Allow/Disallow user public key authentication ip ssh public-key-auth ip ssh no public-key-auth Require/Do Not Require password authentication ip ssh password-auth-req ip ssh no password-auth-req Require/Do Not Require public key authentication ip ssh public-key-auth-req ip ssh no public-key-auth-req Require/Do Not Require public key authentication first Max number of client authentication failure Allow/Disallow secure CLI login sessions Allow/Disallow secure port forwarding Allow/Disallow legacy Telnet connections Allow/Disallow legacy FTP connections ip ssh public-key-auth-first ip ssh no public-key-auth-first Server rejects a client authentication if the number of failed ip ssh max-auth-fail <number> authentication attempt exceeds this number. then a new key pair must be generated before the SSH server can be started. Default is allowed. arcfour. If it is not required then the client can choose in which order to authenticate. any password authentication from the client is rejected. Default is 0 (unlimited). Default is Not Required. Default is not required. Default is allowed. The server requires password authentication before a client is considered logged in. If disallowed. This command takes effect immediately. If disallowed. This command takes effect immediately. No performance monitoring is provided with the C4 CMTS SSH feature. and 3des.2. If disallowed. otherwise this command has no effect. ip ssh login ip ssh no login ip ssh port-forwarding ip ssh no port-forwarding ip telnet ip no telnet ip ftp ip no ftp Secure CLI login sessions are allowed. Legacy FTP control connections on port 21 are allowed. Default is allowed. otherwise this command has no effect. Note well that CLI time is in minutes but SSH2 server time is in seconds. then no port forwarding is available. Table 15-4: SSH Server Operating Parameters Parameter TCP port Session idle timeout (minutes) Max SSH clients Choice of cipher set (choose any or all) Allow/Disallow password authentication CLI Command (config) ip ssh port <number> ip ssh idle-timeout <minutes> ip ssh max-clients <number> ip ssh ciphers [aes] [blowfish] [cast] [arcfour] [3des] ip ssh password-auth ip ssh no password-auth Default is port 22. port 23 is closed and Telnet connection requests are rejected. then no CLI sessions are available. Default is allowed. If both password and public key authentications are required. If the SSH server's host public/private DSA key pair is not recovered after a system outage. port 21 is closed and FTP control connection requests are rejected. Default is 3.

Also.name” will embedded as a comment in the generated key pair(s). If the server is already running. SSH Server — Host Key Generation Commands These commands are used to manage the SSH server’s host public/private key pairs. DSA public keys are for SSH2 clients Note that the SSH server’s host public keys are also available for download at /ssh/id_dsa. This could be used to cut and paste the public key into an SSH client via a terminal session.pub . This command also removes the public key copy in /ssh/id_dsa. configure crypto key generate dsa Note well that this command does not start the C4 CMTS SSH server daemon process (see CLI command configure ip ssh no shutdown).15 Authentication. Displays the SSH server’s host public key. show ssh host public-key dsa SSH Server Configuration Commands These commands set the parameters for the SSH server the next time it runs. To maintain security. Authorization. Specify dsa format for the SSH2 server. The DSA host private keys are maintained in the C4 CMTS file system and are accessible to privileged users only. configure ip dns domain-name <name> Sets the domain name for this C4 CMTS. and Accounting (AAA) NOTE If the TACACS server is configured for enable authorization. configure crypto key zeroize dsa If the SSH2 server is running and the DSA key pair is deleted. Prerequisites: the C4 CMTS hostname and domain name SHOULD be set before using this command (see configure hostname and configure ip dns domain-name). the host public key is copied to file /ssh/id_dsa. See configure crypto key generate. the server will terminate immediately. the SSH console sessions will be lost and must be reestablished. the host private key should never be copied off the C4 CMTS. the user will have the configure privilege level upon logging in. Table 15-5: CLI Commands for Generating SSH Server Host Key CLI Command Description Generate the host private/public key pair for the C4 CMTS SSH server. if a Control Complex failover or switchover occurs. 15-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The SSH2 server requires a DSA format key pair. the SSH server’s host public/private key pair(s) must be created before the SSH server is started.pub . This command provides optional information for host key generation. Delete the SSH server’s host public/private key pair(s). The string “hostname@domain. Also. When this command completes. Specify dsa format. This means the DSA key pair must be created for the SSH2 server.pub. This command does not appear in the show running config command output. then restart the server with configure ip ssh restart. A warning will be issued if the DNS domain name is not set. The DSA host public key may be distributed to clients before an SSH session is started. Prerequisites: it is desirable to use the configure ip ssh shutdown command to stop the SSH server before deleting any of its host key pairs.

blowfish.C4 CMTS Table 15-6: CLI Commands for SSH Server Configuration CLI Command configure ip ssh port <number> configure ip ssh idle-timeout <minutes> configure ip ssh max-clients <number> configure ip ssh ciphers [aes] [blowfish] [cast] [arcfour] [3des] SSH2 Server Parameter TCP port Session idle timeout Max SSH clients Choice of cipher set (choose any or all) Default is port 22. Default is allowed. port 23 is closed and Telnet connection requests are rejected. then no CLI access is available. Default is 0 (unlimited). Comment Allow/Disallow password configure ip ssh [no] password-auth authentication configure ip ssh [no] password-auth-req Require/Do Not Require password authentication Allow/Disallow user public configure ip ssh [no] public-key-auth key authentication configure ip ssh [no] public-key-auth-req Require/Do Not Require public key authentication configure ip ssh [no] public-key-auth-first Require/Do Not Require public key authentication first Max number of client authentication failures Allow/Disallow CLI login sessions Allow/Disallow secure port forwarding Allow/Disallow legacy Telnet connections Allow/Disallow legacy FTP connections configure ip ssh max-auth-fail <number> configure ip ssh [no] login configure ip ssh [no] port-forwarding configure ip [no] telnet configure ip [no] ftp Release 4. Legacy Telnet sessions on port 23 are allowed. Default is not required. If disallowed. Default is allowed. this command requires public key authentication to be performed first. Default is 0 (unlimited). cast. If both password and public key authentications are required. Default is allowed. The server requires public key authentication before a client is considered logged in. User public key authentication is allowed. then any password authentication from the client is rejected. Default is all ciphers are available. Default is Not Required. Available ciphers are aes. Legacy FTP control connections on port 21 are allowed. If both password and public key authentications are disallowed then all client authentication requests will be rejected. Note well that CLI time is in minutes but SSH2 server time is in seconds. Password authentication is allowed. then no port forwarding is available. If disallowed. public-key-auth must be allowed. password-auth must be allowed. arcfour. and 3des. If not required. CLI login sessions are allowed. If disallowed. any public key authentication from the client is rejected. otherwise this command has no effect. Default is 3. Default is allowed. the client can choose whether or not to use public key authentication. If it is not required then the client can choose in which order to authenticate.2. If both password and public key authentications are disallowed then all client authentication requests will be rejected. the client can choose whether or not to use password authentication. If disallowed. Server rejects a client authentication if the number of failed authentication attempt exceeds this number. Standard ARRIS PROPRIETARY — All Rights Reserved 15-21 . If disallowed then. Port forwarding is allowed. If disallowed. Default is allowed. If not required. otherwise this command has no effect. Default is allowed. This counter is for both public key and password authentication failures. The server requires password authentication before a client is considered logged in. port 21 is closed and FTP control connection requests are rejected. Default is not required.

In-Band Management with ACLs Introduction The Cadant C4 CMTS offers enhanced network management with controlled access to the SCM via standard Access Control Lists (ACLs) for CMTS administrators. public key first. idle time. password required. the user id. This command displays the connection id.15 Authentication. max clients. and automatically restarts the SSH daemon process. May be used to restart the SSH server from within an SSH session (which will be killed). and max number of authentication failures. and the client software version. stop. This is the equivalent of configure ip ssh shutdown followed by configure ip ssh no shutdown. This command will fail if the SSH2 server’s DSA host key pair is not available. MAC algorithm. configure ip ssh shutdown Use the configure disconnect ssh command to terminate individual running SSH sessions. All active SSH sessions are killed. public key required. password allowed. This command displays the settings for the bind address. 15-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . supported encryption and MAC algorithms. show ip ssh View all running SSH sessions. configure ip ssh restart Stops the SSH server’s demon process. kills all SSH sessions. max shells. service terminal. show ip ssh config configure disconnect ip ssh <connection id> Kills a running SSH session identified by connection id. port number. Authentication method (password or public key). Authorization. Stops the SSH server’s daemon process ipssh. encryption algorithm. View the SSH2 server operating parameters. Table 15-7: CLI Commands for SSH Server Operation and Maintenance Command Description configure ip ssh no shutdown Starts the SSH server’s daemon process ipssh. public key allowed. This feature provides: • • IP connectivity to the SCM through the client cards (NAM and CAM) The ability to permit or deny access to the SCM via the client cards from specified subnet or host addresses. port forwarding. the client IP address). and monitor the C4 CMTS SSH server and its running sessions. and Accounting (AAA) SSH Server Operation and Maintenance Commands These commands start.

If an ACL is applied to a physical port. The default is to deny directed broadcast packets to the SCM. SCM access via the Front Ethernet Port is restricted to locally connected hosts when this feature is active and at least one network interface is in-service. all packets to the SCM are dropped by default. Standard Access Control Lists (ACLs) restrict access to the SCM based on source IP address or subnet.2. Standard ARRIS PROPRIETARY — All Rights Reserved 15-23 . and define a standard ACL: configure access-list <access-list-number> {permit | deny} {{<source IP> [<wildcard>]} | {host <source IP>} | any} NOTE The access list number must be in the range of 1-99 with filtering based on source IP address only. ACLs are CIDR based. An ACL must be applied to an ingress interface with “permit-access” functionality to allow access to the SCM. not an ordered list. it is active for all virtual routes associated with that physical port: configure interface [fastE|cable|GigE] slot/port ip scm access-group access-list-number Use this command to display ACLs defined by a parameter given. Use this command to apply an ACL to a specific physical interface. • • CLI Commands This section lists the CLI commands provided in support for the In-Band Management and ACL features. The directed broadcast option allows directed broadcasts to be routed to the SCM. configure [no] ip scm access vrf [vrf name] [directedbroadcast] Use the following command to permit or deny. When enabled. The following command allows SCM access to be enabled per VRF. or to show all with no parameters: Show access-list [access-list-number] Release 4.C4 CMTS Feature Description In-Band Management with ACLs provides network administrators the following functionality: • • • Access to the SCM via the SCM loopback IP address or any network interface. This is controlled per VRF.

Any packets routed to a null interface are dropped. Authorization. It functions like a global ACL since a single entry in the routing table applies to all ingress interfaces. The following servers are accessible by any interface address through any NAM or CAM interface. With this feature enabled.15 Authentication. A CIDR match with this defined route on the destination IP address of an ingress IP datagram results in the dropping of the packet. 15-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Routing to a null interface is a way to filter traffic that is simpler than using Access Control Lists. Routing to a Null Interface A null interface is a pseudo-interface that can neither receive nor forward packets. and Accounting (AAA) Protocols and Services Supported In-Band Management supports the following clients: • • • • • • • • • • • • • telnet FTP TFTP RADIUS SYSLOG SNMP (traps) TACACS+ NTP DNS ping traceroute PacketCable event messaging PacketCable CALEA CD. the C4 CMTS system administrator can define a route in the C4 CMTS routing table to a null interface. provided the ACLs are set up to allow access to them and the desired service is running: • • • • • • telnet FTP SSH SNMP COPS without IPSec COPS with IPSec.

Release 4. The C4 CMTS examines source addresses of directly connected hosts to verify that their IP addresses do not belong to other hosts. To add a route to the null interface: configure ip route [destination ip] [destination mask] null 0 To display IP routes: show ip route Source Verification of Cable-side IP Addresses The C4 CMTS Cable Source Verify feature is intended to eliminate hostinitiated corruption of the layer 2 and layer 3 address spaces on the cable network. To enable or disable ICMP destination unreachable error messages (user must be in the config-null-interface mode): ip [no] unreachables The result is global. By default the packets routed to the null interface are discarded silently. If any check fails. The feature adds a source IP address verification phase to the IP address learning process of the C4 CMTS. Currently source verification of indirectly connected hosts is not supported. The cost of the route is zero by default.2. the address remains unlearned and all IP and ARP packets sourced from that address are dropped.C4 CMTS Routing to a null interface can be used to discard certain IP prefixes in order to remove the potential for routing loops. In a future software release this feature will inhibit the traffic of an indirectly connected host if the return route to that address is not via the cable modem that originated the packet. CLI Commands To enter the config-null-interface mode: configure interface null 0 The system displays the config-null prompt. but the C4 CMTS can be configured to return an ICMP “destination unreachable” error to the source IP. Standard ARRIS PROPRIETARY — All Rights Reserved 15-25 . If source verification is turned on for an interface. traffic from indirectly connected hosts on that interface will be inhibited. but it can be increased by user command. Each unknown source address received in an IP or ARP packet on a cable-side interface is subjected to a configurable series of address validation checks prior to learning.

Authorization. Source Verify via DHCP Server — This facility allows the C4 CMTS to query a DHCP server for the CM MAC address associated with a given SIP when that SIP is not present in the MAC DB of the C4 CMTS. This database along with the routing tables serves as the default authority for SIP verification. Source Verify via Authoritative DHCP Server — With authoritative DHCP lease query. and Accounting (AAA) Source Verify via Internal Database — The C4 CMTS maintains an internal database (MAC DB) of CPE source IPs (SIPs). CLI Commands The following command enables source verification for all packets for the specified slot and downstream port: configure interface cable < slot / port [vrf]> [no] cable source-verify [dhcp [authoritative]] Where: Slot number of the module on which cable source verification is to be enabled port = Downstream port number vrf = VRF name (Optional) dhcp = Enables source verification via DHCP lease query authoritative = Enables authoritative DHCP lease query slot = 15-26 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . This implies that all CPE IP addresses (whether directly attached or not) must be either dynamically assigned by the DHCP server or statically reserved at the DHCP server.15 Authentication. any indication returned by the DHCP server that indicates that the server has no knowledge of the address results in denial of packet forwarding. It does this using a DHCP LEASEQUERY message. The database is populated through DHCP snooping for dynamically assigned CPE IP addresses or through either MAC learning or DOCSIS® pre-provisioning for statically assigned CPE IP addresses. MAC addresses. and associated CMs.

The decision to load balance is based on a comparison of the cumulative reserved bandwidth of upstream channels at the time a new CM is attempting to do initial maintenance ranging. to prevent over allocation of channel bandwidth. Related Features See also CAC Overload Thresholds. such as Packet Cable. Standard ARRIS PROPRIETARY — All Rights Reserved 15-27 . They are also used in other features and applications.2. this implementation is a result of noticing that some upstream channels have a large percent of the bandwidth reserved to provide subscribers with minimum guaranteed bandwidth. See Table 15-8.C4 CMTS Upstream Load Balancing (ULB) Introduction The goal of this feature is to perform upstream load balancing on registering CMs among upstream channels to which those CMs are physically attached. This feature is provisionable per cable group. on page 15-28 for more information. Release 4. NOTE The Upstream Load Balancing feature is provisionable and should not be activated for cable groups with CMs that are already configured to connect to specific upstream channels. ULB uses only levels one and two of the three configurable CAC levels. NOTE CAC values are independent of ULB. Feature Description DOCSIS® specifications do not mandate upstream load balancing. Important Feature Dependencies Deactivate ULB for cable groups where the CM config file specifies an upstream channel. page 10-37. ULB and CM Config File Interactions. which is a downstream channel and all associated upstream channels that occupy the same physical cable. Upstream Load balancing is implemented in order to improve channel bandwidth efficiencies. CAC values affect all cable groups. New feature functionality includes the dynamic updates of CAC thresholds via CLI or MIB. Specifically. while other upstream channels have small percentages of the bandwidth reserved.

This section lists the CLI commands used to configure upstream load balancing.e.15 Authentication. To activate load balancing on the cable-group for the CAM specified: configure cable-group <cable-groupID> cable <CAM> loadbalance To see the results of load balancing on the upstream channel (i. the CM will attempt to re-range on the upstream channel specified in the configuration file. once the download of the configuration file is complete. This also prevents the CM from completing its registration for as long as this conflict exists between ULB and the configuration file. to show the count for the number of upstream channel overrides that have occurred as a result of ULB): show controllers cable <CAM> upstream <uchannel> ulboverride To see the override count for all upstream channels on a CAM: show controllers cable <CAM> ulb-override 15-28 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . set the cable group ID to zero. This results in the CM cycling between ranging and IP complete on two different upstream channels. and Accounting (AAA) CAUTION The following interactions may occur when Upstream Load Balancing is activated and conflicts with a modem's TFTP configuration file: Table 15-8: ULB and CM Config File Interactions IF THEN ULB is activated and a CM registers on a channel (as specified in config file) but that channel is oversubscribed (compared to CAC levels of others in the cable group)… Related CLI Commands The CM will change upstream channels (via ULB) in order complete ranging on the lesser-subscribed channel. Authorization. To configure the cable group: configure cable-group <cable-groupID> To assign the upstream channel on a CAM to the cable group: configure interface cable <CAM> cable upstream <uchannel> cable-group-id <cable-groupID> NOTE To remove an upstream channel from all cable groups. However.

This mode accepts DSx signaling from any DSx-capable modem. the PacketCable authorization module must be disabled. see chapter 17.1 Dynamic Services (DSx) functionality. including any spare CAMs.C4 CMTS To deactivate ULB for a specified cable group: configure cable-group <cable group ID> cable <CAM> no load-balance For a description of BPI/BPI+ setup procedures. Baseline Privacy Interface (BPI). If PacketCable authorization is enabled. which will be used for DSx DQoS call processing: configure interface cable <slot> authorization-module open-dynamic-flow-policy configure interface cable <slot> authorization-module no packetcable The first command allows for authorization of non-PacketCable DQoS through DSx signaling on the CAM. The system default is Packet-Cable authorization enabled.2. DSx DQoS Provisioning on the C4 CMTS The following two CLI commands should be run for all CAMs. and basic debugging. The following CLI commands can be used to alter timers on the C4 CMTS: configure cable max-qos-admitted-timeout <timeout in seconds> Release 4. this setting can be disabled to provide a higher level of protection against theft of service. NOTE The ARRIS Touchstone™ MTAs uses special hardcoded values for their authorization parameters when running in DSx DQoS mode. Open-dynamic-flow-policy must be enabled (the system default is enabled). When using ARRIS MTAs. the C4 CMTS will try to authorize against the hardcoded authorization parameters and will fail the call. Standard ARRIS PROPRIETARY — All Rights Reserved 15-29 . protocol. The second command disables PacketCable authorization. If only ARRIS Touchstone™ Telephony Modems or Touchstone™ Telephony Ports are used. DSx DQoS VoIP does not provide full PacketCable™ operation within the C4 CMTS. Enabling open-dynamic-flowpolicy is required when running with non-ARRIS MTAs. DSx DQoS VoIP on the C4 CMTS Dynamic Services (DSx) / Dynamic Quality of Service (DQoS) provides for guaranteed Quality of Service for voice applications using DOCSIS 1.

x can be upgraded to a later C4 CMTS release per the release notes for the new load. and Accounting (AAA) Default = 200 configure cable max-qos-active-timeout <timeout in seconds> Default = 30 NOTE If PacketCable is enabled. Authorization. the admitted timeout should be set at 200 seconds (the default). The defaults ensure that inactive resources are released.1. and the active timeout should be set to 30 seconds. Software Upgrades When Running a Voice Application A C4 CMTS configured for DSx DQoS voice application on Release 3. The default values serve as a precaution for freeing resources in the event that any device or transmission path in the network does not perform as required. The existing DSx DQoS provisioning will be preserved when following the upgrade procedure described in the release notes and will be reapplied on the new load.15 Authentication. 15-30 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Increasing these default values or setting them to 0 (which represents infinity) is not recommended.

it requests its TFTP configuration file. If the registration information is valid.2. while monitoring the contents of the configuration files. The C4 CMTS. After a modem receives an IP address from the DHCP server. By default TFTP enforcement is disabled. It also ensures that users do not modify their configuration files before their CMs generate registration requests. Use the following command to enable it: configure interface cable <slot/mac> cable tftp-enforce [mark-only] The parameter mark-only limits TFTP enforcement: failed modems are allowed to register but will be marked as having failed TFTP enforcement in related log messages and in the show cable modem commands. TFTP Enforcement The C4 CMTS performs this task by relaying Trivial File Transfer Protocol (TFTP) requests and responses between the cable modems and TFTP servers. configuration file verification and TFTP enforcement are applied equally to all the modems on that downstream. This feature is meant to ensure that the cable modems download their configurations from the correct files on the correct server. the registration is allowed to proceed normally.C4 CMTS C4 CMTS Advanced CM Configuration File Verification A common type of theft-of-service occurs when users create or modify configuration files in order to gain a higher class of service. When the modem sends up its registration request. This feature is configurable on a per-downstream basis. If enabled for a physical interface (downstream). Standard ARRIS PROPRIETARY — All Rights Reserved 15-31 . the C4 CMTS extracts information from the file. verifies that the file name in the TFTP request is correct and relays the request to the correct server. the C4 CMTS validates that the information in the registration request matches the information gathered during the TFTP transfer. stores it for later verification. and modifies the CMTS MIC value in the file. Sometimes they even crack the Message Integrity Check (MIC) and then generate their own high bandwidth configurations with valid MICs. The C4 CMTS can verify MICs by dynamically create a shared secret at the time the cable modem is regis- Release 4. Use the following command to disable TFTP enforcement: configure interface cable <slot/mac> no cable tftpenforce MIC Verification Before sending the correct configuration file to the CM. If C4 CMTS detects a MIC mismatch it assumes that the cable modem’s configuration file has been altered.

15 Authentication, Authorization, and Accounting (AAA)

tering. This shared secret is valid only for that particular session with that particular cable modem. A new dynamically generated shared secret is used each time each cable modem registers. By default this function is disabled. Use the following command to enable it: configure interface cable <slot>/<mac> cable dynamic-secret <lock | mark | reject> Where … lock mark reject Allows the CM to register but limits its bandwidth (QoS) Allows the CM to register but sends a warning to the log and marks the failed CM with an exclamation point (!) in the show cable modem command Rejects the request and prevents the CM from registering.

NOTE If the CM fails both the TFTP enforcement and the MIC check, only the pound sign (#) is displayed in the show cable modem command. Use the following command to disable dynamic-secret verification of the configuration file: configure interface cable <slot/mac> no cable dynamic-secret

15-32

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

16. PacketCable™ Services

Topics
PacketCable 1.x Overview PacketCable Multimedia Overview Configuration Procedures IKE and IPSec Configuration PC1.x Electronic Surveillance

Page
1 5 9 10 32

Running in a non-PacketCable Compliant Voice Environment 35 Converged Services 38

PacketCable 1.x Overview
PC1.x refers to the functionality defined by the following CableLabs specifications: • • • PacketCable 1.0 PacketCable 1.1 PacketCable 1.5

Packetized voice traffic, such as that carried over an IP network, tends to have stringent latency and jitter requirements. If one adjusts for the packet arrival jitter through the use of a large jitter buffer, the latency of

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-1

16 PacketCable™ Services

the audio hampers a normal conversation pattern. If the jitter buffer is too small, poor audio quality results as the audio codec hardware under- or overflows due to packets arriving too late or too early. In order to reduce both jitter and latency simultaneously in a network that has not been overengineered, the packets must be treated with an enhanced quality-ofservice (QoS). PacketCable services on the C4 CMTS provide the ability to place enhanced-QoS telephone calls over an existing DOCSIS cable data access network. To provide this capability, the C4 CMTS must communicate with several other specialized servers over a managed IP network that is capable of providing enhanced QoS from end-to-end. See Figure 16-1, PacketCable Network Reference Architecture , on page 16-3. These other servers may be packaged separately or they may be bundled together in any combination. Specifically, the C4 CMTS itself must communicate with the Call Management Server (CMS), the Record Keeping Server (RKS), and the Delivery Function (DF) for various portions of signaling information. NOTE The IP addresses and ports for RKS and DF are configured on the CMS, not on the CMTS.

16-2

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Telephone E-MTA HFC access network (DOCSIS)

R AR IS

Call Management Server (CMS)

Announcement Controller (ANC)

CMTS

Announcement Player (ANP) Media Gateway Controller (MGC) PSTN Media Gateway (MG)

Telephone E-MTA Managed IP Network

Telephone E-MTA HFC access network (DOCSIS)

R IS A R

SYSLOG Server

Key Distribution Center (KDC)

Signaling Gateway (SG)

CMTS

DHCP Servers

Record Keeping Server (RKS)

Telephone E-MTA

DNS Servers

Provisioning Server

TFTP/HTTP Servers

Delivery Function (DF)

Figure 16-1: PacketCable Network Reference Architecture

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-3

16 PacketCable™ Services

Table 16-1: Explanation of Network Elements Network Element
Embedded Multimedia Terminal Adapter (E-MTA)

Purpose
Single device containing a DOCSIS cable modem and a telephony device that provides one or more line interfaces

Cable Modem Termination System Provides connectivity between DOCSIS network and PacketCable devices; also performs call (CMTS) authorization enforcement, bandwidth allocation, and call trace functions Call Management Server (CMS) SYSLOG server DHCP Server DNS Server TFTP/HTTP server Announcement Controller (ANC) Announcement Player (ANP) Key Distribution Center (KDC) Record Keeping Server (RKS) Provisioning Server (OSS) Delivery Function (DF) Media Gateway Controller (MGC) Media Gateway (MG) Signaling Gateway (SG) Provides call control and signaling services for the MTA, CMTS, and PSTN gateways; typically performs both Call Agent (handles call state) and Gate-Controller (authorization) functions as well. Optional server used to collect, store, and retrieve logging messages for devices on the network Server that provides initial boot-up networking information such as the querying device’s IP addresses, next-hop routers, server information, etc. Server that provides translation between the Domain name and the IP address of a device Server that provides download capability for device configuration files Initiates and manages all announcement services that are provided by the announcement player Delivers the appropriate announcement(s) to the MTA under control of the announcement controller Performs security key negotiations for MTA and Provisioning Server in the PacketCable network Collection point for all PacketCable Event Messages; may also correlate Event Messages to create Call Detail Records for billing interfaces Provides provisioning information for PacketCable devices via SNMPv3 Aggregation point for electronic surveillance; delivers reasonably available call-identifying information and call content based on the requirements of lawful authorization Provides bearer mediation between the PSTN and the PacketCable network Provides media (voice packets) connectivity between the PSTN and the PacketCable network Provides signaling mediation between the PSTN and the PacketCable network

PacketCable 1.x Compliance

On April 23, 2003, CableLabs® announced that it had qualified the ARRIS C4 CMTS and certified the ARRIS Embedded Multimedia Terminal Adapter (E-MTA) as complying with the PacketCable™ standard. In its implementation of PacketCable™ the C4 CMTS complies with the following DOCSIS specifications: • • • • PKT-SP-DQOS-I07-030815, also I08, I09, I10, and I11

PacketCable™ Dynamic Quality-of-Service Specification, PacketCable™ Event Messages Specification, PKT-SP-EM-I08-040113,
also I08, I09, I10, and I11; as well as EM-N-04.0198-2

PacketCable™ Security Specification, PKT-SP-SEC-I09-030728,
also I10, and I11

PKT-SP-ESP-I01-991229

PacketCable™ Electronic Surveillance Specification, PacketCable™ Electronic Surveillance Specification,

PKT-SP-ESP-I02-030815, also I03 and I04.

16-4

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

PacketCable Multimedia Overview
PacketCable Multimedia (PCMM) is a Cable Labs specified framework which defines an architecture for deployment of QoS-enabled, general multimedia services. This framework leverages DOCSIS 1.1 QoS functionality and is founded on much of the functionality that was defined in PacketCable 1.x (PC1.x). Any legacy device that works on an IP network should also work in a PCMM network. The architecture of PacketCable 1.x was customized for delivering residential telephony, PCMM is designed for the delivery of a variety of multimedia services requiring QoS treatment. PCMM specifically addresses the issues of policy authorization, QoS signaling, resource accounting, and security. NOTE PCMM does not include support for CALEA. The primary benefit of PCMM is that it gives greater control of special services to the cable operator. Ordinary DOCSIS 1.x services still operate in the primary flow. Subscribers to 1.x services experience performance that varies according to the number of users requesting bandwidth. Among the advantages of PCMM over ordinary PacketCable are the following: • • • • Good, Better, Best service delivery options to the subscriber More efficient use of bandwidth and QoS services on an as needed basis New revenue sources from these additional services Higher subscriber satisfaction because subscribers are paying for the services they want.

The ARRIS implementation of PCMM is based on the C4 CMTS’s carrier class redundancy, wire-speed architecture, and DOCSIS 1.1 QoS capabilities, which are described elsewhere in this document.

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-5

16 PacketCable™ Services

Applications PCMM DOCSIS 1.1 QoS Wire-Speed Architecture Carrier Grade Redundancy

Figure 16-2: Foundations of PCMM Architecture To provide PCMM functionality, the C4 CMTS must communicate with several other network elements, as defined by the PCMM architecture. An example of such a network configuration is as follows: PCMM introduces two new elements: the Application Manager and the Policy Server. Application Manager (AM) — A system that interfaces to Policy Server(s) for requesting QoS-based service on behalf of an end-user or network management system. The AM is characterized by the following: • • • • It is analogous to the PC1.x Call Agent It is a COPS Policy Decision Point (PDP) It executes the application signaling with the client It grants or rejects requests for service.

Once the AM grants a request to access a service, it determines the bandwidth required for this service and sends a Gate-Set, that is, a request for bandwidth, to the Policy Server.

16-6

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Policy Server (PS) — A system that primarily acts as an intermediary between Application Manager(s) and CMTS(s). It applies network policies to Application Manager requests and proxies messages between the Application Manager and CMTS.1 The following are the functions of the PS: • Applies provisioned rules before forwarding requests to the CMTS (for example, a given service may be granted to no more than ten users at a time) Synchronizes states Proxies messages between the AM and the CMTS or CMTSs Acts as a COPS Policy Enforcement Point (PEP) with respect to the AM Acts as a COPS Policy Decision Point (PDP) with respect to the CMTS Communicates with one or more AMs and one or more CMTSs

• • • • •

For a diagram of the network elements see Figure 16-3, page 16-8. In the current implementation of PCMM the client is ignorant of the PCMM or QoS protocols. The client has no built-in network awareness or intelligence to negotiate PCMM or QoS levels. Subscribers can use their current client hardware and software, for game applications, teleconferencing, VPN, and so on.

1. PacketCable Multimedia Specification, PKT-SP-MM-I02-040930

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-7

16 PacketCable™ Services

Application Manager Policy Server Record Keeping Server

C4 CMTS

DOCSIS 1.1 DSX

CMs/MTA

St

and

B at by

te ry

2

Bat Tel eph Tele t ery o ne p hon 1 e1 2

Li nk

O n-

l ine

US

DS

Pow

St er

and

B at by

t er

y 2

B at Tel eph Tel eph te on ry one e1 1 2

Li nk

On

-l in

e

US

D

Pow S

St
er

and

B at by

te

ry

2

Bat Tel eph T elep t ery o hon ne e1 1 2

Li nk

O n-

l ine

US

DS

P ow

er

CPE

Figure 16-3: Network Diagram of PCMM Implementation Compliance with PCMM Standards In its implementation of PacketCable Multimedia in release 4.2, the C4 CMTS complies with the following subset of the PacketCable Multimedia Specification, PKT-SP-MM-I02-040930: • • • • • • PCMM Gate Control State Synchronization Versioning All traffic profile formats DOCSIS Parameters IKE/IPSec

16-8

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Future releases of the C4 CMTS will support • • • • • • Octet counts per gate Commit time accumulation Time and volume-based gate-state-report triggers Event messaging Multiple sub-flows per flow Call Admission Control (CAC) for PCMM, including full PCMM session class ID support

Configuration Procedures
Procedure outline To configure the C4 CMTS for PacketCable services, the following steps must be taken: • • • • • • • • Configure and bring in-service all cards in a duplex system chassis (Optional) Configure SYSLOG server Configure and connect cable and network interfaces Configure CAM sparing groups Configure CAM bundle groups Configure Inband Management access for one of the interfaces (typically a logical loopback interface) to have access to SCM Configure DHCP relay agent to perform policy routing with all DHCP clients as cable helpers Configure and start the NTP client (NTP is required for Event Messaging and PC1.x Electronic Surveillance. Configuring the network synchronization is discussed in chapter 7, Clock Synchronization Protocol.) (Optional) Configure IPSec/IKE Configure and start PacketCable Services

• •

-

Bring up COPS connection(s) from CMS(s) and/or Policy Server(s) Configure PacketCable timers Configure and enable Event Messaging if desired, or as required for support of Electronic Surveillance Configure bandwidth thresholds for upstream and downstream telephony usage per CAM

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-9

16 PacketCable™ Services

Feature interaction

PacketCable services have been designed to work with all other features of the C4 CMTS including Inband-Management, DHCP relay agent, and redundancy. In fact, for Control Complex Redundancy to work properly, the interface (typically a logical loopback interface) used for connections to the Call Management Server, Policy Server, Record Keeping Server, and Delivery Function needs to be configured with the Inband-Management feature to have SCM access. This way, if a CCR failover occurs, the links to the failed SCM would be automatically restarted on the redundant SCM. CAM redundancy works with PacketCable through the same sparing groups that are set up for data services. The DHCP relay agent is typically configured to perform policy-based agent functionality so that the MTAs (which behave as CPE hosts) are provided with an IP address space that is separate from the cable modem address space. PC1.x and PCMM are designed to coexist on the C4 CMTS. Either one or both can be enabled. Either can be disabled without impairing the function of the other.

IKE and IPSec Configuration
PacketCable requires the use of the Internet Protocol Security (IPSec) protocol suite to provide authentication and confidentiality for messages exchanged between the CMTS and other network peers, such as the Call Management Server (CMS), the Record Keeping Server (RKS), and the Policy Server (PS). As part of this requirement, the Internet Key Exchange (IKE) protocol provides for automatic peer authentication, as well as session key and cipher negotiation between the peers when creating secure connections. Limitations: The C4 CMTS IKE implementation only supports pre-shared secret keys for authentication of peers. There is no support for public keys or X.509 certificates. Only IPSec transport mode is supported. The single DES encryption algorithm is not supported; only triple DES encryption (3DES) is supported. These limitations are compliant with PacketCable security requirements. IKE and IPSec Introduction IKE is a hybrid protocol based on the Oakley Key Determination Protocol (Oakley), the Secure Key Exchange Mechanism for Internet (SKEME), and the Internet Security Association and Key Management Protocol (ISAKMP). Note, the terms IKE and ISAKMP are sometimes interchanged. The IKE daemon on the C4 CMTS provides the IKE service. The IKE daemon is used when the C4 CMTS and another IKE peer need to automatically establish inbound and outbound IPSec Security Associations (SAs) for secure communication. IKE operates in two stages known as Phase 1 and Phase 2, described below. Phase 1 and Phase 2 ISAKMP messaging between IKE

16-10

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

peers is accomplished via UDP sockets on port 500. The IP address of the C4 CMTS's local IP interface, to conduct ISAKMP messaging with the peer, is defined with the "configure crypto isakmp local-address" command. In Phase 1 (also called Main or Identity Protection Mode), two IKE peers fully authenticate each other, as well as create key material for encrypting and authenticating future communications between themselves. The Phase 1 ISAKMP message exchange consists of six messages. The result of Phase 1 is a bidirectional ISAKMP SA to protect future ISAKMP message exchanges. The ISAKMP SA is defined by such parameters as authentication method, pre-shared authentication key, encryption algorithm, authentication algorithm, lifetime seconds, and Diffie-Hellman group. The Phase 1 parameters, used by the C4 CMTS during negotiation, are configured with the "configure crypto isakmp key" and "configure crypto isakmp policy" commands. If the Phase 1 parameter proposal is offered to the C4 CMTS, the proposed parameters must match an existing C4 CMTS ISAKMP policy exactly, except for the lifetime seconds parameter. For the lifetime seconds, the C4 CMTS will accept a value if it falls in the range of the C4 CMTS ISAKMP policy's configured lifetime plus 100 seconds. If the C4 CMTS is configured to initiate offers to an IKE peer, the C4 CMTS will propose all ISAKMP policies, since these global policies apply to any IKE peer. There is only one bidirectional ISAKMP SA between the C4 CMTS and an IKE peer. If simultaneous ISAKMP SAs are being negotiated with an IKE peer, the C4 CMTS retains the most recently created ISAKMP SA. The ISAKMP SA will be removed after its lifetime seconds has lapsed (also called expired). The ISAKMP SA does not have a grace period associated with it since ISAKMP SAs are not automatically renewed by the C4 CMTS. If an ISAKMP SA has expired, a new ISAKMP SA is created when the IPSec SAs need to be renewed. In Phase 2 (also called Quick Mode), two IKE peers negotiate and create a pair of inbound/outbound IPSec SAs. The Phase 2 ISAKMP message exchange consists of three messages. Phase 2 uses the key material derived from Phase 1 to provide encryption and authentication keys for the IPSec SAs. The IPSec SAs are defined by such parameters as encryption algorithm, authentication algorithm, lifetime seconds, and the packet selection criteria for determining which packets flow through the IPSec SAs. The packet selection criteria (also called flow) is defined by the packet's source/destination IP addresses, the packet's type of protocol (IP, UDP, TCP), and the packet's port number if using the UDP or TCP protocol. The packet selection criteria is defined by a C4 CMTS CLI construct called an access list or access control list (ACL). The Phase 2 parameters, used by the C4 CMTS during negotiation, are configured with the "configure access-list", "configure crypto ipsec security-association lifetime seconds", "configure crypto ipsec transform-set",

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-11

16 PacketCable™ Services

"configure crypto dynamic-map", and "configure crypto map" commands. The C4 CMTS crypto map is the entity that completely defines the IPSec policy used by the C4 CMTS during Phase 2 negotiation. If the Phase 2 parameter proposal is offered to the C4 CMTS, the proposed parameters must match an existing C4 CMTS IPSec policy exactly, except for the lifetime seconds parameter. For the lifetime seconds, the C4 CMTS will accept an offered value if it falls in the range of the C4 CMTS IPSec policy's configured lifetime plus 100 seconds. If the C4 CMTS is configured to initiate offers to the peer, the C4 CMTS will propose the contents of the C4 CMTS's IPSec policy. The C4 CMTS transmits traffic over one outbound IPSec SA (the youngest) and receives traffic over two inbound SAs (the youngest), per peer. Each IPSec SA has a grace period, at the end of its lifetime, used to create a new pair of inbound/outbound IPSec SA replacements. Each IKE peer will use its own defined grace period, since this is not negotiated during Phase 2. The C4 CMTS uses a grace period of five minutes, for IPSec SA lifetime seconds of 15 minutes or greater. For IPSec SA lifetime seconds less than 15 minutes, the grace period duration is one-third of the lifetime seconds. The C4 CMTS assumes an IKE role with each IKE peer with regard to Phase 1 and Phase 2 ISAKMP message exchanges. The two IKE roles are "responder-only" and "initiator/responder" (also called "initiator"). For the "responder-only" role, the C4 CMTS passively waits for the IKE peer to initiate ISAKMP messaging. For the "initiator/responder" role, the C4 CMTS actively initiates ISAKMP messaging with the IKE peer, in addition to waiting for ISAKMP messaging. Of the two IKE peers, typically one peer is the "initiator/responder" and the other is the "responder-only". If both IKE peers are configured as "responder-only", no ISAKMP messaging will occur. If both IKE peers are configured as "initiator/responder", ISAKMP and IPSec SAs will be created, but likely with extra wastefully unused IPSec SAs. Regarding secure COPS traffic between two IKE peers, the CMS should be configured in the "initiator/ responder" role and the C4 CMTS in the "responder-only" role. The IKE role of the C4 CMTS is configured with the "configure crypto map" command. The two IKE peers may send one-way ISAKMP Informational Notification messages for the purpose of SA management, such as informing the peer that an SA has expired or that the IPSec SA parameters are rejected during Phase 2 negotiation. These messages are protected by the ISAKMP SA, but may be unprotected if sent before an ISAKMP SA has been completely created.

16-12

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Set Local Interface for IKE Use

The IKE daemon uses a local IP address on the C4 CMTS to conduct ISAKMP messaging. Either the in-band (loopback) or out-of-band management (SCM active) IP address is configured with the following CLI command: configure crypto isakmp local-address <local-address>

Set Phase 1 Pre-Shared Key

For each IKE peer needing to use IPSec with the C4 CMTS, configure a preshared key with the following CLI command: configure crypto isakmp key <keystring> address <peeraddress> Where: <peer-address> is the IKE peer's IP address used for ISAKMP messaging <keystring> is the pre-shared key string For example: configure crypto isakmp key PACKETCABLE address 10.43.200.241 Delete the pre-shared key with the following CLI command: configure no crypto isakmp key address <peer-address>

Set Phase 1 Global Policy

A phase 1 policy is not defined per peer, but instead applies globally to all peers. Policies must be created to permit Phase 1 negotiations between the C4 CMTS and its IKE peers. A policy includes a policy number, authentication method, encryption algorithm, hash algorithm, Diffie-Hellman group, and SA lifetime. Each global policy is created with the following CLI command: configure crypto isakmp policy <policy-num> [authentication <pre-share>] [encryption <3des>] [hash <hash-alg>] [group <grp-id>] [lifetime <seconds>] Where: <policy-num> is the policy number and priority level <pre-share> is the only supported "pre-share" authentication method <3des> is the only supported "3des" encryption transform <hash-alg> is the hash algorithm of "sha" or "md5". <grp-id> is the Diffie-Hellman group identifier of "1" or "2" <seconds> is the ISAKMP SA lifetime in seconds For example: configure crypto isakmp policy 1 authentication preshare encryption 3des hash md5 group 2 lifetime 43200

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-13

16 PacketCable™ Services

Delete a policy by issuing the CLI command: configure no crypto isakmp policy <policy-num> Set Phase 2 Global Lifetime The phase 2 global lifetime is used by all IPSec SAs, unless it is overridden with the map or dynamic-map lifetime seconds parameter. The global lifetime seconds is configured with the following CLI command: configure crypto ipsec security-association lifetime seconds <seconds> Set Phase 2 Transform Set The IPSec transform parameters are defined by a transform set, configured with the following CLI commands: configure crypto ipsec transform-set <trans-set-name> mode transport configure crypto ipsec transform-set <trans-set-name> encryption <encr> configure crypto ipsec transform-set <trans-set-name> authentication <auth> Where: <trans-set-name> is a textual name <encr> is the encryption algorithm of "esp-3des" or "esp-null" <auth> is the type of authentication algorithm of "esp-md5-hmac" or "esp-sha-hmac" For example: configure crypto ipsec transform-set ts1 mode transport configure crypto ipsec transform-set ts1 encryption esp-3des configure crypto ipsec transform-set ts1 authentication esp-md5-hmac Delete a transform set with the following CLI command: configure no crypto ipsec transform-set <trans-setname> Set Phase 2 Access List The extended ACL identifies the types of packets permitted to flow through an IPSec SA. The extended ACL is configured with the following CLI command: configure access-list <crypto-ext-acl-num> permit <proto> host <src-ip> [eq <src-port>] host <dst-ip> [eq <dst-port>] Where:

16-14

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

<crypto-ext-acl-num> is the identifier of the extended ACL, ranging from 100 to 199 <proto> is the protocol of the permitted packets, where… "tcp" is used for CMS COPS messaging "udp" is used for RKS Event messaging "ip" is used for all IP-based protocols, including TCP and UDP <src-ip> is the source IP address of the permitted packets <src-port> is the source "tcp" or "udp" port number of the permitted packets <dst-ip> is the destination IP address of the permitted packets <dst-port> is the destination "tcp" or "udp" port number of the permitted packets The following example is suitable for COPS messaging, regardless of TCP port numbers. configure access-list 140 permit tcp host 10.43.204.171 host 10.43.200.241 Delete an extended ACL with the following CLI command: configure no access-list <crypto-ext-acl-num> Set Phase 2 Dynamic-Map The crypto dynamic-map defines the IPSec parameters to negotiate with the peer when the C4 CMTS must assume the IKE "responder-only" role. If the lifetime seconds is configured, it will override the global lifetime seconds parameter. The crypto dynamic-map is defined with the following CLI commands: configure crypto dynamic-map <dyn-map-name> <seq-num> set peer <ip-addr> configure crypto dynamic-map <dyn-map-name> <seq-num> match address <crypto-ext-acl-num> configure crypto dynamic-map <dyn-map-name> <seq-num> set transform-set <trans-set-name> configure crypto dynamic-map <dyn-map-name> <seq-num> set security-association lifetime seconds <seconds> Where: <dyn-map-name> is the textual name to identify the dynamic-map <seq-num> is the sequence number to further identify the dynamic-map <crypto-ext-acl-num> is the extended ACL identifier <ip-addr> is the ISAKMP peer IP address <seconds> is the IPSec SA lifetime in seconds <trans-set-name> is the IPSec transform set name

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-15

16 PacketCable™ Services

For example: configure crypto dynamic-map cms_dmap 1 set peer 10.1.240.82 configure crypto dynamic-map cms_dmap 1 match address 101 configure crypto dynamic-map cms_dmap 1 set transformset ts1 configure crypto dynamic-map cms_dmap 1 set securityassociation lifetime seconds 1800

Delete a crypto dynamic-map with the following CLI command: configure no crypto dynamic-map <dyn-map-name> <seqnum> Set Phase 2 Map for Responder-Only The crypto map is used to create the IPSec policy for the IKE "responderonly" role by association with a crypto dynamic-map, defining the IPSec parameters to negotiate with the peer. The crypto map is defined with the following CLI command: configure crypto map <map-name> <seq-num> ipsec-isakmp dynamic <dyn-map-name> Where: <map-name> is the textual name to identify the map <seq-num> is the sequence number to further identify the map <dyn-map-name> is the name of the dynamic-map containing all the responder-only IPSec parameters For example: configure crypto map cms_resp_map 1 ipsec-isakmp dynamic cms_dmap Delete a crypto map with the following CLI command: configure no crypto map <map-name> <seq-num>

16-16

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Set Phase 2 Map for Initiator/Responder

The crypto map is used to create the IPSec policy for the IKE "initiator/responder" role, by defining the IPSec parameters to negotiate with the peer. If the lifetime seconds is configured, it will override the global lifetime seconds parameter. The crypto map is defined with the following CLI commands: configure crypto map <map-name> <seq-num> ipsec-isakmp set peer <ip-addr> configure crypto map <map-name> <seq-num> ipsec-isakmp match address <crypto-ext-acl-num> configure crypto map <map-name> <seq-num> ipsec-isakmp set transform-set <trans-set-name> configure crypto map <map-name> <seq-num> ipsec-isakmp set security-association lifetime seconds <seconds> Where: <map-name> is the textual name to identify the map <seq-num> is the sequence number to further identify the map <crypto-ext-acl-num> is the extended ACL identifier <ip-addr> is the ISAKMP peer IP address <seconds> is the IPSec SA lifetime in seconds <trans-set-name> is the IPSec transform set name

For example: configure crypto map cms_initresp_map 1 ipsec-isakmp set peer 10.1.240.82 configure crypto map cms_initresp_map 1 ipsec-isakmp match address 101 configure crypto map cms_initresp_map 1 ipsec-isakmp set transform-set ts1 configure crypto map cms_initresp_map 1 ipsec-isakmp set security-association lifetime seconds 1800

Delete a crypto map with the following CLI command: configure no crypto map <map-name> <seq-num>

Start and Stop IKE Daemon

Once the IKE and IPSec configuration is complete, the IKE daemon must be started. If any of the Phase 1 or Phase 2 configuration data is incomplete, the IKE daemon will not start, accompanied with a CLI error

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-17

16 PacketCable™ Services

response. If any configuration changes are made while the IKE daemon is running, the IKE daemon must be stopped and restarted for changes to take effect. Note, the current IPSec SAs are not disturbed when the IKE daemon is stopped. The IKE daemon is started with the following CLI command: configure crypto isakmp enable The IKE daemon is stopped with the following CLI command: configure no crypto isakmp enable

Verify IPSec Operation

Once the C4 CMTS IKE daemon is started and the IKE peers are ready, ISAKMP and IPSec SAs should be created soon. There should be one ISAKMP SA per peer, unless the SA has expired. There should be at least one inbound IPSec SA and one outbound IPSec SA between the C4 CMTS and each IKE peer, at all times. The following command examples show how to display the SAs. C4> show crypto isakmp sa

Local --------------10.1.171.11 10.1.171.11

Remote --------------10.1.240.82 10.1.2.48

Lifetime (sec) State Conn Role Enc Hash Grp Limit Remain ------ ---- ---- ---- ---- --- ------ -----mature 21 resp 3des md5 1 6000 4072 mature 20 resp 3des md5 1 6000 4057

C4> show crypto ipsec sa
Interface: loopback 0 Local Remote --------------- --------------10.1.171.11 10.1.2.48 10.1.171.11 10.1.2.48 10.1.171.11 10.1.2.48 10.1.171.11 10.1.2.48 10.1.171.11 10.1.240.82 10.1.171.11 10.1.240.82 Interface total SA count: 6 Dir --in in out out in out Life Limit Life Remain Type SPI State Enc Auth (sec) (sec) Packets ---- ---------- ------ ---- ---- ---------- ----------- ---------esp 0x3067015b mature 3des md5 6000 4006 6 esp 0x4a90df1e mature 3des md5 6000 4032 2029 esp 0x3bd152b8 mature 3des md5 6000 4006 6 esp 0x66deea04 mature 3des md5 6000 4032 2089 esp 0x187eb4fe mature 3des md5 6000 4021 3331 esp 0x00000bf2 mature 3des md5 6000 4021 4567

The "Packets" in the "show crypto ipsec sa" display should be increasing on one outbound IPSec SA and increasing on one or more incoming IPSec SAs per peer. This is a good hint that the intended traffic (COPS and/or Event messaging, for example) is flowing through the IPSec SAs. If IKE and/or IPSec SAs fail to be created properly, the first step should be to manually compare the Phase 1 and Phase 2 security parameters configured on the C4 CMTS and the IKE peer to ensure compatibility. The next

16-18

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

step is to inspect the C4 CMTS syslogs to diagnose the problem. Make sure that INFO syslogs are enabled as this is where much IKE and IPSec information is recorded.

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-19

16 PacketCable™ Services

IKE and IPSec Command Summary

The following commands are used to manage IKE and IPSec functionality on the C4 CMTS: configure access-list <crypto-ext-acl-num> clear crypto sa configure crypto dynamic-map configure crypto dynamic-map <dyn-map-name> <seqnumber> match address configure crypto dynamic-map <dyn-map-name> <seqnumber> set peer configure crypto dynamic-map <dyn-map-name> <seqnumber> set security-association lifetime configure crypto dynamic-map <dyn-map-name> <seqnumber> set transform-set configure crypto ipsec security-association lifetime seconds configure crypto ipsec transform-set configure crypto ipsec transform-set <trans-set-name> authentication configure crypto ipsec transform-set <trans-set-name> encryption configure crypto ipsec transform-set <trans-set-name> mode configure crypto isakmp enable configure crypto isakmp key configure crypto isakmp local-address configure crypto isakmp policy configure crypto map <map-name> <seq-number> ipsecisakmp configure crypto map <map-name> <seq-number> ipsecisakmp dynamic configure crypto map <map-name> <seq-number> ipsecisakmp match address configure crypto map <map-name> <seq-number> ipsecisakmp set peer

16-20

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure crypto map <map-name> <seq-number> ipsecisakmp set security-association lifetime seconds configure crypto map <map-name> <seq-number> ipsecisakmp set transform-set show crypto dynamic-map show crypto ipsec sa show crypto ipsec security-association lifetime show crypto ipsec transform-set show crypto isakmp show crypto isakmp policy show crypto isakmp sa

PacketCable Settings
Showing status Viewing PacketCable settings — To view many of the important settings relating to PacketCable on the C4 CMTS, issue the CLI command: show packetcable global

The following is a typical system response: PacketCable DQoS Administrative state: DOWN COPS TCP port: 2126 Timer t0: 30 seconds Timer t1: 250 seconds PacketCable Multimedia Administrative state: DOWN COPS TCP port: 3918 Timer t1: 300 deciseconds Gate Message Throttling: SCM NORMAL max Gate Messages per 10 seconds: 900 SCM YELLOW max Gate Messages per 10 seconds: 900 SCM RED max Gate Messages per 10 seconds: 300

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-21

16 PacketCable™ Services

Admission Control Limits: Upstream Priority Reserved Allowed -------- ------Normal 0% 50% Emergency 0% 70% Total 70% Preemption: enabled

Downstream Reserved Allowed -------- ------0% 50% 0% 70% 70%

Event Messaging Parameters Enabled: no - not configured Element ID: not configured Event messaging UDP source port: 1813 Maximum number of events per batched message: 3 Batch timer: 1 minute ACK timer: 1000 milliseconds Maximum number of retransmissions to RKS: 1 Viewing Connected Network Elements — To display the current connections, issue the following CLI command: show netstat Look for TCP connections with a state of ESTABLISHED at ports 2126, 1813, and 3918 on the C4 CMTS. The C4 CMTS generates an output similar to the following text: Proto udp udp udp udp udp udp udp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp Local Address 0.0.0.0.123 0.0.0.0.161 0.0.0.0.1813 0.0.0.0.49152 0.0.0.0.49155 0.0.0.0.49162 100.0.0.30.69 0.0.0.0.21 0.0.0.0.23 0.0.0.0.2126 10.44.13.3.3918 10.44.13.3.23 10.44.13.3.23 10.44.13.3.2126 10.44.13.3.2126 10.44.13.3.3918 10.44.13.3.3918 127.0.0.1.2323 Foreign Address (state)

0.0.0.0.0 0.0.0.0.0 0.0.0.0.0 10.43.4.35.3423 10.43.4.35.3626 10.44.16.9.4513 10.1.2.48.45490 10.1.240.82.52639 10.43.200.226.42259 10.43.200.227.41968 0.0.0.0.0

LISTEN LISTEN LISTEN ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED LISTEN

16-22

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

In the above output some of the lines appear here in boldface type. • • • Port 1813 is used for Event Messaging There is an open TCP LISTENING socket at port number 2126, which is waiting to accept new COPS connections There are two ESTABLISHED COPS TCP connections from Call Management Servers to the C4 CMTS at port 2126 – one connection from 10.1.2.48.45490 and one connection from 10.1.240.82.52639 Port 3918 is used for PCMM Policy Servers. There are two established PCMM Policy Server connections: one from 10.43.200.226.42259 and another from 10.43.200.227.41968.

Enabling and Disabling PacketCable Services

By default, PacketCable services are disabled on the Cadant C4 CMTS. When PacketCable Services are disabled, The C4 CMTS disallows any PacketCable signaling connections using the Common Open Policy Service (otherwise known as COPS) from a Call Management Server (CMS) or Policy Server (PS). As a result, all PC1.x and PCMM requests fail. To enable PacketCable services on the C4 CMTS, issue the CLI command: configure packetcable PC1.x and PCMM can be enabled independently using the following commands: configure packetcable dqos no shutdown configure packetcable pcmm no shutdown With PC1.x services enabled, the C4 CMTS accepts and maintains PacketCable COPS TCP connections to port 2126. In addition, the C4 CMTS processes PacketCable signaling messages from the Call Management Server and use this signaling to authorize call requests from the subscribers’ Multimedia Terminal Adapters (MTAs). Likewise, with PCMM enabled, the C4 CMTS accepts and maintains PacketCable COPS and TCP connections to port 3918. To disable PacketCable services on the C4 CMTS, issue the CLI command: configure no packetcable Or use one of the following to disable PC1.x or PCMM, specifically: configure packetcable dqos shutdown configure packetcable pcmm shutdown When PacketCable services transition from enabled to disabled, all PacketCable calls in progress are aborted and signaling links to all CMSs are torn down. If PCMM is shut down, all associated PacketCable gates are torn down and all signaling links to the PSs are torn down.

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-23

16 PacketCable™ Services

PC1.x Timers

The following timers are specific to the PacketCable DQoS protocol. The C4 CMTS functions properly in most environments using the default values. In rare cases, the parameters may be modified through the use of CLI commands. To set the threshold value of a particular timer of the C4 CMTS, issue the CLI command: configure packetcable timer {timer name} Where {timer name} is t0 or t1. Timer T0 — Timer T0 limits the amount of time between the reception of a Gate-Alloc message and a Gate-Set message for the same DQoS Gate. The default value of this timer is 30 seconds. This timer has a range of 1 to 60 seconds. Timer T1 — This timer limits the validity period for authorization of a particular PacketCable call. This timer is started whenever a Gate is established and reset whenever a Commit operation is performed on the resources authorized by the gate. It is also reset for a reserve operation. Ordinarily, Timer-T1 is received in the Gate-Set message. If the value given in the Gate-Set message is zero, then Timer-T1 is set to a provisioned value. The default value of this timer is 250 seconds. This timer has a range of 1 to 600 seconds.

PCMM Timers

The following timers are specific to the PacketCable Multimedia protocol. The C4 CMTS functions properly in most environments using the default values. In rare cases, the parameters may be modified through the use of CLI commands. To set the threshold value of a particular timer of the C4 CMTS, issue the CLI command: configure packetcable pcmm timer t1 <value> Where <value> is the value, in deciseconds. Default = 300 deciseconds. Timer T1 — This timer limits the validity period for authorization of a particular PacketCable call. This timer is started whenever a Gate is established and reset whenever a Commit operation is performed on the resources authorized by the gate. It is also reset for a reserve operation. Ordinarily, Timer-T1 is received in the Gate-Set message. If the value given in the Gate-Set message is zero, then Timer-T1 is set to a provisioned value.

Showing PacketCable Timers

To display all of the PacketCable timer settings, issue the CLI command: show packetcable global Look for lines similar to the following in the output:

16-24

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

PacketCable DQoS Administrative state: DOWN COPS TCP port: 2126 Timer t0: 30 seconds Timer t1: 250 seconds PacketCable Multimedia Administrative state: DOWN COPS TCP port: 3918 Timer t1: 300 deciseconds Setting the Upstream DiffServ Code Point When setting up a data network with voice, it is recommended that the entire network (access and backbone) be configured to provide an enhanced QoS for telephony. One of the ways to do this is to use the DiffServ protocol. This protocol uses a field in the IP header to determine the quality of service level to be used for each network hop. The C4 CMTS marks all upstream voice packets with the DiffServ code point that is provided by the CMS in the Gate-Set message. This parameter should be provisionable on the CMS. NOTE The C4 CMTS does not currently support Event Messaging for PCMM. Event Messaging PacketCable uses the notion of half-calls for its call model. Each half call consists of the portion of a call from the CMTS to the other device – either an MTA or a PSTN gateway. These half-calls are signaled independently of one another and are tied together only by the logical connection that the CMS creates when it sets up each half call. These half-calls are also signaled separately for billing purposes. Billing events for each half call are transmitted to a Record Keeping Server (RKS). The RKS then correlates all events for the full call and creates billing records. The protocol used by devices that communicate to the RKS is known as Event Messaging. Event Messaging port number — The C4 CMTS uses the static port 1813 for Event Messages. The C4 CMTS listens to port 1813 when PacketCable services are enabled, and uses port 1813 as the source port in the UDP header of any Event Messages. Event Messaging Retry Interval — The Event Messaging Retry Interval is the maximum amount of time that the C4 CMTS waits for an acknowledgement of an event message before the CMTS assumes that the message is lost. At this point, the C4 CMTS either retransmits the message or switches to the secondary RKS. To set the Event Messaging Retry Interval, issue the CLI command: configure packetcable eventmsg retry timer <time>

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-25

16 PacketCable™ Services

The default value of this timer is 1000 milliseconds. This timer has a range of 10 to 10,000 milliseconds. Event Messaging Retry Count — The Event Messaging Retry Count is the maximum number of times that the Event Messaging Retry Interval may expire before the C4 CMTS switches to the secondary RKS. To set the Event Messaging Retry Count, issue the CLI command: configure packetcable eventmsg retry limit <count> The default value is 1. The count has a range of 0 to 9. Event Messaging Maximum Batch Events — The Event Messaging Maximum Batch Events is the maximum number of event messages collected and combined into one packet for transmission to the RKS. Use the following command: configure packetcable eventmsg batch-size <n> The default value is 3. The count has a range of 2 to 10. NOTE To enable or disable Event Messaging Batch Mode, refer to the CMS documentation. Event Messaging Element Identifier — The Event Messaging element Identifier is a number that is assigned to the C4 CMTS and is included in all event messages from the C4 CMTS. This number is used by the RKS so that it knows that the event message came from this particular CMTS. configure packetcable eventmsg element-id <id> There is no default value. This number must be configured for event messaging to work. The range of values is 0 to 99999. Disabling the Generation of All Event Messages — To disable generation of all event messages enter: configure packetcable eventmsg element-id no Enabling Event Messaging Error Logging — Event Messaging on the C4 CMTS has the capability to dump the contents of an event message to a file if all attempts to communicate with the RKS have failed. These records can be used later to manually update the RKS when it becomes operational. By default, this error logging is turned off. It should be turned on if the system is relying on event messaging from the C4 CMTS for billing. To turn on this capability, the syslog server must be configured. Once the syslog server is configured, type the following at the CLI prompt: configure logging override event 2473092361

16-26

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

To verify the logging is enabled, type the command: show logging The output shows event ID 2473092361 with the word “Admit” next to it. When this event ID is enabled, the syslog file contains a memory dump of each event message that it has failed to transmit to the RKS. PacketCable Connection Admission Control (CAC) The C4 CMTS provides the capability for partitioning the available bandwidth on a per channel basis (upstream and downstream) between telephony and non-telephony services. Furthermore, the C4 CMTS provides the capability to “borrow” from the non-telephony pool in the case of a high priority (emergency) call. The data portion of the channel bandwidth is still allowed to be over-subscribed as in previous releases of the C4 CMTS. NOTE The CMS detects and signals the priority of the call to the C4 CMTS. The new definitions of CAC Levels are as follows: • CAC LEVELS 1 and 2 are used only for upstream load balancing (ULB) across a cable group. When these values are exceeded on an upstream channel, load balancing attempts to direct registering modems to another upstream channel within the cable group. CAC LEVEL 3 is used as a data oversubscription multiplier in the following way. If CAC L3 is set to 500%, then we take the percent of the channel that can be used for data and multiply that by 500%. Data service flows whose minimum guaranteed bandwidth would cause this value to be exceeded are denied.

Packetcable CAC values for allowed-normal-voice should be configured so that adequate bandwidth is reserved for channel management and modem registration purposes. The value for allowed-emergency-voice should be configured so that at least enough bandwidth remains to do basic channel management of creating and destroying dynamic service flows. The guidelines below provide the settings for PacketCable CAC values that should not be exceeded so that the channel can be managed effectively. Exceeding these guidelines could result in a channel becoming overloaded and prevent dynamic service flow set up and tear down. NOTE PacketCable voice limits do not apply to PCMM unless the gate is specified as a UGS flow. PCMM treats non-UGS flows as normal data flows.

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-27

16 PacketCable™ Services

Guidelines for Maximum CAC Values

Use the following recommendations for setting allowed-normal-voice and allowed-emergency-voice. Bandwidth is expressed in terms of data throughput and is a function of channel width and compression technique. Allowed-total-voice should be equal to allowed-emergency-voice. Voice traffic is not recommended on 320 or 640 KPBS channels. Channel BW 1.28 MBPS 2.56 MBPS 5.12 MBPS 10.24 MBPS allowed-normal-voice 55% 75% 85% 90% allowed-emergency-voice 75% 85% 90% 90%

Setting Downstream Values — Use the following commands (in the order listed here) to set downstream values: configure interface cable <slot>/<dport> cable downstream voice-limits allowed-normal <percent> configure interface cable <slot>/<dport> cable downstream voice-limits reserved-normal <percent> configure interface cable <slot>/<dport> cable downstream voice-limits allowed-emergency <percent> configure interface cable <slot>/<dport> cable downstream voice-limits reserved-emergency <percent> configure interface cable <slot>/<dport> cable downstream voice-limits allowed-total <percent> Where: <slot> is the chassis slot that contains the CAM port being configured — valid range is 0-15 <dport> is the downstream interface port number that is being configured — 0 is the only valid downstream port at this time. <percent> is the percentage of bandwidth to be used — valid range is 0 to 90

16-28

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Setting Upstream Values — Use the following commands to set upstream values: configure interface cable <slot>/<dport> cable upstream <uport> voice-limits allowed-normal <percent> configure interface cable <slot>/<dport> cable upstream <uport> voice-limits reserved-normal <percent> configure interface cable <slot>/<dport> cable upstream <uport> voice-limits allowed-emergency <percent> configure interface cable <slot>/<dport> cable upstream <uport> voice-limits reserved-emergency <percent> configure interface cable <slot>/<dport> cable upstream <uport> voice-limits allowed-total <percent> Where: <slot> is the chassis slot that contains the CAM port being configured — valid range is 0-15 <dport> is the downstream interface port number that is being configured — 0 is the only valid downstream port at this time. <uport> id the upstream interface port number that is being configured — valid range is 0 through 7 <percent> is the percentage of bandwidth to be used — valid range is 0 to 90 Preemption of Normal by Emergency Calls If completion of an emergency call would cause the channel to exceed the allowed-total-percentage CAC limit, the C4 CMTS randomly searches for an existing normal call on that channel to preempt. If a normal call to preempt is found, the C4 CMTS simultaneously initiates a tear-down of that normal call while allowing the emergency call to be set up. Use the following commands to enable/disable emergency preemption: C4# configure packetcable voice-limits [no] emergencypreemption Use the following commands to set global voice limits for PacketCable in the C4 CMTS: C4# configure packetcable voice-limits set-all Use the following commands to set voice limits for all downstream or upstream channels: C4# configure packetcable voice-limits [downstream|upstream] <x> where x is:

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

16-29

event messaging parameters.16 PacketCable™ Services allowed-normal <%bw> Maximum % DS and/or US channel bandwidth allowed for normal voice use allowed-emergency <%bw> Maximum % DS and/or US channel bandwidth allowed for emergency voice use allowed-total <%bw> for all classes of voice traffic % US and/or DS Bandwidth allowed reserved-emergency <%bw>Minimum % US and/or DS channel bandwidth reserved for emergency voice use reserved-normal <%bw> Minimum % US and/or DS channel bandwidth reserved for normal voice use Use the following command to view voice limit parameters for a particular upstream or downstream channel: configure interface cable <slot>/<mac>[<.subinf#>] cable downstream voice-limits ? configure interface cable <slot>/<mac>[<. COPS parameters. and voice limits. 16-30 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .subinf#>] cable upstream <uport> voice-limits ? allowed-normal reserved for normal voice use reserved-normal reserved for normal voice use Maximum % US channel bandwidth Minimum % US channel bandwidth allowed-emergency Maximum % US channel bandwidth reserved for emergency voice use reserved-emergency Minimum % US channel bandwidth reserved for emergency voice use allowed-total classes of voice traffic emergency-preemption normal traffic % US Bandwidth allowed for all allow emergency traffic to preempt Use the following command to show Packetcable global configuration: show packetcable global The system response includes the administrative state of PacketCable.

issue the following CLI command: show controllers cable <slot>/<ds> downstream To show the current settings for an upstream channel.C4 CMTS Data Consistency Checks The C4 CMTS uses the following rules to ensure that data is consistent: • Percent reserved-normal + percent reserved-emergency are reserving bandwidth for normal and emergency calls. Release 4.2. in keeping with the PacketCable requirement to do so. The sum of the two values cannot exceed 90% Percent reserved-normal can never be greater than percent allowednormal and percent reserved-emergency can never be greater than percent allowed-emergency Percent allowed-normal can not be greater than 90 or greater than percent allowed-total Percent allowed-emergency can not be greater than 90 or greater than percent allowed-total Percent allowed-total can not be greater than 90. Standard ARRIS PROPRIETARY — All Rights Reserved 16-31 . Show Values — To show the current settings for a downstream channel. This functionality is configurable via the following command. issue the following CLI command: show interface cable allocated-bandwidth • • • • Upstream Packet Classification Enforcement The C4 CMTS provides upstream packet classification enforcement. issue the following CLI command: show controllers cable <slot> To show the current PacketCable bandwidth allocation/usage of a single CAM. configure operation mode [no] upce If it is enabled. issue the following CLI command: show controllers cable <slot> upstream <uport> To show the current setting for the downstream channel and all its upstream channels. Where the values for normal and emergency percentages <percent> must be expressed as integers from 0-90. the C4 CMTS classifies any upstream packets according to the classifiers defined during modem registration and via any DSx messaging. issue the following CLI command: show interface cable <slot>/<ds> allocated-bandwidth To show the current PacketCable bandwidth allocation/usage of all CAMs. By default upstream packet classification is disabled.

the packet is dropped.16 PacketCable™ Services When the enforcement functionality is enabled using the command above. As defined by the specification. if the surveillance request involves CALEA Call Data. Thus. • • 90% of all surveillance orders are of the first two types. There are three types of surveillance requests: • Pen Register – this type of request records call identifying information for all calls originated by a subject. 16-32 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . which includes Communications Assistance for Law Enforcement Act (CALEA) Call Data and CALEA Call Content. A request for electronic surveillance is initiated at the CMS. only networks employing full PacketCable DQoS can leverage PacketCable Electronic Surveillance functionality. If these SIDs do not match. This is CALEA Call Content. therefore. The role of the CMTS in an electronic surveillance request includes the following steps: 1 Recognize the request that has been initiated by the CMS. if the surveillance request involves CALEA Call Content. 3 Duplicate media stream content and send the duplicate stream to the Delivery Function. Only such packet streams are defined as calls by CALEA. I03. If these SIDs match. the packet is passed on. the functionality covered by this feature applies only to packets transmitted utilizing the capabilities of the Call Management System. the C4 CMTS compares the SID associated with the matching classifier with the SID upon which the packet was received. Trap and Trace – this type of request records call identifying information for all calls received by a subject. versions I01. including enhanced Quality of Service as authorized. This is one flavor of CALEA Call Data.x Electronic Surveillance The C4 CMTS supports PacketCable Electronic Surveillance (ES). these are the only packet streams subject to surveillance. I02. PacketCable Electronic Surveillance makes it possible for MSOs that implement PacketCable specifications to support lawfully authorized electronic surveillance consistent with the requirements of CALEA. 2 Duplicate event messages and send them to the specified Delivery Function (DF). and I04. Interception – this type of request allows Law Enforcement Agents (LEAs) to listen to conversations of a subject. and the request is generally made for both Pen Register and Trap and Trace simultaneously. This is the second flavor of CALEA Call Data. PC1.

The C4 CMTS can be connected to multiple CMSs. the C4 CMTS supports a maximum number of intercepts of 5% of its active calls.C4 CMTS When a surveillance request has been associated with a subscriber on the CMS and the subject under surveillance is involved in a call. This object contains all or some subset of the following. since a CMTS Element ID is required for the event messages that are forwarded to the Delivery Function. This is in keeping with the PacketCable specification. The CCC-ID is used by the Delivery Function to uniquely identify the packets associated with this particular media stream (this attribute is present beginning with PKT-SP-ESP-I02). an Electronic Surveillance object is sent to the CMTS within the Gate-Set message sent to the CMTS from the CMS.2. page 16-25. Electronic Surveillance Configuration Event Messaging must be configured on the C4 CMTS in order to enable the forwarding of the duplicated event messages to the Delivery Function. each of which might support a different version of electronic surveillance. Standard ARRIS PROPRIETARY — All Rights Reserved 16-33 . For more details see Event Messaging. Per Electronic Surveillance specification assumptions. the network should be configured such that the Delivery Function associated with a surveillance request should be compatible with the version requested by the CMS. Release 4. depending on what type of surveillance request has been made: • • • • • • A flag which indicates the type of surveillance requested The IP address of the Delivery Function to which Call Data should be forwarded The port of the Delivery Function to which Call Data should be forwarded The IP Address of the Delivery Function to which Call Content should be forwarded The port of the Delivery Function to which Call Content should be forwarded The Call Content Connection Identifier (CCC-ID). The C4 CMTS dynamically determines the electronic surveillance version from the syntax of the electronic surveillance object sent to the CMTS from the CMS. Note that the retry limit and the retry timer as configured for Event Messaging also apply to the event messages that are sent to the Delivery Function. The C4 CMTS forwards surveillance information in a format compliant with the version related to the surveillance request in question. Therefore.

43.200.16 PacketCable™ Services If an RKS is not being deployed within the PacketCable network being configured.---. Electronic Surveillance Logging Messages The C4 CMTS prints the following “info” level log messages when a request for CALEA Call Data or CALEA Call Content.204:clear logging history 17:02:40 19 info: Received Electronic Surveillance Request for Call Data (Pen Register Trap & Trace). -------.. size=2000 show history filters: terse format Time Sl Pri Text. No provisioning is required on the C4 CMTS to enable CALEA Call Content.---. the following command can be entered to turn off billing on the C4 CMTS: configure packetcable eventmsg no billing-events This allows the event messages to be forwarded to the Delivery Function without sending event messages to a non-existent RKS. is received from the CMS: Example 1: — CALEA Call Data log message C4# slh History: notifications=4. 16-34 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Example 2: — CALEA Call Content log message C4# slh History: notifications=4. respectively.------17:01:54 19 notc: CLI command:c4:10.204:clear logging history 17:02:40 19 info: Received Electronic Surveillance Request for Call Data (Pen Register Trap & Trace).204:show logging history 17:03:38 19 info: Received Electronic Surveillance Request for Call Content (Intercept).43.200. size=2000 show history filters: terse format Time Sl Pri Text.-. -------. 17:02:45 19 info: CLI command:c4:10.------17:01:54 19 notc: CLI command:c4:10.43.-....200.

1compliant Dynamic Services Interface functionality. and so on) Robust signaling support via the check and balance provided by the three legs involved (MTA.C4 CMTS Running in a non-PacketCable Compliant Voice Environment The C4 CMTS may be configured to run in an enhanced-QoS network configuration that is not fully PacketCable compliant.1 Dynamic Services interface must be enabled. the best-effort primary flow of the MTA may be used to carry telephony packets at the expense of audio quality. multiple vendor MTAs on the same C4 CMTS and even on the same CAM. This mode causes the C4 CMTS to assume that all Dynamic Services requests are authorized. if enhanced QoS is not desired. Working with non-ARRIS MTAs in a non-PacketCable Compliant Voice System When using enhanced-access QoS with an MTA produced by a vendor other than ARRIS in a non-PacketCable compliant system. the generic DOCSIS 1. the C4 CMTS rejects DOCSIS Dynamic Services requests that do not include an Authorization Block specifying a CMS-issued Gate ID (required for PacketCable). In this case. The required changes are dependent on the vendor of the MTA as well as the degree of PacketCable compliance to be used on the access network. CMS) Billing support Electronic surveillance support Differentiation of emergency calls from normal calls When the C4 CMTS is configured for non-PacketCable Compliance. Of course.2. The benefits of running in a PacketCable compliant system configuration include: • • • • • • Authorization of DSx requests using PacketCable gates. NOTE If you choose to support non-PacketCable. Standard ARRIS PROPRIETARY — All Rights Reserved 16-35 . thus providing a higher level of security against theft of service Secure connections for administrative services (COPS messaging. the system provides for guaranteed Quality of Service using the DOCSIS 1. Event Messaging. use the configure interface cable {slot} authorization-module command to set open-dynamic-flow-policy to true and disable PacketCable (no packetcable). NCS. one or more changes from the default configuration may be necessary on the C4 CMTS. Release 4. CMTS. Otherwise.

opendynamic-flow-policy may be enabled or disabled. use the following two commands to configure the authorization module: configure interface cable {slot Number} authorizationmodule [no] packetcable configure interface cable {slot Number} authorizationmodule [no] open-dynamic-flow-policy 16-36 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . (See NOTE above.) First execute the following command to disable PacketCable: configure interface cable {slot Number} authorizationmodule no packetcable where {slot Number} is replaced by the actual number of the C4 CMTS chassis slot containing the CAM. thereby allowing the C4 CMTS to not need to be open to all DOCSIS Dynamic Services Requests. Ensure that spare CAMs in the same bundle-group are included as well. This is useful in environments whereby the CMS does not implement the PacketCable DQoS Gate authorization scheme over the COPS protocol. for each CAM.16 PacketCable™ Services For each Cable Access Module (CAM) upon which calls will be made with this configuration. To disable this mode. configure interface cable {slot Number} authorizationmodule [no] open-dynamic-flow-policy Comparison of Provisioning for PacketCable and nonPacketCable Voice As stated above. according to user preference. If using ARRIS MTAs in a non-PacketCable voice application. execute the CLI command: configure interface cable {slot Number} authorizationmodule no open-dynamic-flow-policy Working with ARRIS MTAs in a non-PC1. execute the CLI command: configure interface cable {slot Number} authorizationmodule open-dynamic-flow-policy where {slot Number} is replaced by the actual number of the C4 CMTS chassis slot containing the CAM.x Compliant System ARRIS MTAs (TTM and TTP families) are capable of using an additional degree of security in that they can mimic the format of PacketCablespecific Dynamic Services requests. Ensure that spare CAMs in the same bundle-group are included as well.

the system default is enabled Disabling open-dynamic-flow-policy prevents any non-PacketCable DOCSIS 1. this setting can be disabled to provide for the higher level of protection against theft of service.1 DSx activity from occurring. If packetcable is enabled. then … • • packetcable MUST be enabled (the system default is enabled) open-dynamic-flow-policy can be enabled or disabled. Currently there are no known applications using DSx except PacketCable. so disabling opendynamic-flow-policy helps provide some level of protection against theft of service. Standard ARRIS PROPRIETARY — All Rights Reserved 16-37 . the C4 CMTS tries to authorize against this non-existent gate and fails the call. If only ARRIS TTMs are used.2.C4 CMTS If PacketCable DQoS is desired. • open-dynamic-flow-policy should be enabled (the system default is enabled) Enabling open-dynamic-flow-policy is required when running with non-ARRIS MTAs. Release 4. then … • packetcable should be disabled (the system default is enabled) Disabling packetcable is required when running with ARRIS TTMs: they use the gate ID 0x8675309 in the DSx messages. If DSx DQoS (non-PacketCable) is desired.

on a single CMTS. However. video. in order to treat the various voice applications equally. be handled at traffic priority 6 to ensure call set up even in the presence of high speed data overload. but as high as possible. therefore. See Table 16-2 below. based on ARRIS experiences with lab testing of converged services in system overload conditions. rtPS has been used in field trials as the flow type for the video portion of video calls ARRIS strongly recommends that upstream signaling traffic. “signaling” includes both PacketCable 1.1 must be applied to enforce appropriate relative prioritization of traffic. if it is desired that one type of voice application be given priority over another type. this flow type is always higher priority than any other. Of course. To ensure that appropriate QoS levels are enforced in this mixed services environment. 6 Downstream PacketCable 1. as noted. and tiered services.x NCS and DSx signaling (which is critical to call set up and tear down). Table 16-2: Recommended Traffic Priorities for Different Applications Application Upstream Voice Bearer Traffic: UGS and UGS/AD Real-Time Polling Service (rtPS) Upstream Voice Signaling Traffic DOCSIS Traffic Priority N/A 7 Notes The C4 guarantees service to UGS flows.x. this traffic priority is fixed. per CableLabs specification. As in the upstream. which includes PacketCable 1.x NCS and DSx signaling. some of the values are strongly recommended. This priority is a candidate for PCMM services. If a mix. ARRIS recommends the utilization of some of these DOCSIS parameters in association with each of the applications that might potentially run on the C4. such as voice. QoS parameters defined by DOCSIS 1. per the DOCSIS specification.x Voice Bearer Traffic 5 Downstream PacketCable 1. Advanced DSG service. For PacketCable 1. priority should be set appropriately for the desired behavior. and high speed data.16 PacketCable™ Services Converged Services Ensuring QoS in a Converged Services Environment Converged services is the term applied to the deployment of various applications. Keep in mind that other settings can be used. This value was chosen to be lower priority than the actual bearer traffic. both in the form of PacketCable 1. as long as the relative priority of the various applications is set as desired. of voice applications is to be deployed. priorities should be applied at this level.x.x Voice Signaling Traffic 4 3 16-38 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

and the data and signaling flows would be set up via a modem configuration file. per PacketCable 1. Priority 1 is often used for high speed data.x. ARRIS strongly recommends these settings to ensure that sufficient opportunities are given for data to be transmitted on these flows. and tiered services. SfMaxTrafficRate (tmax) and SfMinReservedRate (tmin) ARRIS recommends using the tmin and tmax values in Table 16-3 whenever there is a desire to maintain toll grade performance under data overload conditions: Table 16-3: Adjusting tmax and tmin for Overload Conditions Application Upstream Voice Signaling Traffic tmin 8k tmax 64k Notes ARRIS strongly recommends these settings to ensure that sufficient opportunities are given for data to be transmitted on these flows. Priority 0 is the default priority applied to high speed data and DSG Tunnel data. Release 4. This is especially critical if there is a desire to maintain toll grade performance under high speed data overload conditions. Note that the voice flows would be set up dynamically.C4 CMTS Table 16-2: Recommended Traffic Priorities for Different Applications (Continued) Application DOCSIS Traffic Priority 2 High Speed Data (Best Effort) Default HSD and DSG Tunnel Data 1 0 Notes This priority is a candidate for PCMM services. Downstream Voice Signaling Traffic 8k 64k High Speed Data 0k The following diagram shows one possible classification scheme to set up flows with the parameters recommended above. Advanced DSG service.2. Standard ARRIS PROPRIETARY — All Rights Reserved 16-39 . Leaving HSD at the tmin default of 0k reinforces the priority for polling opportunities given to the applications listed above. unless otherwise specified via a modem config file (for HSD) or via SCN (for DSG).

d * SrcPort = Z * DestPort = A Priority = 2 IP: * Proto = 17(UDP) * SrcPort = 2727 Voice Flow (UGS [A/D]) [RTP] Voice Flow [RTP] Priority = 5 Priorities: High to Low Prim.x * SrcPort = A * DestPort = Z Priority = 2 IP: * Proto = 17(UDP) * SrcPort = 2427 DS Service Flows DS Classifiers Priority = 128 IP: * Proto = 17(UDP) * SrcAddr = w.x In a Combined Voice and Data Environment 16-40 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .x.y.d * DestAddr = w.z * DestAddr = a.x.16 PacketCable™ Services US Service Flows US Classifiers Priority = 128 IP: * Proto = 17(UDP) * SrcAddr = a.b.c. Flow [NCS+MacMgmt] Priority = 4 Tmax = 64K Tmin = 8K Secondary Flow (BE) [Data] Priority = 1 Tmin = 8K Priority = 1 IP: * Proto = 256 (Match any IP Proto) Secondary Flow [Data] Priority = 1 Tmin = 0 Priority = 1 IP: * Proto = 256 (Match any IP Proto) Figure 16-4: An Example of Classification for PacketCable 1.c. Flow (BE) [MacMgmt+NCS] Priority = 6 Tmax = 64K Tmin = 8K Prim.y.b.

Release 4.C4 CMTS 17. It does this by encrypting traffic flows on the RF link between the CM and CMTS. Baseline Privacy (BP) provides cable modem users with data privacy across the cable network equal to or better than that provided by dedicated line network services. Standard ARRIS PROPRIETARY — All Rights Reserved 17-1 . Baseline Privacy Interface (BPI) Topics Baseline Privacy Overview Baseline Privacy Setup Baseline Privacy Debugging Explanation of BPI Trap Codes CLI Commands for Baseline Privacy Page 1 4 20 24 28 Baseline Privacy Overview This section is a brief and high-level overview.2. Baseline Privacy also provides cable operators with protection from theft of data services. further detailed information can be obtained from CableLabs® in the latest versions of the DOCSIS® Baseline Privacy or Baseline Privacy Plus Interface specifications.

The first is Baseline Privacy Key Management (BPKM). To indicate the proper encryption/decryption key to use. BPKM uses DOCSIS® MAC Management messaging in the request/reply operations of the protocol. When encrypting packet data. the server. Through this key management protocol.509 digital certificates.17 Baseline Privacy Interface (BPI) Baseline Privacy Plus Interface (BPI+) is an extension of the Baseline Privacy Interface (BPI). the second is the packet data encryption on the RF link. the client. The CM and CMTS use the BPKM protocol to determine authorization status and transfer of traffic keying material. the frame’s header is not encrypted. The Baseline Privacy portion of the DOCSIS® C4 CMTS is compatible with cable modems operating in either BPI or BPI+ mode. The current DOCSIS® specified algorithm used for packet data encryption is 56-bit DES operating in cipher block chaining (CBC) mode. only the frame’s packet data is encrypted. Baseline Privacy uses public-key cryptography to establish symmetric traffic keys between the CM and CMTS. BPKM Packet Data Encryption Baseline Privacy Operational Overview The operation between the CM and CMTS is conducted in three main steps: 1 Registration 2 Initialization 3 Reauthorization and rekeying Each is explained in the sections that follow. responds to those requests. requests encryption material and the CMTS. NOTE To reduce confusion in MIB tables and the Baseline Privacy Specification. it further strengthens the BP specification by adding cable modem authentication through the use of X. a special Baseline Privacy Extended Header is included in the MAC frame header. These extensions are entirely backwards compatible with the earlier BPI specification. a Security Association ID (SAId) can be thought of as the key ID for a traffic flow. the CM and CMTS synchronize keying information. Packet data encryption is an extended service within the DOCSIS® MAC sublayer. This special extended header indicates encryption information related to the current MAC frame. BPKM follows a client/server model where the CM. It is just a number and should not be confused with the SID which is the service ID of a flow. BPI Operations Baseline Privacy is comprised of two separate but interrelated protocols. 17-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

There is one specific message TLV. A successful initialization sequence proceeds as follows: 1 The CM authorizes with the CMTS through the use of authorization messages. serial number. and a list of unicast SAIds along with provisioned multicast SAIds. an authorization key valid lifetime. BPI+ performs the same sequence as BPI with the addition of an initial digital certificate information message which is used in modem authentication. the modem receives operational parameters from the CM’s configuration file. any values that are not specifically defined in the configuration file are defaulted to the values defined in the Baseline Privacy Spec. • The first message is the Authorization Request. The progression of registration is the same for BPI and BPI+. and Baseline Privacy is enabled. in the Recommended Operational Ranges table. CAUTION BPI operation requires ALL type 17 BPI parameters to exist and be within range for registration to complete and accept the BPI portion of registration. It begins by authorizing the CM to use specific flows and is then followed by the transferring of traffic key information for each specific flow. The CMTS verifies these parameters through the CM’s registration request message. which contains the Baseline Privacy operational parameters. Appendix A. NOTE BPI+ is much less restrictive: some. The second message is the Authorization Reply from the CMTS. • Release 4. all. the second operational step of Baseline Privacy initialization begins. For BPI+ registration. but BPI+ has different requirements. This message contains CM identification (CM MAC. or no type 17 parameters need to exist for the BPI portion of registration to complete.2. Initialization After registration is complete. an authorization key sequence number. type 17. This message contains: A public key encrypted authorization key. manufacturer) and a list of unicast Service IDs (SIDs).C4 CMTS Registration At registration. Standard ARRIS PROPRIETARY — All Rights Reserved 17-3 .

the SAId the request is being made for. an authorization key sequence number and a message authentication code (HMAC). a SAId the request is being made for. All previously registered modems will not be affected. The second message is the Key Reply message. one or two traffic keys and respective information for the specific service flow. • Reauthorization and Rekeying The third operational step of reauthorization and rekeying is accomplished at predetermined lifetimes using the messages in the respective sequence above. and a message authentication code (HMAC). The HMAC is a keyed signature that uses the authorization key. the C4 will choose these operating values at system power up and no further system configuration is required. If these values are acceptable. serial number. please read the parameter descriptions on the following pages first. • The first message is the Key Request message. Baseline Privacy Setup This section describes Baseline Privacy basic setup procedures. For normal operation. This message contains: an authorization key sequence number (again used for HMAC signature). This message contain CM identification (CM MAC. a security association flag. Any changes made to this table will only affect newly registered modems. and manufacturer). Consistent settings offers easier maintenance of key lifetime versus key grace time values which may cause denied modem registration. therefore. 17-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . If you wish to configure the system using values other than the defaults. The basic configuration of the C4 CMTS for Baseline Privacy is broken into four main topics: 1 Initial CMTS Base Table Setup 2 Configuration files 3 Multicast 4 Digital certificates Initial CMTS Base Table Setup The DocsBpi2CmtsBaseEntry contains settings required when all new cable modems initialize Baseline Privacy. This allows consistent settings to be applied to all modems. the default values in the CMTS base table should be used.17 Baseline Privacy Interface (BPI) 2 The CM is granted traffic keys through the use of key (TEK) messages. the base table values should be set up before registering any modems on the system.

the counts are self explanatory and are read-only.048. in seconds.2. configure interface cable <slot/ds> cable privacy kek life-time <seconds> Release 4.000 604. Recommended range: Default (per DOCSIS®): 86. Figure 17-1 illustrates the DocsBpi2CmtsBaseEntry: Figure 17-1: Example of Baseline Privacy Base Table DefaultAuthLifetime The value of this object is the default lifetime. The shorter the lifetime the more processor overhead will exist. Standard ARRIS PROPRIETARY — All Rights Reserved 17-5 . only the CLI command will be described.400 – 6.C4 CMTS The configuration (status) data is briefly outlined.800 The default value is acceptable for normal operation. that the CMTS assigns to an initial cable modem’s authorization key. Since there are many different MIB browsers. Shorter times give some improvement in security. A MIB browser or CLI command may be used to configure DefaultAuthLifetime directly.

only the CLI command will be described.200 The default value is acceptable for normal operation. As a general rule. NOTE Valid self-signed certificates are marked trusted or untrusted depending on this MIB variable. If the default trust value is set to untrusted and CA Certificates are learned. Recommended range: Default (per DOCSIS®): 1. configure interface cable <slot/ds> cable privacy tek life-time <seconds> (Example): To set the default TEK lifetime to 12 hours on slot 5 channel 0: configure interface cable 5/0 cable privacy tek life-time 43000 DefaultSelfSignedManufCert Trust (BPI+Certificates) This object determines the default trust of self-signed manufacturer certificate entries.17 Baseline Privacy Interface (BPI) (Example) To set the default authorization lifetime to 7 days on slot 5 channel 0: configure interface cable 5/0 cable privacy kek life-time 604800 DefaultTEKLifetime The value of this object is the default lifetime. created after setting the object. contained in DocsBpi2CmtsCACertTable. A MIB browser or CLI command may be used to directly configure DefaultTEKLifetime. do not trust them. Valid values: Default: CAUTION trusted | untrusted untrusted Self-signed certificates are a security risk. then these CA Certificates are considered 17-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . CAUTION The TEK lifetime must be more than twice as large as the largest TEK CM grace time to prevent denied CM registration.800 – 604. Since there are many different MIB browsers. The shorter the lifetime the more processor overhead will exist. in seconds. that the CMTS assigns to an initial cable modem’s traffic key (TEK).800 43. Shorter times give some improvement in security.

only the CLI command will be described. Valid values: Default: true | false true Validity period checking should be on. To change the trust of previously learned self-signed CA Certificates. The current checking state is applied only to new incoming certificates and certificate chains. you must manually edit the current certificate’s trust state or delete the certificate entry so that the certificate will be relearned. Setting the trust value for default self-signed back to trusted does not automatically change the trust of previously learned self-signed CA Certificates.2. when the CMTS receives an Authorization Request from the CM. NOTE The respective period checking of certificates and their related chaining is not retroactive. A FALSE setting causes all certificates in the chain not to have their validity periods checked against the current time of day. Standard ARRIS PROPRIETARY — All Rights Reserved 17-7 . This is a one-time determination which is never reevaluated unless the certificate is deleted and relearned. only the CLI command will be described. A MIB browser or CLI command may be used to directly configure DefaultSelfSignedManufCertTrust.C4 CMTS untrusted and stored. A MIB browser or CLI command may be used to directly configure CheckCertValidityPeriods. Since there are many different MIB browsers. Since there are many different MIB browsers. configure interface cable <slot/ds> cable privacy default-cert-trust <value> (Example): To not trust self-signed certificates on slot 5 channel 0: configure interface cable 5/0 cable privacy default-cert-trust untrusted CheckCertValidityPeriods (BPI+ Certificates) Setting this object to TRUE causes all chained and root certificates in the chain to have their validity periods checked against the current time of day. configure interface cable <slot/ds> cable privacy chk-validity-period <value> Release 4.

that value will be used if within range.17 Baseline Privacy Interface (BPI) (Example): To enable checking of certificate validity period on slot 5 channel 0: configure interface cable 5/0 cable privacy chk-validity-period true To Review or Confirm Settings To check or review settings in the DocsBpi2CmtsBaseEntry MIB. setting BPI+ Default 10 10 600 600 10 10 17-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . NOTE BPI+ does not require ANY parameters to be present in the CM's configuration file. on page 17-8. If a value is specified in the config file. These values are BP-specific. See Table 17-1. configuration parameters. either a MIB browser or the following CLI command may be used: show interface cable <slot/ds> cable privacy base (Example): To display the DocsBpi2CmtsBaseEntry on slot 5 channel 0: show interface cable 5/0 cable privacy base Baseline Privacy Cable Modem Configuration File Settings All of the CM's Baseline Privacy configuration values are specified in the configuration file downloaded by the CM during registration. BP Cable Modem Config File Type 17 Parameters. Table 17-1: BP Cable Modem Config File Type 17 Parameters Parameter Name Authorize Wait Timeout Reauthorize Wait Timeout Authorization Grace Time Operational Wait Timeout Rekey Wait Timeout BPI Mode both both BPI only BPI+ only both both Valid Range 2-30 2-30 300-1800 300-3024000 1-10 1-10 BPI sugg. The modem will be rejected if the defined value is out of range. CAUTION BPI requires ALL type 17 parameters to be present and within range in the CM's configuration file. type 17. BPI+ will choose DOCSIS® defined default values for any parameter not specified in the CM's config file.

2. The authorization and TEK valid lifetimes.5566 life-time 604800 DocsBpi2CmtsAuthCmReset The setting of this object causes the CMTS to invalidate the authorization key for this CM. configure interface cable <slot/ds> cable privacy kek-cm <MAC> life-time <seconds> (Example) To set the authorization lifetime on modem 1122.509 Certificates Using CLI Commands. setting BPI+ Default 600 3600 60 1 4 BPI Initialized State Configuration Settings. are values that can be changed.800 seconds (seven days) on slot 5 channel 0: configure interface cable 5/0 cable privacy kek-cm 1122. Modifying certificates is covered in Provisioning BPI X.3344.C4 CMTS Table 17-1: BP Cable Modem Config File Type 17 Parameters (Continued) Parameter Name TEK Grace Time Authorization Reject Wait Timeout SA Map Wait Timeout SA Map Max Retries BPI Mode BPI only BPI+ only both BPI+ only BPI+ only Valid Range 300-1800 300-302399 10-600 1-10 0-10 BPI sugg.5566 to 604. you can also use CLI commands to modify them from the console. DocsBpi2CmtsAuthCmLifeti me The value of this object is the lifetime in seconds that the CMTS assigns to an authorization key for this CM. Standard ARRIS PROPRIETARY — All Rights Reserved 17-9 . as well as the Resetting of Authorization and TEK keys. configure interface cable <slot/ds> cable privacy kek-cm-reset <MAC> send-auth-invalid Release 4. page 17-17.3344. You may use a MIB browser to modify these values. There are a limited number of BPI configuration values that may be changed after the modem has passed BPI initialization. The no value of this command will set the value to default: 604800. In normal operation the procedures given above are used before modems register.

17 Baseline Privacy Interface (BPI) (Example) To reset the authorization on modem 1122. Encrypted multicast is similar to the above described encrypted unicast except that identical keying information must be sent to all modems operating in a specific multicast group.5566 on slot 5 channel 0: configure interface cable 5/0 cable privacy kek-cm-reset 1122. configure interface cable <slot/ds> cable privacy tek-said-reset <SAId> (Example) To reset the TEK for SAId 1234 on slot 5 channel 0: configure interface cable 5/0 cable privacy tek-said-reset 1234 Encrypted Multicast Setup Encrypted multicast operates in parallel with the multicast feature. the CMTS assigns to keys for this TEK association. The operation of multicast between BPI and BPI+ modes is significantly different. Static operation requires the operator to define multicast groups and key IDs along with authorizations for these keys for each modem requesting static operation. This configuration is static multicast. 17-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .3344. The no value of this command defaults to 43200. BPI+ multicast is compatible with BPI multicast although BPI multicast is not compatible with certain BPI+ multicast operations. in seconds.3344. Multicast Static Operation BPI/BPI+ All static multicast group IP addresses must be provisioned and each modem using the multicast group must be authorized through the use of the CLI or MIB.5566 send-auth-invalid DocsBpi2CmtsTEKLifetime The value of this object is the lifetime. configure interface cable <slot/ds> cable privacy tek-said <SAId> life-time <seconds> (Example) To set the TEK lifetime of SAId 1234 to 12 hours on slot 5 channel 0: configure interface cable 5/0 cable privacy tek-said 1234 life-time 43000 DocsBpi2CmtsTEKReset The setting of this object causes the CMTS to invalidate the TEK for this SAId.

In its initial authorization or reauthorization. a multicast map table element and associated multicast authorization element must be created. the CM is granted authorization for the provisioned (static) multicast map entry. the CLI method is described here.2. The CLI command to provision a multicast authorization table entry is: configure interface cable <slot/ds> cable privacy multicast auth <SAId> <CM MACAddr> 8192 230.255 des56 2 Verify the changes just made using the following show command: show interface cable <slot/ds> cable privacy multicast map 3 Provision the DocsBpi2CmtsMulticastAuthTable.255. or the C4 CMTS’s CLI may be used.255. The sequence of steps needed to provision a single CM to receive encrypted multicast packets associated to a single IP multicast group address is as follows: 1 Provision the DocsBpi2CmtsIpMulticastMapTable.3 255. or the C4 CMTS’s CLI may be used.2.1. This may be done through an appropriate MIB browser using its specific method for provisioning table entries.C4 CMTS Static Multicast Provisioning and Authorization To statically provision a CM to receive keying information for a specific multicast group.1. The CLI command to provision a static multicast table entry is: configure interface cable <slot/ds> cable privacy multicast map <SAId><IP Addr><Prefix><Alg Type> Where: SAId: 8192 – 16383 IP Addr: Valid IP multicast range Prefix: IP mask Alg Type: none (none = unencrypted) or des56 (Example) In order to create a MulticastMapTable entry with the following values on slot 5 channel 0: SAId: IP Addr: Prefix Len (IP mask): Encryption Alg: … Use this command: configure interface cable 5/0 cable privacy multicast map 8192 230. create additional multicast auth table entries for each respective modem. This may be done through an appropriate MIB browser using its specific method for provisioning table entries.255. Since the CLI is integral to the C4 CMTS.255. To allow additional modems authorization to the specific multicast group.3 255. Standard ARRIS PROPRIETARY — All Rights Reserved 17-11 .2.255 56 Bit DES Release 4.

the modem will be granted keys. Static Unencrypted Multicast provisioning (No Multicast Authorization Needed) In order to map an IP address to a unencrypted flow. No operator configuration is required. If a group is not provisioned. At this time the group switches to encrypted mode. Dynamic operation handles the creation and cleanup of keys and the respective mapping automatically through the use of BPKM messaging.17 Baseline Privacy Interface (BPI) Where: SAId: 8192 – 16383 (Example) To create a MulticastAuthTable entry with these values on slot 5 channel 0: CM MAC: 00:10:95:17:92:4b Key authorization: 8192 … Use this command: configure interface cable 5/0 cable privacy multicast auth 8192 00:10:95:17:92:4b 4 Verify the changes just made using the following show command: show interface cable <slot/ds> cable privacy multicast auth Multicast Dynamic Operation BPI+ Only For dynamic multicast. the group is unrestricted and the creation of the multicast group provisioning is performed by the CMTS. provision an unencrypted flow as follows: 17-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . This means that if a map request is made by a CM for the group. CAUTION If a multicast group contains a mix of encrypted and non encrypted users. Furthermore. ALL non-encrypted users stop receiving unencrypted downstream data when the first BPI enabled modem maps to the respective multicast group. the operator must provision a static unencrypted flow for the group. the group is considered unrestricted. If this provisioning is not performed. the downstream multicast data will be in the clear mode until the first encrypted modem makes a map request. NOTE If a multicast group does not have a static provisioned entry. group IP addresses may be provisioned and each modem using the multicast group may be authorized through the use of the CLI or MIB. Multicast operation relative to the unrestricted group is a dynamic operation.

255.255. All data relative to this multicast group is unencrypted.2.1.1.255 none Release 4.255.255. or the C4’s CLI may be used.2.2. The CLI command to provision a static multicast table entry is: configure interface cable <slot/ds> cable privacy multicast map <SAId><IP Addr><Prefix><Alg Type> Where: SAId: 8192 – 16383 IP Addr: Valid IP multicast range Prefix: IP mask Alg Type: none (none = unencrypted) or des56 (Example) To create a MulticastMapTable entry with the following values on slot 5 channel 0… SAId: IP Addr: Prefix Len (IP mask): Encryption Alg: …Use this command: configure interface cable 5/0 cable privacy multicast map 8192 230. This may be done through an appropriate MIB browser using its specific method for provisioning table entries.3 255.C4 CMTS 1 Provision the DocsBpi2CmtsIpMulticastMapTable.255 none At this point an unencrypted MulticastMapTable entry has been created. Standard ARRIS PROPRIETARY — All Rights Reserved 17-13 .3 255. 8192 230.

the respective Baseline Privacy certificate MIB table entries must be added. the DOCSIS® (or EuroDOCSIS) Root Certificate must already be provisioned in the in the DocsBpi2CmtsCACertTable. then it must be manually added. This certificate may be added through a MIB browser. configuration of certificates is not required. If a CA certificate is not present or there is a new DOCSIS Root Certificate to add. In cases requiring removal of certificates. Both the CM and Ca certificate database can be provisioned through the BPI CLI and through import and export commands. or through BPI import and export commands. The BPI CLI commands allow certificates to be added individually from the C4 command line. deleted. The import and export commands allows one to many certificates to be added. For BPI+ to authenticate cable modems. change of trust status.17 Baseline Privacy Interface (BPI) Digital Certificates (BPI+ Only) In normal operation. addition of new certificates. BPI-related CLI commands. or modified. 17-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The CMTS loads these certificates at powerup. etc..

3 Upload the ASCII file(s) containing exported DocsBpi2CmtsCACertEntrys in ASCII mode. At the C4 prompt. 1 FTP to the C4 CMTS.2. The exported file contains all the certificates in this table in ASCII format. or a DER-encoded binary (usually *. 2 Copy the CA certificates to the certs directory on the CMTS flash disk by issuing the following CLI command: copy cacert-config <path/filename> <path/filename>: is the path and file name of the backup certificate(s) file to be stored.txt cacert-config Exporting Certificate Authority (CA) Certificates Use this procedure to export provisioned CA certificates entries from the DocsBpi2CmtsCACertEntry MIB table.der) certificate file. 4 When all desired DOCSIS® Root CA Certificate(s) are on the flash disk. use the following command: copy certs/cacerts. CA certificate entries are stored in ASCII just as they appear in the MIB. The CA certificate is read out of <path/filename> and provisioned into the MIB entry called DocsBpi2CmtsCACertEntry. The imported file may be an ASCII file (containing previously exported provisioned CA certificate(s). 2 Enter the /system/certs directory on the CMTS flash disk. copy the certificates to the CMTS internal database by issuing the following CLI command: copy <path/filename> cacert-config <path/filename>: is the path and file name of the ASCII certificate file. telnet to the C4 CMTS.C4 CMTS Provisioning BPI X. Release 4. 1 FTP to the C4 CMTS.509 Certificates Using Import/Export Commands Importing Certificate Authority (CA) Certificates Use this procedure to import provisioned CA certificates entries for the DocsBpi2CmtsCACertEntry MIB table. (Example) To read the certificate(s) in the file certs/cacerts. or DER encoded certificate file(s) in binary mode. Standard ARRIS PROPRIETARY — All Rights Reserved 17-15 .txt on the CMTS flash disk and save it or them in the DocsBpi2CmtsCACertEntry MIB table. or the DER-encoded binary certificate file.

or a DER-encoded binary certificate file (usually *. or DER encoded certificate file(s) in binary mode. The exported file contains all the certificates in this table in ASCII format. (Example) To read the certificate(s) in the file certs/cmcerts.txt Importing Provisioned Cable Modem (CM) Certificates Use this procedure to import provisioned CM certificates entries for the DocsBpi2CmtsProvisionedCmCertEntry MIB table. The imported file may be an ASCII file containing previously exported provisioned CM certificate(s). copy the certificates to the CMTS internal database by issuing the following CLI command: copy <path/filename> provcmcert-config <path/filename>: is the path and file name of the ASCII certificate file.17 Baseline Privacy Interface (BPI) (Example) To copy the CA Certificate(s) in the DocsBpi2CmtsCACertEntry MIB table to an ASCII file named cacerts. 1 FTP to the C4 CMTS. 2 Copy the CM certificates to the certs directory on the CMTS flash disk by issuing the following CLI command: copy provcmcert-config <path/filename> <path/filename>: is the path and file name of the ASCII certificate file to be stored. 3 Upload the ASCII file(s) containing exported DocsBpi2CmtsProvisionedCmCertEntrys in ASCII mode. 17-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The CM certificate is read out of <path/filename> and provisioned into the MIB entry called DocsBpi2CmtsProvisionedCmCertEntry.der). use the following command: copy certs/cmcerts. 4 When all desired CM Certificate(s) are on the flash disk. 1 FTP to the C4 CMTS.txt provcmcert-config Exporting Provisioned Cable Modem (CM) Certificates Use this procedure to export provisioned CM certificates entries from the DocsBpi2CmtsProvisionedCmCertEntry MIB table.txt in the certs directory on the CMTS flash disk. use the following command: copy cacert-config certs/cacerts. 2 Enter the certs directory on the CMTS flash disk.txt on the CMTS flash disk and save it or them in the DocsBpi2CmtsProvisionedCmCertEntry MIB table. or the DER-encoded binary certificate file.

BPI or CLI command.509 Certificates Using CLI Commands A MIB browser may be used to directly install or display certificates in the Certificate Authority (CA) MIB table. (Example) To copy the CM Certificate(s) in the DocsBpi2CmtsProvisionedCmCertEntry MIB table to an ASCII file named cmcerts. If an authorization request is received and a CM Certificate identical to the CM certificate received from the CM has been provisioned for that MAC address. Standard ARRIS PROPRIETARY — All Rights Reserved 17-17 . CA Certificates To install certificates in the CA certificate MIB table: configure cable privacy add-certificate manufacturer <LINE Hex-data> (Example) To add a manufacturer certificate to the CA certificate MIB table: configure cable privacy add-certificate manufacturer 308203da 308202c2 a0030201 02021045 529c2654 797e1623 c6e72318 0a9e9c30 0d06092a 864886f7 0d010105 05003081 97310b30 09060355 04061302 55533139 • • • 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 7218c479 34be7cc1 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 dc378ffc 1234 Release 4. Provisioning BPI X. use the CLI commands below to gain access through the CMTS console.txt NOTE All CM certificates are provisioned with a default trust value of untrusted. use the following command: copy provcmcert-config certs/cmcerts. An operator may choose to change this value via a MIB browser. When a MIB browser is not available.txt in the certs directory on the CMTS flash disk.C4 CMTS The CM certificate entries are stored in ASCII just as they appear in the MIB.2. the CMTS disregards the CM certificate provided in the auth request and use the trust value associated with the provisioned CM certificate for validation.

the MAC address. the CM certificates are stored in a different mib table.17 Baseline Privacy Interface (BPI) To remove certificates in the CA certificate MIB table: configure cable privacy no add-certificate manufacturer <LINE Hex-data> (Example) To remove a manufacturer certificate from the CA certificate MIB table: configure cable privacy no add-certificate manufacturer 308203da 308202c2 a0030201 02021045 529c2654 797e1623 c6e72318 0a9e9c30 0d06092a 864886f7 0d010105 05003081 97310b30 09060355 04061302 55533139 • • • 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 7218c479 34be7cc1 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 dc378ffc 1234 To Review or Confirm CA Certificates To display certificates in the CA certificate MIB table: show cable privacy {manufacturer-cert-list | root-cert-list | ca-certificates} (Example) To display the list of root CA certificates: show cable privacy root-cert-list (Example) To display the list of manufacturer CA certificates: show cable privacy manufacturer-cert-list (Example) To display all CA certificates: show cable privacy ca-certificates CM Certificates: Provisioning CM certificates is similar to CA certificate provisioning except. The examples above for CA certificates can be used with the addition of the MAC address parameter. DocsBpi2CmtsProvisionedCmCertTable. 17-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and there is an additional parameter.

C4 CMTS To provision CM certificates: configure cable privacy add-certificate cm <mac> <LINE Hex-data> (Example) To add a CM certificate: configure cable privacy add-certificate cm 308203da 308202c2 a0030201 02021045 529c2654 797e1623 c6e72318 0a9e9c30 0d06092a 864886f7 0d010105 05003081 97310b30 09060355 04061302 55533139 • • • 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 7218c479 34be7cc1 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 dc378ffc 1234 To remove CM certificates: configure cable privacy no add-certificate cm <mac> <LINE Hex-data> (Example) To remove a cm certificate: configure cable privacy no Hex-data> <mac> 308203da 308202c2 a0030201 c6e72318 0a9e9c30 0d06092a 97310b30 09060355 04061302 • • • 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 7218c479 34be7cc1 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 dc378ffc 1234 add-certificate cm <LINE 02021045 529c2654 797e1623 864886f7 0d010105 05003081 55533139 (Example) To display the list of provisioned CM certificates: show cable privacy cm-certificates Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 17-19 .2.

Do not enable CLI debug logging without specific instructions from ARRIS Tech Support. 17-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .17 Baseline Privacy Interface (BPI) Baseline Privacy Debugging CAUTION All Privileged Mode CLI debug commands are reserved to ARRIS Tech Support personnel. Modems will not perform BP operations unless they are registered first. If the modem is not registered. making sure the BP section conforms to the setup procedures in the BP setup section. This is determined through the CLI command show cable modem. Any registration issues must be corrected before further BP debugging. start by checking the BP config files. Also. This section describes the debugging sequence for Baseline Privacy on the C4 CMTS. check the log output on the C4 CMTS for BP warning messages for the specific CM indicating BP configuration problems. is via the following CLI commands: show cable modem show cable modem detail Registration Debugging The first step in Initial Baseline Privacy debugging is to determine if the modem has completed registration. The output from this command is used to show the registration state of the CM. with respect to Baseline Privacy operation. The first method of troubleshooting modems. 1 Registration debugging 2 Initialization state debugging 3 Baseline Privacy MIB debugging 4 Privileged Mode CLI debugging (requires ARRIS Tech Support).

ca30.C4 CMTS Below is an example of the show cable modem output. modem registration should have been successful.1 1660 10.1 1673 10. Standard ARRIS PROPRIETARY — All Rights Reserved 17-21 .178.196. The next check is for determining the state of BPI initialization.1 State=Registered D1.30. The modem must be in the “Ready” state for the remaining data in the privacy information line to be valid or meaningful. C4# show cable modem Jul 22 12:06:38 Inter Face US ---.-2/0 U0 2/0 U1 Prim DOC Timing Rec State SID SIS Offset Power ---------. Each section of the privacy line indicates a state the CM has completed. Privacy mode is not known.7 Registered 1 1.9 10.43 reconstructed cfg=basic_11_uchan1_441.126. Initialized — The modem is registering BPI configuration data.--0/20000 1 0/20000 1 IP Address --------------10.ca30.9 further BPI details can be obtained by issuing the show cable modem detail cm-ip command. if after successful registration. Ready — The modem’s BPI feature is running.--.126.0.0. or not completed.bin Privacy=Disabled u/d SFID SID State Sched Tmin Tmax DFrms DBytes MFrms MBytes CRC HCS u 61 25 Activ BE 0 0 70 5010 0 0 0 0 d 62 *25 Activ 0 0 70 4770 Current CPE=0 Max CPE=16 The privacy line shown in the modem detail indicates the state of BPI initialization.5404 (Arris) D1.-----.2.1/tdma PrimSID=25 Timing Offset=0 Rec Power=-1.f694 (Arris) Total Offline Ranging RgAbort Ranged IPcompl Online Denied -----------------------------------------------------------------------Total 2 0 0 0 0 0 2 0 Initialization State debugging At this point.09cc (Arris) 0000.0.ca30. Release 4.0 CM 0000.120.8 Qos CPE ---------.00 dBmV Proto-Throttle=Normal Uptime= 0 days 22:54:15 IP=10. C4# show cable modem detail cm-ip 10. there is still a BPI issue with modem IP 10. For example.----Registered 2 1.253 9/0/0.126.---. failed. There are three states Baseline Privacy may be in: • • • Disabled — The config file has instructed the CMTS to disable privacy for this modem.81 MAC address -------------0000.

then proceed to the BPI MIB debugging section. Steady state CM information may be collected using a MIB browser or respective BPI CLI commands to check the appropriate MIB entries for any failures that may have occurred.17 Baseline Privacy Interface (BPI) There are three values assigned to BPI Version: • • • BPI — The CM/CMTS negotiated version of Baseline Privacy is BPI mode BPI Plus — The CM/CMTS negotiated version of Baseline Privacy is BPI Plus mode. then the traffic key for the primary SAId (BPI+) or the initial flow (BPI) have been granted traffic keys. the modem should be BPI-enabled and capable of passing data. For issues related to traffic keys (TEKs). or the Primary SAId has an invalid value (Primary SAId: XXXX Seq: XX). check the DocsBpi2CmtsTekEntry and look at the reject error string for the respective modem’s SAId (Key Id). If all fields in the privacy line have been filled in with valid values. check the DocsBpi2CmtsAuthEntry and look at the reject error string for the respective modem. Unauthorized — The CM has been denied access to resources on this cable access module. XXXX — Baseline Privacy mode could not be determined but privacy is enabled. Primary or initial traffic key — If the SAId and Sequence have values. To display an authorization entry for a specific CM: show interface cable <slot/ds> cable privacy authorization <MAC> (Example): To display the authorization status and errors related to modem 1:2:3:4:5:6 on slot 5 channel 0: show interface cable 5/0 cable privacy authorization 1:2:3:4:5:6 17-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Baseline Privacy MIB Debugging At this point the modem should be registered and have completed some portion of Baseline Privacy initialization. For issues related to denied authorization. If the modem is unauthorized. Modem authorization has two states: • • Authorized — The CM has been authorized to use resources on this cable access module.

2. then Detailed Privileged mode debugging is needed and will require ARRIS Tech Support. These debugging commands may cause other system or performance problems.C4 CMTS To display a TEK entry for a specific SAId: show interface cable <slot/ds> cable privacy tek <SAId> (Example): To display the keying status and errors related to SAID 1 on slot 5 channel 0: show interface cable 5/0 cable privacy tek 1 Privileged Mode CLI Debugging If the problem is still not resolved. Release 4. NOTE Privileged Mode CLI debugging requires Tech Support. Standard ARRIS PROPRIETARY — All Rights Reserved 17-23 .

TEK grace time MUST be LESS THAN one half the BPI base table TEK lifetime. Authorization grace time MUST be LESS THAN one half the BPI base table Authorization lifetime. One or more values have not been defined in the CM’s config file. fix and reboot the modem. Action: Correct CM’s config file by verifying ALL BPI parameters are within operating ranges. ANM_DOCSIS_B301_3 Auth Reject – Unauthorized CM Problem: CM Authorization The respective modem’s authorization request has been rejected. Re-register the modem. one or more BPI configuration values has been determined to be out of range.17 Baseline Privacy Interface (BPI) Explanation of BPI Trap Codes Table 17-2 lists the Baseline Privacy traps furnished by the C4 CMTS and the recommended user action for each one. Action: Correct CM’s config file by defining ALL BPI parameters. The trap will only display the FIRST value detected out of range. ANM_DOCSIS_B301_2 Auth Reject – No information Problem: Action: The internal CMTS reason for the reject will be displayed in the modem’s respective auth reject error string MIB table entry. The modem is indicating its authorization for a flow it has not been authorized for. not BPI+ mode. The BPI specification requires ALL BPI parameters to be defined in the BPI configuration file sent to the CM during registration. If the reason can be corrected. 17-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Table 17-2: BPI Trap Codes. The modem cannot be validated and is therefore unauthorized. ANM_DOCSIS_B301_4 Auth Reject – Unauthorized SAId Problem: Action: CM Authorization The respective modem’s authorization request has been rejected. Action: The internal CMTS reason for the reject will be displayed in the modem’s respective auth reject error string MIB table entry. Re-register the modem. There is no corrective action that can be taken. and Corrective Actions Trap Code ANM_DOCSIS_B101_0 Problem: Name Missing Baseline Privacy Configuration Setting TLV Process CM Registration May occur only when registering modems in BPI mode. ANM_DOCSIS_B102_0 Invalid Baseline Privacy Configuration Setting value. fix and reboot the modem. Problem: CM Registration During registration. Descriptions. If the reason can be corrected. CM Authorization The respective modem’s authorization request has been rejected. Note: Two of the configuration value valid ranges depend on global BPI card settings.

Action: The internal CMTS reason for the reject will be displayed in the modem’s respective auth invalid error string MIB table entry. Action: The internal CMTS reason for the reject will be displayed in the modem’s respective auth reject error string MIB table entry. ANM_DOCSIS_B302_3 Auth Invalid — Unauthorized CM Problem: CM Authorization The respective modem’s authorization is not currently valid. fix and reboot the modem.2. and Corrective Actions (Continued) Trap Code ANM_DOCSIS_B301_8 Problem: Name Auth Reject — Permanent authorization failure Process CM Authorization The respective modem’s authorization request has been permanently rejected. Reboot the modem. Action: To clear the setting.C4 CMTS Table 17-2: BPI Trap Codes. The system itself will recover the error. ANM_DOCSIS_B302_6 Auth Invalid — Invalid key sequence number Problem: CM Authorization The authorization key sequence number included in the TEK request did not match the list of valid current authorization keys for the respective modem. and the CMTS is configured to see the server on the network. ANM_DOCSIS_B302_5 Auth Invalid — Unsolicited Problem: CM Authorization The respective modem’s invalid authorization has been detected but not through the modem’s request/reply mechanism. Action: There is no corrective action that can be taken. fix and reboot the modem. reboot the modem or force a modem reauthorization through the authorization MIB. Action: Make sure the a TOD server is connected. the certificate validity period cannot be tested and this failure will result. fix and reboot the modem. forced invalid though an authorization mib setting. ANM_DOCSIS_B301_9 Auth Reject — Time of day not acquired Problem: CM Authorization The time of day is needed to check the validity period of the digital certificates. If the reason can be corrected. The modem is not to continue or retry authorization. Standard ARRIS PROPRIETARY — All Rights Reserved 17-25 . ANM_DOCSIS_B302_2 Auth Invalid — No information Problem: CM Authorization The respective modem’s authorization is not currently valid. If there is no TOD server or the CMTS has cannot collect the time of day. If the reason can be corrected. For example. Action: The internal CMTS reason for the reject will be displayed in the modem’s respective auth invalid error string MIB table entry. Descriptions. If the reason can be corrected. Release 4.

Descriptions. ANM_DOCSIS_B501_3 Key Reject — Unauthorized SAId Problem: TEK exchange This trap indicates that the respective modem’s authorization request has been rejected. Problem: Action: TEK exchange The modem’s traffic key is now invalid. error. The respective modem’s key request has been rejected for an unspecified Action: The internal CMTS reason for the reject will be displayed in the modem’s respective TEK reject error string MIB table entry. this will not be an issue. As long as the CM and CMTS support at least one common algorithm. The modem has requested keying information for a flow it has not been authorized for. 17-26 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . fix and reboot the modem. The system will recover the error itself. ANM_DOCSIS_B502_6 There is no corrective action that can be taken. Process CM Authorization The message authentication field (HMAC) in the TEK request was not Action: There is no corrective action that can be taken. The system will recover the error. fix and reboot the modem. If the reason can be corrected. Action: The internal CMTS reason for the reject will be displayed in the modem’s respective TEK reject error string MIB table entry. and Corrective Actions (Continued) Trap Code ANM_DOCSIS_B302_7 Problem: Name Auth Invalid — Message authentication Failure valid. If the Devices in the system are certified.17 Baseline Privacy Interface (BPI) Table 17-2: BPI Trap Codes. the system will operate properly. ANM_DOCSIS_B303_0 Unsupported crypto suite Problem: CM Authorization There are encryption algorithms that the CM can support that the CMTS does not. Action: There is no corrective action that can be taken. ANM_DOCSIS_B502_3 TEK Invalid — No information. The system will recover the TEK exchange TEK Invalid — Invalid key sequence number Problem: Action: This trap indicates that a packet was received from the respective modem which has an key sequence value out of the range of valid traffic keys. There is no corrective action that can be taken. If the reason can be corrected. ANM_DOCSIS_B501_2 Key Reject — No information Problem: Traffic encryption key (TEK) exchange reason.

Action: This is either a modem problem. Encryption multicast setup (SA_Mapping) ANM_DOCSIS_B606_0 Mapped to existing SAId Problem: This is not an error.2. This only indicates the current CM’s multicast mapping request was mapped to an existing map entry. the CM may need to be reset. There is no corrective action to be taken. There is no corrective action that can be taken. There is no corrective action that can be taken. Encryption multicast setup (SA_Mapping) Action: ANM_DOCSIS_B607_0 Mapped to new SAId Problem: This is not an error. or the MSO must authorize the modem through the BPI multicast authorization table. and Corrective Actions (Continued) Trap Code ANM_DOCSIS_B602_0 Name Unsupported crypto suite. this is normal operation.C4 CMTS Table 17-2: BPI Trap Codes. Descriptions. This is a normal output for all first map requests made to a new encrypted multicast group. This is a normal output for all map requests except the first. Encryption multicast setup (SA_Mapping) Action: ANM_DOCSIS_B605_9 Map Reject — Not authorized for requested downstream traffic flow. Problem: Process Encryption multicast setup (SA_Mapping) The mapping request sent by the current CM cannot be filled. The first will indicate a new mapping. see ANM_DOCSIS_B606_0 above. this is normal operation. There is no corrective action to be taken. There are no encryption algorithms supported by the CM which will allow the multicast transmission to be decrypted. and will not occur on certified modems. which cannot be corrected. This only indicates the current CM’s multicast mapping request was mapped to a newly created map entry. Standard ARRIS PROPRIETARY — All Rights Reserved 17-27 . Action: Release 4. This problem will likely be initially detected at registration. Problem: A modem is requesting an encryption mapping to a multicast flow which it is not authorized for. ANM_DOCSIS_B605_10 Map Reject — Downstream traffic flow not mapped to SAId Problem: Action: Encryption multicast setup (SA_Mapping) A modem is requesting an encryption mapping to a multicast flow which is not encrypted. If an authorization entry is added.

Deletes manufacturer certificate.Configure manufacturer CA certificate no manufacturer . .Adds a manufacturer or root CA certificate or Cable Modem certificate cm . hit <cr> to begin certificate entry. privacy . WORD . <cr> root no root .Configure root CA certificate .Configure Baseline Privacy System Parameters add-certificate . <cr><cr> terminates certificate entry. <cr><cr> to terminate certificate entry . <cr><cr> to terminate certificate entry LINE .Hex-data for the CA certificate Use multiple lines as needed.Deletes root certificate.17 Baseline Privacy Interface (BPI) CLI Commands for Baseline Privacy Configure Cable Command configure cable . <cr><cr> terminates certificate entry.Configure Cable Modem certificate no cm . LINE <cr> ca-cert-trust <1-100> trusted untrusted chained Configure CA certificate's trust state CA certificate index CA certificates trust state is trusted CA certificates trust state is untrusted CA certificates trust state is chained 17-28 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . manufacturer .MAC address LINE . <cr><cr> terminates certificate entry.Hex-data for the CA certificate Use multiple lines as needed.Deletes cm certificate. hit <cr> to begin certificate entry.Hex-data for the CA certificate Use multiple lines as needed.

Displays Cable Modem certificate list .Output modifiers .Displays manufacturer CA certificate list .CA certificates trust state is root - Configure cable modem certificate trust state MAC address Cable modem certificate trust state is trusted Cable modem certificate trust state is untrusted Show Cable Command show cable . .Certificate authority certificate index . .C4 CMTS root <cr> cm-cert-trust WORD trusted untrusted <cr> . Standard ARRIS PROPRIETARY — All Rights Reserved 17-29 . .MAC address of the cable modem .2.Output modifiers Release 4.Display Baseline Privacy system parameters .Output modifiers . privacy manufacturer-cert-list | <cr> root-cert-list | <cr> ca-certificates <1-100> | <cr> | <cr> cm-certificates WORD | .Displays root CA certificate list .Output modifiers .Output modifiers .Displays manufacturer/root CA certificate list .

Sets Self-signed CA certificate default trust state to default (untrusted) trusted .Configure Self-signed CA certificate default trust state no default-cert-trust .Self-signed CA certificates trust state is trusted untrusted .Key Encription Key setting for specific cable modem 17-30 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .Key Encryption Key default setting for new cable modems no kek .Lifetime in seconds.Lifetime default for new cable modem <1-6048000> .Configure Baseline Privacy channel parameters chk-validity-period certificates no chk-validity-period true false <cr> default-cert-trust . Recommended range <86400-6048000> <cr> kek-cm . . privacy .Do not perform validity period checking for new certificates kek .Sets the validity period checking for new certificates to default (true) .Self-signed CA certificates trust state is untrusted <cr> .Output modifiers Configure Interface Cable Command configure interface cable 5/0 cable .Sets lifetime in seconds to default (604800) life-time . .17 Baseline Privacy Interface (BPI) <cr> | <cr> . .Perform validity period checking for new certificates .Perform validity period checking for new .

C4 CMTS no kek-cm WORD life-time <1-6048000> 6048000> <cr> - Sets lifetime in seconds to default (604800) MAC address of the cable modem Lifetime for a specific cable modem Lifetime in seconds.D . Standard ARRIS PROPRIETARY — All Rights Reserved 17-31 .C.multicast group's IP address A.Sets lifetime in seconds to default (43000) .Traffic Encription no tek-said . <1-604800> .Lifetime in seconds.Lifetime in seconds.MAC address <cr> map .Remove Cable Modem's multicast group/key mapping <8192-16383> .MAC address of the cable modem send-auth-invalid .Sends an auth-invalid to the modem as well <cr> multicast .Cable Modem's multicast group/key authorization no authorization – Removes Cable Modem's multicast group/key authorization <8192-16383> .B.Sets lifetime in <1-16383> .multicast group's IP mask none .Lifetime default for new cable modem .D .2.Lifetime in seconds.SAId (Key Id) WORD .Invalidates the authorization for a specific cable modem WORD .non-encrypted des56 .des56-encrypted <cr> tek no tek life-time <1-604800> <cr> .Cable Modem's multicast group/key mapping no map .SAId (Key Id) A. Key setting for a specific SAId seconds to default (43000) Recommended range <1800-604800> Recommended range <1800-604800> Release 4. Recommended range <1800-604800> tek-said .C.Traffic Encription Key default setting for new cable modems .B. Recommended range <86400- kek-cm-reset .SAId (Key Id) life-time .Baseline Privacy multicast parameters authorization .

.Resets the TEK(s) associated with the specified SAId .Output modifiers .MAC address of the cable modem | .Multicast parameters for Cable Modem's multicast group/key mapping <1-10000> .Output modifiers <cr> .MAC address of the cable modem .17 Baseline Privacy Interface (BPI) <cr> tek-said-reset <1-16383> <cr> .Display Baseline Privacy multicast map data . privacy .Multicast parameters for Cable Modem's multicast group/key authorization WORD .Output modifiers | <cr> map .Display Baseline Privacy multicast configuration data .IpMulticastIndex | .Baseline Privacy channel parameters authorization WORD | <cr> base | <cr> multicast authorization detail . Show Interface Cable Command show interface cable 5/0 cable . .Output modifiers detail .Output modifiers 17-32 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .SAId (Key Id) .Authorization information for a cable modem .Default channel parameters .Display Baseline Privacy multicast authorization data .

C4 CMTS <cr> | <cr> | <cr> tek (change to) SAId <1-16383> | <cr> . Release 4. .Output modifiers .SAId (KeyId) . Standard ARRIS PROPRIETARY — All Rights Reserved 17-33 .2.Traffic Encription Key information for new cable modems .Output modifiers .Output modifiers .

17 Baseline Privacy Interface (BPI) 17-34 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

DOCSIS Set-top Gateway (DSG) Configuration Topics Overview and Definitions Configuration Procedures Advanced DSG Configuration DSG Configuration Scenarios Page 2 4 9 18 Many MSOs are working to transport Digital Video Out-of-Band (OOB) data (including Conditional Access. This effort has spawned what is referred to as the DOCSIS Set-top Gateway (DSG) project within CableLabs.C4 CMTS 18. OOB data is transported from the DSG servers inside the Set-top Controllers of the MSOs.) via DOCSIS. Emergency Alert System. Release 4.2. etc. In the DSG Architecture. Electronic Program Guide. through the DSG Agents residing on the CMTSs. Service Information. and to the DSG Clients inside the STBs (SetTop Boxes). Standard ARRIS PROPRIETARY — All Rights Reserved 18-1 .

it is a non-encapsulated. MSOs are requiring the addition of multicast routing protocols to CMTSs. The primary difference between the two modes is the use of the DSG Downstream Channel Descriptor (DCD) message. In advanced mode. rather. The DSG protocol does not require two-way communication and thus does not require the DSG Set-top embedded cable modem (eCM) to perform DOCSIS registration if the client application does not need two-way service. rate limiting/shaping the DSG tunnel. A modified initialization/registration state machine has been defined for the DSG eCM to take one-way operation into account. the DSG Agent broadcasts a DSG address table with entries for each tunnel on the downstream. Due to the multicast nature of the DSG tunnel traffic. The DSG Agent is responsible for forwarding IP datagrams that make up a DSG tunnel. Set-top Controller DSG Server CMTS IP Backbone DSG Agent DSG Channel Figure 18-1: Logical devices in a DSG system There are two modes of DSG – Basic and Advanced. The DSG Set-top Gateway uses a multi-format Client ID (one of the possible formats is a well known MAC address for compatibility with BASIC DSG Set-top Gateways) to search the table for information about the tunnels that it needs to listen to. The DSG Set-top Gateways are hard-coded to listen for packets with the well known destination MAC address. which is used only in advanced mode. This is not a tunnel in the normal sense of the word. Basic mode requires that the DSG Agent create and forward data over DSG tunnels with well known DSG tunnel MAC addresses. Definitions Conditional Access Entity — The decision making entity within a DOCSIS Set-top Gateway that parses the DCD message and determines what tunnels must be connected to the DSG Client 18-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .18 DOCSIS Set-top Gateway (DSG) Configuration Overview and Definitions This OOB data traverses the DSG Agent on the CMTS by means of a DSG tunnel. and sending DSG tunnel advertisements (as DCD messages) at a rate of least one per second. rate-limited data flow that is MAC multicasted on one or more DOCSIS downstream channels.

places content from the DSG Server into the DSG tunnel. or a broadcast ID. It can be used for digital radio broadcasts. digital data broadcasts. DSG Client — The sinks or destinations for the tunnel data within a DOCSIS Set-top Gateway DSG Client ID — An identifier that uniquely identifies a DSG Client. but is not unique per Set-top Device as the same DSG Client which provides the same function may exist in multiple Set-top Devices. DSG Basic Mode — DSG operation without use of the DCD message. DSG Agent — The implementation of the DSG protocol within the CMTS.) contained within a DOCSIS Set-top Gateway DSG Server — Any server such as an Application Server or other network attached device that provides content that is transported through the DSG tunnel to the DSG Client Release 4. CA is not designed solely for DTV. Address assignment is dynamic. The DSG Client ID is unique per DSG Client.2.C4 CMTS Conditional Access — A technology used to control access to digital television (DTV) services to authorized users by encrypting the transmitted programming. and non-broadcast information and interactive services. and sends the content over the DSG tunnel to the DSG Client. the DSG Client ID is a 6 byte MAC address. There are numerous ATSC and DVB-compliant CA systems available for a broadcaster to choose from. the DSG Client ID may additionally be a 2 byte Application ID. etc. The DSG Client uses its DSG Client ID as an index into the DSG Address Table to determine what DSG tunnel Address to receive. DSG eCM — The embedded cable modem (with modified initialization sequence. Standard ARRIS PROPRIETARY — All Rights Reserved 18-3 . The DSG tunnel Address is determined by the DSG Agent and learned by the DSG Client through the DSG Address Table in the DCD message. The CA system provider provides the equipment and software to the broadcaster who then integrates the CA system into his equipment. DSG Advanced Mode — DSG operation that uses the DCD message. DSG Address Table — The collection of DSG Rules and DSG Classifiers contained within the DCD message. CA has been used or years for pay-TV services. In DSG Basic Mode. DCD — DOCSIS Set-top Gateway Downstream Channel Descriptor. Set-top Gateways listen for packets with well-known MAC addresses. The DSG Agent creates the DSG tunnel. a 2 byte CA_system_ID. In DSG Advanced Mode.

All of the packets of a given DSG tunnel use the same DSG tunnel address. Configuration Procedures DSG Configuration To configure the C4 CMTS for DSG. Organization Unique Identifier — The first three octets of a MAC address – they are assigned by vendor by the IEEE. OOB infers the use of a dedicated channel for signaling which is separate from the video channels. Well-Known MAC Address — This refers to the MAC address of the DSG Client within the Set-top Device.Configure ability to dynamically apply upstream filters Perform DSG Configuration - Configure access lists. the following steps must be taken: • • Configure the C4 CMTS and verify that the DOCSIS cable modems register Perform initial DSG Configuration • Configure multicast on interfaces carrying multicast DSG tunnel traffic . A DSG tunnel is identified solely by its DSG tunnel Address. This includes the following types of messages: • Conditional Access (CA) messages including entitlements • Service Information (SI) messages • Electronic Program Guide (EPG) messages • Emergency Alert System (EAS) messages • Other generic messages STB — Set-Top Box. filters and rate limits for DSG tunnels Configure forwarding for DSG tunnel traffic Configure DCD and QOS for advanced DSG 18-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Different DSG tunnels use different DSG tunnel addresses. This MAC address has been assigned by the manufacturer of the CableCARD and/or Conditional Access system within the Set-top Device. and has been made known to the MSO for use in configuring the DSG Agent. DSG Tunnel Address — The destination MAC address of the DSG tunnel. Out-of-Band Messaging — The control and information messages sent from the Set-top Controller (or Application Server or similar device for legacy Out-Of-Band (OOB) messaging) to one or more Set-top Devices.18 DOCSIS Set-top Gateway (DSG) Configuration DSG Tunnel — A stream of packets sent from the DSG Agent in a CMTS to the DSG Client in a Set-top Device. Specifically.

FastE.2. They are configured for each interface. Configuring Multicast IGMP must be enabled on each DS cable interface and NSI that needs to carry DSG tunnel traffic where the destination IP of the tunnel traffic is a multicast IP address. 1 Use the following commands to enable IGMP on a CAM. If the DCDs are not configured exactly the same on each downstream within that cable bundle. or GigE interface: configure interface cable <slot>/<mac>[<. If an IGMP static join was done at a layer 3 interface for a cable bundle. Standard ARRIS PROPRIETARY — All Rights Reserved 18-5 . then the IGMP static join must be done on a layer 2 basis. NOTE DCDs are MAC layer messages. Initial Configuration The steps to prepare the C4 CMTS for DSG operation are: • • Configure IGMP on interfaces carrying DSG tunnel traffic Configure ability to apply upstream filters dynamically You need to enable the application of upstream filters dynamically only once. the DCD must be configured only for the interface to which the DSG traffic is forwarded.subinf#>] ip igmp If you enter the command configure interface? you will see all the types of interface that you can enable: Release 4. the DSG DCD is configured on an interface basis which means it must be explicitly configured on each downstream interface in that cable bundle. the data is forwarded to all downstreams in the cable bundle by a layer 3 IGMP static join.subinf#>] ip igmp configure interface fastethernet <slot>/<port>[<.subinf#>] ip igmp configure interface gigabitethernet <slot>/<port>[<.C4 CMTS Feature Interaction When DSG Tunnel data is forwarded to a cable bundle. then the DCD must be configured on each interface within that bundle. The initial DSG configuration steps are done when the system is configured for DSG for the first time and also when DSG tunnels are added to new or moved to different interfaces that did not previously carry DSG tunnel traffic. When DSG tunnel data is forwarded to a specific downstream within a cable bundle by a layer 2 IGMP static join. However. not for the cable bundle.

configure subscriber default-sub-grp-up <ipFilterGroup> configure subscriber default-cm-grp-up <ipFilterGroup> configure subscriber default-cpe-control on NOTE The IP filter group should be unique for DSG provisioning. However. The following commands provide the ability to dynamically configure these filters without having to reset the cable modems at the time the filter is configured.18 DOCSIS Set-top Gateway (DSG) Configuration cable ethernet fabric fastEthernet gigabitEthernet loopback null - Configure the Cable interface Configure the Ethernet interface Configure the Fabric interface Configure the Fast Ethernet interface Configure the gigabit Ethernet interface Configure the Loopback interface . the existing cable modems will need to be reset after the following commands which is a one-time occurrence.Configure the null interface 2 For each DS cable interface that needs to carry multicast DSG tunnel traffic the proxy NSI must be assigned to be the interface receiving the multicast traffic configure interface cable <slot>/<port> ip igmp proxyinterface <namSlot>/<namPort> 3 A backup proxy interface may also be configured configure interface cable <slot>/<port> ip igmp backupproxy-interface <nameSlot>/<namPort> 4 IGMP can optionally be configured for static multicast mode only to improve security if no dynamic multicast (IGMP joins and leaves) is used on the interface configure interface cable <slot>/<port> ip igmp multicast-static-only 5 The command to display IGMP configuration for an interface is: show ip igmp interfaces Enabling Upstream Filters To prevent DSG tunnel traffic from entering on an upstream. To reset the cable modems: configure reset cable-modem all 18-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . an upstream IP filter must be configured to block the upstream traffic destined for the DSG tunnel.

The command to apply the ACL to the NSI and designate a rate limit for the DSG tunnel traffic: configure interface <networkInterface> rate-limit input access-group <aclNum> <rate> <normalBurstSize> <excessBurstSize> conform-action transmit exceedaction drop Release 4. Filters and Rate Limits ACLs. filters and rate limits for DSG tunnels 2 Configure forwarding for DSG tunnel traffic 3 Configure DCD and QOS for advanced DSG Configuring Access List. configure access-list <aclNum> permit ip host <srcIp> host <destIp> Repeat the previous command for each DSG tunnel source. Note that “host <srcIp>” may be replaced with “<srcIp> <wildcards>” to allow multiple sources within a subnet configure access-list <aclNum> deny ip any host <destIp> Where destIp is the destination IP address of DSG tunnel Note that the permit ACL entries must be entered before the deny CL entries are entered. The source of the DSG tunnel traffic on an NSI is restricted by configuring a permit ACL entry for each valid DSG tunnel source IP address and destination IP address pair. and rate limits are used to protect the DSG tunnel traffic sourced by unauthorized servers as well as excessive traffic rates. A deny entry is added for each destination IP as the last entry in the list to drop DSG tunnel traffic from all other sources.C4 CMTS DSG Configuration The following sections describe the necessary steps for configuring DSG tunnels.2. filters. The recommended order of configuration is: 1 Configure access lists. ACLs are used on the NSIs and IP filters are used on the CSIs. In the command above srcIp is the IP address of the source of the DSG tunnel traffic. Standard ARRIS PROPRIETARY — All Rights Reserved 18-7 .

Configuring IP Forwarding IP forwarding for DSG tunnels is statically configured.0. configure ip multicast mac-ip <dsgTunnelDestIP> <dsgTunnelDestMAC> 18-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . configure interface cable <slot>/<port> ip igmp staticjoin <dsgTunnelDestIP> If the DSG tunnel’s destination IP address is multicast and the MAC address does not conform to RFC1112.0 dest-addr <dsgTunnelDestIP> dest-mask 255. and CAR The origination of DSG tunnel traffic from all upstream cable interfaces needs to be blocked by adding an IP filter for each DSG tunnel destination IP address.18 DOCSIS Set-top Gateway (DSG) Configuration For NSIs that are restricted from receiving DSG tunnel traffic. There are three different kinds of forwarding when configuring DSG tunnels. configure access-list <aclNum> deny ip any host <destIp> configure interface <networkInterface> rate-limit input access-group <aclNum> <rate> <normalBurstSize> <burstSize> conform-action transmit exceed-action drop Note that rate limiting for the DSG tunnel can be configured using an SCN instead of rate limiting using an ACL. IP Packet Filtering.255 action drop For more information on configuring ip filters. see Subscriber Filters on page 13-5 of chapter 13.0. This command configures static membership for the DSG tunnel.255. That ACL is then assigned to each NSI that is restricted from receiving DSG traffic. IP Packet Filtering. configure ip filter group <fGrp> index <index> scr-addr 0.255.0. Throttling. this command is used in addition to the static join which replaces the RFC1112 destination MAC address with the specified destination MAC address. see Committed Access Rate on page 13-19 of chapter 13. and CAR. Throttling.0. the DSG tunnel traffic is blocked by configuring an ACL list with one entry for each DSG tunnel destination IP address. For more information on configuring access lists.0 scr-mask 0. • • • Destination IP address is Multicast and Destination MAC address conforms to RFC1112 Destination IP address is Multicast and Destination MAC address does not conform to RFC1112 Destination IP address is a Unicast IP address DSG forwarding is configured using IGMP when the destination IP of the DSG tunnel is a multicast address.

Standard ARRIS PROPRIETARY — All Rights Reserved 18-9 . and interface are correct. the encryption must be disabled. configure arp <dsgTunnelDestIP> <dsgTunnelDestMAC> <cableInterface> Note that dsgTunnelDestIp must be in a subnet that resides on cableInterface. A DCD may also be sent on downstreams DSG tunnel where no tunnels are provided for the purpose of redirecting STBs to a downstream DSG tunnel where they are.2. If BPI has encryption enabled for a DSG multicast destination IP before the configuration of the DSG tunnel. destination MAC address. static BPI encryption provisioning for a multicast group will take precedence over DSG provisioning. Advanced DSG Configuration The primary components of advanced DSG configuration are: • • • DS Cable Interface DSG Tunnel DSG Classifier These components are what is used to build the DCD that is sent on the DS cable interface. The show arp command can be used to verify that the destination IP address. QoS provides the ability to rate limit the DSG tunnel traffic as well as give the traffic a priority. Configuring DCD and QoS for Advanced DSG When using advanced DSG. an ARP entry for the destination IP is added statically to the ARP table.C4 CMTS The command to display the IGMP group membership including those statically joined: show ip igmp groups BPI Note — It is required that the DSG tunnel traffic is not encrypted when cable modems using BPI are on a downstream carrying DSG tunnel traffic. The command to view the contents of the DCD for an interface is: show interface cable <slot>/<port> cable downstream dsg dcd Release 4. For forwarding where the DSG tunnel’s destination IP is a unicast IP address. The DCD and QoS configuration is described in the Advanced DSG Configuration section. Also. the C4 CMTS must send a DCD on all downstreams DSG tunnel where DSG tunnels are provisioned.

use the command: show cable dsg [verbose] Figure 18-2 shows the layout of advanced DSG configuration: 1 N DSG Configuration DS Cable Interface DS Channel List N N 1 DSG Timers N N DSG Tunnel Group DSG Rules 1 1 Vendor Specific Parameters N N DSG Tunnel N N N 1 Client ID List 1 N DSG Classifiers DSG Classifier QoS Figure 18-2: Block Diagram of an Advanced DSG Configuration Note that DSG tunnel groups are used for assigning a group of DSG tunnels to one or more DS cable interfaces. This also allows for the ability to assign one or more DSG tunnel groups to a DS cable interface. The DSG tunnel groups should be determined before starting advanced DSG configuration. 18-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .18 DOCSIS Set-top Gateway (DSG) Configuration To view the current state of DSG configuration. However. Note that a DSG tunnel must belong to a group in order to be associated with a DS cable interface. DSG configuration is significantly simplified when there is a maximum of one DSG tunnel per DSG tunnel group.

If no DSG tunnels are provisioned on the DS cable interface.C4 CMTS DS Cable Interface The major components of the DS Cable Interface are: • • • • DS Channel List DSG Timers Vendor-specific Parameters DSG tunnel Group(s) The first three components make up the DSG Configuration portion of the DCD. The command to add entries in the DS channel list is: configure cable dsg ds-frequency-list <dsListId> frequency <freq> Release 4.2. The command to associate the DS cable interface with a downstream channel list is: configure interface cable <slot>/<port> cable downstream dsg ds-frequency-list <dsListId> Note that a DS channel list can be referenced by one or more DS cable interfaces. Downstream Channel List The DSG Configuration is not included in the DCD unless the DS cable interface contains a reference to a downstream channel list that contains at least one entry. use the command: show interface cable [<slot>/<port>] cable downstream dsg The Enable DCD column displays a value of true when a DCD is being sent on the interface. To determine if a DCD is being sent on an interface. the following command must be entered to enable the sending of DCDs with only DSG Configuration on that interface: configure interface cable 5/0 cable downstream dsg dcdenable The no version of the command disables the sending of the DCDs. Standard ARRIS PROPRIETARY — All Rights Reserved 18-11 . If there is at least one DSG tunnel on the specified interface. The no version of the command has no affect on the sending of the DCD. This portion of the DCD may be sent without any DSG tunnels provisioned on the interface for the purpose of redirecting STBs to downstreams DSG tunnels are provisioned. the behavior is as if the dcd-enable command was entered.

DSG Timer Entry To specify non-default DSG timing values in the DCD. The command to update the DSG timer values in the entry is: configure cable dsg timer-list <timerListId> [initialization-tdsg1 <initTimer>] [operational-tdsg2 <operTimer>] [two-way-tdsg3 <twoWayTimer>] [one-waytdsg4 <oneWayTimer>] The command to view which entry is associated with an interface is: show interface cable [<slot>/<port>] cable downstream dsg The command to view the contents of the entry is: show cable dsg timer-list [<timerListId>] NOTE The downstream timer list must be configured in order for the DSG timer list values to be included in the DCD.18 DOCSIS Set-top Gateway (DSG) Configuration The command to view which list is associated with an interface is: show interface cable [<slot>/<port>] cable downstream dsg The command to view the contents of the list is: show cable dsg ds-frequency-list [<dsListId>] NOTE The downstream channel list must be configured in order for the DSG timing values to be included in the DCD. To add vendor-specific parameters. there are no vendor-specific parameters in the DSG Configuration part of the DCD. Vendor-specific Parameters By default. 18-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . a DSG Timer Entry must be associated with the DS cable interface and the DSG Timer Entry updated with the new timing values. a VSP list must be associated with the DSG cable interface with one or more entries in the VSP list. The command to associate a DSG Timer Entry with the DS cable interface is: configure interface cable <slot>/<port> cable downstream dsg timer-list <timerListId> Note that a DS timer entry can be referenced by one or more DS cable interfaces.

The command to add entries in the VSP list is: configure cable dsg vsp-list <vspListId> oui <vspOUI> value <vspValue> The command to view which list is associated with an interface is: show interface cable [<slot>/<port>] cable downstream dsg The command to view the contents of the list is: show cable dsg vsp-list [<vspListId>] NOTE The downstream channel list must be configured in order for the DSG VSP list values to be included in the DCD. The command to associate a group with an interface is: configure interface cable <slot>/<port> cable downstream dsg tunnel-group <tunnelGrpId> [priority <priority>] [upstream-list <chlNum>] [vsp-list <vendorSetId>] Note that the priority.2. and VSP list parameters are discussed in the DSG tunnel section.C4 CMTS The command to associate a VSP list with the DS cable interface is: configure interface cable <slot>/<port> cable downstream dsg vsp-list <vspListId> Note that a VSP list can be referenced by one or more DS cable interfaces as well as DSG tunnel groups and client id list entries. Standard ARRIS PROPRIETARY — All Rights Reserved 18-13 . DSG Tunnel Groups DSG tunnels are associated with a DS cable interface via DSG tunnel Groups. upstream channel list. The command to display the DSG tunnel groups assigned to a DS cable interface is: show interface cable <slot>/<port> cable downstream dsg tunnel-group Release 4.

18-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . By default. The minimum configuration for a DSG tunnel (in order for the DSG tunnel’s rule to be included in a DCD) is: • • • • DSG tunnel Group Assignment Client Id List Assignment - At least one entry in the client id list Destination MAC Address Classifier Associated with the DSG tunnel Destination IP Address - The show cable dsg command can be used to view the current state of DSG configuration. the following command is then entered to include the rule in the DCD: configure cable dsg tunnel <dsgTunnelId> enable NOTE “Disable” can be used at anytime to remove the DSG tunnel from the DCD. If it is desired to prevent the rule from being included in the DCD until the configuration of the rule is complete. except for QoS.18 DOCSIS Set-top Gateway (DSG) Configuration DSG Tunnel The major components of a DSG tunnel are: • • • • • • DSG tunnel Group Parameters DSG tunnel Parameters Client Id List DSG Classifier(s) Vendor-specific Parameters QoS All of the components. the DSG rule is included in the DCD once the rule contains all the required elements. make up the DSG Rules portion of the DCD. the following command must be entered: configure cable dsg tunnel <dsgTunnelId> disable Once the configuration of the rule is complete.

If changes are made to SCN parameters for an Release 4. the rule priority takes on a value of zero. The SCN is not included in the DCD even when it is specified. they will be omitted from the DSG rule in the DCD. Note that this logic applies for all parameters with defaults and those that are optional. client Id list. The command to configure the DSG tunnel Group parameters is: configure interface cable <slot>/<port> cable downstream dsg tunnel-group <tunnelGrpId> [priority <priority>] [upstream-list <chlNum>] [vsp-list <vendorSetId>] The command to display the DSG tunnel group parameters is: show interface cable <slot>/<port> cable downstream dsg tunnel-group DSG tunnel Parameters The DSG tunnel parameters are: • • • • DSG Tunnel Group (mandatory) Client Id List (mandatory) DSG Tunnel’s Destination MAC Address (mandatory) SCN (optional. the: group to which the tunnel belongs. and destination MAC address are all required in order for the DSG rule for this DSG tunnel to be included in the DCD. not included in DCD) When creating a DSG tunnel.C4 CMTS DSG Tunnel Group Parameters The assignment of the DSG tunnels to DSG tunnel groups was covered in the DSG tunnel Group section above. If the upstream channel list or VSP list is not specified with the command.2. The DSG tunnel Group parameters that are part of the DSG rule is: • • • Rule Priority (defaults to 0) Upstream Channel List (optional) Vendor-specific Parameters (optional) The rule priority is mandatory for the DSG rule so if it is not specified when configuring the DSG tunnel Group. The command to configure the DSG tunnel parameters is: configure cable dsg tunnel <dsgTunnelId> tunnel-group <tunnelGrpId> client-id-list <clIdList> mac-address <dsgTunnelDestMAC> service-class-name <scn> NOTE The service-class-name (SCN) parameters for the tunnel take effect when the tunnel is activated. Standard ARRIS PROPRIETARY — All Rights Reserved 18-15 .

the value is not allowed to be specified on the command line. as it pertains to DSG. only one copy of the VSP list is included with the rule in the DCD. Otherwise. the SCN modifications will not take effect on the remaining tunnels. can be enforced on the C4 CMTS by using the CAR feature or by using the Service Class Name association as described by the DSG specification. The command to display the DSG tunnel parameters is: show cable dsg tunnel [<dsgTunnelId>] Client Id List The client id list contains one or more entries each containing: • • • Id Type (mandatory) Id Value (mandatory if Id Type is not broadcast) Vendor-specific Parameters (optional) There must be at least one entry in the client id list in order for the DSG rule to be included in the DCD. For information on the CAR feature. those changes will not take place until the tunnel is disabled and re-enabled. The command to add an entry in the client Id list is: configure cable dsg client-id-list <clIdList> type <clIdType> value <clIdValue> [vsp-list <vendorSetid>] The command to display the entries in the client id list is: show cable dsg client-id-list [<clIdList>] DSG Classifier(s) Vendor-specific Parameters The DSG classifier is described in the DSG Classifier section below. as in the following example: configure cable dsg tunnel <dsgTunnelId> disable configure cable dsg tunnel <dsgTunnelId> enable If there are multiple active tunnels referring to the just modified service class name.18 DOCSIS Set-top Gateway (DSG) Configuration SCN that was used by an active tunnel. If a VSP list is referenced multiple times for the same rule. the VSP entries from all the lists are included with the rule in the DCD. QoS Rate Limiting/Policing — rate limiting (also termed “policing”). see Committed Access 18-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The commands for adding entries in the VSP list is covered in the previous Vendor-specific Parameters section. When there are multiple VSP lists specified for a single rule. the command sequence above must be repeated for each of those tunnels. If the id type is broadcast. All entries in the list are included in the DCD. Vendor-specific parameters can be specified with the DSG tunnel Group as well as with the client IDs.

and DSG data will be given a priority somewhere in between. priority for HSD data. For details on Service Class Names. traffic priority can and should explicitly be associated with each DSG tunnel via association of an appropriately provisioned Service Class Name to each DSG tunnel. IP Packet Filtering. Traffic Prioritization and DSG — As alluded to above. One presumed likely scenario in a converged services environment is that voice traffic will be given highest priority. Simply put. Even though a default maximum traffic rate is applied if no SCN association is explicitly made. including minimum and maximum traffic rates.048 Mbps). which may actually have multiple tunnels sourcing data to that single device. When determining the priority to be applied to DSG data. the C4 CMTS will limit the data on any given DSG tunnel. The QoS parameters. Service Class Names are a DOCSIS construct for defining Quality of Service (QoS) parameter sets.C4 CMTS Rate. a default traffic priority of 0 is used (this is the lowest possible traffic priority).048 Mbps. the C4 CMTS CLI would actually allow application of a maximum traffic rate that exceeds 2. Throttling. is the more direct means of enforcing rate limiting for DSG. are then automatically applied to the tunnel. however. Standard ARRIS PROPRIETARY — All Rights Reserved 18-17 . If no Service Class Name association is made. ARRIS strongly recommends association of an appropriately provisioned service class name to each DSG tunnel. a Service Class Name can be associated with a DSG tunnel rule (see “configure cable dsg tunnel on page 26-77” of chapter 26. and the C4 CMTS uses those QoS parameters to rate limit the traffic which flows over the DSG tunnel. If no Service Class Name is associated with a DSG tunnel. best effort data (HSD) will be given lowest priority. The maximum traffic rates on all tunnels that funnel into any single device should be provisioned accordingly to ensure that the accumulated total of all traffic does not exceed the recommended 2. Consideration should be given to the accumulated sum of traffic that will pass through any single device host. This ensures enforcement not only of an appropriate maximum traffic rate. Service Class Name. and if CAR is not used to supply rate limiting independent of DSG. voice signaling data. page 13-19 in chapter 13. CLI Command Descriptions). and voice data itself should be taken into account. only DOCSIS parameter ranges are enforced (that is. see chapter 14. and CAR“of the C4 CMTS customer documentation. Release 4. Since Service Class Name is a DOCSIS construct.048 Mbps. Service Class Names of the C4 customer documentation. as defined by a single tunnel rule. to 2. This is in support of the informative note in the DSG specification that OpenCable device hosts could experience potential buffer overflow at data rates exceeding 2.2.048 Mbps limit. but also an appropriate traffic priority.

The command to configure a DSG classifier is: configure cable dsg tunnel <dsgTunnelId> classifier <dsgClassId> [priority <classPri>] dest-ip <destIP> [source-network <sourceIp>[/<maskLen>]] [dest-portrange <portStart>-<portend>] [include-in-dcd] By default.18 DOCSIS Set-top Gateway (DSG) Configuration DSG Classifier The DSG Classifier parameters are: • • • • • • • Classifier Id (mandatory) DSG Tunnel Id (mandatory) Classifier Priority (defaults to zero) DSG Tunnel’s Destination IP Address (mandatory) DSG Tunnel’s Source IP Address (optional) Mask (optional) Destination Port Range (optional) These DSG Classifier parameters make up the DSG Classifier in the DCD. unless the keyword include-in-dcd is specified on the command line. the following command includes the classifier in the DCD: configure cable dsg tunnel <dsgTunnelId> classifier <dsgClassId> include-in-dcd To remove the classifier from the DCD. If the classifier was configured without the include-in-dcd keyword. the DSG Classifier is not included in the DCD. Note that the classifier Id must be unique per C4 CMTS. For all parameters that are not mandatory or do not have a default value are not included in the DCD when they are not explicitly configured. # # start DSG setup script #---------------------------------------------------- 18-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The classifier ID will be suppressed from the DSG rule in the DCD if the classifier is configured to not be included in the DCD. DSG Configuration Scenarios Initial Setup for DSG This example script prepares the C4 CMTS for subsequent DSG configuration. use the no version of the command.

C4 CMTS # enable IGMP on the cable side #---------------------------------------------------configure interface cable 5/0 ip igmp #---------------------------------------------------# enable IGMP on the network side #---------------------------------------------------configure interface fastEthernet 16/0 ip igmp #---------------------------------------------------# proxy IGMP memberships from the cable side to the network side #---------------------------------------------------configure interface cable 5/0 ip igmp proxy-interface 16/0 #---------------------------------------------------# only allow static multicast on the cable side interface filtering any router/host IGMP messages #---------------------------------------------------configure interface cable 5/0 ip igmp multicast-staticonly #---------------------------------------------------# Enable ability to apply dynamic upstream cable side filters #---------------------------------------------------configure subscriber default-sub-grp-up 1 configure subscriber default-cm-grp-up 1 configure subscriber default-cpe-control on #---------------------------------------------------# save the changes to persistent store #---------------------------------------------------write mem #---------------------------------------------------# RESET the registered cable modems #---------------------------------------------------configure reset cable-modem all # end DSG setup script # Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 18-19 .2.

10.1 255.5 23.2 23. This example shows how to configure a DSG tunnel with the following rule and classifier: Table 18-1: DSG Tunnel with Multicast IP Address Type 23 23.9 23.9.4 Name Downstream Packet Classification Encoding Classifier Identifier Classifier Rule Priority IP Packet Classification Encodings Source IP Address Source IP Mask 1 1 10.9.100. # start DSG configuration only script # direct the STB to the downstream on frequency 691000000 configure interface cable 5/0 cable downstream dsg dsfrequency-list 1 configure cable dsg ds-frequency-list 1 frequency 691000000 # provide non-default timing parameters for the STB configure interface cable 5/0 cable downstream dsg timer-list 1 configure cable dsg timer-list 1 initialization-tdsg1 5 operational-tdsg2 300 two-way-tdsg3 150 one-way-tdsg4 900 # enable the DCD on the downstream configure interface cable 5/0 cable downstream dsg dcdenable # end DSG configuration only script Multicast Destination IP to RFC1112 DSG Tunnel MAC The following script configures a DSG tunnel that has a destination MAC IP address that directly corresponds to a RFC1112 compliant destination MAC address.255 Value 18-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .3 23.255.18 DOCSIS Set-top Gateway (DSG) Configuration DSG Configuration Only This script configures a DCD on a downstream that contains only the DSG configuration part of the DCD.255.

1.10.2 50.100.C4 CMTS Table 18-1: DSG Tunnel with Multicast IP Address Type 23.1.1.1.1 configure access-list 120 deny ip any host 230.5 50 50.4.75Mbs #---------------------------------------------------configure interface fastEthernet 16/0 rate-limit input access-group 120 2000000 1000 750000 conform-action transmit exceed-action drop #---------------------------------------------------# block traffic from all other network interfaces Release 4.10.1.100.2.2 50.9.1 host 230.1.6 DSG Rule DSG Rule Priority DSG Well-Known MAC Address DSG Tunnel Address DSG Classifier Identifier Name Destination IP Address 1 01:00:5E:01:01:01 01:00:5E:01:01:01 1 Value 230.5 50.1 that has a destination IP of 230.1 #---------------------------------------------------# apply filter and rate limit on all network interface that receive the desired multicast traffic # assign acl to network interface and rate limit at 2Mbs with a max burst size of .1.1.1 #---------------------------------------------------configure access-list 120 permit ip host 10. Standard ARRIS PROPRIETARY — All Rights Reserved 18-21 .1 #---------------------------------------------------#---------------------------------------------------# start Multicast IP to Associated DMAC script #---------------------------------------------------# # DSG tunnel provisioning # #---------------------------------------------------# inbound network side filtering # permit traffic from source 10.

1 on cable interface(s) #---------------------------------------------------configure interface cable 5/0 ip igmp static-join 230.1.1.0 dest-addr 230.10.1 #---------------------------------------------------configure ip filter group 1 index 1 src-addr 0.5e01.0 src-mask 0.1.0.1 priority 1 include-in-dcd #---------------------------------------------------# end Multicast IP to Associated DMAC script #---------------------------------------------------- 18-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .0101 configure cable dsg client-id-list 1 type mac-address value 0100.1 source-network 10.1.1.1.255.1.0.1 #---------------------------------------------------# configure advanced DSG #---------------------------------------------------# configure the DSG Rule configure interface cable 5/0 cable downstream dsg tunnel-group 1 priority 1 configure cable dsg tunnel 1 tunnel-group 1 client-idlist 1 mac-address 0100.255 action drop #---------------------------------------------------# static multicast provisioning # forward the traffic with desetination ip 230.1.1 configure interface gigabitEthernet 16/1 rate-limit input access-group 130 2000000 1000 750000 conformaction transmit exceed-action drop #---------------------------------------------------# upstream cable side filtering # filter upstream traffic destined for 230.1 dest-mask 255.1.0.0.255.1.1.5e01.1.100.18 DOCSIS Set-top Gateway (DSG) Configuration #---------------------------------------------------configure access-list 130 deny ip any host 230.0101 # configure the DSG classifier configure cable dsg tunnel 1 classifier 1 dest-ip 230.

9 23.2 50.3 23.9.4.9.10.1.5 50.4 23.2 23.C4 CMTS #---------------------------------------------------- Multicast Destination IP to non-RFC1112 DSG Tunnel MAC The following script configures a DSG tunnel that has a destination MAC IP address that corresponds to a RFC1112 non-compliant destination MAC address.1 255.100.9.2 50.6 Name Downstream Packet Classification Encoding Classifier Identifier Classifier Rule Priority IP Packet Classification Encodings Source IP Address Source IP Mask Destination IP Address DSG Rule DSG Rule Priority DSG Well-Known MAC Address DSG Tunnel Address DSG Classifier Identifier 1 1 10.255 230.5 50 50.255.255.2.1 1 01:00:5E:01:01:01 00:11:22:33:44:55 1 Value Note that the configuration is the same as when the DSG tunnel’s destination IP address corresponds to the RFC1112 compliant destination MAC address except for what is highlighted below. Standard ARRIS PROPRIETARY — All Rights Reserved 18-23 . #---------------------------------------------------#---------------------------------------------------# start Multicast IP to non-compliant DMAC script #---------------------------------------------------# # DSG tunnel provisioning # Release 4.1.5 23. This example shows how to configure a DSG tunnel with the following rule and classifier: Table 18-2: DSG Tunnel with Multicast IP Address Type 23 23.

1 #---------------------------------------------------# apply filter and rate limit on all network interface that receive the desired multicast traffic # assign acl to network interface and rate limit at 2Mbs with a max burst size of 0.1.10.1 #---------------------------------------------------configure ip filter group 1 index 1 src-addr 0.1.1.1 dest-mask 255.100.1 on cable interface(s) 18-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .10.1.1.18 DOCSIS Set-top Gateway (DSG) Configuration #---------------------------------------------------# inbound network side filtering # permit traffic from source 10.1.255.1.0.1 #---------------------------------------------------configure access-list 120 permit ip host 10.1.1.1.0 src-mask 0.100.1 configure access-list 120 deny ip any host 230.0.255.255 action drop #---------------------------------------------------# static multicast provisioning # forward the traffic with destination ip 230.0 dest-addr 230.0.75Mbs #---------------------------------------------------configure interface fastEthernet 16/0 rate-limit input access-group 120 2000000 1000 750000 conform-action transmit exceed-action drop #---------------------------------------------------# block traffic from all other network interfaces #---------------------------------------------------configure access-list 130 deny ip any host 230.1.1.1 host 230.1.0.1 configure interface gigabitEthernet 16/1 rate-limit input access-group 130 2000000 1000 750000 conformaction transmit exceed-action drop #---------------------------------------------------# upstream cable side filtering # filter upstream traffic destined for 230.1.1 that has a destination IP of 230.

0101 # configure the DSG classifier configure cable dsg tunnel 1 classifier 1 dest-ip 230.1. This example shows how to configure a DSG tunnel with the following rule and classifier: Release 4.1 source-network 10.1.2233.1.1 priority 1 include-in-dcd #---------------------------------------------------# end Multicast IP to non-compliant DMAC script #---------------------------------------------------#---------------------------------------------------- Unicast Destination IP The following script configures a DSG tunnel that has a unicast destination IP address.1 00:11:22:33:44:55 #----------------------------------------------------# configure advanced DSG #---------------------------------------------------# configure the DSG Rule configure interface cable 5/0 cable downstream dsg tunnel-group 1 priority 1 configure cable dsg tunnel 1 tunnel-group 1 client-idlist 1 mac-address 0011.100.1 #---------------------------------------------------configure ip multicast mac-ip 230.1.5e01.C4 CMTS #---------------------------------------------------configure interface cable 5/0 ip igmp static-join 230.4455 configure cable dsg client-id-list 1 type mac-address value 0100.1.2.1.10.1.1.1 #---------------------------------------------------# assign tunnel MAC address for IP address if non-standard # assign a tunnel mac address of 00:11:22:33:44:55 to destination ip 230. Standard ARRIS PROPRIETARY — All Rights Reserved 18-25 .

1.50.1.5 23.18 DOCSIS Set-top Gateway (DSG) Configuration Table 18-3: DSG Tunnel with Unicast IP Address Type 23 23.3 23. #---------------------------------------------------#---------------------------------------------------# start Unicast IP script #---------------------------------------------------#---------------------------------------------------# NOTE .4.255 10.2 23.50.2 50.9 23.1 255.10.10.6 Name Downstream Packet Classification Encoding Classifier Identifier Classifier Rule Priority IP Packet Classification Encodings Source IP Address Source IP Mask Destination IP Address DSG Rule DSG Rule Priority DSG Well-Known MAC Address DSG Tunnel Address DSG Classifier Identifier 1 1 10.2 50.100.IGMP is not required in the initial DSG setup for this case #---------------------------------------------------# # DSG tunnel provisioning # #---------------------------------------------------# inbound network side filtering # permit traffic from source 10.255.5 50.200 18-26 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .4 23.9.100.200 1 01:00:5E:01:01:01 00:11:22:33:44:55 1 Value Note that the differences in the configuration are highlighted below.255.9.9.5 50 50.1 that has a destination IP of 10.

0.200 00:11:22:33:44:55 5/0 # uncomment the following line if enabling DSG on both downstreams #configure arp 10.0.100.50.50.255.1.1.2.200 00:11:22:33:44:55 5/1 #---------------------------------------------------# configure advanced DSG Release 4.200 #---------------------------------------------------configure ip filter group 1 index 1 src-addr 0. Standard ARRIS PROPRIETARY — All Rights Reserved 18-27 .50.255.1.50.200 to interface 5/0 with a dmac of 00:11:22:33:44:55 #---------------------------------------------------configure arp 10.255 action drop #---------------------------------------------------# add static arp entry to forward DSG tunnel data # forward traffic with destination ip 10.1.200 dest-mask 255.50.1.0.0 dest-addr 10.1.200 configure access-list 120 deny ip any host 10.10.C4 CMTS #---------------------------------------------------configure access-list 120 permit ip host 10.0 src-mask 0.1.0.50.50.1 host 10.200 configure interface gigabitEthernet 16/1 rate-limit input access-group 130 2000000 1000 750000 conformaction transmit exceed-action drop #---------------------------------------------------# upstream cable side filtering # filter upstream traffic destined for 10.75Mbs #---------------------------------------------------configure interface fastEthernet 16/0 rate-limit input access-group 120 2000000 1000 750000 conform-action transmit exceed-action drop #---------------------------------------------------# block traffic from all other network interfaces #---------------------------------------------------configure access-list 130 deny ip any host 10.50.200 #---------------------------------------------------# apply filter and rate limit on all network interface that receive the desired multicast traffic # assign acl to network interface and rate limit at 2Mbs with a max burst size of 0.1.

5e01.1.50.2233.0101 # configure the DSG classifier configure cable dsg tunnel 1 classifier 1 dest-ip 10.10.4455 configure cable dsg client-id-list 1 type mac-address value 0100.18 DOCSIS Set-top Gateway (DSG) Configuration #---------------------------------------------------# configure the DSG Rule configure interface cable 5/0 cable downstream dsg tunnel-group 1 priority 1 configure cable dsg tunnel 1 tunnel-group 1 client-idlist 1 mac-address 0011.1 priority 1 include-in-dcd #---------------------------------------------------# end Unicast IP script #---------------------------------------------------#---------------------------------------------------- 18-28 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .100.200 source-network 10.

Number of fine power adjustment steps (-32 to 32) max-round-trip-delay .Maximum attempts to make on invitations for rang req (0-1024) modulation .Insertion interval in centiseconds. use hard timeouts for IM opportunities (true or false) annex . (Valid range 0-200) interleave-depth .If true.Centiseconds between ranging cycle (100 to 500) clone-group-enable .2000) power-adjust . Downstream Cable Parameters This document provides a basic description of the parameters used to configure downstream cable channels. To see available settings of these downstream parameters.Milliseconds between sync messages (1-200) ucd-interval .2.32.Milliseconds between UCD messages (20 .Center frequency in Hz. or 12 for EuroDOCSIS) invited-ranging-attempts .Set voice data limits <cr> Release 4.C4 CMTS 19.16.Maximum round-trip delay in microseconds (200-1600) level1-threshold .Comment or a description to help you remember what is attached to this interface restore .64.Interleave depth in number of taps (8.Level 2 overload threshold (0-1000) level3-threshold .MPEG framing format standard (A or B) description .Transmit power level in tenths of dbmV (500-610) ranging-interval .Station maintenance interval in centiseconds (500-3500) sync-interval .Display the downstream configuration shutdown .Restore the downstream for the interface show .Downstream modulation type (64qam or 256qam) power-level . 128.Level 3 overload threshold (0-1000) range-cycle-interval . Standard ARRIS PROPRIETARY — All Rights Reserved 19-1 . enter the following command: configure interface cable <slot/dport> cable downstream ? The sample system output: frequency .Level 1 overload threshold (0-1000) level2-threshold . (Valid range 91-858MHz) insertion-interval .Shutdown the downstream for the interface voice-limits .

The width of each downstream channel is 6 Mhz in North America and 8 MHz in Europe. Channel width and the range of valid downstream center frequencies used in North America are defined by the DOCSIS® standard. in Europe they are defined by the EuroDOCSIS standard. 19-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .19 Downstream Cable Parameters The current settings for the downstream parameters can be displayed using the following command: show controllers cable <slot/dport> downstream The C4 CMTS provides a response similar to the following example: Downstream Port 0 --------------Port state: Cable Standard: from ITU-J83 Frequency (Hz): Insertion interval (centiseconds): Interleave depth (no of taps): Invited ranging attempts: Modulation: Power (tenth of dBmV): Power Fine Adjustment (steps): Ranging interval (centiseconds): Sync interval (milliseconds): UCD interval (milliseconds): Max Round Trip Delay(microseconds): Ranging Cycles Int (centiseconds): IS Annex B 321000000 40 32 16 q64 610 0 2400 10 1600 1600 120 Ranging interval (centiseconds): 2400 Sync interval (milliseconds): 10 UCD interval (milliseconds): 1600 Max Round Trip Delay(microseconds): 1600 Ranging Cycles Int (centiseconds): 120 Clone Group Enabled: True (Hard timeouts enabled for IM opport) Level 1 overload threshold: 90 Level 2 overload threshold: 100 Level 3 overload threshold: 500 Max Allowable Normal Voice BW (%): 50 Reserved Normal Voice BW (%): 0 Max Allowable Emergency Voice BW (%): 70 Reserved Emergency Voice BW (%): 0 Max Allowed Total (Emergency + Normal) (%): 70 Emergency Preemption: enabled Frequency — This refers to the center frequency of a downstream channel.

Ranging backoff defines the number of broadcast ranging opportunities that a CM must wait after experiencing a contention. If there are 16 taps then each one takes 8 symbols. The increment determines how much information is taken from each tap. Default = 40 centiseconds. it varies inversely with the number of taps. Decreasing this parameter will increase the overhead on the entire system. By interleaving the data. the smaller the amount of data that is lost in any particular data frame. You may choose to lower the ranging-backoff parameter to offset that. Taps can be thought of as different sources of information. Interleave depth — The downstream interleaver helps protect against noise bursts. only small pieces of several data frames are lost as opposed to a larger portion of a single data frame. Burst protection values refer to the maximum size in microseconds of a burst that can be corrected. If there are 128 taps. According to the DOCSIS® RFI specification. The more interleaved that the data actually is. 1. the maximum amount of time that this parameter can be is 200 centiseconds. The interleaver works with a total of 128 symbols in one group. If you increase the insertion interval you will increase the time it takes CMs to range and register. Care must be taken to describe downstream channels in terms of their center frequencies.858 MHz) Cable plant frequencies are sometimes expressed in terms of other units. then each tap takes one symbol.857 MHz) EuroDOCSIS (Europe): 112000000 . Insertion interval — This parameter defines the amount of time in centiseconds1 between broadcast ranging opportunities. however. Range = 0 . Standard ARRIS PROPRIETARY — All Rights Reserved 19-3 . Reducing the amount of contiguous errors results in a higher probability that the FEC can correct the losses due to bursts of noise. When changing this parameter.857000000 (91 .200 centiseconds. Increasing this parameter can significantly increase the time for cable modems to re-register after an outage.2. especially for analog video channels. A centisecond is 1/100 of a second. Table 19-1 provides examples of the effects of various interleave depth settings. Release 4.C4 CMTS Range of Center Frequencies DOCSIS® (N. America): 91000000 . A cable modem will use broadcast ranging opportunities when it is first attempting to communicate with the C4 CMTS.858000000 (112 . increasing the interleaving also increases the amount of the delay in the transmission of the data. one should also consider the rangingbackoff parameter which is configured per upstream channel.

The C4 CMTS will allow values in the range of 500 to 610.15 msec 0.33 msec 0. there is only one downstream interleaver setting that is allowed. Default = 500. According to the RFI specification.22 msec 0. Table 19-2: European Downstream Interleaver Taps 12 Increment 17 Burst Protection 64 QAM 18 usec 128 QAM 14 usec 64 QAM 0. The following table shows the different interleavers that are available. The C4 CMTS will allow values in the range of 0 to 1024. the length of a noise burst that they can protect against and the delay in the data transmission.43 msec Latency 128 QAM 0.4 msec 2.0 msec Latency 128 QAM 0.1 usec 8.32 msec Invited ranging attempts — This parameter contains the maximum number of attempts by a cable modem to range on an upstream channel without being heard by the CMTS before the CM gives up and attempts to range on another upstream channel.2 usec 16 usec 33 usec 66 usec 64 QAM 0. Default = 64 QAM. Table 19-1: North American Downstream Interleavers Taps 8 16 32 64 128 Increment 16 8 4 2 1 Burst Protection 64 QAM 5.19 Downstream Cable Parameters Five different versions of the downstream interleaver are available to DOCSIS® (North American) CMTS operators.68 msec 1. Default = 16.8 msec For the EURO-DOCSIS specifications. Modulation — This parameter determines if the downstream modulation is either 64 QAM or 256 QAM.9 usec 12 usec 24 usec 47 usec 95 usec 128 QAM 4. Ranging interval — This parameter contains the amount of time in centiseconds between the unicast ranging opportunities that the C4 provides to the cable modems.0 msec 4. The reason that 24 19-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Default = 32 taps. Cable modems must receive the downstream channel at a power level ranging from -15 dBmV to +15 dBmV. Power level — This is the power level in tenths of a dB that the CMTS uses to transmit on the downstream channel.98 msec 2. The recommended value for this value is 2400 centiseconds. a T4 timeout for a cable modem is where the cable modem does not receive a unicast ranging opportunity somewhere between 30 and 35 seconds.48 msec 0.

According to the DOCSIS® RFI specification. The default time is 1600 microseconds. Decreasing the UCD interval causes additional overhead. the range cycle interval may cause jitter from one cycle to another of the amount specified for the range cycle interval. a negative value will decrease the downstream power level and a positive value will increase the power level. Setting this greater than 3000 may cause problems during CAM fail-overs and may cause cable modems to T4 timeout. Default = 10. Standard ARRIS PROPRIETARY — All Rights Reserved 19-5 . which is roughly enough time for a cable modem up to 100 miles from the CMTS to send a message and receive the response. UCD interval — This parameter contains the amount of time in milliseconds from the sending of one set of Upstream Channel Descriptor (UCD) messages until the next. such as a broadcast ranging attempt.24 MHz system clock in the C4. This parameter is used to determine the amount of time that must be given to a cable modem to transmit a broadcast ranging message. to the C4 CMTS and to receive a response. Consequently. Release 4. the UCD interval can be increased to a maximum of 2000 milliseconds. The valid values for this parameter are from –32 to 32. But increasing the sync interval may prevent some cable modems locking onto the system clock. This contains the maximum amount of time in microseconds that it would take a cable modem to send a message.2. The recommended value for this parameter is 10 msec. Default = 1600 microseconds. Default = 2400 centiseconds. The C4 CMTS will allow values in the range of 200 to 1600. Default = 1600 milliseconds. According to the DOCSIS® RFI specification. The parameter is also used to determine the needed Map Ahead Timer for DOCSIS® Map messages. the maximum time between sync messages should be 200 msec. The C4 CMTS will allow values in the range of 1 to 200. Decreasing the sync interval causes additional overhead because more sync messages are sent. The power is adjusted by taking roughly 2dB dividing this by the number specified and then adding to the current downstream output power level. this parameter should also be taken into consideration when setting the ranging interval (described below). The C4 CMTS will allow values of 800 or 1600. Default = 0. The C4 CMTS will allow values in the range of 500 to 3500. Sync interval — This parameter determines how often sync messages are sent in the downstream channel in units of milliseconds. Decreasing this value will increase system overhead by causing station maintenance to be performed more often. As a side note. Consequently. Power adjustment — This parameter allows for fine adjustment of the downstream power level at the CMTS in incremental steps. The sync messages allow a cable modem to lock to the 10. Max round trip delay — This parameter defines the maximum amount of time in microseconds allowed for round trip delay.C4 CMTS seconds is the recommended value is to handle the case of a CAM fail-over that will take a few seconds.

The C4 CMTS will allow values in the range of 0 to 1000. DSA or DSC request that would causes this threshold to be exceeded will be denied. several additional seconds of buffer time should be given if CAM sparing is used in the system. A value of 0 will cause the default value of 500 to be used. a log message is generated. Additionally. cable modems will start to reset due to the T4 timeout. Default = 120. Any registration. This value plus the value of the ranging interval should be less than 30 seconds. A value of 0 will cause the default value of 100 to be used. 19-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The C4 CMTS will allow values in the range of 0 to 1000. The C4 CMTS will allow values in the range of 0 to 1000. These thresholds help define the response to oversubscription rates. otherwise. the following occurs… a log message is generated.19 Downstream Cable Parameters Overload Thresholds — Connection Admission Control (CAC) overload thresholds are defined at three levels. This value must be less than the values for the level2 and level3 thresholds. The C4 CMTS will allow values in the range of 100 to 500. the modem is dropped and a log message is generated. The Level1 threshold indicates a percentage of total bandwidth for the cumulative minimum guaranteed reserved bandwidth of the admitted/active service flows on the channel. a notice will be logged but service flow activation and admission will be allowed. The Level2 threshold indicates a percentage of total bandwidth for the cumulative minimum guaranteed reserved bandwidths of the admitted/active service flows on the channel. If the level 2 threshold is crossed. This internal parameter controls how often (time in centiseconds) ranging queues are served within the C4 CMTS. Range cycle interval — This parameter refers to an internal parameter within the C4 CMTS. The Level3 threshold indicates an upper-bound percentage of total bandwidth for the cumulative minimum guaranteed reserved bandwidths of the admitted/active service flows on the channel. Table 19-3: Overload Threshold Defaults and their Effects Threshold Level 1 Level 2 Level 3 Default Value 90% 100% 500% As soon as min. a notice will be logged but service flow activation and admission will be allowed. This value must be greater than the values for the level1 and level2 thresholds. A value of 0 will cause the default value of 90 to be used. This value must be less than the values for the level3 and greater than the level1 thresholds. If the level 1 threshold is crossed. reserved bandwidth exceeds this level.

Annex — This parameter is based on ITU-J83. Show — Displays the configuration of this downstream channel. Each of the upstream channels that are physically separated from the other upstream channels. Reserved Normal Voice. A cable plant may use the same upstream frequency for several different upstream channels due to the fact that the upstream channels are physically separated from each other even though they share the same downstream frequency. use the same frequency as another upstream channel and share the same downstream channel may be considered to be a clone group. Default = disabled.C4 CMTS Clone group enable — This parameter indicates whether or not clone groups are enabled. Annex A is used for EuroDOCSIS operation. Shutdown — Disables this downstream channel. To see the settings for these parameters. If the clone groups are not enabled under these circumstances. use the show controllers cable 1 detail command. Description — Adds a comment or text string to describe or name what is attached to this downstream interface. Max Allowed Emergency Voice. The following is a sample of the output: Max Allowable Normal Voice BW (%): Reserved Normal Voice BW (%): Max Allowable Emergency Voice BW (%): Reserved Emergency Voice BW (%): Max Allowed Total (Emergency + Normal) (%): Emergency Preemption: 50 0 70 0 70 enabled Release 4. then cable modem may perform initial ranging at the wrong time for the upstream channel for which it is currently connected. Reserved Emergency Voice.2. Standard ARRIS PROPRIETARY — All Rights Reserved 19-7 . Default = B (DOCSIS® — North American operation). A change in this value will only take effect once the affected CAM card is reset. This would lead to data loss and longer ranging times of new cable modems. It determines whether European or North American DOCSIS® standards will be followed. Voice-limits — Sets the voice data parameters in terms of percentage of bandwidth: Maximum allowed normal voice. Restore — Restores this downstream to service. The use of the clone groups allows the initial maintenance regions of the clone groups to be aligned in time for the sake of new cable modems performing initial ranging on the cable plant. The C4 CMTS will allow the values of true to enable clone groups or false to disable clone groups. Also enable or disable Emergency Preemption. and Maximum Allowed Total.

19 Downstream Cable Parameters 19-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

This document describes the parameters used in modulation profiles. Upstream Modulation Parameters and Profiles Modulation profiles are pre-defined sets of upstream channel parameters which make it easier to configure or reconfigure upstream channels. see the DOCSIS Radio Frequency Interface Specification. it lists the default values of these parameters. In order to understand the all of the parameters used in modulation profiles. SID — Service ID. This can only be used in the Request/Data IE (broadcast). SIDs are also used in Quality of Service functions. Each IE is a 32-bit quantity. SIDs are assigned to upstream Service Flows. Certain values of SIDs are defined in the RFI specification and convey specific meanings for the service flows they represent: • • 0x3FFF implies all CMs (broadcast) 0x3FFx where x is a value of 0x1 to 0xE used to indicate that a data message must fit in x number of minislots. Standard ARRIS PROPRIETARY — All Rights Reserved 20-1 . • Release 4.C4 CMTS 20. some terms must be defined: IE — Information Element — portions of the allocation MAP used to define transmission opportunities for cable modems. For greater technical detail on these parameters and their functions. the middle 4 bits represent the IUC. therefore to the cable modems served by the SIDs. of which the most significant 14 bits represent the SID. The C4 CMTS allocates upstream bandwidth to SIDs.2. Where possible. and the low-order 14 bits represent the minislot offset. 0x3Exx This can only be used in the Request IE to allow different priorities to use the request region (broadcast).

set. set. 1.20 Upstream Modulation Parameters and Profiles If If If If If If If If bit bit bit bit bit bit bit bit 0x01 0x02 0x04 0x08 0x10 0x20 0x40 0x80 is is is is is is is is set. set. set. set. use the following CLI command: configure cable modulation-profile <id> iuc <interval usage code> [mod <qpsk|qam8|qam16|qam32|qam64| qam1281>] [pre-len <preamble len>] [diff <true|false>] [fec-tbytes <no of bytes>] [fec-len <FEC code word length>] [seed <scrambler seed>] [burst-len <max burst len>] [last-cw <true|false>] [scrambler <true|false>] [guard-time-size <0|8–96|no>] [int-depth <depth>] [int-blocksize <blocksize>] [pre-type <preamble type>] [tcm1 <on|off>] [int-stepsize <stepsize>] [spreader <on|off>] [subframe-code <subframe size>] [channel-type <tdma | atdma | scdma | tdma-atdma>] See Table 20-1. QAM128 and TCM are not supported in Release 4. Modulation Profile Parameters. 20-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . To display what upstream modulation profile is used on an upstream channel. for a brief description of each parameter. on page 20-3. use one of the following CLI commands: show controllers cable <slot>/<macdomain> upstream <port> configure interface cable <slot>/<macdomain> cable upstream <port> show The system response contains a line similar to the following: Modulation profile id: 1 To redefine the values of an upstream modulation profile. set.x. priority priority priority priority priority priority priority priority 0 1 2 3 4 5 6 7 can can can can can can can can request request request request request request request request The following SID values have special meaning for the 2Dx12U CAM: 0x1FFF used for FFT (fast Fourier Transform) measurements 0x1FFE used for ingress cancellation Redefining the values of an upstream modulation profile affects all the upstream channels that are using that modulation profile. set.

Release 4. A multicast SID must be used to indicate the size of the data message that can be sent.C4 CMTS Modulation Profile Values Default values for the various modulation profile parameters may change according to the IUC selected. then this is an opportunity for a single cable modem to request additional bandwidth. The number of the modulation profile. The timing adjustments allow for the round trip delay of the fiber optic/coax plant plus the time to transmit the range request message.X cable modem can send a range request message only during this IE. then cable modems must contend with each other for upstream bandwidth.6 longData tdma qpsk 80 F 8 220 338 0 8 T T .0 cable modem can send a range request message or an initial range request message depending upon the type of the upstream channel.- Table 20-1: Modulation Profile Parameters Parameter ID Description Identifier. Only the range request message — no other data — can be sent in this IE. The C4 CMTS supports up to two billion modulation profiles.3 initialRanging tdma qpsk 128 F 5 34 338 0 48 F T . This IE allows cable modems a method to adjust their timing. If the class of the SID associated with the request IE is unicast. meaning cable modems must contend with each other when transmitting. A DOCSIS 1.4 periodicRanging tdma qpsk 128 F 5 34 338 0 48 F T . 2 Request/Data Either data requests or short data messages can be sent in this portion of the upstream map interval.2. frequency. 4 Periodic Ranging (Also called Station Maintenance). Interval Usage Code. This IE is used so that cable modems can perform station maintenance. An initial range request message can be sent either with a broadcast SID or with a unicast SID depending upon the situation. The IUC typically has an assigned numeric value. It defines what kind of Information Element (IE) is being sent from the CMTS to the cable modems: • • • • • • Request = 1 Request/Data = 2 Initial Ranging = 3 Periodic Ranging = 4 Short Data Grants = 5 Long Data Grants = 6 • • • • • Null Information Element (IE) = 7 Data Ack = 8 Advanced PHY Short Data Grant = 9 Advanced PHY Long Data Grant = 10 Advanced PHY Unsolicited Grant = 11 IUC 1 Request This portion of the upstream map interval is used by cable modems to request bandwidth for data transmission.Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod ---------------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 2 8 F T . A DOCSIS 2. 3 Initial Ranging (Also called Initial Maintenance). range request messages are sent in this IE when it contains a broadcast SID. The following is an example of modulation profile number 1: Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--. This IE is not used by the C4 CMTS map algorithm and as such changes made to this IE will have no affect on upstream data transmissions. Standard ARRIS PROPRIETARY — All Rights Reserved 20-3 . and transmit power so that they can reliably communicate with the CMTS. Normally. This IE is unicast.5 shortData tdma qpsk 72 F 6 75 338 12 8 T T . If the class of the SID associated with the request IE is broadcast.

The reason that grants can be split into short and long data grants is for the sake of FEC encoding. A DOCSIS 1. A shorter codeword will increase the amount of overhead but allow for more errors to be corrected in the total data frame. Assuming that FEC is enabled. 9 Advanced PHY Short This IE is the same as a short data grant except that it is used when the cable modem is communicating via an upstream channel that is DOCSIS 2. The FEC codeword contains both the FEC information bytes and the FEC parity bytes. 11 Advanced PHY UGS This IE is new with DOCSIS 2. Modulation type Values 3–6 must not be used when the upstream channel is only DOCSIS 1. The number of codeword parity bytes is 2xT.0 upstream channel. Used to bound the length of the last actual interval allocation.0 bursts only. Forward Error Correction (T) The number of bytes with errors that can be corrected with FEC in the size specified in the codeword information byte length.x upstream channel and 0-16 for a DOCSIS 2. A type 5 TLV signifies that the channel is DOCSIS 2. Long data grants are used only when a cable modem is transmitting via an upstream channel that is compatible with DOCSIS 1. The cable modem uses this region in the upstream map interval if the number of minislots required to send the message is greater than the maximum burst interval for a short data grant in the Upstream Channel Descriptor (UCD) message. Forward Error Correction. A value of zero indicates that FEC is disabled. the FEC codeword can contain from 16 to 253 information bytes. mod 1 = QPSK 2 = 16QAM 3 4 5 6 = 8QAM = 32QAM = 64QAM =128QAM (SCDMA only) Description IUC.X only compatible channel is signified in the UCD message with a descriptor encoded with a type 4 TLV. It allows parameters to be optimized for UGS flows. 8 Data Ack CMTS sets to map length.X.0 compatible. Length of Codeword (K) The number of bytes in the information bytes of the FEC codeword. The reason that grants can be split into short and long data grants is for the sake of FEC encoding. For each byte that can be corrected there are two additional FEC parity bytes that are added to the FEC codeword. NOTE: The following Advanced PHY types are provided for channels carrying combined DOCSIS 1. The FEC codeword contains both the FEC information bytes and the FEC parity bytes and can be between 18 and 255 bytes.0 compatible.0 bursts and also for channels carrying DOCSIS 2. where T = 0-10 for a DOCSIS 1. 10 Advanced PHY Long This IE is the same as a long data grant except that it is used when the cable modem is communicating via an upstream channel that is DOCSIS 2.0.x and DOCSIS 2.X compatible. The cable modem uses this region in the upstream map interval if the number of minislots required to send the message is less than or equal to the maximum burst interval specified for a short data grant in the Upstream Channel Descriptor (UCD) message. which normally carry VoIP. 6 Long Data Grants This unicast IC gives permission to a specific cable modem to transmit one or more PDUs.X. fec-tbytes fec-len 20-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . cont.20 Upstream Modulation Parameters and Profiles Table 20-1: Modulation Profile Parameters (Continued) Parameter Interval Usage Codes (continued) 5 Short Data Grants This unicast IE gives permission to a specific cable modem to transmit one or more PDUs. 7 Null Information Element Ending offset of the previous grant. diff Differential Encoding True = enabled. False = disabled. Short data grants are used only when a cable modem is transmitting via an upstream channel that is compatible with DOCSIS 1.0 compatible.

it is possible to choose parameters such that the Preamble Superstring which contains the preamble strings for all the different IUCs does not fit within either the 1024 or the 1536 bit limits. Note: the only channel type that the 1Dx8U CAM supports is TDMA. IUCs of 3 or 4 without differential encoding must have a preamble length in the range of 32 to 384 bits.C4 CMTS Table 20-1: Modulation Profile Parameters (Continued) Parameter Description Preamble Length The preamble serves to put the FEC and randomizer (also called the scrambler) into known states before the data is transmitted. the preamble length must be in the range of 40 to 512. There are additional restrictions upon the preamble length depending on the type of CAM. IUCs of 3 and 4 with 16 QAM must have a preamble length in the range of 200 to 768. Some seeds will work better than others for producing a good distribution of 1's and 0's without a contiguous string of either 1's or 0's. False = fixed length. Range = 0–255. In dynamic mode. Burst length The maximum number of minislots that can be used by the IE. False = disabled. The 15-bit seed value for the scrambler polynomial. consequently. 1 = off. IUCs of 1. The pseudo random generator (randomizer) is used so that the data stream will not produce a long string of either 1's or 0's. pre-len seed burst-len guard-time-size last-cw scrambler int-depth Release 4. 5 and 6 with 16 QAM must have a preamble length in the range of 80 to 256. • For IUCs 9. this parameter must not be present. Last Codeword This indicates whether the last FEC codeword is of a fixed length or shortened. 2floor(2048/(K + 2T)) = fixed mode. • All other cases for IUCs of 3 and 4 must have a preamble length in the range of 100 to 768. True = shortened. Changing the seed for the pseudo random generator will cause the generator to produce a different pattern of ones and zeroes if the same input data is sent to the pseudo random generator. This value may be derivable from other network and architectural parameters. • Otherwise. The preamble also helps the receiver to accurately receive an upstream burst.0 (type 5 TLV) requires the preamble length to be between 0 and 1536 bits.2. Contact technical support for further assistance if experiencing these problems. ATDMA Byte Interleaver Depth This parameter must be present for all IUCs with an ATDMA upstream channel or IUCs 9. There are three different states for the ATDMA Byte Interleaver signified by the values: 0 = dynamic mode. Standard ARRIS PROPRIETARY — All Rights Reserved 20-5 . For both short data and advanced PHY short data grant IEs. DOCSIS 2. a zero value implies that the IE is not limited. this field must be present and must contain a non-zero value. 1Dx8U CAM • For a TDMA upstream channel. 5 and 6 must have a preamble length in the range of 40 to 256. this parameter cannot be used.X (type 4 TLV) requires the preamble length to be between 0 and 1024 bits. Note: Even with the above guidelines. • All other cases for IUCs of 1. For all other cases. In general. This field is required for non-SCDMA channels and according to the RFI specification must contain a value of at least 5 symbols. the system chooses the row and column sizes of the interleaving matrix to obtain optimum burst noise robustness. 2Dx12U CAM • For a TDMA or tdma-atdma upstream channel. 10 and 11 with a tdma-atdma upstream channel. 10 and 11. DOCSIS 1. In fixed mode. This field indicates whether the scrambler or randomizer is enabled or not. the preamble length must be in the range of 32 to 128 bits. Range = 8–96 symbols. there is one FEC codeword per row and the depth is the number of rows in the interleaving matrix. an IUC with 16 QAM modulation must have a preamble length in the range of 64 to 256 bits. • For a TDMA upstream channel. • For a TDMA or tdma-atdma upstream channel. By definition SCDMA channels have no additional time between frames. True = enabled. Guard Time This is the amount of time measured in symbols that must exist between successive frames. The range of possible values is from 0-32767.

The values for the TCM are either on or off. For all other cases. Range = 1–31. Range = 2*(K+2T) – 2048. The string of possible preamble bits is included in the UCD message. Preamble Type For DOCSIS 2. This option must be present for a SCDMA channel and must not be present for all other upstream channel types. However. SCDMA Codes per Sub-Frame In an SCDMA upstream channel. 10 and 11 must use spreader on. interleaving is performed on a sub-frame basis. Since one bit is removed from the symbol for encoding purposes. use the CLI command show cable modulation-profile <modulation profile number> As an example. This value is determined by the C4 CMTS. there are two modes of spreader operation: on and off.x. TCM causes one bit in the symbol to be used for encoding purposes. According to the RFI specification.0 upstream channels. To obtain optimum benefit of the ATDMA interleaver. This bit acts like a parity bit for decoding the rest of the bits in the symbol. and IUCs 1. It indicates where in the possible string of the preamble bits the actual preamble actually starts. IUC 3 must use spreader off. Upstream Channel Type This parameter contains the type of the upstream channel which must correspond to one of the following values: channel-type • • • • tdma atdma scdma tdma-atdma int-blocksize pre-type tcm int-stepsize spreader subframe-code a. The codes per sub-frame define the size of the sub-frame. QAM128 and TCM are not supported in Release 4.20 Upstream Modulation Parameters and Profiles Table 20-1: Modulation Profile Parameters (Continued) Parameter Description ATDMA Byte Interleaver Block Size This parameter must be present for all IUCs with an ATDMA upstream channel or IUCs 9. With qpsk1 the preamble’s constellation is at a higher power level when compared to qpsk0. This option must be present for an SCDMA channel and must not be present for all other upstream channel types. the data throughput is similar to what is received if the next lower value for the modulation type is used.x channels must use the qpsk0 constellation pattern. Trellis Coded Modulationa TCM must only be used with an SCDMA upstream channel. SCDMA Spreader In an SCDMA upstream channel. this parameter must not be present. there are two possible constellation patterns that can be used for the QPSK preamble: qpsk0 and qpsk1. 9. According to the DOCSIS RFI Specification another value that is typically associated with upstream modulation profiles is the preamble offset start value. the C4 CMTS only supports the usage of spreader off for IUC 4. For displaying the values associated with a specific modulation profile. A sub-frame can vary in size from 1 code up to the total number of active codes. DOCSIS 1. The interleaver step size determines the manner in which symbols are interleaved within the sub-frame. This parameter represents the number of bytes that can be used by the ATDMA interleaver when in the dynamic mode of operation. use a value of 2048. This option must be present for an SCDMA channel and must not be present for all other upstream channel types. interleaving is performed on a sub-frame basis. using the following command show cable modulation-profile 2 20-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . And IUC 4 can use either on or off. 10 and 11 with a tdma-atdma upstream channel. SCDMA Interleaver Step Size In an SCDMA upstream channel.

the upstream channels have to be configured.5 shortData tdma qpsk 168 F 6 75 338 7 8 T T . on page 20-8.1) is specified. if you do not specify a logical channel. When changing the following upstream parameters. Use the following command to choose the desired modulation profile and other parameters that determine the upstream channel’s characteristics: configure interface cable <slot/port> cable upstream <port> <parameter> where parameter is replaced by one of the parameters listed in Table 20-2.25 microsecond ticks) • SCDMA active codes • SCDMA frame size • SCDMA hopping seed • SCDMA codes per slot For all other upstream parameters.Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod ---------------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 0 8 F T . then the CLI code will apply the change to the physical interface. • Modulation profile ID • Ranging backoff range • Data backoff range • Map size (in 800 microsecond ticks) • Slot size (in 6.3 initialRanging tdma qpsk 640 F 5 34 338 0 48 F T .4 periodicRanging tdma qpsk 384 F 5 34 338 0 48 F T . In other words. then the command syntax assumes logical channel 0. if no logical channel (n. Parameters Used in Configure Cable Upstream (Channel) Command. Release 4.6 longData tdma qpsk 192 F 10 220 338 0 8 T T . Standard ARRIS PROPRIETARY — All Rights Reserved 20-7 .C4 CMTS gives the following output: Modulation profile 2 Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--.2.- Once you have equipped the CMTS with CAMs and put them in service. NOTE Logical channels are sometimes called subinterfaces. both logical channels of the upstream will be affected.0 or n.

Default = 24. 400000. but it affects only logical channel 0. 1600000. Maximum power offset from RX target for ranging success. and it affects the entire upstream: configure interface cable 15/0 cable upstream 0 no shutdown The following command brings up only logical channel 0: configure interface cable 15/0 cable upstream 0.0 only). Set voice data limits Upstream ingress cancellation properties Display the upstream configuration. Range = (DOCSIS) 5100000 – 41900000 (Japan) 5100000 – 54900000 (EuroDOCSIS) 5100000 – 64900000 channel-width pre-eq-enable <width-hz> <true|false> Upstream channel width in Hz. Level 2 overload threshold. Cable group ID Level 1 overload threshold. Default = 3200000. Range = 1 to 46. 800000. Values = 200000. send equalizer coefficients back. Range = 4 to 24.0 because modulation profile ID is one of the upstream parameters specific to logical channels: configure interface cable 15/0 cable upstream 0 modulation-profile 3 Table 20-2: Parameters Used in Configure Cable Upstream (Channel) Command Parameter connector frequency <connector> <frequency> Definition Upstream connector on the PIC. Default = 80. power-level <dbmv> max-power-adj threshold-power-offset cable group id level1-threshold level2-threshold level3-threshold voice-limits ingress-cancellation show <power adjustment> <threshold value> <cable-group-id> <percent> <percent> <percent> 20-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Power level (dBmV). Range = 0–1000. Level 3 overload threshold. Range depends on channel width: Default = 0. 3200000. Range = 0–7 Center frequency in Hz. Default = 24. Range = 0–1000.20 Upstream Modulation Parameters and Profiles For example. Default = 1000. the following command does not specify a logical channel. Range = 0–1000. or 6400000 (DOCSIS 2. If true. Default = 95. 200 kHz -16 to 14 dBmV 400 kHz -13 to 17 800 kHz -10 to 20 1600 kHz -7 to 23 3200 kHz -4 to 26 6400 kHz -1 to 29 Maximum CM power adjustment per range response message.0 no shutdown The following command specifies no logical channel.

Standard ARRIS PROPRIETARY — All Rights Reserved 20-9 . Displaying Modulation Profiles Use the following command to view a modulation profile: C4-9# show cable modulation-profile n Where n = the number of the desired profile.0 ATDMA channels. c. Release 4. The mini-slot-size of 1 applies only to DOCSIS 2.2.C4 CMTS Table 20-2: Parameters Used in Configure Cable Upstream (Channel) Command (Continued) Parameter Definition NOTE: The following parameters pertain to logical channels. This parameter is used for display purposes in the show commands. scdma. The channel-width of 6400 kHz is valid only for DOCSIS 2. Default = 2–7. b. Default = 2–8.25 microsecond ticks. Use 0 or no to disable. start value must be less than end value. QAM128 and TCM are not supported in Release 4. Valid types: tdma. Default = 4.0 channels. atdma. Range = 0–16. Average map size in 800 microsecond ticks. Number of active SCDMA codes: from 64 to 128 SCDMA frame size in units of spreading intervals 5-bit seed used for code hopping sequence initialization Number of SCDMA codes per mini-slot Number of 6. Modulation profile identification number. Default = 1 for 1Dx8U CAM 2 for 2Dx12U CAM Random backoff window used when retrying ranging requests. Range = 1-13. 1D8U 200 32/64/128 400 16/32/64/128 800 8/16/32/64 1600 4/8/16/32 3200 2/4/8/16 mini-slot-size <number of ticks> ________________________________________ 2D12U 200 400 800 1600 3200 6400 c 16/32/64/128a 8/16/32/64/128 4/8/16/32/64/128 2/4/8/16/32/64/128 1 b /2/4/8/16/32/64/128 1 b /2/4/8/16/32/64/128 scdma a.x. tdmaatdma Comment or text string to help remember what is attached to this interface. Random backoff window used when retrying transmissions. channel-type description modulation-profile rangebackoff databackoff map-size <id> <start-end> <start>-<end> <size> active-codes frame-size hopping-seed codes-per-slot Channel type is determined by the modulation profile. Range = 1–16.

The 1Dx8U only supports DOCSIS 1.0 and DOCSIS 1.3 initial tdma qpsk 640 F 5 34 338 0 48 F T .4 station tdma qpsk 384 F 5 34 338 0 48 F T .- The main difference between the 1Dx8U default modulation profile and the 2Dx12U default modulation profile is in the preamble lengths (shown in the Pre Len column above).5 short tdma qpsk 72 F 6 75 338 12 8 T T .X.3 initial tdma qpsk 128 F 5 34 338 0 48 F T . It meant for use by 2Dx12U CAMs. There is also a change in the Maximum Burst Size for IUC 1 from a value of 2 for the 1Dx8U to a value of 0 for the 2Dx12U. The first is meant for use with 1Dx8U CAMs. This change was made in the event that the customer modifies this modulation profile for IUC 1 to make sure that a bandwidth request can always be sent upstream and does not violate the maximum burst size parameter for IUC 1. C4# show cable modulation-profile 1 Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--.Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod --------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 2 8 F T .6 long tdma qpsk 80 F 8 220 338 0 8 T T . The change in the preamble length was to optimize things for the new chip set that is used on the 2Dx12U.4 station tdma qpsk 128 F 5 34 338 0 48 F T .20 Upstream Modulation Parameters and Profiles Differences Between the 1Dx8U and 2Dx12U Default Modulation Profiles Default 1Dx8U Modulation Profile The C4 CMTS provides two default modulation profiles.5 short tdma qpsk 168 F 6 75 338 7 8 T T .Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod --------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 0 8 F T .X whereas the 2Dx12U supports both DOCSIS 2.6 long tdma qpsk 192 F 10 220 338 0 8 T T .0 required a different chip set be used on the 2Dx12U. The support of DOCSIS 2.- Default 2Dx12U Modulation Profile An example of modulation profile 2 is given below. 20-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . C4# show cable modulation-profile 2 Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--.

If you choose a number that is already in use.4 station tdma qpsk 384 F 5 34 338 0 48 F T .5 short tdma q16 168 F 6 78 338 23 8 T T . Users may want to optimize these values to the specific needs of their cable plant.- Basically. Release 4. User-defined modulation profiles can be assigned to any number from 3–n to create a new profile.Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod --------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 0 8 F T . enter the following command: configure cable modulation-profile 20 tdma qam-16 Modulation profile 20 as defined by the above command: Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--. user-defined modulation profiles allow the user to specify the channel type and the modulation rate for the data IUCs and the rest of the information for the modulation profile is filled in with recommended values. otherwise you will overwrite the defaults). such as tdma (which is for 2Dx12U).3 initial tdma qpsk 640 F 5 34 338 0 48 F T .C4 CMTS Also. and a modulation type. then the existing modulation profile will be overwritten by the new one. if you want to use the user-defined profile for TDMA and 16QAM to create modulation profile 20. Each user-defined modulation profile is defined by a channel type. such as 16QAM. For example. the number of FEC-correctable bytes for IUC 6 (Long Data Grant) changed from 8 to 10.6 long tdma q16 192 F 8 220 338 0 8 T T .2. (It is recommended that you do not use 1 or 2. There is almost no limit to the number you can create. There are also user-defined modulation profiles. This change simply changes the point where a data grant is considered long rather than short. Standard ARRIS PROPRIETARY — All Rights Reserved 20-11 . The only other change in the default modulation profiles was the Maximum Burst Size for IUC 5. User-defined modulation profiles provide a shortcut method for a user to easily create modulation profiles just by specifying the desired channel type and modulation rate. The first is a default modulation profile that is automatically created for the user. The user-defined profile defines most of the parameters for that modulation and channel type. There are two of this type: modulation profiles 1 and 2. These recommended values are generic values that should work across a wide variety of plants. Modulation Profiles: Default and User-defined In the C4 there are two types of modulation profiles that are present when the CAM boots up.

configure cable modulation-profile 100 ? atdma iuc scdma tdma tdma-1d8u tdma-atdma <cr> Use IUC Use Use Use Use preconfigured type preconfigured preconfigured preconfigured preconfigured ATDMA modulation profile SCDMA modulation profile 2D12U CAM TDMA modulation profile 1D8U CAM TDMA modulation profile TDMA-ATDMA modulation profile configure cable modulation-profile 100 atdma ? qam-8 qam-16 qam-32 qam-64 qpsk Default Default Default Default Default ATDMA ATDMA ATDMA ATDMA ATDMA QAM-8 modulation profile QAM-16 modulation profile QAM-32 modulation profile QAM-64 modulation profile QPSK modulation profile configure cable modulation-profile 100 scdma ? qam-8 qam-16 qam-32 qam-64 qpsk Default Default Default Default Default SCDMA SCDMA SCDMA SCDMA SCDMA QAM-8 modulation profile QAM-16 modulation profile QAM-32 modulation profile QAM-64 modulation profile QPSK modulation profile configure cable modulation-profile 100 tdma ? qam-16 qpsk . The following channel types are currently supported: atdma scdma tdma tdma-1d8u tdma-atdma Use Use Use Use Use preconfigured preconfigured preconfigured preconfigured preconfigured ATDMA modulation profile SCDMA modulation profile 2D12U CAM TDMA modulation profile 1D8U CAM TDMA modulation profile TDMA-ATDMA modulation profile These user-defined modulation profiles are controlled by the CMTS software. These modulation profiles may evolve and change slightly with different software versions.Default 2D12U CAM TDMA QPSK modulation profile 20-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .Default 2D12U CAM TDMA QAM-16 profile . there are different channel types for the 1Dx8U CAM and the 2Dx12U CAM. this is only the case for the channel type of TDMA since the 1Dx8U only supports TDMA.20 Upstream Modulation Parameters and Profiles Since modulation profiles are in general different between the 1Dx8U and the 2Dx12U CAMs because of differences in the chip sets. Note.

QAM16 for data IUCs TDMA .2.QAM8 for data IUCs TDMA .QAM16 for data IUCs and ATDMA .QPSK for data IUCs and ATDMA .C4 CMTS configure cable modulation-profile 100 tdma-1d8u qam-16 qpsk ? .Default 1D8U CAM TDMA 16-QAM profile .QAM16 for data IUCs and ATDMA .QAM32 for data IUCs Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 20-13 .Default 1D8U CAM TDMA QPSK modulation profile configure cable modulation-profile 100 tdma-atdma ? qpsk qam-8 qam-16 qam-32 Default Default Default Default TDMA-ATDMA QPSK modulation profile TDMA .

20 Upstream Modulation Parameters and Profiles 20-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

location. Community Access — defines an access list filtering mechanism associated with the community string. see configure access-list <std-acl-num> on page 26-35. and “rw” signifies read-write. snmp-server community <communityname> <access-list number> no snmp-server community <communityname> <access-list number> Release 4. hostname.2. SNMP Configuration with CLI The most basic settings for the SNMP agent i. Each community string defined in snmpCommunityTable can be configured with one access list number. the incoming SNMP request is permitted or denied using standard access list filtering. and similar commands on the following pages. For each community string associated with an access list number. For more information.C4 CMTS 21. and contact details are configurable via the following commands: Hostname <string> (no) Snmp-server location <string> (no) Snmp-server contact <string> Basic configuration for an SNMP v1/2 community An SNMP community for both v1 and v2c users can be quickly setup using the commands: snmp-server community <communityname> < ro | rw> no snmp-server community <communityname> Where “ro” signifies read-only. Standard ARRIS PROPRIETARY — All Rights Reserved 21-1 .e.

1 included snmp-server view testview 1. To define a view that includes internet.3.1.3. groups.4 excluded Group — defines a set of read/write/notify(trap/inform) permissions associated with a group. The CLI commands for creating/modifying/deleting views are as follows: snmp-server view <viewname> <MIB-family> included snmp-server view <viewname> <MIB-family> excluded no snmp-server view <viewname> <MIB-family> The MIB-family is specified as a full object-identifier i. Views are configured by using the “snmp-server view …” commands. “1. write. and notify views are each optional: if no ‘write’ view was specified then the group defines read-only permissions.e. These commands map directly to the SNMP MIB table “vacmAccessTable” as explained in RFC2575. For example: snmp-server group testgroup v3 noauth read testview 21-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .6. These commands map directly to the SNMP MIB table “vacmViewTreeFamilyTable” as explained in RFC2575. but excludes private. The CLI commands are: snmp-server group <groupname> v1 (read <view>) (write <view>) (notify <view>) snmp-server group <groupname> v2c (read <view>) (write <view>) (notify <view>) snmp-server group <groupname> v3 <auth | noauth | priv> (read <view>) (write <view>) (notify <view>) no snmp-server group <groupname> <v1 | v2c> no snmp-server group <groupname> v3 <auth | noauth | priv> The read.3. It does this by associating a view with each type of access read/write/notify. and users View — defines the portion of the overall MIB tree that is visible to an SNMP user.21 SNMP Configuration with CLI An SNMP community or v3user consists of 3 parts: views. For example.6”. use the commands: snmp-server view testview 1.6.

Standard ARRIS PROPRIETARY — All Rights Reserved 21-3 .2. The CLI commands are: snmp-server user <username> <group> v3 ( auth <sha | md5> <auth-password> ( priv <priv-password> ) ) no snmp-server user <username> <group> v3 Release 4. If authentication is enabled. The user must be associated with a group of the same type (either v1 or v2c) in order for it to work. v2c user to be usable through SNMP.C4 CMTS User — defines a user that can be used by the client to access the SNMP server. SNMPv3 will be discussed later. The user can be of type SNMPv1 SNMPv2 or SNMPv3. The CLI commands are: snmp-server user <username> <groupname> <v1 | v2c> no snmp-server user <username> <groupname> <v1 | v2c> For example: snmp-server user testuser testgroup v2c NOTE In order for the v1. These commands map directly to the SNMP MIB table “usmUserTable” as explained in RFC2574. snmp-server community public testuser NOTE The community name doesn’t have to be the same as the username. These commands map directly to the SNMP MIB table “vacmSecurityToGroupTable” as explained in RFC2575. there must exist a corresponding community in the SNMP MIB table “SnmpCommunityEntry”(RFC2576). privacy may also optionally be enabled. If they are different. snmp-server user "testuser" "testgroup" v2c. snmp-server community "public" "testuser" The community-entries can be modified manually using the commands: snmp-server community <communityname> (security <username>) no snmp-server community <communityname> For example. then it is the community name that needs to be sent in the SNMP message from the client and not the user name. Basic configuration for an SNMP v3 user SNMPv3 users can be setup with or without authentication enabled.

N.1.N.N.1” traps snmp-server host “10.1.1 traps snmp-server host N. For example.1” informs no snmp-server host N.N.1.N. then the list must be enclosed in quotes.N 21-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . For example: snmp-server host myhost v3notifsec 10. NOTE A v3 user must be associated with a v3 group. it won’t work Configuring different notification-types To enable/disable SNMP Authentication Failure Trap. If more than one tag is used. It is formatted as a list of 1 or more strings separated by whitespace.N traps (udp-port <num> (timeout <num> (retry <num> ) ) ) snmp-server host N. to configure a host to receive both traps and informs: snmp-server host “10.N.N.21 SNMP Configuration with CLI For example: snmp-server user “v3user” “v3group” v3 auth sha “password1” priv “password2” The same principle of group <-> view associations applies to v3 users as for v1/v2c users.1. If you associate the v3 user with a v1 or v2c group.1. use the following commands: snmp-server enable traps snmp no snmp-server enable traps snmp Configuration of SNMP Notification receivers The CLI commands for creating/modifying/deleting hosts are as follows: snmp-server host N.1.N taglist <list> (udp-port <num> (timeout <num> (retry <num> ) ) ) The taglist is used to specify a list of tags as defined in the snmpNotifyTable.N.N informs (udp-port <num> (timeout <num> (retry <num>) ) ) The two commands above map directly to the SNMP MIB table “snmpTargetAddrTable” as explained in RFC2573.

snmp-server host N. It identifies an entry in the table. This would typically be used to specify a subnet in an snmpTargetAddrTable rather than just a single address. The value of an instance of snmpTargetAddrTMask must always be an OCTET STRING whose length is either zero or the same as that of the corresponding instance of snmpTargetAddrTAddress. snmp-server host N.N.N.N mms <max message size> The mask value allows selected entries in the snmpTargetAddrTable to specify multiple addresses. The mask is not Release 4. snmp-server host N.2. (reference: rfc2576) snmp-server community <community name> ttag <transport tag value> The community index specifies the index in the snmpCommunityTable. It is used to determine the maximum message size acceptable to another SNMP entity when the value cannot be determined from the protocol. the incoming SNMP request is unauthentic.N. in order for the transport address to match a particular entry in the snmpTargetAddrTable. snmp-server community <community name> index <community index> The tparam specifies the target params name defined in the snmpTargetParamsTable. The identified entry in the snmpTargetParamsTable contains SNMP parameters to be used when generating messages to be sent to this transport address.N.C4 CMTS The transport tag value in the command string below identifies an entry in the snmpTargetAddrTable whose snmpTargetAddrTagList contains this tag value.N tparam <targetparam name> The target address name specifies the index in snmpTargetAddrTable. The mask value is used to select which bits of a transport address must match bits of the corresponding instance of the snmpTargetAddrTAddress. Standard ARRIS PROPRIETARY — All Rights Reserved 21-5 . If a SNMP management request containing this community is received on a transport endpoint other than the transport endpoints identified by tag value.N name <targetaddr name> The mms specifies the maximum message size.N. It identifies an entry in the table.N.

8.N.1.0.43.44. The commands for creating filters are as follows (These commands map directly to the SNMP MIB table “snmpNotifyFilterTable” as explained in RFC2573.xx with any udp-port: snmp-server host 10. When generating notifications.N mask <targetaddr mask> (Example 1) Configure a mask to specify a subnet of 10.0 udp-port 161 mask ff:ff:0:0:ff:ff (Example 2) Configure a mask to specify a subnet of 10.43.44. entries in the snmpTargetAddrTable only specify individual addresses.N. (reference: rfc2576) snmp-server host N. The commands to create a filter are very similar to the commands used to create an SNMP view.xx with udp-port of 161: snmp-server host 10.8.1.) The syntax of the parameters is identical to the “snmp-server view …” commands explained in section 4.0 mask ff:ff:ff:0:00:00 Configuration of SNMP Notification filters A notification-security-model may optionally be configured with an associated filter in order to restrict the trap-types that can be generated using a particular model.21 SNMP Configuration with CLI used in generating notifications.1: snmp-server notify-filter (profile <filtername>) (subtree <MIB-family>) (type <included | excluded>) no snmp-server notify-filter (profile <filtername>) (subtree <MIB-family>) 21-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .xx.

revision B01. is equipped with a 305 or 320 MB flash disk. Software upgrades are described in the release notes document that accompanies each new software load.C4 CMTS 22. The flash disk on the SCM revision B01 has a capacity of 305 MB and has been partitioned into three partitions: active. Flash Disk Description Topics Virtual System Controller File System Administration File Transfers Hitless Reload/Upgrade Feature Page 4 5 7 9 Overview The original System Control Module (SCM). Revisions B02 and B03 contain a 384 MB TypeII flash disk. This document. the Cadant® C4™ CMTS Software Upgrade Notes includes the correct procedure and upgrade path for the target load. update. Hardware revision B04. others require reformatting the flash disk. will incorporate a 512 MB flash disk. Standard ARRIS PROPRIETARY — All Rights Reserved 22-1 . Release 4. There is no standard upgrade procedure: some upgrades involve hardware changes. and system. scheduled for release in the second half of 2005.2.

x. It assumes that the flash disk has already been reformatted according to the instructions provided in the Cadant® C4™ CMTS Software Upgrade Notes (release notes). running software release 4.0 software release notes. SCM FLASH DISK ACTIVE PARTITION UPDATE PARTITION SYSTEM PARTITION (Reserved 10-15 MB) SYSTEM IMAGE IMAGE1 BACKUP ARCHIVE IMAGE2 MIB DATA LOCAL LOG Figure 22-1: Flash Disk Partition Structure Partition Sizes Once the disk has been reformatted according to the instructions included in the 4.22 Flash Disk Description NOTE This section is meant to describe the 384 MB flash disk on revisions B02 or B03 of the SCM. Figure 22-1 shows the structure of the disk and its partitions. the partitions will have the following storage capacities: • • • /system /update /active 40 MB 129 MB 125 MB 22-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

If there are files on the standby that are not found on the active. As part of a write memory action. the backup archive file is copied to the standby side. The write memory command causes files on the active side to be copied onto the standby. Write Memory Command and Backups A write memory operation first forces the MIB data out to disk. This partition is normally read-only.2. they will not be deleted by a write memory. its un-bundled and the critical files of the active and standby SCM flash disks are synchronized. Active Partition This partition holds the current committed software image. Once the backup is completed. Standard ARRIS PROPRIETARY — All Rights Reserved 22-3 .arc. During a reload commit a second image is copied to this partition. The contents of the following /system directories are included in the backup archive: • • • • • • • /alias /certs /cfgfiles (these are not CM configuration files) /sec /time /cmts/sw/config /cmts/sw/mib/data (applies only to simplex systems) NOTE The reload commit command also causes a write memory to be executed. and then initiates a backup operation on the active side of the C4 CMTS. The system image is identified by its embedded name (visible through the show image command) which represents the release number of all components. Once on the standby. System Image — A system image is a single file containing all C4 CMTS firmware and software components. Release 4. critical files in the system partition are backed up to the following directory: /update/backup/systembkup. The C4 CMTS always boots from this partition following a normal system reset or power-cycle.C4 CMTS A fourth unmounted file system has 10–15 MB and is reserved for future use. NOTE Only a committed boot image will remain in the active partition.

Whenever an SCM initializes. Log messages were formerly accessible only on the standby processor. Authorization. These files are static — they rarely change. expendable.22 Flash Disk Description Update Partition The update partition contains non-critical. time-zone data. In a duplex system users could connect to a specific console port. In a simplex configuration. it is automatically restored using the backup archive in the /update partition. A CLI command that accesses files on the active SCM is also able to directly access files on the flash disk 22-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The next sections provides a description of the C4 CMTS system upgrade functionality. then the active and standby SCMs forward all log messages to each other. single partition errors are automatically recovered. and backup files. and Accounting (AAA) by enabling direct access to files on the standby SCM from the active SCM. the flash disk is checked for errors. The system partition is read-write and contains critical configuration information. dump files. System Partition Disk Check and Recovery Virtual System Controller This feature provides improved support for Authentication. In previous loads users seeking logs or PMDs were required to log on to the standby SCM to access these files. If errors are found. This may result in reformatting the affected partition or the entire disk in a duplex chassis. but this would not guarantee access to the standby SCM. If the entire disk is found to be corrupted. log files. and encryption keys. They include the MIB tables. but a complete disk corruption can be corrected only with human intervention. In order to access PMDs or other files on the standby processor. If this feature is enabled and if both SCMs have reached the IS-INIT operational state. If the /system partition is reformatted. user and modulation profiles. the SCM attempts to recover the disk. or dynamic files. This partition is read-write and contains one or more transient system images. The C4 CMTS boots from this partition in response to the reload /update command. the SCM can boot from the redundant SCM and then rebuild its disk. It makes it possible to obtain logs and PMDs (post-mortem dumps) from the standby SCM. now they are also present in the active SCM log. the C4 provides additional mount points in the file system to give direct access to file system volumes on the standby SCM. These can be stored in subdirectories.

Mount points of /clone/update are created for the /update file systems of the STBY SCM. where the files exist. Because of this release 4. File transfers to the flash disk usually require connectivity via either TFTP or FTP to a file server. NOTE Using the /clone/update/dumps directory allows access to core files (PMDs) on the standby processor. CLI Commands Use the following command either to redirect the console port to the active SCM or to keep it local: configure line console 0 1 connect <active|local> Where: active — (default) enables redirection to the active SCM local — does not redirect the console port. the /system and /active partitions on the standby SCM are not visible on the active. From a provisioning standpoint. its /update partition is mounted on the active SCM under the /clone/update mount point. The configure line command allows a console parameter in the range of 0 to 1. Currently. In the case of an upgrade this would be the server where the new software image exists. These mount points exist only on duplex systems. Release 4.C4 CMTS of the standby SCM. the CLI session that results is always on the active SCM. Standard ARRIS PROPRIETARY — All Rights Reserved 22-5 .0 feature. if you log on to the physical console port of either SCM.2. the serial port of slot 20 is considered console 1 and the serial port of slot 19 is console 0. Once an SCM goes to the standby (STBY) state. Use the following command to enable [disable] the /clone/update partition for accessing the standby SCM’s /update partition: configure disk volume /update scm 19 [no] clone-access File System Administration The commands in this appendix are often associated with system upgrades and disk maintenance procedures. and the files on the /update partition on the standby processor are visible on the active SCM.

reload update.22 Flash Disk Description File System Administration CLI Commands There are several CLI commands that are useful when performing a system back-up. Each is explained in Table 22-2. reboot the system from the file specified in the Update partition. it automatically reverts to the active partition image thereby backing out the update image.a copy the version of the code currently running in the processor RAM to the Active partition of the flash disk. Any image booted using the reload update command is temporary. verify the status during any file transfer reload commit show reload-status a. These commands and their functionality are described in Table 22-1. reload commit. unless it is committed. 22-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The reload commit also performs a write memory. NOTE Committing to a new image and new firmware can take up to 40 minutes to complete. The commit process runs in the background and does not impact service. Table 22-1: File System Administration CLI Commands Use This Command To… cd copy delete dir du mkdir mv pwd rmdir Reload Commands change working directory copy files specified delete specified files list files and directories display disk usage make a new directory move specified files display present working directory remove a specified directory The reload command has four formats—reload. and show reload status. Table 22-2: Reload Command Formats Use This Command To… reload reload /update/filename boot the system from system image that resides in the Active partition. If the system reboots for any reason while executing a reload update.

2. Standard ARRIS PROPRIETARY — All Rights Reserved 22-7 .02.C4 CMTS Reload Command Dependencies The reload commit command causes the SCM to check the system for hardware changes. If the executed image is an update image on the update partition. firmware on all modules is programmed to non-volatile memory and the image is simply copied to the active partition. Show Image Command The show image command has two formats: show image and show image <file name>. If any modules have been changed.47 Image ID: 43345349 Image timestamp: Wed Nov 27 00:41:47 2002 Component count: 22 To display information about the image contained in a specified file: show image <filename> File Transfers Transfer Protocols The procedures in this chapter commonly identify a protocol to use while transferring files.02. Image file: /active/CMTS_V03. Use either File Transfer Protocol (FTP) or Trivial File Transfer Protocol (TFTP) to transfer files to and from the C4 CMTS. To display information about the currently executing image: show image Sample output: C4# show image No reload operation is in progress.47. Use the following command syntax format to initiate an image upload or download: copy s d Where s is the source.00. and Release 4. then the SCM downloads the latest EEPROM information to the new modules. Image files may also be downloaded from a network server to the update partition.00. Copy Command Syntax The copy command is commonly used for file transfers.img Image name: CMTS_V03. System files may be uploaded from any partition to a network server using either protocol. It will also copy the update image to the active partition.

img] from the active partition to the /C4/images directory on a server [named myServer] via TFTP: copy /active/image_name. See the configure ftp-server command for more information.22 Flash Disk Description d is the destination. Copy Command Examples Use the following command examples to initiate an image upload or download. and f is the filename.img update/image_name.img tftp://IPAddrMyServer/C4/images/image_name. The commands that use FTP assume that the FTP login and password are properly configured.img To upload a software file [image_name. Both source and destination use the following format: p:[//h/][f] Where p is either the protocol or the partition h is the hostname.img 22-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .img from the C4/images directory on a server named myServer to the update partition via FTP: copy ftp://myServer/C4/images/newimage. To download image file newimage.

2 The standby SCM/FCM control complex is reset and re-enters the STDBY state running on the new image. and returns to the STDBY state. All simplex CAMs will be reset and returned to the IN-SERVICE state in parallel. to ensure that hitless upgrade is possible.2. obtains modem information from other active CAMs in the spare group. A new “hitless” keyword has been added to the reload command. Release 4. 3 A control complex switch occurs.C4 CMTS Hitless Reload/Upgrade Feature The hitless reload allows a complete CMTS software upgrade with minimal loss of service to subscribers. 6 The software version on each provisioned and active card is checked to make sure that the card is running on the new software load. The original control complex is reset and returns to the STDBY state running on the new image. loads the new software version. all provisioned and equipped NAM cards are upgraded. The first active CAM in the spare group is then restarted. the card is reset and rebooted. The original card restarts on the new software version. to upgrade system software without requiring cable modems to re-range or register. 5 For each CAM spare group. and returns to an IN-SERVICE state. This process repeats for each active cam in the spare group. and the new image. The standby control complex running on new software load becomes the active SCM/FCM pair. This feature requires a duplex control complex. the spare CAM is restarted. the command reverts back to the original hitfull mode of operation. with redundant NAMs and CAMs. All CAM spare groups are sequenced in parallel. If not. This allows service to continue through the use of redundant network interfaces. reload <software image pathname> hitless The show reload-status command provides feedback on the progress of the hitless reload operation. a fail back operation is performed to return the modems to their original CAM. If this keyword is not specified. 4 Next. one card at a time. Standard ARRIS PROPRIETARY — All Rights Reserved 22-9 . After its sparing data is retrieved from the spare card. with an automatic fail over of its modems to the spare. Hitless Upgrade Scenario for a Duplex Frame The following steps illustrate the basic mechanism of the hitless reload or upgrade process: 1 Version compatibility checking is done on the currently running image. Each NAM is restarted and returns the IN-SERVICE state running on the new software image. This command can be executed on either the active or standby control complex to observe progress. This feature utilizes many of the redundancy features that comprise the high availability architecture of the C4.

to re-range and register. the system will fall back to the normal hit-full reload operation.y). If a CAM is not in a spare group or if the spare CAM is not in working order. The user is prevented from executing another reload command while the Hitless Software Upgrade operation is in-progress. The process of sparing over and failing back takes times. software or hardware failures during the hitless upgrade may cause all modems in the spare group to be dropped. Conversely. system. It is possible that some CMs and Voice calls will not stay up during the reload operation. 4. It takes approximately 30 minutes to do a Hitless Software Upgrade operation on a full chassis with 3 spare-groups.2. If the Hitless Software Upgrade operation fails for any reason. • • • • • Other requirements • • 22-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or spare group. The Hitless Software Upgrade feature can only be used when upgrading from a Hitless Software Update capable load to a later software load within the same major release (for example. All CMs registered on simplex CAMs are dropped. this operation will cause all CMs on that CAM. consisting of 4-5 CAMs in each spare-group.22 Flash Disk Description Constraints • The Hitless Software Upgrade feature works only as well as the CCR and CAM sparing features. This procedure should only be attempted on a stable. fully redundant.x.

the CMTS must proactively monitor and route event messages. The C4 CMTS uses asynchronous notification management (ANM) to log messages. and collect these important status messages. Standard ARRIS PROPRIETARY — All Rights Reserved 23-1 . Operators can use several CLI commands to access event messages. This chapter first describes the logging mechanisms and then commands used to generate.C4 CMTS 23. Event Messages The C4 CMTS generates asynchronous event messages.2. Logging occurs when any unsolicited event is generated. filter. Release 4. in two ways: as part of normal operations and in response to error conditions. Logging and the C4 CMTS Topics Event Messages Generating Events and Traps Routing Events to Local Volatile and Non-Volatile Logs Page 1 15 17 In order to provide maintenance personnel with real-time and historical operational state data. or events.

See also chapter 27. 23-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Event Priority Value Descriptions. Table 23-1: Event Priority Value Descriptions Value 1 2 3 4 5 6 7 8 Name Emergency Alert Critical Error Warning Notice Informational Debug Descriptions and Examples Unrecoverable and fatal CMTS hardware or software fault Recoverable and non-fatal hardware or software fault Service-affecting problem impacting the whole cable system Service-degrading condition related to two or more Cable Modems Service-degrading condition related to a single subscriber Non-failure condition related to the CMTS itself Non-failure condition related to a subscriber Non-failure condition related to internal hardware or software state 1.23 Logging and the C4 CMTS Network management personnel can define and route event messages to several management subsystems. Priority values range from 1 to 8. Standard and Cadant Enterprise MIBs. Priority-based Event Routing — Each event is assigned an event priority. Each priority value is defined in Table 23-1. The event priority indicates the type and impact of the event on the C4 CMTS operations.1 Each of these management subsystems is described later in this chapter. How Event Messages Are Routed Event messages are routed according to their priority values. They are logged and subsequently used during system maintenance or network troubleshooting activities. See the draft-ietf-ipcdn-device-mibv2-01 for a complete description of this DOCSIS® MIB. These subsystems include: • • • • • • A syslog server (up to eight syslog servers are supported) One or more SNMP management stations The local log: volatile and non-volatile (also found in the docsDevEventTable MIB table) The C4 CMTS console Zero or more telnet or SSH sessions The logging history buffer Other logging functionality can be managed through the DOCS-CABLEDEVICE-MIB. All events carrying a routable priority are also stored in the volatile logging history buffer.

and telnet sessions. Figure 23-1: Event Management Subsystems on the C4 CMTS Monitor (Telnet) Each event management subsystem is described in the following sections. Traps are useful for reducing the length of Release 4. A brief description and graphic of these management subsystems and routing sequence appears in the following section.C4 CMTS Event Routing Sequence For the SNMP management station and Syslog server. the routing is based only on the priority associated with the event. Event throttling is explained in more detail later in this chapter. SNMP Management Station The Simple Network Management Protocol Management station is an application that uses SNMP protocol to manage a device. Standard ARRIS PROPRIETARY — All Rights Reserved 23-3 . event routing is based first on the priority and then throttle control. system console.2. Event Management Subsystems Figure 23-1 shows how events are routed to one or more of the event management subsystems within the C4 CMTS: messages Logging System Control Module feedback Priority Routing Takes Place Here T H R O T T L E SNMP Mngmnt Station* Syslog Server* Multiple Modules within the C4 CMTS Local Log Volatile Local Log Non-volatile System Console HISTORY Internal (volatile) queue *The DOCSIS® OSS specification requires that all events routed to SNMP or Syslog first be routed to the local volatile or the local non-volatile management subsystem. The SNMP Management station receives and processes traps (also known as events) originating from the C4 CMTS. For the local log.

23-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . This is the serial interface to the command line interface (CLI). Its roots are in the Unix environment. This time is called the event reaction latency. Events are seen only by the telnet session (monitor) that requested them. There is a limit of one system console session at any given time. operating parameters and even debug messages. then throttle control before arriving at the Syslog server. then they are under throttle control before arriving at the SNMP Management Station. Local Log (volatile) Local Log (non-volatile) System Console Monitor History Event Message Throttling Overview Using a throttle control protects the data network from exceeding a known threshold during bursts of event messages. Syslog Server Syslog is a standard protocol for centralized reporting of system events.1 Events are routed first according to their priority. All events that have a priority enabled for at least one destination are stored in the logging history. The default number of events stored in the logging history is 512. Events are routed first by priority. The system console is the RS232 port in the System Control Module. The monitor is the current telnet session. The C4 CMTS supports up to eight syslog servers. especially if management traffic is carried in-band with user traffic. Any number of asynchronous events transmitted into an operator’s management network may require throttling.23 Logging and the C4 CMTS time between when an event occurs and when it is noticed by a manager. The volatile local log stores messages only in the DOCSIS® cable device MIB (docsDevEvent) and is only accessible via SNMP. The C4 CMTS implements a single system-wide throttle that applies to both Syslog message and SNMP TRAP transmissions. The logging history buffer is a circular buffer that stores the last number of events that are delivered to any destination. 1. but most modern devices use the Syslog protocol to report important events. The non-volatile local log stores messages in the DOCSIS® cable device MIB. It also stores CMTS specific logs and places them in persistent storage — the flash disk.

or until the interval begins again. until the throttling type is reset. The CMTS automatically inhibits event transmissions when the number of events becomes excessive. Should the number of events exceed this threshold. The system output for the help show logging command is reproduced below. Release 4. “DOCSIS® Cable Device MIB Cable Device Management Information Base for DOCSIS® compliant Cable Modems and Cable Modem Termination Systems” for more information. Unlike Limit Throttling. the C4 CMTS network throttle type is unconstrained. See the RFC-2669. This message rate is limited by a provisionable threshold.2.1 Show Logging Commands This section describes various logging commands used to configure and retrieve event messages. then C4 CMTS limits the amount of traffic transmitted onto the management network within a given time interval. use the CLI help for that parameter. transmission remains inhibited until a management subsystem directs the CMTS to resume.C4 CMTS The network throttle can be set to one of four types: • • • • Unconstrained = no throttling Limit = message rates are maintained below a defined threshold Stop = messages are inhibited after reaching a defined threshold All = all event messages are inhibited By default. C4# help show logging 1. all events are inhibited for: • • • Throttling Set to Stop (Closed-loop Feedback) the remainder of the interval. Throttling Set to Limit When throttling is set to Limit. Standard ARRIS PROPRIETARY — All Rights Reserved 23-5 . the C4 CMTS works together with a network management subsystem to jointly police the amount of traffic transmitted on the network. For closed-loop feedback throttling. For a complete listing of all commands available at the show logging level.

Display Logging Information show logging 23-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .23 Logging and the C4 CMTS console debug history local monitor overrides proprietary snmp syslog throttle trap - Display Display Display Display Display display Display Display Display Display Display console logging related information debug logging related information logging history related information local logging related information monitor logging related information any existing logging overrides proprietary logging status SNMP logging related information syslog logging related information logging threshold and interval trap logging information Frequently Used Show Logging Commands Use the following commands to display detailed logging information for the C4 CMTS: • • • • show logging show logging throttle show logging debug show logging history Each is explained in the sections that follow.

4(error). throttled=0.10 local0 10. 5(warning). throttled=0 priority=3(critical).0. dropped=5 priority=1(emergency). show logging throttle This command returns the following output: Release 4. 6(notice) size=10 Volatile: notifications=1329 priority=1(emergency). throttled=0 Syslog: hosts (ip address facility): 10. 5(warning).10.10. 5(warning).10. 4(error).C4 CMTS This command displays all event management subsystems and features available for logging configuration on the C4 CMTS. 6(notice) Nonvolatile: notifications=1329 priority= none notifications=0 priority=none notifications=0 priority=none notifications=23. notifications=1324. interval=1. 2(alert).0. 3(critical). 7(information).0. 4(error).12 local2 10.2. 6(notice). 2(alert). threshold=0.13 local3 10.10. 3(critical). Standard ARRIS PROPRIETARY — All Rights Reserved 23-7 .0. 8(debug) notifications=369.11 local1 notifications=1324. size=2000 SNMP: Local: Console: Monitor: History: Currently Active Event Overrides: 0066030300 (0x03ef8adc) Inhibit 0066060600 (0x03f00138) Inhibit 0066060700 (0x03f0019c) Inhibit 0082010100 (0x04e35ff4) Inhibit 0082010200 (0x04e36058) Inhibit Figure 23-2: Show Logging Output Example Display Event Throttle Settings Use the following command to show the configured throttle settings and utilization statistics. C4# show logging Throttle: type=unconstrained.

Display events before this date (mm/dd/yyyy) before-time . for more information about this command. including variable syntax. show logging history The help output example.Display events that occurred on this slot detail . Diagnostics.Display events with this priority text .23 Logging and the C4 CMTS SCM# show logging throttle Throttle: type=unconstrained.Display events after this date (mm/dd/yyyy) after-time .Display detailed header information SCM# Figure 23-4: Show Logging History Output Example Display Logging History 23-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . or subclass.Display events with matching text slot . interval=1. The show logging debug command can be facility class. See chapter 24. Use this command when determining system status events.Display events after this time (hh:mm:ss) event . SCM# help show logging history last .Display this many last events before-date . notifications=23.Display events before this time (hh:mm:ss after-date .Display events with this event id priority . threshold=0. throttled=0 SCM# Figure 23-3: Show Logging Throttle Output Example Display Debug Information The show logging debug command assists with troubleshooting certain facilities of the system. for this command is given below.

C4 CMTS An example output for the last 10 events in logging history is given below. -------..43. and to set the throttle types. size=1000 show history filters: terse format: last 10 Time Sl Pri Text. change throttle thresholds and intervals. above which you want to begin throttling messages.158:config session 1000 23:06:51 19 notc: CLI command:c4:10.201:quit 23:06:51 19 notc: CLI command:c4:10.4.43. configure logging throttle threshold <20> Where 20 is the number of events.43.------21:56:47 19 notc: CLI command:c4:10.43.4.---.43.4. Standard ARRIS PROPRIETARY — All Rights Reserved 23-9 .43.38:enable 11:32:23 19 notc: CLI command:c4:10.4.158:enable 11:32:11 19 notc: CLI command:c4:10.2.4.4.38:config session 1000 11:32:11 19 notc: CLI command:c4:10.4.38:show proto-throttle-rate 09:28:09 19 notc: CLI command:c4:10.4. The commands allow you to display throttle settings. The commands include: configure logging throttle threshold <# of events> configure logging throttle interval <# of seconds> configure logging throttle [limit | stop | all] Each is explained in more detail in the following sections.43.43.20:config session 1000 09:28:09 19 notc: CLI command:c4:10.38:config session 1000 11:32:30 19 notc: CLI command:c4:10.-.38:enable 11:32:37 19 notc: CLI command:c4:10. configure logging throttle interval <60> Release 4.43.4.43. SCM# show logging history last 10 History: notifications=1000.8.. Use the commands in this section as an example of how to rate limit messages or implement closed-loop feedback. from 1 to 4294967294.20:enable SCM# Figure 23-5: Show Logging History Last 10 Output Example Configuring Event Throttling This section outlines the basic commands required to implement event throttling with the C4 CMTS.

Sample output: Throttle: type=limit. from 1 to 4294967294. if throttling conditions permit. Change Event Throttle Type configure logging throttle [limit|stop|all] Where limit = message rate limiting at a given threshold stop = closed-loop feedback throttling all = complete throttling of all C4 CMTS events. Example of Throttling Use the following command sequence to throttle logging to 1 event per second: configure logging throttle threshold 1 configure logging throttle interval 1 configure logging throttle limit Display the logging configuration: show logging The C4 CMTS displays the logging settings. This interval corresponds to the threshold that throttling begins . interval=1. notifications=1405. 23-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .if there are more than 20 events in a minute (60 seconds). threshold=1. interval=1. threshold=1. to reset the throttling type to the default. throttled=113 This second output shows that the number of throttled event messages has risen to 113. or unconstrained configuration.23 Logging and the C4 CMTS Where 60 is the interval. configure no logging throttle Use this command. including how many event messages have been throttled. throttled=85 (Five seconds later) display the logging configuration again: show logging Sample output: Throttle: type=limit. in seconds. notifications=1356.

local non-volatile log. set the throttle to allow all SNMP and Syslog messages. and verify that the change was implemented: show logging throttle configure no logging throttle show logging throttle End of example Configuring Event Routing Event messages may be routed to the Syslog host. configure a throttle which inhibits all messages if the message rate exceeds 100 messages within 90 seconds. local volatile log. and verify that the change was implemented: show logging throttle configure logging throttle threshold 100 configure logging throttle interval 90 configure logging throttle stop show logging throttle End of example Event Throttling Example 2 Use the following series of commands to view existing throttle settings. console. configure a throttle which inhibits all SNMP and Syslog messages. Each location has specific restrictions and parameters which are explained in the sections that follow. and verify that the change was implemented: show logging throttle configure logging throttle all show logging throttle End of example Event Throttling Example 3 Use the following series of commands to view existing throttle settings. Standard ARRIS PROPRIETARY — All Rights Reserved 23-11 . Syslog Server Description A Syslog server may be used to collect messages from the C4 CMTS. or monitor.C4 CMTS Event Throttling Example 1 Use the following series of commands to view existing throttle settings.2. Release 4. SNMP servers.

local5. local2. The facility may be changed to local0. then none of the servers will receive them The syslog notification counter is pegged (incremented) each time a notification is received by any syslog server The dropped counter is pegged (incremented) each time a notification fails to reach any configured syslog server. If the Syslog server is configured. enter the following command: configure logging facility <facility> 23-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . enter the following CLI command: configure no logging syslog Restrictions and Defaults for Syslog Server You may configure from one to eight Syslog servers. the C4 CMTS sends all Syslog messages to the Syslog facility local0. The C4 CMTS does not route events to a Syslog server unless the server’s IP address is configured. However. local1. the C4 CMTS routes any event with priority critical (3). local3. or local7. The Syslog facility is not persistent at this time. the Syslog host IP address must first be configured. error (4). Multiple syslog servers share the following characteristics: • All syslog servers share the same priority table: if one server is configured to receive priority notifications. By default. local6. Multiple Syslog Servers The C4 CMTS has the ability to send logging messages to multiple (from one to eight) syslog servers. local4. but you should be if you desire values other than the defaults. they must first be enabled for the local volatile log or local non-volatile log. Also by default. You are not required to configure Syslog event priorities and the Syslog facility. or notice (6) to the Syslog server(s). the facility returns to the default of local0. warning (5). To change the facility for all currently configured syslog servers.23 Logging and the C4 CMTS To configure priority-based routing of C4 CMTS events to a Syslog server. but you wish to stop sending any events to it. they will all receive the notifications Throttling is shared by all syslog servers: if throttling is set to inhibit notifications. to send other priority levels to Syslog or SNMP. When the C4 CMTS or SCM is reset. • • • CLI Commands for Multiple Syslog Servers In order to add or remove a syslog server. use the following command: config [no] logging host <ip address> [facility <facility>] The facility defaults to local0.

2.2 Configure Local Facility First This command sends all Syslog messages to the Syslog facility. Standard ARRIS PROPRIETARY — All Rights Reserved 23-13 .0. or inhibit. control by priority. configure logging syslog 7 Disable Informational Messages to Syslog This command disables all informational messages previously routed to the Syslog server. In this example it is called local4.10.11 local1 notifications=1319. configure logging override event <event id> The outcome is dependent upon the current priority settings.10 local0 10.10. The command will fail if priority 7 is not first enabled for the local volatile or local non-volatile logs. configure no logging syslog 7 Override Priority Settings This command overrides the priority setting and allows a specified event ID to do one of three things: • • • admit.10.0. Overriding an event is a way to keep the log buffer from Release 4.2 (this host IP address is meant as an example): configure logging host 10. configure logging facility local4 Send All Informational Messages to Syslog The following command sends all informational messages (priority 7) to facility local4 of the Syslog server.16.1.13 local3 10.C4 CMTS To display syslog configuration and utilization statistics: show logging syslog The sample output below reflects a C4 CMTS configured for four syslog servers: C4# show logging syslog Syslog: hosts (ip address facility): 10.0. Use the show log history detail command to find the ID number of a given event.12 local2 10.10. throttled=0.0.1. dropped=3 Configure Syslog Server to Existing Network This command configures the Syslog server to 10.16.

and to verify that the change was implemented: configure logging syslog 1 configure logging syslog 2 show logging syslog End of example 23-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Event Routing Example 1 Use the following series of commands as an example to route emergency (1) and alerts (2) messages to the Syslog server.23 Logging and the C4 CMTS overflowing. typically it is used to prevent the system from logging a particular low-priority event or problem that cannot be corrected right away.

1. this command will fail if the priorities are not first enabled for the local volatile log or local non-volatile logs. Configure SNMP Server to Existing Network This command configures the SNMP server to 10.1-I06-020830 DOCSIS® specification for more information. the C4 CMTS generates SNMP traps for any event with a priority level of critical (3). configure logging SNMP 7 This command generates SNMP traps for informational messages (event priority 7).1.2.16.16. Format and Content for Event. Eliminate SNMP Traps The following command eliminates trap generation for all event priorities: configure no logging SNMP Enabling Traps The following command enables DOCSIS®-defined traps according to the Object ID name. Release 4. By default. or notice (6).1 Restrictions and Defaults for SNMP Server Clear the priorities for SNMP (and Syslog) before clearing the priorities for local volatile and non-volatile servers. warning (5). Display SNMP Traps show logging SNMP This command shows the SNMP trap generation configuration and utilization statistics.C4 CMTS Generating Events and Traps Use the commands in this section to configure a SNMP server and to generate or eliminate SNMP traps. error (4).1 (this host IP address is meant as an example): configure snmp-server host 10. NOTE As noted previously. Standard ARRIS PROPRIETARY — All Rights Reserved 23-15 . SYSLOG and SNMP Traps” of the SP-OSSIv1.1 configure logging trap <trap type> 1. See “Appendix H.

BPKM trap dyn-sa . SCM# help configure logging trap init-reg-req-fail .Dynamic SA trap dcc-req-fail .DCC response failed trap dcc-ack-fail .Register response failed trap init-reg-ack-fail .Enable CM reset traps Figure 23-6: Help Configure Logging Trap Output Example Disable Logging Traps The following command turns off trap logging: configure no logging trap <trap type> SNMP Trap Examples The eight priority levels for traps are the same as the event message priorities.23 Logging and the C4 CMTS See the help example output below for the trap types available for this command.DCC request failed trap dcc-rsp-fail .Register acknowledgement failed trap dyn-serv-req-fail .Dynamic services request failed trap dyn-serv-rsp-fail . namely: 1 2 3 4 5 6 7 8 emergency alert critical error warning notice informational debug SNMP Trap Example 1 Use the following series of commands to enable emergency (1) and alerts (2) traps to the Syslog server: configure logging SNMP 1 configure logging SNMP 2 End of example 23-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .DCC ack failed trap cmreset .BPI init trap bpkm .Dynamic services ack failed trap bpi-init .Register request failed trap init-reg-rsp-fail .Dynamic services response failed trap dyn-serv-ack-fail .

alert (2). and error (4) to the local logs (both volatile and nonvolatile).C4 CMTS SNMP Trap Example 2 Use the following commands to disable generating traps for the priority levels emergency and alerts: configure no logging SNMP 1 configure no logging SNMP 2 End of example Routing Events to Local Volatile and Non-Volatile Logs This section contains commands used to route events to the local logs. the C4 CMTS routes any event with priority emergency (1). configure no logging local-volatile 6 NOTE This command will fail if the specified priority is not first disabled for Syslog and SNMP. Standard ARRIS PROPRIETARY — All Rights Reserved 23-17 . Before clearing the priorities for local volatile and non-volatile servers. Configure Local Logging Levels Disable All Local Logging Levels The following command sets events to report for priority level 4 configure logging local-volatile 4 The following command clears both the local volatile and local non-volatile logs. Local Log Restrictions and Defaults By default. See the sample error message that follows: Priority 6 must be disabled for syslog and SNMP before it can be disabled for local-volatile Error: Bad command SCM# Release 4. the priorities must first be cleared for Syslog and SNMP.2. In addition. configure logging local clear Disable Specific LocalVolatile Logging Level The following command clears priority level 4 event messages for the local volatile log. critical (3). the local volatile logs also receive events with the warning (5) and notice (6) priorities.

6(notice) Nonvolatile: notifications=793 priority=none SCM# Figure 23-7: Show Logging Local Output Example Managing the Local Logs This section contains examples to change the local log configuration parameters. 2(alert). 4(error). 5(warning). The following command changes the number of events maintained in the local logs (both volatile and non-volatile) to 100. 3(critical). no events are displayed on the console. issuing the following command once for each priority: configure logging console x 23-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . By default.23 Logging and the C4 CMTS Show Logging Configuration The following is an example of system output from the show logging local command: SCM# show logging local Local: size=10 Volatile: notifications=1489 priority=1(emergency). The system console display is the RS-232 port on the System Control Module. C4 CMTS events may be displayed on the system console. the C4 CMTS maintains the 10 most recent event types in the local volatile log. configure logging local-volatile size 100 By default. There is a limit of one console session per C4 CMTS. 1 Display the system console configuration and utilization statistics: show logging console 2 Display additional event priorities on the console. Displaying Events on the System Console If desired. in sequence to properly route messages to the console and then return the console to its initial configuration. Procedure 23-1 How to Route Events to the Console Perform the following steps.

2 Disable delivery of all notifications to a specific destination: config no logging monitor End of procedure Displaying Debug Messages on the Monitor Example For example. Procedure 23-2 How to Route Events to the Monitor Use this procedure to send output to the screen of a telnet session. Standard ARRIS PROPRIETARY — All Rights Reserved 23-19 . to display all debug messages to the telnet window from which the command is entered: # config logging monitor 8 Where 8 is the debug priority level. 3 Eliminate the display of all event priorities on the system console: configure no logging console End of procedure Routing Events to the Monitor The monitor routes messages to the TCP/IP socket which is attached to a telnet session.C4 CMTS Where x is an event priority value (1-8). 1 Send output to the monitor of a telnet session: config logging monitor x Where x is an event priority value (1-8) The output will continue to be routed to the telnet session until either the logging to the monitor is disabled or the telnet session is disconnected. End of example Release 4.2.

the history maintains the 512 most recent events. which is reserved for ARRIS Tech Support. all events that have a priority enabled for at least one destination are stored in the logging history. to route all debug messages to the history log. Restrictions and Defaults for the History Log The logging history is a circular buffer that stores the last 512 events that are delivered to any destination. local log. End of Example 23-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . For debug priority (8). SNMP. the events are stored in the logging history only if they are enabled using the config logging debug command. 3 (If desired) Clear the logging history: clear logging history End of procedure Route Debug Messages to the History Log Example For example. or the console to a RAM-based history. enter the following command: # config logging history 8 Where 8 is the debug priority level. By default.23 Logging and the C4 CMTS Routing Events to the History Log The C4 CMTS routes any event whose priority has been configured for Syslog. With the exception of the debug priority (8). Procedure 23-3 How to Configure the History Log 1 Display the history size and dump the contents of the logging history: show logging history 2 Change the number of events maintained in the RAM history: configure logging history size x Where x is the number of events.

If enabled and used improperly.2. page 12-16. packets received on: • • • • Non-multicast interfaces Interfaces with mismatched destination IPs or subnets Inactive interfaces Interfaces without masks NOTE For more information. Release 4. For example. the user could flood the system with event messages. Standard ARRIS PROPRIETARY — All Rights Reserved 23-21 . This flood of messages could impair CPU performance. see Configuring for OSPF.C4 CMTS Logging OSPF Event Messages CAUTION Logging of debug messages should be enabled only with assistance from ARRIS Technical Support. OSPF event log messages can help to identify misconfigurations or routing inconsistencies.

23 Logging and the C4 CMTS 23-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

and any non-compliant settings were adjusted according to DOCSIS® recommendations and plant conditions. This guide assumes that a thorough check of the entire network was performed as specified in the previous chapter. a fault condition is first identified at the network level. Each module has multiple interfaces and may support thousands of cable modems. Each CMTS has multiple modules. Diagnostic procedures are necessary because of the quantity and geographic dispersion of repairable and replaceable components within the network. the appropriate remedy procedures can be selected and executed to restore the component.C4 CMTS 24. Standard ARRIS PROPRIETARY — All Rights Reserved 24-1 . A CMTS fault can be categorized as a problem in one of the following areas: • • • • Hardware Software Provisioning Capacity overload. Fault Categories A cable data network is typically composed of multiple CMTS nodes. Release 4. node.2. Diagnostics This chapter provides an overview of diagnostic procedures for the C4 CMTS. then traced to a network element. During system troubleshooting. Diagnostic procedures are performed in order to isolate and categorize the fault. Once categorized. or network to its normal operational state. and finally associated with a repairable component within that element.

and Provisioning (OAM&P) operation.24 Diagnostics Diagnostic User Interfaces The C4 CMTS provides two user interfaces for on-demand diagnostics: Command Line Interface (CLI) and SNMP interface. Logging and the C4 CMTS. • • The CLI provides a diagnostic command for the CAM. If the command is initiated from the CLI. diagnostics may be initiated only after the module is taken out of service. Diagnostics are thus service and state affecting. Diagnostic Software Diagnostic software includes a maintenance controller. the user interface. OAM&P software. and NAM modules in the C4 CMTS chassis. NOTE This guide focuses on CLI-based diagnostics. Traps are also logged. for complete logging information and procedures. Administration. 24-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . the results are also sent to the same terminal display associated with that CLI session. The OAM&P software is responsible for Operations. The driver software runs low-level diagnostic routines by accessing the hardware. Maintenance. FCM. Through the CLI. • • • The maintenance controller governs the state of the modules. and driver software. NOTE See chapter 23. and syntactic checking of diagnostic commands. The SNMP interface allows for basic diagnostics specified in CADANTCMTS-EQUIPMENT-MIB. A SNMP trap is generated upon completion of any diagnostic test supported by SNMP. Diagnostic Logging All diagnostic commands and results are logged to the system log automatically at the informational level.

Figure 24-1: C4 CMTS Diagnostic Software Running Diagnostics The following characteristics apply to running diagnostics on the C4 CMTS: • • • Module level diagnostics should be performed whenever a module is restored after a failure. but powered-up. Figure 24-1 conceptually represents these diagnostic layers. then the power converters on all client modules are shut off. Standard ARRIS PROPRIETARY — All Rights Reserved 24-3 . Diagnostics can only be run manually. The SCM provides the ON/OFF power control for all client modules in the C4 CMTS. replaced.2. The traceroute and ping commands support an extended format where the source IP address can be changed as well as other parameters for the given commands. and Ping Telnet is a standard client service to provide access from the C4 CMTS to other network devices. on modules that are taken out of service. Maintenance Controller OAM&P Software N A M Maintenance Controller OAM&P Software Driver Software SCM k Lin FCM* Link C A M Maintenance Controller OAM&P Software Driver Software *The FCM must be active to run diagnostics on the CAM and NAM. Traceroute. If the simplex SCM is removed. The FCM must be active to run diagnostics on the CAM and NAM. or repaired modules or to test suspected faulty modules.C4 CMTS CAUTION Removing the SCM in a simplex configuration (one SCM and one FCM) shuts down the C4 CMTS. DNS support allows the field technician to use these services using network names instead of IP addresses. or when requested by support personnel. Traceroute and ping commands are used for debugging network paths and configurations. Domain Name System (DNS) Support for Telnet. Release 4. Use the following procedure to verify new. The extended format prompts for each setting.

show ip domain-query <hostname> Performs a DNS query on a hostname. and DNS lookup via the MIB is not supported. 1 To restore the CAM in slot 5 into service.24 Diagnostics Table 24-1: CLI Commands for Configuring and Showing Domain Names Command configure ip domain-lookup Enables the IP DNS-based host name-to-address translation. show ip domain-invquery <ip_address> Performs an inverse DNS query on an IP address. Traceroute supports the printing of IP addresses but not names. configure ip domain-name Defines a default domain name that can be used to complete unqualified host names (names without a dotted-decimal domain name). show ip domain-lookup Displays all settings for IP DNS-based host name-to-address translation. Purpose NOTE Shell escape for telnet is not supported. the C4 CMTS ignores the default domain name entered with the ip domain-name command. The extended ping feature does not yet support DOCSIS ping. traceroute. Procedure 24-1 How to Restore Modules into Service Enter all commands from the SCM prompt. configure ip name-server <server-address> Specifies the address of one or more name servers to use for name and address resolution configure ip domain-list Defines a list of default domain names to complete unqualified host names. enter the following command: configure interface cable 5 no shutdown The system response should be: Card in slot 5 has been restored 24-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . When a domain-list exists. Ping.

Standard ARRIS PROPRIETARY — All Rights Reserved 24-5 . You must first shutdown that module: configure interface cable <slot> shutdown To run all diagnostics for a given slot: configure diag <slot> Consult with an ARRIS support representative for more information regarding diagnostics. Release 4.C4 CMTS SCM# s19: Slot 5: Card exit Diagnostic mode 2 To restore the FCM in slot 17 into service: configure interface fabric 17 no shutdown 3 To restore the NAM in slot 13 into service: configure interface fastethernet 13/0 no shutdown 4 To restore the GigE NAM in slot 14 into service: configure interface gigabitethernet 14/1 no shutdown 5 Verify that the modules in the designated slots were restored: show linecard status End of procedure Diagnostic Variations The simplest diagnostic mode is to run all diagnostics for a given slot.2.

1D. 1FE) Up IS FCM Up IS FCM Up IS SCM Up IS SCM Up IS Duplex State Standby Active Active Simplex Simplex Simplex Simplex Active Standby Active Standby Serial Number 02421CBD0022 3163100266 02161CBD0017 04111CMD0012 03031CBD0053 02201CBG0014 03081CBG0030 03041CBR0026 02381CBR0005 02341CBM0041 02421CBM0022 HW Version Prov/Det Type CAM-01081N/J04 CAM/CAM 8400002G01/G06 CAM/CAM 8400002G01/G06 CAM/CAM CAM-01122W/E06 CAM/CAM CAM-01081N/L04 CAM/CAM GNAM-GB010W/B13 NAM/NAM GNAM-GB010W/D04 NAM/NAM FCM-30640W/E06 FCM/FCM FCM-30640W/E06 FCM/FCM SCM-00440W/G05 SCM/SCM SCM-00440W/G05 SCM/SCM configure interface cable 0 shutdown Card in slot 0 has been shutdown configure diag 0 Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: Resetting card to enter Diagnostic mode Please wait while card is being reset Please wait while card is being reset Please wait while card is being reset Please wait while card is being reset Reset completed. Card is in diagnostic mode. 8U) Up IS CAM (IU. 1D. 1FE) Up IS NAM (1GE.MEMORY POCO Passed Test #8 . show linecard status Slot Description 0 1 2 8 10 14 16 17 18 19 20 Admin Oper State State CAM (IU. 8U) Up IS CAM (IU. 1D.FUNCTION PCI Passed Test #2 . 8U) Up IS CAM (2D.24 Diagnostics CLI Output for Diagnostics The following commands and output provide examples of C4 CMTS diagnostics for various modules. 8U) Up IS NAM (1GE.REGISTER LOCO Passed Test #6 .MEMORY LOCO Passed Test #4 .PARITY LOCO Passed Test #5 .PARITY POCO Passed Test #9 . 12U) Up IS CAM (1D.FUNCTION I2C Passed diagnostic test CARD in progress diagnostic test CARD in progress Test #3 . Test #1 .LOOPBACK LOCO_IPC Passed Test #7 .REGISTER POCO Passed 24-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Standard ARRIS PROPRIETARY — All Rights Reserved 24-7 . status = Passed configure interface cable 0 no shutdown Card in slot 0 has been restored C4_CMTS# Slot 0: Card exit Diagnostic mode configure interface cable 8 shutdown Card in slot 8 has been shutdown configure diag 8 Slot Slot Slot Slot Slot 8: 8: 8: 8: 8: Resetting card to Please wait while Please wait while Please wait while Please wait while enter Diagnostic mode card is being reset card is being reset card is being reset card is being reset Release 4.2.C4 CMTS Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: 0: Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test Test #10 #11 #12 #13 #14 #15 #16 #17 #18 #19 #20 #21 #22 #23 #24 #25 #26 #27 #28 #29 #30 #31 #32 #33 #34 - LOOPBACK POCO_MAC Passed MEMORY BCM3210 Passed REGISTER BCM3210 Passed REGISTER BCM3137 0 Passed FUNCTION BCM3137 0 NotRun REGISTER BCM3137 1 Passed FUNCTION BCM3137 1 NotRun REGISTER BCM3137 2 Passed FUNCTION BCM3137 2 NotRun REGISTER BCM3137 3 Passed FUNCTION BCM3137 3 NotRun REGISTER BCM3137 4 Passed FUNCTION BCM3137 4 NotRun REGISTER BCM3137 5 Passed FUNCTION BCM3137 5 NotRun REGISTER BCM3137 6 Passed FUNCTION BCM3137 6 NotRun REGISTER BCM3137 7 Passed FUNCTION BCM3137 7 NotRun REGISTER BCM3033 Passed REGISTER DEC21143 Passed FUNCTION DEC21143 Passed MEMORY EEPROM 0 Passed MEMORY EEPROM 1 Passed MEMORY EEPROM 2 Passed Slot 0: Diagnostic test CARD completed.

PARITY LOCOFOCO SRAME NotRun Test #11 .MEMORY NSECAM IPCAM Passed Test #14 .FUNCTION I2C Passed Test #3 .REGISTER NSECAM Passed Test #13 .24 Diagnostics Slot 8: Reset completed.MEMORY LOCOFOCO SRAME Passed Test #8 .MEMORY NSECAM IPFILTER Passed Test #16 .REGISTER LOCOFOCO Passed Test #12 .MEMORY LOCOFOCO SRAMA Passed Test #4 .MEMORY LOCOFOCO SRAMB Passed diagnostic test CARD in progress diagnostic test CARD in progress Test #5 .MEMORY LOCOFOCO SRAMD Passed Test #7 . Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: Test #1 .PARITY LOCOFOCO SRAMB Passed Test #10 .MEMORY LOCOFOCO SRAMC Passed diagnostic test CARD in progress Test #6 .PARITY LOCOFOCO SRAMA Passed Test #9 .REGISTER SNIFFER Passed diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress diagnostic test CARD in progress 24-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .MEMORY NSECAM MACCAM Passed Test #15 . Card is in diagnostic mode.FUNCTION PCI Passed Test #2 .

status = Passed configure interface cable 8 no shutdown Card in slot 8 has been restored Release 4.2. Standard ARRIS PROPRIETARY — All Rights Reserved 24-9 .C4 CMTS Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: 8: diagnostic diagnostic diagnostic Test #17 Test #18 Test #19 diagnostic diagnostic diagnostic diagnostic diagnostic Test #20 Test #21 diagnostic diagnostic diagnostic diagnostic diagnostic Test #22 Test #23 Test #24 Test #25 Test #26 Test #27 Test #28 Test #29 Test #30 Test #31 Test #32 Test #33 Test #34 Test #35 Test #36 Test #37 Test #38 Test #39 Test #40 Diagnostic test CARD in progress test CARD in progress test CARD in progress MEMORY SNIFFER Passed REGISTER MUSS 0 Passed REGISTER MUSS 1 Passed test CARD in progress test CARD in progress test CARD in progress test CARD in progress test CARD in progress MEMORY BCM3214 0 Passed REGISTER BCM3214 0 Passed test CARD in progress test CARD in progress test CARD in progress test CARD in progress test CARD in progress MEMORY BCM3214 1 Passed REGISTER BCM3214 1 Passed REGISTER BCM3140 0 Passed REGISTER BCM3140 1 Passed REGISTER BCM3140 2 Passed REGISTER BCM3140 3 Passed REGISTER BCM3140 4 Passed REGISTER BCM3140 5 Passed REGISTER BCM3140 6 Passed REGISTER BCM3140 7 Passed REGISTER BCM3140 8 Passed REGISTER BCM3140 9 Passed REGISTER BCM3140 10 Passed REGISTER BCM3140 11 Passed REGISTER BCM3040 0 Passed REGISTER BCM3040 1 Passed MEMORY EEPROM 0 Passed MEMORY EEPROM 1 Passed MEMORY EEPROM 2 Passed test CARD completed.

24 Diagnostics C4_CMTS# Slot 8: Card exit Diagnostic mode show linecard status (System response should confirm that slot 8 (2Dx12U) is back in service.REGISTER FASTE 1 Passed Test #5 .REGISTER FASTE 3 Passed Test #9 .REGISTER LAN_CNTRL 0 Passed Slot 14: Diagnostic test CARD completed.MEMORY FASTE 3 1 0 7FFF Passed Test #8 .REGISTER FASTE 0 Passed Test #3 .MEMORY FASTE 0 1 0 7FFF Passed Test #2 .MEMORY FASTE 2 1 0 7FFF Passed Test #6 .) (If slot 14 is a GigE NAM. status = Passed C4_CMTS# configure interface fastEthernet 14 no shutdown Card in slot 14 has been restored C4_CMTS# Slot 14: Card exit Diagnostic mode show linecard status (System response should confirm that slot 14 (FastEthernet NAM) is back in service.REGISTER MAC_CNTRL 2 Passed Test #12 .REGISTER MAC_CNTRL 0 Passed Test #10 . the following sample response would appear. Test #1 .REGISTER MAC_CNTRL 1 Passed Test #11 .REGISTER FASTE 2 Passed Test #7 .MEMORY FASTE 1 1 0 7FFF Passed Test #4 . Card is in diagnostic mode.) C4_CMTS# configure interface gigabitEthernet 14 shutdown 24-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .REGISTER MAC_CNTRL 3 Passed Test #13 .) C4_CMTS# configure interface fastEthernet 14 shutdown Card in slot 14 has been shutdown C4_CMTS# configure diag 14 Slot 14: C4_CMTS# Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Slot 14: Resetting card to enter Diagnostic mode Slot 14: Please wait while card is being reset Please wait while card is being reset Reset completed.

Card is in diagnostic mode. status = Passed Diagnostics for the FCM c4# configure interface cable fabric 18 shutdown c4# confiog gure diag 18 Slot 18: Resetting card to enter Diagnostic mode Slot 18: Please wait while card is being reset Slot 18: Please wait while card is being reset Slot 18: Please wait while card is being reset Slot 18: Please wait while card is being reset Release 4.REGISTER LSI8101 Passed Test #11 . Test #1 .FUNCTION I2C Passed Test #3 .2.C4 CMTS Card in slot 14 has been shutdown C4_CMTS# configure diag 14 gigabitEthernet 14 shutdown Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot Slot 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: 14: Resetting card to enter Diagnostic mode Please wait while card is being reset Please wait while card is being reset Please wait while card is being reset Reset completed.REGISTER IXF440 Passed Test #12 .FUNCTION IPCAM Passed Test #10 .REGISTER GMEL Passed diagnostic test CARD in progress diagnostic test CARD in progress Test #9 .FUNCTION PCI Passed Test #2 .FUNCTION DEC21143 Passed Test #15 . Standard ARRIS PROPRIETARY — All Rights Reserved 24-11 .REGISTER ALIS Passed Test #5 .MEMORY EEPROM 2 Passed Slot 14: Diagnostic test CARD completed.MEMORY EEPROM 1 Passed Test #17 .REGISTER BCM5222 Passed Test #13 .MEMORY EEPROM 0 Passed Test #16 .MEMORY GMEL Passed Test #8 .REGISTER DEC21143 Passed Test #14 .MEMORY GFLO Passed Test #6 .REGISTER GFLO Passed diagnostic test CARD in progress diagnostic test CARD in progress Test #7 .MEMORY ALIS Passed Test #4 .

MEMORY WRR Passed Slot 18: Test #8 .MEMORY CIDR Passed Slot 18: Test #14 . status = Passed Figure 24-2: CLI Output for Diagnostics 24-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .REGISTER LLO Passed Slot 18: Test #11 .REGISTER IPCAM Passed Slot 18: Test #17 .REGISTER DEC21143 NotRun Slot 18: Test #18 .REGISTER WRR Passed Slot 18: Test #9 .FUNCTION PCI Passed Slot 18: Test #2 .MEMORY IPCAM Passed Slot 18: Test #16 .REGISTER MERLIN 0 Passed Slot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress Slot 18: Test #5 .MEMORY EEPROM 0 Passed Slot 18: Test #20 .FUNCTION I2C Passed Slot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress Slot 18: Test #3 .24 Diagnostics Slot 18: Please wait while card is being reset Slot 18: Reset completed.MEMORY MERLIN 0 Passed Slot 18: Test #4 .MEMORY MERLIN 1 Passed Slot 18: Test #6 .MEMORY EEPROM 1 Passed Slot 18: Diagnostic test CARD completed.MEMORY LLO Passed Slot 18: Test #10 . Card is in diagnostic mode.MEMORY FARO Passed Slot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress SlSlot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress Slot 18: Test #13 .REGISTER MERLIN 1 Passed Slot 18: Test #7 .REGISTER CIDR Passed Slot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress SlSlot 18: diagnostic test CARD in progress Slot 18: Test #15 .MEMORY CZAR Passed Slot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress Slot 18: diagnostic test CARD in progress Slot 18: Test #12 . Slot 18: Test #1 .FUNCTION DEC21143 NotRun Slot 18: Test #19 .

the log excerpt below is for a CAM diagnostic test.SM self-destructed before data aquisition completed • • • 02:45:25 19 notc: CLI command:c4:10.CardNumber:14.. size=512 show history filters: terse format Time Sl Pri Text. 0 . Standard ARRIS PROPRIETARY — All Rights Reserved 24-13 .43..SM self-destructed before data aquisition completed 03:37:56 01 info: MAC=ff:ff:ff:ff:ff:ff. For example.Port Type=eport1000BaseT.CardType=ecard.Card Primary State=oos Figure 24-3: Show Logging History Output Example (partial) Release 4.Card Subtype=ecard1gig.Shelf Number:0.Port Secondary State=manual 02:45:26 19 notc: PORT Secondary State Change: Trap Severity=warning.SM self-destructed before data aquisition completed 03:38:03 01 info: MAC=ff:ff:ff:ff:ff:ff.Shelf Number:0. 02:40:07 20 notc: SystemMtceCard::resetCard(): Resetting cardNumber 14: resetType=1: recoveryCnt=0 02:45:26 19 notc: PORT Primary State Change: Trap Severity=major.Time spend in busy state 675 02:45:25 19 notc: DMS: Mib card cleanup complete for slot 14.---.backpressure_port_parity = [0x1fc00c].Port Type=eport100BaseT.C4 CMTS Logging The history log contains a synopsis of diagnostic activity. SM::receiveMacInfo() .Shelf Number:0. SM::receiveMacInfo() .backpressure_port_parity = [0x1fc00c].-.Port Primary State=oos 02:45:26 19 erro: Link Down : Index(0x000f0408) : Admin(up) : Oper(down) 02:45:26 19 notc: PORT Secondary State Change: Trap Severity=warning.portMask 0x1e0000 02:38:57 18 notc: Back Pressure Par: LLO00 .CardNumber:14.Port Secondary State=manual 02:45:26 19 notc: Card Primary State Change: Trap Severity=major.SM self-destructed before data aquisition completed 03:38:00 01 info: MAC=ff:ff:ff:ff:ff:ff. port_ingress_enable = [0x603ffff3] 02:41:11 17 notc: Switch::routeRemotePortsFailed() .4.SM self-destructed before data aquisition completed 03:31:41 10 notc: CardMtceFunction::Read Card Temperature Sensor Failed -2.No Sensor 03:38:23 01 info: MAC=ff:ff:ff:ff:ff:ff.Port Number=0. SCM# show logging history History: notifications=512.CardNumber:14. SM::receiveMacInfo() . -------.CardNumber:14.14: basicMtceState=OUT_OF_SERVICE 02:45:25 19 notc: DMS: Mib card cleanup starting for slot 14.SM self-destructed before data aquisition completed 03:37:59 01 info: MAC=ff:ff:ff:ff:ff:ff.47:configure interface gigabitEthernet 14 shutdown 02:41:11 17 notc: Back Pressure Par: LLO00 .Port Number=0.Port Number=1. SM::receiveMacInfo() . 02:45:25 19 info: GarbageCollector::garbageCollectionCompleted for card 15 02:45:25 19 info: GarbageCollector . SM::receiveMacInfo() .------03:37:37 01 info: MAC=ff:ff:ff:ff:ff:ff.2.Port Type=eport100BaseT.Shelf Number:0. port_ingress_enable = [0x603ffff3] 02:45:25 19 notc: SystemMtceCard::resetCard(): Resetting cardNumber 14: resetType=1: recoveryCnt=0 02:45:25 19 notc: SystemMtce::notifyCardStateChange(): SystemMtceCard. SM::receiveMacInfo() .

PARITY POCO Failed s19: s19: -----------------------------s19: Generating Function: PocoDiag::checkSDRAMparity s19: Test ID : 0 s19: Result : Failed s19: Result Note : SDRAM parity error not raised s19: Total Iterations : 0 s19: Iterations Passed : 0 s19: Iterations Failed : 0 s19: Expected Result : 00002000 s19: Actual Result : 00000000 s19: Fault Address : 00000000 s19: -----------------------------s19: s19: Slot 5: Diagnostic test CARD completed.24 Diagnostics Diagnostic Failures When a module fails diagnostics. status = Failed Figure 24-4: Example of System Output for a Module that Failed Diagnostics Diagnostic Failure Recovery When a diagnostic test fails. for a full description of BPI+ functionality and troubleshooting methods. an error report is printed to the CLI console and to the log. Baseline Privacy Plus Troubleshooting 24-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . it indicates a serious hardware fault and that the module cannot provide reliable service. If a modem issue involving BPI+ cannot be resolved. See chapter 17. resolution may require input from software development. Baseline Privacy Interface (BPI). These error reports are similar to the following example: s19: Slot 5: Test #6 . The failed module should be removed from the system and returned to the factory for repair.

The CLI is a straightforward command interface in which commands are typed on a single line and executed by pressing the Enter key. The CLI provides command help. command completion. display. and other system entities.C4 CMTS 25. and remove hardware modules.2. users. Standard ARRIS PROPRIETARY — All Rights Reserved 25-1 . manage. CLI Overview Topics Access Levels and Modes CLI Syntax Conventions Keyboard Shortcuts CLI Command Features CLI Filtering Page 2 5 6 7 15 The Command Line Interface (CLI) is the interface to the software used to provide users with administrative control of the C4 CMTS after hardware installation is complete — whether from the console or through a remote network connection. CLI enables system operators to enter commands to add. networks. Release 4. and keyboard sequences that enable a user to navigate a command line and scroll through a buffer that contains recently entered commands.

User EXEC Users first logging in to the C4 CMTS are assigned non-privileged status. 25-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . the tail of the prompt changes to a pound sign (#). you can enter commands that configure general system characteristics. If the password is accepted. The first set of commands is available to all users including those with non-privileged access.25 CLI Overview Access Levels and Modes The C4 CMTS CLI supports two access levels: User EXEC and Privileged EXEC. the ones that display non-privileged information. To become a privileged user enter the enable command. Most of these commands are used to show system status. Table 25-1 lists some of the command modes and some of the commands needed to change from one mode to another. The command line prompt will be the machine name followed by a greaterthan sign (>). They are grouped into different functional modes. You can also use global configuration mode to enter specific configuration modes (refer to Table 25-1). These commands are more powerful and can be used to reconfigure the system or to adjust system performance. This command reference manual lists the CLI commands in straight alphabetical order. You are permitted three unsuccessful attempts to enter a password before the connection attempt is refused. Normally. Only a subset of the CLI commands. In this mode. They are available when the C4 CMTS is in User EXEC mode or any other mode. are permitted. you must enter a password to enter Privileged EXEC mode. Privileged EXEC From Privileged EXEC mode. The other modes are available only to users with privileged access. CLI Command Modes The C4 CMTS supports hundreds of CLI commands. you may access global configuration mode. You are not able to enter commands to change configuration or display privileged information until you become a privileged user.

(From global configuration mode) set configuration crypto ipsec transform-set <name> Key chain configuration Router OSPF configuration Router RIP configuration (From global configuration mode) key chain <chain_name> (From global configuration mode) router ospf (From global configuration mode) router rip Release 4.C4 CMTS Table 25-1: How to Enter the Various Command Modes Mode User EXEC Privileged EXEC Global configuration Cable interface configuration Ethernet interface configuration Fabric interface configuration Fast Ethernet interface configuration Gigabit Ethernet interface configuration Loopback interface configuration Null interface configuration System controller interface configuration To enter this mode.2. Standard ARRIS PROPRIETARY — All Rights Reserved 25-3 . type … <login> + <password> enable + <password> (From Privileged EXEC mode) configure (From global configuration mode) interface cable <slot>/<downstream port> (From global configuration mode) interface ethernet <slot>/<port> (From global configuration mode) interface fabric <slot> (From global configuration mode) interface fastEthernet <slot>/<port> (From global configuration mode) interface gigabitEthernet <slot> (From global configuration mode) interface loopback <slot> (From global configuration mode) interface null <slot> (From global configuration mode) interface system-controller <slot> Resultant Prompt C4> C4# C4<config># C4<config-cable># C4<config-ether># C4<config-fabric># C4<config-fastE># C4<config-gigE># C4<config-loop># C4<config-null># C4<config-system># C4<cfg-crypto-tran># C4<config-keychain># C4<config-router-ospf># C4<config-router-rip># Crypto IPSEC Transform.

25-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .. Global configuration mode. Privileged EXEC mode. Privileged EXEC mode. Table 25-2: How to Exit from the Command Modes To exit from this mode … User EXEC Privileged EXEC Global configuration Cable interface configuration Ethernet interface configuration Fabric interface configuration Fast Ethernet interface configuration Gigabit Ethernet interface configuration Loopback interface configuration Null interface configuration System Controller interface configuration Crypto IPSEC Transform-set configuration Key chain configuration Router OSPF configuration Router RIP configuration logout disable (Choose one) exit | quit | Ctrl-Z <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> <exit | quit> <exit all> | <Ctrl-Z> Type… Result: user returns to. Global configuration mode. Privileged EXEC mode. Privileged EXEC mode. Global configuration mode. Global configuration mode. Global configuration mode. Privileged EXEC mode. Privileged EXEC mode. Global configuration mode. Global configuration mode. Global configuration mode. Privileged EXEC mode. Privileged EXEC mode. Global configuration mode. Privileged EXEC mode. Global configuration mode. Global configuration mode. Privileged EXEC mode. User is logged off C4 CMTS User EXEC mode. Privileged EXEC mode.. Privileged EXEC mode.25 CLI Overview Table 25-2 lists the command modes and the commands used to exit from them. Privileged EXEC mode. Global configuration mode.

The CLI commands in this chapter use the syntax conventions described in the following table: Table 25-3: Conventions for Representing Command Syntax CLI Syntax <. Braces enclose two or more entry choices. The notations are for documentation purposes only.. They must be separated by a slash. Brackets enclose optional entries—they may be included or excluded. A vertical bar (the “pipe” symbol) separates entries within brackets or braces.] {. You may select only one from the key list: [first | second | third] Case Commands are not case sensitive... CLI Syntax Conventions ARRIS documentation uses certain conventions to show the syntax of commands. check the system prompt and enter the question mark (?) for a list of available commands.C4 CMTS NOTE If you have trouble entering a command.2.. Values are required for both the slot and port. | Release 4.> <slot/port> [. they are not input by the user. one and only one choice should be entered in the command. These notations are not part of the command itself but indicate command entry options. Script files You can create a script file—a text file containing CLI commands—to simplify repetitive tasks.. Braces and a vertical line within brackets indicate a required choice within an optional entry.. Wherever an IP address is required. You might be in the wrong command mode or using incorrect syntax.} [word {a | b}] Description Angle brackets indicate a required value or parameter which is position-dependent and does not have keywords. Standard ARRIS PROPRIETARY — All Rights Reserved 25-5 . you can enter a IP addresses and host name provided you have configured a DNS server or put the name and address into the DNS Local Host host names Table.

Table 25-4: CLI Editing Shortcuts Keystroke(s) Backspace Delete Enter Tab Space (Right arrow) (Left arrow) Result Deletes one character to left of cursor (back) Deletes the current character Executes command Completes command entry Completes command entry Move the cursor forward one character Move the cursor back one character Scrolls backward through all commands in the history buffer starting with the most recent. Repeat keystroke to recall successively older commands. You can also use keyboard sequences to scroll through a list of recently executed commands.3333 a0b1.255. Repeat keystroke to recall successively more recent commands. They are NOT available from a serial connection.e4f5 a0b1c2d3e4f5 a0:b1:c2:d3:e4:f5 The IP address format consists of 32 bits usually written in dotted decimal form: 255. Scrolls forward through all commands in the history buffer after recalling commands with the up arrow key.255. which must be entered in standard form.255.c2d3.2222. The CLI displays MAC addresses in the following formats: 1111. These shortcuts are available in a telnet session (LAN connection) only.25 CLI Overview Designating MAC addresses and IP addresses Some commands require a Media Access Control (MAC) address or Internet Protocol (IP) address. (Up arrow) (Down arrow) 25-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . you can use keyboard sequences to navigate and edit a command line. Keyboard Shortcuts In the CLI. The maximum value of each of the four groups of three digits is 255. The following table lists the lineediting keys that are available in the CLI.

and other general features. (Note: you must first scroll backwards using the <CTRL> + P command before this using this command.) Scrolls backward through the list of recently executed commands Transposes the character left of the cursor with the one to the right. Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 25-7 . Deletes all characters on line to left of cursor position Deletes word directly before cursor Enters command and then returns to root prompt <Ctrl> + N <Ctrl> + P <Ctrl> + T <Ctrl> + U <Ctrl> + W <Ctrl> + Z CLI Command Features CLI features several built in enhancements that make it easier to use. setting alias commands.2. abbreviations. filtering.C4 CMTS Table 25-4: CLI Editing Shortcuts (Continued) Keystroke(s) <Esc> + B <Esc> + C <Esc> + D <Esc> + F <Esc> + L <Ctrl> + A <Ctrl> + B <Ctrl> + C <Ctrl> + D <Ctrl> + E <Ctrl> + F <Ctrl> + K Result Move the cursor back one word Converts the rest of the word to uppercase Deletes the remainder of the word Moves forward one word Converts the rest of the word to lowercase Move the cursor to beginning of the command line Move the cursor back one space Aborts current line (aborts a command if running) Deletes the character at the cursor Move the cursor to the end of the command line Move the cursor forward one character Deletes all characters from cursor position to the end of the command line Scrolls forward through the list of recently executed commands. These include help.

Do not include a space. the letters that you typed are redisplayed. The question mark will not invalidate the command. enables the CLI to list the possible command completions that match the letters you have entered so far. keyword or an argument. Entering the question mark (?) in the middle of a command name. the space (or lack of a space) before the question mark (?) is significant. use any of the following commands: Table 25-5: Command Help Command C4# help C4# ? C4# abbreviated-commandentry? C4# abbreviated-commandentry <space> C4# abbreviated-commandentry <Tab> C4# command? C4# command option? Result Lists all commands appropriate to the command mode Lists all commands appropriate to the command mode Lists commands in the current mode that begin with a particular character string. type in those characters followed immediately by the question mark (?). The Help feature is general or positional. When using context-sensitive help. type it without losing your place in the argument. Leave a space between the keyword and the question mark. Completes a partial command name Completes a partial command name Lists the available command and options Lists the next available syntax option for the command Entering the question mark (?) after entering the complete name of a command or command option. command name. 25-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . To obtain a list of commands that begin with a particular character sequence. Use of Question Mark (?) Entering the question mark (?) at the command line prompt will display a list of the available commands. will enable the CLI to list the available commands and options.25 CLI Overview CLI Help Feature Command completion and positional help are two features that serve as memory joggers for users who can’t remember the entire command string or parameter placement. To get specific help on a command mode. When you find the value you need.

if you enter a space and then a question mark (?) followed by the enter key.Set voice data limits <cr> Example 2 While in interactive mode. type help at the prompt.Downstream and upstream parameter configuration description . a list of commands along with the available show commands will display as shown below.Restrict proxy ARP to CPE's behind different CM's shutdown . question mark (?) followed by the enter key.Static join a multicast group on this port ip .2.Restore the CAM interface restricted-proxy-arp .Commands for subscriber management voice-limits . enter a space.Enable proxy ARP for this cable interface restore . Example 1 C4(config)# interface cable 5/0 Entering cable interface configuration mode for slot 5 MAC port 0 C4(config-cable)# help authorization-module . Standard ARRIS PROPRIETARY — All Rights Reserved 25-9 .C4 CMTS Interactive Mode help Use of the help and ? mark in interactive mode have been enhanced.Interface specific description igmp .Shutdown both the MAC and Downstream for the interface spare-group .Configure a CAM sparing group subscriber .IP address of Cable Interface proxy-arp . To list the options available for a specific command.Modify authorization module values cable . Modify authorization module values Downstream and upstream parameter configuration Clear the terminal screen Interface specific description Turn on echo/Print text to terminal Exit all submenus Exit intermediate mode Show command help Display the command history Static join a multicast group on this port IP address of Cable Interface Log off this system Enable proxy ARP for this cable interface C4(config-cable)# ? authorization-module cable cls description echo end exit help history igmp ip logout proxy-arp Release 4. To see all the enhanced options. The behavior differences are shown in the two examples below.

the ^ symbol in the following output shows the point at which the error occurred in the command (e. the system will complete the command name. If you enter a set of characters that could indicate more than one command. If you enter a unique set of characters and press the <Tab> key or <Space Bar>. After entering the command at the system prompt. you can abbreviate the configure command to config.25 CLI Overview quit restore restricted-proxy-arp show shutdown spare-group subscriber voice-limits <cr> - Exit intermediate mode Restore the CAM interface Restrict proxy ARP to CPE's behind different CM's Show running system information Shutdown both the MAC and Downstream for the interface Configure a CAM sparing group Commands for subscriber management Set voice data limits Use of Carriage Return <CR> The <CR> (carriage return symbol) at the end of command help output indicates that you have the option to press Enter to complete the command and that the arguments and keywords in the list preceding the <CR> symbol are optional. clock is misspelled): C4-# configure clokc ^ Error: Invalid parameter Command Completion Command completion for command names and options is available at each level of the hierarchy. The ^ symbol appears at the point in the command string where the user has entered incorrect or unrecognized command syntax. For example. the system will respond with the list of possible matches as shown in the following example: C4# configure cable mo modem modulation-profile 25-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . If there is a mandatory parameter that needs to be entered. There are several options you can use to complete commands. For example. a caret symbol (^). Error Indicator The CLI provides error isolation in the form of an error indicator. press <Enter> to execute the command. You can abbreviate commands or keywords: enter only as many characters of the keyword as needed to keep it unambiguous. no <CR> will appear.g.

for example. By default. The system will complete the command name. Configuring Passwords and Privileges A simple way of providing terminal access control in your network is by using passwords and assigning privilege levels. By configuring the privilege level. for example.2. If you select level 7. then levels 0-7 are all required to use the password to access privileged commands. then all users having privilege levels 0 through 7 must supply the correct level 7 password before the C4 CMTS will accept the command. from level 0 to 15. use the following example beginning in global configuration mode: 1 Enter enable mode: C4# enable 2 Create the password and set the privilege level required to use the password in order to access privileged commands: C4# configure enable password <password> privilege <0-15> Where password is a string up to 16 characters long privilege is a number 0-15. Or. you may want a certain set of users to be able to configure only certain interfaces. and associate commands with that privilege level. you could assign passwords to certain privilege levels. Release 4. password. Up to 16 privilege levels can be configured. if you had a group of trainees. The configure enable command defaults to privilege 15. to meet the needs of your users while protecting the system from unauthorized access. and give them these passwords only when they had completed their training. After the command is complete at the system prompt. press <Enter> to execute the command. For example. you can configure additional levels of access to commands. called privilege levels. Standard ARRIS PROPRIETARY — All Rights Reserved 25-11 . However. Users with privilege level 0 have access only to most show commands. You would create a separate privilege level for those specific interface configuration commands and distribute the password for that level to those users. you can limit access to each privilege level by enabling separate passwords. To create a new privilege level. If a given command is set to privilege level 7.C4 CMTS Command completion will then work if you type either an “e” or “u” and press the <Tab> key or <Space Bar>. Users who log on with level 15 have access to all commands. but not allow them access to other configuration options. the C4 CMTS CLI has two levels of access to commands: User EXEC mode (level 0) and Privileged EXEC Mode (level 15).

you need to set a password for the desired privilege level and assign that level to the command.25 CLI Overview Example To restrict access to the show ip interface command. In the example that follows the password Password7 is given to privilege level 7. The C4 CMTS will prompt you for a password: C4# enable 7 Password: Current privilege level for 'show ip route' is 4 Use show users to display the privilege level of defined users. for example. 25-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . C4# configure enable password Password7 privilege 7 C4# configure privilege exec level 7 show ip interface To confirm the previous command: C4# show privilege exec show ip interface To enter privilege level 7. privilege level 7 is assigned to the show ip interface command. 3 To set the authentication method to the local list of users and passwords: C4# configure authentication testlist1 local Where testlist1 is an example of a name for this method list 4 Configure the telnet and console access to use the authentication method above for enable access: C4# configure line vty 0 6 authentication testlist1 enableauthentication 5 (Example) Set the privilege level to 8 for all configure commands: C4# configure privilege exec level 8 configure 6 (Example) Set the privilege level to 9 for all configure interface cable commands: C4# configure privilege exec level 9 configure interface cable 7 To confirm your changes: C4# show line detail Displaying Current Privilege Levels To display the current privilege level you can access based on the password you used. use the following command in User EXEC Mode: C4> show privilege The system will respond with your current privilege level. enter the following command.

C4 CMTS Logging In at a Specific Privilege Level To log into the C4 at a specific privilege level. Use ftp to import the alias file to the alias directory: /system/alias/(filename). e. The show logging command displays the cli access level (same as privilege) and the priority that it comes out as.15 6 (Notice) 5 (Warning) Notification Priority 7 (Informational) You can now indicate at what logging priority you want CLI command execution notifications to be generated. Command aliases can save time and can prevent typing errors when you are configuring or monitoring the C4 CMTS.txt.g. Save the file with a descriptive name.2. Aliases do not persist from one CLI command session to another. the default notification priority assigned to that command access level is used to generate a log indicating the execution of that CLI command. For example. e. if you want all config commands (normally privilege level 15) to print at critical level and all show commands (privilege level 0) to print at error level. Release 4. Following is a table of the default logging levels for CLI access: Table 25-6: Default Logging Level CLI Access Level 0-4 5-9 10 . Standard ARRIS PROPRIETARY — All Rights Reserved 25-13 . aliaslist. use the following command: C4> disable X where X is number of the privilege level. execute the following commands: configure logging priority cli 15 3 configure logging priority cli 0 4 Creating and Using Command Aliases Use the alias command to define shorter simpler versions of commands. use the following command: C4> enable X where X is number of the privilege level. for example. You must create a text file in which each alias command appears on a separate line. 0-15 To exit a specified privilege level. 0-15 Changing Logging Notification Priority Levels Whenever a command is executed.g.

If a slot/port has two or more parameters. If you wish to view the output on a line-per-line basis. All of the aliases defined in this file are then available. If you have configured pagination. NO Command The [no] form of a command is usually used to negate a specific function. To turn pagination on. if any. you can press <Ctrl+C> to interrupt the show command output. You may at any time hit Q to quit. Using the [no] form of a command will override all other commands associated with that slot/port. By pressing any key on your keyboard. you must specify which. This means that the script writer must first use the alias command in the script itself to define his/her command aliases before using these aliases in the script.25 CLI Overview If the list of alias commands is present in the alias directory. and output continues beyond what can display on your screen.prompt appears. If pagination has not been configured. A slot/port with one parameter supports the [no] form automatically. and the user has logged in using a defined user profile. then the C4 CMTS automatically executes the alias file. regardless of the parser and regardless of whether or not the parameters were matched. These alias definitions are not exported to other scripts or CLI sessions. the system will display the next screen of output. simply hit the <CR> when the --More-. This must be done in every script where the writer intends to use command aliases. Aliases defined in interactive CLI sessions are not exported to scripts. a --More-.prompt will appear. you must be in Privileged EXEC mode and type the following command: C4# configure pagination Pagination 25-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The show and more commands generally display large amounts of data. is the [no] form.

C4 CMTS CLI Filtering The CLI filtering feature allows you to search or filter any show or more commands that display system and protocol information. How to Use CLI Filtering The CLI permits the following types of filtering: • • Begin . regular expressions are case sensitive.displays output lines that contain the text string or regular expression and excludes lines that do not contain the text string or regular expression Exclude . Basic Searching A regular expression is a phrase. number. This functionality is useful when you need to sort through large amounts of command output so that you can display only those lines you are interested in. to conduct a search on a regular expression of “ power” (with a space both before and after it) then only lines containing “ power” will be included in the output.2. The use of regular expressions for the C4 CMTS are case insensitive to make typical searching easier. For example.displays output beginning with the first line that contains the text string or regular expression Include . NOTE Normally. NOTE The filtering function is not available for the command show techsupport. Standard ARRIS PROPRIETARY — All Rights Reserved 25-15 . or pattern that the CLI filtering feature matches against the show or more command output.displays all lines up to and including the first line that matches the given regular expression • • The following CLI options have been added to the show and more commands: [|{begin|include|exclude|until} [“] regular expression [“]] Release 4.displays output lines that do not contain the text string or regular expression and excludes lines that do contain the text string or regular expression Until .

(dot) means any character. but certain keyboard characters have special meaning when used in regular expressions. * + ^ $ 25-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Expanded Syntax — show any-command | begin regular expression show any-command | include regular expression show any-command | exclude regular expression show any-command | until regular expression more any-command | begin regular expression more any-command | include regular expression more any-command | exclude regular expression more any-command | until regular expression Creating Regular Expressions Special Characters Regular expressions can be a single-character pattern that matches the same character in the input string. The keyboard characters that have special meaning in the C4 CMTS are listed in the Table 25-7: Table 25-7: Characters with Special Meaning in Search Patterns Character . since the . including white space The asterisk matches any number (or none) of the single character that immediately precedes it. or multiple characters that match the same multiple characters in the input string. The dollar sign matches the end of the line. along with the regular expression that you want to filter or search on. You can use keyboard characters (such as ! or ~) as single-character patterns.* means “match any number of any character. Special Meaning The dot matches any single character. or until. enter a show or more command as normal but add a space followed by the “pipe” character (|) at the end of the command line. then . The preceding character can also be a regular expression.g..25 CLI Overview To use this functionality. include. exclude. E.” The plus matches 1 or more sequences of the preceding regular expression The caret matches the following regular expression at the beginning of the line. Then add one of the keywords begin.

For example. The brackets also mean the contents will be taken as a single character. To include a literal bracket “]” in the sequence. [af] is the same as [abcdef]. “-”.C4 CMTS Table 25-7: Characters with Special Meaning in Search Patterns Character \ [] Special Meaning The backslash allows for literal meaning of the special characters. backslashes are not necessary for most special characters. o. To include a literal hyphen (-). this is shorthand for the full list of ASCII characters between them. when the expression m5\. It normally matches any single character from the sequence. Standard ARRIS PROPRIETARY — All Rights Reserved 25-17 . Also. only the string m5. [0-9] is the same as [0123456789]. and “\” characters are treated specially. however. When the sequence begins with a caret (^). The bracket [ ] characters allow for the definitions of a set of characters to be matched. it matches any single character not from the rest of the sequence. (e. When two characters in the sequence are separated by a hyphen (-). the following expression matches with a. [aeiou] = any vowel) Search for anything in the brackets that does not include the set of characters following the caret. For example. make it the first character. is used in the command syntax. [0-9] matches any decimal digit. i. The brackets also mean the contents will be taken as a single character. make it the first or last character. The following matches a hexidecimal digit: [09a-f]. e.2. only the “]”. Range A range is a sequence of characters enclosed in brackets [ ]. [^ ] () \b To remove the special meaning of any of the special characters listed in Table 25-7. Release 4. Indicates the beginning/end of a word. following a possible caret. (e. For example.g. put a backslash (\) in front of it. u: [aeiou] Use the hyphen (-) character inside the square brackets to mean all the characters from the character preceding the hyphen to the character following it.g. as inside a range. For example. [^aeiou] = any consonant) The parentheses allow for grouping and recall. includes that character. The brackets allow for the definitions of a set of characters to be matched. will be matched. A backslash “\” followed by a single character.

Table 25-8: Special Characters Used as Multipliers Character Special Meaning The asterisk matches any number (or none) of the single character that immediately precedes it. With this example. In the example. You create multiple-character expressions by joining letters. The asterisk (*) in the wildcard search can match with no characters or any number of characters. For example. The multiple-character expression a. Order is important in multiple-character patterns. Multipliers You can create more complex regular expressions that instruct the software to match multiple occurrences of a specified expression.” The plus matches 1 or more sequences of the preceding regular expression * + 25-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . E. digits. then . or more of any character. the expression must match any character. uses the special meaning of the period character to match the letter a followed by any single character. do not mix types.* means “match any number of any character. regular expressions use the period (.* When you use an asterisk (*). The [D-e] is equivalent to [D-Za-e] which is equivalent to [a-z] because the CLI is case insensitive. or keyboard characters that do not have special meaning. a!. [&-%].g. which means none.. Table 25-8 lists special characters that specify “multiples” of an expression. the following regular expression does exactly the same as the wildcard pattern above: ARRIS. Multiple-Character Patterns Regular expressions can also specify patterns containing multiple characters. the pattern matching fails. since . one. it means none. the following regular expression matches ARRIS followed by any single character: ARRIS.) character. or more of the previous character in the pattern. Wildcard Searches To emulate a wildcard search. or a2 are all valid matches for the expression. (dot) means any character. The expression m5& matches the character m followed by a 5 followed by a & sign. The preceding character can also be a regular expression. For example. one. If the string does not have m5&. For this. the strings ab.25 CLI Overview NOTE When using the hyphen (-). in that order. Examples of bad ranges include: [7-k]. the asterisk is preceded with a period. [D-e].

the expression “include slot. including none: m* To require that at least one letter m be in the string to be matched: m+ By enclosing the pattern in parentheses you can use multipliers with multiple-character patterns. In the following example.*19” returns the combination.[0-9a-f][0-9a-f][0-9a-f][0-9a-f] Alternation Alternation allows you to specify alternative patterns to match against a string.*17 | interface. the pattern matches any number of the multiple-character string mn: (mn)* Some useful example patterns that might be helpful: Any IP address = [0-9]+\. Standard ARRIS PROPRIETARY — All Rights Reserved 25-19 .C4 CMTS Examples: To match any number of occurrences of the letter m.50.[0-9]+ Any MAC address = [0-9a-f][0-9a-f][0-9a-f][0-9a-f]\.[0-9]+\.[0-9]+\.[0-9a-f] [0-9a-f][0-9a-f][0-9a-f]\. The expression “interface.*17” returns 2 results. Either one of the alternatives can match the string.*19” returns 4 results.255. The parenthesis () characters are used to see this pattern as one character.0 configure interface system-controller 19/0 no shutdown configure interface system-controller 19/1 no shutdown configure interface system-controller 19 no shutdown Release 4.255. and “include slot. You separate the alternative patterns with a vertical bar (|).100 255.1.*19 configure interface ethernet 19/0 ip address 10.2. as shown in the following examples: C4# show running-config | include interface.

*17|interface. you “anchor” these expressions to a portion of the string using the special character shown in the following table. 2. 3. you use parentheses to instruct memory of a specific pattern and a backslash (\) followed by an integer to reuse the remembered pattern. The integer specifies the occurrence of a parentheses in the regular expression pattern. as long as it is not the numbers 1.255.25 CLI Overview C4# show running-config | include slot.*17 configure slot 17 type FCM name "FCM A" configure snmp-server card-trap-inh slot 17 40 C4# show running-config | include slot.50.100 255. To create a regular expression that recalls a previous pattern. You can also use parentheses around a single or multiple-character pattern to instruct the software to remember a pattern for use elsewhere in the regular expression. the following regular expression matches an input string only if the string starts with 1234: ^1234 The next example shows that the following regular expression is a range that matches any single number.255.0 configure slot 17 type FCM name "FCM A" configure snmp-server card-trap-inh slot 17 40 configure interface system-controller 19/0 no shutdown configure interface system-controller 19/1 no shutdown configure interface system-controller 19 no shutdown Anchoring You can match an expression pattern against the beginning or the ending of a string.*19 configure interface ethernet 19/0 ip address 10. In this example. By specifying that the beginning or ending of an input string contains a specific pattern. If 25-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Table 25-9: Special Anchoring Character Character ^ Description The caret matches the beginning of the string This is another use for the ^ symbol.1. or 4: [^1234] Parentheses for Recall You can use parentheses () with multiple-character regular expressions to multiply the occurrence of a pattern.

*) (slot|interface)) Release 4. the regular expression could match azbctzt. The software identified character #1 as z and character #2 as t and then uses z and t again later in the regular expression. up to nine.)bc(. followed by character #2 again. they only instruct the software to recall that part of the matched string. Following is an example of advanced regular expression using double parentheses: ((19. the parentheses do not change the pattern. followed by any character (character #2).C4 CMTS you have more that one remembered pattern in your regular expression. As you will notice. then \1 uses the first remembered pattern and \2 uses the second remembered pattern. The following regular expression uses parentheses for recall: a(.)\1\2 This regular expression matches the letter a followed by any character (call it character #1) followed by bc. In this way.2. followed by character #1 again. Standard ARRIS PROPRIETARY — All Rights Reserved 25-21 .

25 CLI Overview 25-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

The default access level of Privileged EXEC mode commands is 15. The CLI commands are organized alphabetically. Privileged EXEC — The Privileged EXEC mode commands are used to set operating parameters. The User Show commands display system information. User EXEC — User EXEC commands are used for everyday system monitoring. enter quit. Standard ARRIS PROPRIETARY — All Rights Reserved 26-1 . The default access level of User Show commands is 0. When you log in to the CLI. Release 4. Global Configuration — Global Configuration commands apply to features that affect the entire system. the CLI prompts you to enter it to gain access. The User Show commands are part of the User EXEC mode. The prompt will be C4> as in the User EXEC mode. They allow you to change terminal settings on a temporary basis. you are in User EXEC mode. enter the enable command at the C4> prompt.2. These commands apply to system features and enable routing functions. The prompt changes to C4#. To enter Privileged EXEC mode. CLI Command Descriptions This chapter provides detailed descriptions of each of the C4 CMTS CLI commands. exit or press Ctrl+Z.C4 CMTS 26. Privileged EXEC mode includes the User EXEC commands. The password does not appear on the screen. The prompt will change to C4<config>#. If no enable password is configured. any user may enter Privileged EXEC mode without authentication. Enter configure at the command prompt in Privileged EXEC mode to enter the Global Configure mode. perform basic tests and show system information. To return to Privileged EXEC mode. If a Privileged EXEC password exists. The prompt C4> indicates User EXEC mode and the default access level is 0.

you could reach the alias limit with just 81 aliases if each alias name/command has a length of 100 characters. C4> alias slc show linecard status Related Command(s) unalias 26-2 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Example The following example creates the alias slc. For example. via the alias count. If the command is entered without the [<name> <command>] parameters. Aliases can be saved to a file and that file can be called in from a user’s profile. alias [<alias name> <command>] Parameter Definition [<alias name> <command>] The abbreviation or replacement name to be used as an alias for a CLI command. which can be entered in place of show linecard status. The alias limit may be reached in two ways. currently 256. NOTE The aliases that a user creates do not persist in memory after the user session is closed. the user can save to a file and manually load this file of aliases upon logging in. There is a size limitation associated with the alias buffer. In this manner.26 CLI Command Descriptions alias Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose The alias command is used to create abbreviated versions of CLI commands. The alias buffer size consists of all the alias names and their associated commands concatenated together. a user can have a particular set of aliases that become available each time he or she logs in. The CLI command that the C4 CMTS will execute when the alias is entered from the command line. it will display a list of all existing aliases. or via the alias buffer size which is 8192 characters in length. Alternatively.

archive {create <archive name> | restore <archive to restore> [force]} Parameter Definition create <archive name> Creates an archive with specified name If the file exists. you archive backup files or files that are important but not often used. the option [force] will then erase it and restore the specified file from archive. [force] Release 4.C4 CMTS archive Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Places a file for storage on a backup server. Normally. Standard ARRIS PROPRIETARY — All Rights Reserved 26-3 . restore <archive to restore> Restores the specified archive file. Such files can be copied to and from the backup server using the archive create/restore option. It can refer to an old copy of current data.2. That copy could be 1 minute old or several years old.

C4> cd config_files 26-4 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions cd Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose The cd command switches from the current directory to the specified directory. cd <directory name> Parameter Definition <directory name> The name of the directory to which you want to go. Example The following example switches from the current directory to a directory named config_files.

chkdisk and scandisk will always run on the standby SCM. NOTE On a duplex system.0 format oldformat will repartition to the Release 3. it will correct them and re-mount the volumes.3. Standard ARRIS PROPRIETARY — All Rights Reserved 26-5 . If errors are found. chkdisk <newformat | oldformat> [detail] Parameter Definition <newformat | oldformat> [detail] newformat will repartition to the Release 4.0 format Displays detailed information Release 4. if you are logged into the active System Controller Module (SCM).C4 CMTS chkdisk Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Unmounts the volumes and check them for errors.2.

clear arp-cache [<ip address>] Parameter Definition [<ip address>] This may be any Internet address. If the IP address is not specified. all dynamic entries from the ARP cache table will be deleted.nnn) format 26-6 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .nnn.26 CLI Command Descriptions clear arp-cache Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Deletes the entry from the Address Resolution Protocol (ARP) table if the IP address is specified.nnn. The IP address should be in dotted decimal (nnn.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-7 .C4 CMTS clear cable filter counters Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears the cable IP filter match counters. clear cable filter counters Release 4.2.

clear cable filter group <num> counters Parameter Definition <num> The IP filter group number.26 CLI Command Descriptions clear cable filter group <num> counters Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears the cable IP filter match counters for a specified group. 26-8 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Standard ARRIS PROPRIETARY — All Rights Reserved 26-9 . clear cable filter group <num> index <index> counters Parameter Definition <num> <index> The IP filter group number.2. The IP filter within the group. Release 4.C4 CMTS clear cable filter group <num> index <index> counters Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears a single cable IP filter match counter for a specified group.

H.26 CLI Command Descriptions clear cable flap-list Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears the flap-list.H. 26-10 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . the times and pre-flap states are not cleared.D.H.B.B. clear cable flap-list [cm-mac <mac addr>] [cm-ip <ip addr>] [vendor <name>] [state <offline | ranging | regaborted | ranged | ipcomplete | regbpiinit | registered | denied | unregistered] [cable <slot number>] [upstream <channel id>] [cpe-mac <mac addr>] [cpe-ip <ip addr>] [H.H.D.] [all] [lchan <0-1>] [max-ftime <0-100000>] MAC address of the cable modem IP address of the cable modem Cable modem vendor name Cable modem state CAM slot number Upstream channel ID MAC address of the CPE under the cable modem IP address of the CPE under the cable modem MAC address of this modem IP address of this modem Clears all flap list information Logical channel number Maximum latest flap-time in minutes.C.] [A.] [all] [lchan <0-1>] [max-ftime <0-100000>] [min-error] [min-fcount <0-100000>] [slot <number>] [unregistered] [offline] Parameter Definition [cm-mac <mac addr>] [cm-ip <ip addr>] [vendor <name>] [state <offline | ranging | regaborted | ranged | ipcomplete | regbpiinit | registered | denied | unregistered] [cable <slot number>] [upstream <channel id>] [cpe-mac <mac addr>] [cpe-ip <ip addr>] [H. The “all” option is used to clear all flap list counts.] [A.C. Note that only the counts are cleared.

C4 CMTS Parameter Definition [min-error] [min-fcount <0-100000>] [slot <number>] [unregistered] [offline] Minimum combined CRC and HCS error count Minimum flap count. Standard ARRIS PROPRIETARY — All Rights Reserved 26-11 . type the following command: clear cable flap-list all The following is an example of the output returned by the system: MIB Flap Counts have been cleared MIB Flap Counts have been reactivated Release 4. Cam slot number All but registered cable modems Offline cable modems Example C4# To clear all flap-list information.2.

26 CLI Command Descriptions clear cable modem all reset Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Requests all cable modems on this CMTS to reset. clear cable modem all reset 26-12 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

132. Valid range is 0 to 11.132.3939. use the following command: C4# clear cable modem 0000.3939.3939. Upstream port number.0. use the following command: C4# clear cable modem 10. Valid range is 0-15.132. Example To reset the cable modem with the IP address of 10.163 reset The following is an example of the output returned by the system: Cable modem 10.0.163 has been requested to reset Example To reset the cable modem with the MAC address of 000.2. Valid range is 0 or 1.C4 CMTS clear cable modem <slot>/<mac>/[<us>] reset Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Requests all modems with the specified MAC or IP address to reset.0.d44b.d44b reset The following is an example of the output returned by the system: Cable modem 0000.d44b has been requested to reset Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-13 . MAC domain number.163. clear cable modem <slot>/<mac>/[<us>] reset Parameter Definition <slot> <mac> [<us>] CAM slot number.

26-14 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Valid range is 0 or 1.26 CLI Command Descriptions clear cable modem cable <slot>/<mac>/[<us>] all reset Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Requests all cable modems on a Cable Access Module downstream or upstream interface to reset. Valid range is 0 to 11. Upstream port number. MAC domain number. Valid range is 0-15. clear cable modem cable <slot>/<mac>/[<us>] all reset Parameter Definition <slot> <mac> [<us>] CAM slot number.

2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-15 .C4 CMTS clear cable modem cable <slot>/<mac>/[<us>] oui <name> reset Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Resets the cable modems that match the specified Organization Unique Identifier (OUI). Valid range is 0-15. Following is a list of possible vendor names: 3Com ASUSTek Cadant Conexant Daehanet Elsa iCable_System Leichu Mercury Nortel Pioneer RiverDelta SMC Teledex Terayon TriGem ZyXel Ambit BAS Castlenet Coresma DAKOS Ericsson Infinite LG Motorola Ol’E PowerCom SA Syswave Telexy TurboComm Arris BestData Cisco Correlant D-Link GADline Intel Linksys Net&Sys Pace QNS Saejin Sunrise Tellabs USRobotics Askey Broadcom Com21 COSHIP Electroline GeniusNet Joohong Maspro Netgear Pacific RCA/Thomson Samsung Technotrend Telogy Toshiba Zoom Daewoo/Terayon TI clear cable modem cable <slot>/<mac>/[<us>] oui <name> reset Parameter Definition <slot> <mac> CAM slot number. Valid range is 0 or 1. MAC domain number. Release 4.

26-16 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Vendor name.26 CLI Command Descriptions Parameter Definition [<us>] <name> Upstream port number. Valid range is 0 to 11.

C4 CMTS clear cable modem oui <name | mac id> reset Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Resets all cable modems that match the specified Organization Unique Identifier (OUI). Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-17 . Following is a list of possible vendor names: 3Com ASUSTek Cadant Conexant Daehanet Elsa iCable_System Leichu Mercury Nortel Pioneer RiverDelta SMC Teledex Terayon TriGem ZyXel Ambit BAS Castlenet Coresma DAKOS Ericsson Infinite LG Motorola Ol’E PowerCom SA Syswave Telexy TurboComm Arris BestData Cisco Correlant D-Link GADline Intel Linksys Net&Sys Pace QNS Saejin Sunrise Tellabs USRobotics Askey Broadcom Com21 COSHIP Electroline GeniusNet Joohong Maspro Netgear Pacific RCA/Thomson Samsung Technotrend Telogy Toshiba Zoom Daewoo/Terayon TI clear cable modem oui <name | mac id> reset Parameter Definition <name | mac id> This is either the vendor name or the most significant 3-bytes of MAC address.2. which is the most significant 3-bytes of the MAC address or vendor name.

clear cable proto-throttle history 26-18 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions clear cable proto-throttle history Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears all cable modem information from the history log whether it has been throttled or not.

and 3. The FastEthernet port values on the Network Access Module (NAM) are 0. 1. clear counters fastethernet <slot>/<mac>/[<. Standard ARRIS PROPRIETARY — All Rights Reserved 26-19 .C4 CMTS clear counters fastethernet <slot>/<mac>[<. <port>[<. The valid subinterface numbers for both the GNAM and NAM are 0 to 254.subinf#>] Parameter Definition <slot> The chassis slot in which the targeted module resides.subinf#>] Release 4. Valid values are 13 through 16. 2.2.subinf#>] Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears the rate limiting counters for the specified interface. The FastEthernet Port value on the Gigabit Ethernet Access Module (GNAM) is 0.

clear counters gigabitethernet <slot>/<port>/[<. <port>[<.subinf#>] 26-20 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Valid values are slot 14 and 16 only. The FastEthernet Port value on the Gigabit Ethernet Access Module (GNAM) is 0.26 CLI Command Descriptions clear counters gigabitethernet <slot>/<mac>[<.subinf#>] Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears the rate limiting counters for the specified interface. The valid subinterface numbers are 0 to 254.subinf#>] Parameter Definition <slot> The chassis slot in which the targeted module resides.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-21 . replacement IPSec SAs are likely to be created if the IKE daemon is running. clear crypto sa Release 4. If the IKE daemon is running during removal.2. each peer is notified of the shared IPSec SA removal. Also.C4 CMTS clear crypto sa Default Access Level Privileged – 15 Mode Global configuration Prompt C4# Purpose Removes all IPSec security associations (SAs).

0. the ip route table for the default vrf will be cleared. clear ip route vrf <vrf-name> [<ospf|rip|all>] Parameter Definition <vrf-name> [<ospf|rip|all>] The name assigned to the virtual router. Next hop defaults to 0.26 CLI Command Descriptions clear ip route vrf Default Access Level Privileged – 15 Mode Global configuration Prompt C4# Purpose Clears the IP route table entries for a vrf.0. Defaults to all. 26-22 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .0 if not specified. If name is not specified.

2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-23 . clear line <0-8> Parameter Definition <0-8> TTY number. Release 4.C4 CMTS clear line Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose Terminates the specified CLI session.

clear line console <0-8> Parameter Definition <0-8> <0-1> TTY number Console line number 26-24 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions clear line <0-8> console <0-1> Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose Terminates the specified console session.

clear line <0-8> vty <0-15> Parameter Definition <0-8> <0-15> TTY number VTY line number Release 4.C4 CMTS clear line <0-8> vty <0-15> Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose Terminates the specified VTY session. Standard ARRIS PROPRIETARY — All Rights Reserved 26-25 .2.

placing debug logging back into the default state.26 CLI Command Descriptions clear logging debug Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears the current debug logging configuration. clear logging debug 26-26 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Standard ARRIS PROPRIETARY — All Rights Reserved 26-27 . clear logging history Release 4.C4 CMTS clear logging history Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Empties the history buffer of all data.2.

26 CLI Command Descriptions clear logging local Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Empties the event log and deletes all data. clear logging local 26-28 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Standard ARRIS PROPRIETARY — All Rights Reserved 26-29 .C4 CMTS clear logging qos-service-flow Default Access Level Privileged – 15 Mode Privileged EXEC Prompt C4# Purpose Clears the QoS service flow log.2. clear logging qos-service-flow Release 4.

26 CLI Command Descriptions clear packetcable cops counts Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose Clears the PacketCable COPS statistics and forces the counter to zero. clear packetcable cops counts 26-30 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

clear packetcable gate <gateid> Parameter Definition <gateid> The ID of the packetcable gate. Release 4.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-31 .C4 CMTS clear packetcable gate Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose Allows deleting up to 10 packetcable gates on the C4 CMTS. This will be useful in removing any stuck gates and for testing.

clear packetcable gatectl counts 26-32 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions clear packetcable gatectl counts Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose Clears the PacketCable DQoS Gate control statistics and forces the counter to zero.

C4 CMTS cls Default Access Level Non-privileged – 0 Mode User EXEC Prompt C4> Purpose Clears the terminal. Standard ARRIS PROPRIETARY — All Rights Reserved 26-33 .2. cls Release 4.

26-34 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . configure absolute-timeout <minutes> Parameter Definition <minutes> The absolute timeout in minutes.26 CLI Command Descriptions configure absolute-timeout Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Defines the absolute session timeout in minutes.

permit: Permits access if the condition is matched. If the removed condition is the only one for the ACL. Traffic will be filtered based on source IP address only. If the no command is used and no condition is specified. configure access-list <std-acl-num> <permit | deny> {<ip_addr> [wildcard] | any | host <ip_addr>} Parameter Definition Default <std-acl-num> <permit | deny> <<ip_addr> [mask] | any | host <ip>> The numeric identifier of the access list This is a decimal number from 1-99. It will define a standard ACL to permit or deny traffic destined for the SCM only. The host keyword is equivalent to a wildcard of 0. any: Any source host host: IP address of the host N/A Deny N/A NO Command If a condition is specified with the no command.0. then all conditions and the ACL will be removed. Standard ARRIS PROPRIETARY — All Rights Reserved 26-35 . A wildcard netmask allows an ACL to match multiple subnets. A standard ACL is assigned a number in the range of 1-99. Each subnet has its own netmask and deny/permit access rights.0. the matching condition will be removed from the ACL. ip_addr: Source address and optional mask.0.2. all references to the removed ACL are reset. When an ACL is removed.C4 CMTS configure access-list <std-acl-num> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures Access Control Lists (ACLs) on the C4 CMTS. deny: Denies access if the condition is matched. the ACL will also be removed. C4# configure access-list <std-acl-num> deny <ip> [mask] no Related Command(s) show access-list Release 4.

“TCP” is used for CMS COPS messaging.26 CLI Command Descriptions configure access-list <crypto-ext-acl-num> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures an extended Access Control List (ACL) on the C4 CMTS to be used by a crypto map. The source IP address of the permitted packets. This is a decimal number from 100199. The destination "tcp" or "udp" port number of the permitted packets. This does not apply to the "ip" protocol. “UDP” is used for RKS Event messaging. NO Command C4# To remove a crypto extended ACL. use the following command: configure no access-list <crypto-acl-num> 26-36 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . “IP” is used for all IP-based protocols including TCP and UDP. The source "tcp" or "udp" port number of the permitted packets. configure access-list <crypto-ext-acl-num> permit <ip | tcp | udp> host <src-ip> [eq <src-port>] host <dst-ip> [eq <dst-port>] Parameter Definition <crypto-ext-acl-num> <ip | tcp | udp> <src-ip> [eq <src-port>] <dst-ip> [eq <dst-port>] The numeric identifier of the extended ACL. This does not apply to the "ip" protocol. The extended ACL identifies the types of packets permitted to flow through an IPSec security association. The protocol of the permitted packets. The destination IP address of the permitted packets.

The type is a number from 0 to 255. use the following command: configure no access-list <ext-acl-num> Related Command(s) show access-list Release 4. the C4 CMTS will support the additional optional parameter string [icmp-type [icmp-code]]. This can be the {host <IP> | any | <IP> [mask]} This can be the {host <IP> | any | <IP> [mask]} Match packets with given precedence value Match packets with given TOS value Check non-initial fragment The ICMP type is a number from 0 to 255. permit: Permits access if the condition is matched. The ICMP code is a number from 0 to 255. Standard ARRIS PROPRIETARY — All Rights Reserved 26-37 . If the protocol value is ICMP.2. ICMP packets that are filtered by the ICMP message type can also be filtered by the ICMP message code. Note: the code can only be entered following the ‘type’. The code is a number from 0 to 255. ICMP packets can be filtered by ICMP message types. deny: Denies access if the condition is matched. configure access-list <ext-acl-num> <permit | deny> icmp <src-ip> <dst-ip> [precedence <num>] [tos <num>] [fragments] [<type> [<code>] Parameter Definition <ext-acl-num> <permit | deny> The numeric identifier of the access list This is a decimal number from 100-199. icmp <src-ip> <dst-ip> [precedence <num>] [tos <num>] [fragments] [<type>] [<code>] NO Command To remove an extended ACL.C4 CMTS configure access-list <ext-acl-num> <permit | deny> icmp Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures an extended Access Control List (ACL) on the C4 CMTS.

The values in an extended Access List are IP. configure access-list <ext-acl-num> <permit | deny> igmp <src-ip> <dst-ip> [precedence <num>] [tos <num>] [fragments] [<type> [<code>] Parameter Definition <ext-acl-num> <permit | deny> protocol igmp <src-ip> <dst-ip> [precedence <num>] [tos <num>] [fragments] The numeric identifier of the access list This is a decimal number from 100-199.34 Version 3 Membership Report [RFC-3376] The IGMP code is a number from 0 to 255. [<type>] [<code>] NO Command C4# Related Command(s) To remove an extended ACL. UDP.23 Version 2 Leave Group [RFC-2236] . or a num and are described below: If the protocol value is IGMP. permit: Permits access if the condition is matched. This can be the {host <IP> | any | <IP> [mask]} This can be the {host <IP> | any | <IP> [mask]} Match packets with given precedence value Match packets with given TOS value Check non-initial fragment The IGMP type is a number from 0 to 255 . The message type is a number from 0 to 15. IGMP. IGMP packets can be filtered by IGMP message types. Note: the code can only be entered following the ‘type’.18 Version 1 Membership Report [RFC-1112] .26 CLI Command Descriptions configure access-list <ext-acl-num> <permit | deny> igmp Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures an extended Access Control List (ACL) on the C4 CMTS. ICMP. TCP. deny: Denies access if the condition is matched.22 Version 2 Membership Report [RFC-2236] . use the following command: configure no access-list <ext-acl-num> show access-list 26-38 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . the C4 CMTS will support the additional optional parameter string [igmp-type].

deny: Denies access if the condition is matched. permit: Permits access if the condition is matched.2.C4 CMTS configure access-list <ext-acl-num> <permit | deny> ip Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures an extended Access Control List (ACL) on the C4 CMTS. Does not filter out any Internet Protocols This can be the {host <IP> | any | <IP> [mask]} This can be the {host <IP> | any | <IP> [mask]} Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-39 . configure access-list <ext-acl-num> <permit | deny> ip <src-ip> <dst-ip> [dscp <num>] [precedence <0-7>] [tos <015>] [fragments] Parameter Definition <ext-acl-num> <permit | deny> ip <src-ip> <dst-ip> The numeric identifier of the access list This is a decimal number from 100-199.

Match packets with routine precedence priority .Match packets with AF33 dscp (011110) af41 . Valid values are: 0 1 2 3 4 5 6 7 = = = = = = = = routine .Match packets with CS4(precedence 4) dscp cs5 .Differentiated services codepoint values af11 .Match packets with AF41 dscp (100010) af42 .26 CLI Command Descriptions Parameter Definition Match packets with given DSCP value.Match packets with CS3(precedence 3) dscp cs4 .Match packets with AF21 dscp (010010) af22 .Match packets with AF13 dscp (001110) af21 .Match packets with CS6(precedence 6) dscp cs7 .Match packets with AF42 dscp (100100) af43 .Match packets with network control precedence [precedence <0-7>] [tos <0-15>] [fragments] Match packets with given TOS value Check non-initial fragment NO Command To remove an extended ACL.Match packets with EF dscp (101110) [dscp <num>] (001000) (010000) (011000) (100000) (101000) (110000) (111000) Match packets with given precedence value.Match packets with CS7(precedence 7) dscp default .Match packets with CS2(precedence 2) dscp cs3 .Match packets with AF43 dscp (100110) cs1 .Match packets with internetwork control precedence network .Match packets with flash precedence flash-override .Match packets with AF22 dscp (010100) af23 .Match packets with AF23 dscp (010110) af31 .Match packets with CS5(precedence 5) dscp cs6 .Match packets with AF11 dscp (001010) af12 .Match packets with critical precedence internet .Match packets with flash override precedence critical .Match packets with AF32 dscp (011100) af33 .Match packets with default dscp (000000) ef . Valid values are: <0-63> .Match packets with AF12 dscp (001100) af13 .Match packets with priority precedence immediate .Match packets with CS1(precedence 1) dscp cs2 . use the following command: configure no access-list <ext-acl-num> Related Command(s) show access-list 26-40 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .Match packets with immediate precedence flash .Match packets with AF31 dscp (011010) af32 .

use the following command: configure no access-list <ext-acl-num> Related Command(s) show access-list Release 4. Number of the specified Internet Protocol being filtered. permit: Permits access if the condition is matched. configure access-list <ext-acl-num> <permit | deny> <num> <src-ip> <dst-ip> [precedence <num>] [tos <num>] [fragments] Parameter Definition <ext-acl-num> <permit | deny> <num> <src-ip> <dst-ip> [precedence <num>] [tos <num>] [fragments] The numeric identifier of the access list This is a decimal number from 100-199. Standard ARRIS PROPRIETARY — All Rights Reserved 26-41 .2. This can be the {host <IP> | any | <IP> [mask]} This can be the {host <IP> | any | <IP> [mask]} Match packets with given precedence value Match packets with given TOS value Check non-initial fragment NO Command To remove an extended ACL.C4 CMTS configure access-list <ext-acl-num> <permit | deny> num Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures an extended Access Control List (ACL) on the C4 CMTS. deny: Denies access if the condition is matched.

All other operators require one port number. This function compares source or destination ports.Match only packets with a greater port number [src-oper] lt <port> . If the protocol value is TCP.Match only packets not on a given port number range <port> <port> . the C4 CMTS supports the additional optional parameter string [operator [port]] after both the sourcewildcard and source-wildcard options.Match only packets in the range of port numbers 26-42 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . If the operator is positioned after the destination and destination-wildcard. eq (equal). If the operator is positioned after the source.Match only packets with a lower port number ne <port> .26 CLI Command Descriptions configure access-list <ext-acl-num> <permit | deny> tcp Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures an extended Access Control List (ACL) on the C4 CMTS. range (inclusive range). permit: Permits access if the condition is matched. it must match the source and source-wildcard. The range operator requires two port numbers. and the additional optional parameter [established]. neq (not equal).Match only packets on a given port number gt <port> . Possible source operators can be: lt (less than) gt (greater than). it must match the source port. tcp <src-ip> <dst-ip> This can be the {host <IP> | any | <IP> [mask]} This can be the {host <IP> | any | <IP> [mask]} eq <port> . configure access-list <ext-acl-num> <permit | deny> tcp <src-ip> [src-oper] <dst-ip> [dst-oper [precedence <num>] [tos <0-15>] [established] Parameter Definition <ext-acl-num> <permit | deny> The numeric identifier of the access list This is a decimal number from 100-199. it must match the destination port. deny: Denies access if the condition is matched.

ack.C4 CMTS Parameter Definition eq <port> . syn & fin NO Command To remove an extended ACL.Match only packets in the range of port numbers [precedence <num>] [tos <0-15>] [established] | tcpflags <mask><value>] Match packets with given precedence value Match packets with given TOS value Match established connections or TCP flag settings for: urg.Match only packets on a given port number gt <port> .Match only packets not on a given port number range <port> <port> .Match only packets with a greater port number [dst-oper] lt <port> . use the following command: configure no access-list <ext-acl-num> Related Command(s) show access-list Release 4. psh.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-43 . rst.Match only packets with a lower port number ne <port> .

Match only packets in the range of port numbers eq <port> .Match only packets with a greater port number lt <port> .Match only packets on a given port number gt <port> . udp <src-ip> <dst-ip> This can be the {host <IP> | any | <IP> [mask]} This can be the {host <IP> | any | <IP> [mask]} eq <port> .26 CLI Command Descriptions configure access-list <ext-acl-num> <permit | deny> udp Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures an extended Access Control List (ACL) on the C4 CMTS.Match only packets with a greater port number lt <port> .Match only packets in the range of port numbers [src-oper] [dst-oper] 26-44 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . neq (not equal). deny: Denies access if the condition is matched. If the protocol value is UDP. configure access-list <ext-acl-num> <permit | deny> udp <src-ip> [src-oper] <dst-ip> [dst-oper] [precedence <num>] [tos <num>] [fragments] Parameter Definition <ext-acl-num> <permit | deny> The numeric identifier of the access list This is a decimal number from 100-199. it must match the destination port. range (inclusive range).Match only packets on a given port number gt <port> . If the operator is positioned after the source and source-wildcard.Match only packets with a lower port number ne <port> . All other operators require one port number. eq (equal). permit: Permits access if the condition is matched. it must match the source port. the C4 CMTS will support the additional optional parameter string [operator [port]] after both the source-wildcard and source-wildcard options.Match only packets not on a given port number range <port> <port> . Possible source operators can be: lt (less than) gt (greater than). This function compares source or destination ports.Match only packets with a lower port number ne <port> . If the operator is positioned after the destination and destinationwildcard.Match only packets not on a given port number range <port> <port> . The range operator requires two port numbers.

Match packets with critical precedence (5) .Match packets with flash precedence (3) .Match packets with max throughput TOS (4) .Precedence value .Match packets with normal TOS (0 .Match packets with flash override precedence (4) .Match packets with network control precedence (7) .Match packets with priority precedence (1) .Type of service value . use the following command: configure no access-list <ext-acl-num> Related Command(s) show access-list Release 4.C4 CMTS Parameter Definition Match packets with given precedence value.Match packets with immediate precedence (2 .Match packets with internetwork control precedence (6) . Following are valid values: <0-15> normal min-monetary-cost max-reliability max-throughput min-delay [tos <num>] [fragments] Check non-initial fragment NO Command To remove an extended ACL.Match packets with max reliable TOS (2) . Standard ARRIS PROPRIETARY — All Rights Reserved 26-45 . Following are valid values: <0-7> routine priority immediate flash flash-override critical internet network .Match packets with routine precedence (0) .2.Match packets with min monetary cost TOS (1) .Match packets with min delay TOS (8) [precedence <num>] Match packets with given TOS value.

NOTE The remark text must be in quotes unless it is a single word. This is a decimal number from 1-99. The remark text should be in quotes. use the following: configure access-list 101 remark no “tcp packets allowed” 26-46 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . NO Command To clear or remove the comment ‘tcp packets allowed’ for access-list 101. the extended access-list-number is 100-199 Comment that describes the access list entry.26 CLI Command Descriptions configure access-list remark Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Associates a comment with an existing ACL. configure access-list <access-list-number> remark [“text of remark”] Parameter Definition <access-list-number> [“text of remark”] The access-list-number. Valid range is up to 100 characters.

Example To configure an accounting methods list called acct_example. Groupname is the string identifying the TACACS+ server group to use No accounting required.C4 CMTS configure accounting Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the accounting method lists.2. Records will be sent to the C4’s logging facility.----------------------acct_example Local NO Command C4# To remove or disable the accounting method lists. configure accounting <listname> [local] [tacacs <groupname>] [none] Parameter Definition <listname> [local] [tacacs <groupname>] [none] Name of the method list. Standard ARRIS PROPRIETARY — All Rights Reserved 26-47 . use the following command: C4# configure accounting acct_example local The following is an example of the output returned by the system: Name List Of Methods ------------------. Records will be sent to the TACACS+ server in the named group. use the following: configure no accounting Release 4.

26 CLI Command Descriptions configure aging Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the aging intervals for the ARP cache. Example C4# The following example sets ARP aging to: configure aging cpe 10 configure aging service-flow 1 configure aging stale-mac 604800 26-48 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The granularity of the aging interval for service flows in seconds. configure aging [cpe <seconds>] [idle-mac <seconds>] [service-flow <seconds>] [stale-mac <seconds>] Parameter Definition [cpe <seconds>] [idle-mac <seconds>] [service-flow <seconds>] [stale-mac <seconds>] The granularity of the aging interval for CPE MAC address in seconds. The idle MAC aging time in seconds. The length of time (in seconds) that inactive MAC addresses are maintained in the C4’s internal database.

you can verify that ARP has been configured by using the show command as follows: C4# show arp 20.100. type the following command: C4# configure arp 10.23.23. use the following command: configure no arp <ip> <mac> <interface> Release 4.7 0010. GigE NAM. downstream port 0 is allowed FastE NAM.100.2354.100.7 and the MAC address of 0010.3652 2/0 Although there is no screen response.2354.2354.23.2.C4 CMTS configure arp Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Specifies the static mapping between IP and MAC addresses.3652 on the CAM in slot 2 port 0.7 The following is an example of the output returned by the system: ARP cache timeout is 1200 seconds Row IP Address MAC Address 1 10. configure arp <ip> <mac> <interface> Parameter <ip> <mac> The IP address The MAC address Interface parameter as follows: <interface> On On On On the the the the SCM only port 0 is allowed CAM.100. ports 0 to 3 are allowed. Standard ARRIS PROPRIETARY — All Rights Reserved 26-49 .7 0010.3652 NO Command Type Static State Active Interface cable 2/0 To remove the static mapping between the IP and MAC address. ports 0 and 1 are allowed Definition Example To configure ARP (Address Resolution Protocol) between the IP address of 10.23.

configure arp timeout {0 | <180 .330000 centiseconds. To disable the aging for the ARP cache. aging will be disabled for the ARP cache. {0 | <180 .360000>} Parameter Definition The number of centiseconds that a MAC address is allowed to live in the ARP cache. Range is from 180 . If timeout is set to zero (0).26 CLI Command Descriptions configure arp timeout Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Sets the ARP cache timeout in seconds.360000>} Example C4# The following command sets ARP cache timeout to 360 centiseconds: configure arp timeout 360 26-50 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . set to zero (0).

use the following command: configure audit autoscheduling no enable Release 4.2.C4 CMTS configure audit autoscheduling enable Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables audit autoscheduling. NO Command C4# To disable audit autoscheduling. configure audit autoscheduling enable NOTE It is recommended that auto scheduling should always be enabled. Standard ARRIS PROPRIETARY — All Rights Reserved 26-51 .

26 CLI Command Descriptions configure audit log enable Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables audit log. NOTE It is recommended that audit logging should always be enabled. Default is enabled. configure audit log enable NO Command C4# To disable the audit log. using the following command: configure audit log no enable 26-52 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

using the following command: configure audit logthrottle no enable Release 4. configure audit logthrottle enable NO Command C4# To disable audit log throttle.C4 CMTS configure audit logthrottle enable Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables audit log throttle. Standard ARRIS PROPRIETARY — All Rights Reserved 26-53 .2.

configure audit sequence card enable NO Command To disable all audit sequences on all cards currently in service.26 CLI Command Descriptions configure audit sequence card enable Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables all audit sequences on all cards currently in service. use the following command: C4# configure audit sequence card no enable 26-54 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

C4 CMTS configure audit sequence card run-now Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables all audit sequences on all cards to run right now. configure audit sequence card run-now Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-55 .2.

AuditMacBackup. AuditArpTable.26 CLI Command Descriptions configure audit sequence <sequence name> card <0-20> enable Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables a specified audit sequence on a specified card. IpFilter. AuditRouteTable. AuditSMacDCard. NO Command To disable a specified audit sequence on a specified card. CAMManager Details with module number. AuditDplxArpCache. AuditQosDCard. use the following command: C4# configure audit sequence <sequence name> card <0-20> no enable 26-56 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Valid range 0-20. AuditCMQos. CAMSparing. AuditQosLocal. AuditQosECard. AuditCMBpi. configure audit sequence <sequence name> card <0-20> enable Parameter Definition <sequence name> <card number> AuditCMMac. AuditDMacECard. AuditQosBackup.

CAMSparing. AuditDplxArpCache. AuditDMacECard. Valid range 0-20. AuditQosDCard.C4 CMTS configure audit sequence <sequence name> card <0-20> run-now Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables the run-now audit sequence on a specified card. AuditCMQos. AuditSMacDCard. AuditCMBpi. AuditRouteTable. Standard ARRIS PROPRIETARY — All Rights Reserved 26-57 . AuditQosLocal. AuditMacBackup. IpFilter. Release 4. AuditQosBackup. AuditQosECard. AuditArpTable.2. CAMManager Details with module number. configure audit sequence <sequence name> card <0-20> runnow Parameter Definition <sequence name> <0-20> AuditCMMac.

NO Command C4# To disable all audit sequences on a specified card. Valid range 0-20. configure audit sequence card <0-20> enable Parameter Definition <0-20> Details with module number.26 CLI Command Descriptions configure audit sequence card <0-20> enable Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables all audit sequences on a specified card. use the following command: configure audit sequence card <0-20> no enable 26-58 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Only a password prompt is displayed. [tacacs <groupname | default>] [none] Release 4. Authenticate using the local user/password file.2. Both a login prompt and a password prompt are displayed. Standard ARRIS PROPRIETARY — All Rights Reserved 26-59 . All prompts must be derived from the server. configure authentication <listname> [line] [enable] [local] [radius <groupname | default>] [tacacs <groupname | default>] [none] Parameter Definition <listname> [line] [enable] [local] [radius <groupname | default>] String identifying this method list. Only a password prompt is displayed. Groupname is the string identifying the TACACS+ server group to use and default uses the default TACACS+ server group No authentication is required. Authenticate using the enable password. Authenticate using the line password. All prompts must be derived from the server.C4 CMTS configure authentication Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the authentication method. Groupname is the string identifying the RADIUS server group to use and default uses the default RADIUS server group. Authenticate using the specified TACACS+ server group. Authenticate using the specified RADIUS server group.

use the following command: C4# configure authentication authe_example local none The following is an example of the output returned by the system: Name List Of Methods ------------------.26 CLI Command Descriptions Example To configure the local authentication method for the list called “authe_example” using the local user/password. None NO Command C4# Related Command(s) To disable the authentication method. use the following command: configure no authentication configure radius configure tacacs group configure authorization configure line <console | vty> 26-60 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .---------------------------authe_example Local.

C4 CMTS configure authentication radius local Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures a radius local login list and enable password for authentication. configure authentication <loginlist> radius <radGroup> local Parameter Definition <loginlist> <radgroup> Name of local login list Name of the Radius server group Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-61 .2.

use the following command: C4# configure authorization author_example local none The following is an example of the output returned by the system: Name List Of Methods -------------------. None NO Command C4# To remove the authorization method list. use the following command: configure no authorization 26-62 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .-----------------------------author_example Local.26 CLI Command Descriptions configure authorization Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the authorization method list. configure authorization <listname> [local] [tacacs <groupname>] [none] Parameter Definition <listname> [local] [tacacs <groupname>] [none] String identifying this method list Authorize according to the privilege level associated with the current user ID Authorize all commands using the specified TACACS+ server group. Groupname is the string identifying the TACACS+ server group to use No authorization is required Example To configure the authorization method list called “author_example” that will attempt to authorize all commands based on the user’s privilege level but will bypass authorization if the user’s ID or privilege level have not been set.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-63 .2.C4 CMTS Related Command(s) configure tacacs group configure authentication configure line <console | vty> Release 4.

If no parameter is specified. the current autorecovery status will be displayed.26 CLI Command Descriptions configure autorecovery Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Sets the autorecovery to on or off. configure autorecovery <on | off> Parameter Definition <on |off> Sets the autorecovery to on or off 26-64 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

The information you define as the message. Example In the following example. Recommended characters could include but are not limited to: @ # $ % ^ & * ~ \ /. NOTE The configure banner command behaves differently on the command line that it does in the running-config. configure banner login {<character> <text> <character>} Parameter Definition <character> <text> Where <character> is the delimiting character used to begin and end the message. Standard ARRIS PROPRIETARY — All Rights Reserved 26-65 . Example The following examples will display the output as it will appear in the running-config command.C4 CMTS configure banner login Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the login banner. C4# configure banner login ^Upgrade planned for Thurs 3-5 am!^ The following is an example of the output returned by the system: Login banner has been set. we can notify users when they log in to the system that an upgrade is scheduled for Thursday morning.2. Note: we chose to enclose the message text using a “^” as the delimiting character. C4# show running-config | page begin banner configure Location: Type: Size: Mgmt: Routing: banner login C4 lab Duplex Large System (many CAMS. Maximum is 100 lines. modems) Out-of-band OSPF Release 4.

Local flow control off ====================================================================== Welcome to C4SW1 ====================================================================== Location: C4 lab Type: Duplex Size: Large System (many CAMS.10. Connected to 10. C4# telnet C4 Trying..26 CLI Command Descriptions /end configure banner motd ====================================================================== Welcome to C4SW1 ====================================================================== /end Example The following example will display the output when you are logging in to the system..10. use the following command: configure banner login no The following is an example of the output returned by the system: Login banner has been cleared.10 Escape character is '^]'. modems) Mgmt: Out-of-band Routing: OSPF Login: NO Command C4# To clear the login banner. Related Command(s) configure banner motd 26-66 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Note: we chose to enclose the message text using a “^” as the delimiting character. we can notify users when they log in that a system upgrade is scheduled for Thursday morning.C4 CMTS configure banner motd Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the message of the day banner. C4# configure banner motd ^Message of the day: Upgrade planned for Thurs 3-5 am!^ The following is an example of the output returned by the system: Message of the day banner has been set. by using the ‘message of the day’ <motd> parameter. Example In the following example. Maximum is 100 lines. The information you define as the message.2. C4# show running-config | include banner configure configure configure configure no banner motd banner motd line 1 Message of the day: banner motd line 2 Upgrade planned for Thurs 3-5AM! no banner login Release 4. Example The following examples will display the output as it will appear in the running-config command. Standard ARRIS PROPRIETARY — All Rights Reserved 26-67 . NOTE The configure banner motd command behaves differently on the command line that it does in the running-config. configure banner motd {<character> <text> <character>} Parameter Definition <character> <text> Where <character> is the delimiting character used to begin and end the message. Recommended characters could include but are not limited to: @ # $ % ^ & * ~ \ /.

26 CLI Command Descriptions configure banner login line configure banner login line configure banner login line configure banner login line configure banner login line configure banner login line this system...cfg used to setup system Legal Warning: If you are not authorized to access The following example will display the output when you are logging in to the system. Related Command(s) configure banner login 26-68 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Local flow control off Message of the day: Upgrade planned for Thurs 3-5AM! Login message: Location: C4 Lab Type: Simplex Config: router. logout now! Example 1 2 3 4 5 6 Login message: Location: C4 Lab Type: Simplex Config: router.10.10. Connected to 10. logout now! Login: NO Command C4# To remove the message of the day banner.cfg used to setup system Legal Warning: If you are not authorized to access this system. C4# telnet C4 Trying. use the following command: configure banner motd no The following is an example of the output returned by the system: Message of the day banner has been cleared.10 Escape character is '^]'.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-69 .C4 CMTS configure cable cm-cfg-reg-req-time Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the maximum time in seconds for a cable modem to send reg request after receipt of the configuration file. configure cable cm-cfg-reg-req-time <30-2000> Parameter Definition <30-2000> Maximum time in seconds to send reg requests. Release 4.2.

0 modems registered on the C4 CMTS.26 CLI Command Descriptions configure cable concatenation-docsis10 Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the C4 CMTS to allow DOCSIS® 1.0 modems to utilize concatenation. configure cable concatenation-docsis10 NO Command To disable concatenation in all DOCSIS® 1. use the following command: C4# configure no cable concatenation-docsis10 26-70 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

This command may be entered multiple times to add multiple client IDs in the same list. Valid values are 1 to 65335 Type of client ID.2. Valid values are [broadcast | mac-address | ca-systemid | application-id] Hexidecimal values containing client ID value Identifier of the vendor set associated with the client ID NO Command To remove a client ID list or entry from the client ID list. Standard ARRIS PROPRIETARY — All Rights Reserved 26-71 . Index number.C4 CMTS configure cable dsg client-id-list <clientlist> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the client identifier lists to be associated with a DSG tunnel. use the following command: C4# configure cable dsg client-id-list 1 type broadcast To remove list 2. configure cable dsg client-id-list <clientlist> [index <num>] [type <type>] [value <value>] [vsp-list <num>] Parameter Definition <clientlist> [index <num>] [type <type>] [value <value>] [vsp-list <num>] Unsigned integer which is the Client ID List Identifier. use the following command: C4# configure cable dsg client-id-list 2 no Release 4. use the following command: C4# configure cable dsg no client-list <clientlist> [index <num>] Example Some valid forms of this command include: To add a broadcast client to list 1.

use the following command: C4# configure cable dsg client-id-list 1 index 2 client-idtype macaddress value 000102030405 To delete the row just modified. use the following command: C4# configure cable dsg client-id-list 1 no index 2 26-72 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . use the following command: C4# configure cable dsg client-id-list 1 type macaddress value 010203040506 vsp-list 3 To modify the row just added above.26 CLI Command Descriptions To add a row to list 1.

NO Command C4# To remove the list or entry from the list. NOTE Per the DSG specification. use the following command: C4# configure cable dsg ds-frequency-list 1 index 2 frequency 65000000 Release 4. use the following command: configure cable dsg no ds-frequency-list <chllistindex> [index <chlindex>] Example Some valid forms of this command include: To configure a channel list 1 with a frequency of 47000000. Valid values are 1 to 65335 Downstream frequency to be published in the DCD messages. Standard ARRIS PROPRIETARY — All Rights Reserved 26-73 .2. use the following command: C4# configure cable dsg ds-frequency-list 1 frequency 47000000 To create row 2 of channel list 1. configure cable dsg ds-frequency-list <chllistindex> [index <chlindex>] [frequency <frequency>] Parameter Definition <chllistindex> [index <chlindex>] [frequency <frequency>] Number assigned to the channel list.C4 CMTS configure cable dsg ds-frequency-list Default Access Level Privileged – 15 Mode Global Configuration Prompt C4<config># Purpose Creates or deletes the provisioning for the set of downstream channel frequencies that are published in a DSG DCD message. Channel List entry. This frequency must be a multiple of 62500Hz. validity checking of this frequency value is limited as the frequency may correspond to a downstream from a different CMTS.

use the following command: C4# configure cable dsg no ds-frequency-list 2 To delete a frequency (row) from channel list 1. use the following command: C4# configure cable dsg ds-frequency-list 1 index 3 no 26-74 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . use the following command: C4# configure cable dsg ds-frequency-list 1 index 2 frequency 47000000 To delete channel list 2.26 CLI Command Descriptions To modify row 2 of channel list 1.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-75 . Valid range is 0-65335 and the default is set at 1800 seconds (30 minutes). [one-way-tdsg4 <tdsg4value>] NO Command C4# Example To remove the timer-list entry. Timeout period for the DSG packets during normal operation of the DSG [operational-tdsg2 <tdsg2value>] client in seconds. [two-way-tdsg3 <tdsg3value>] This timer determines when the client attempts to reconnect with the DSG agent and establish two-way connectivity. Valid range is 0-65335 and the default is set at 300 seconds (5 minutes). This timer determines when the client attempts to rescan for a DOCSIS downstream channel that contains DSG packets. configure cable dsg timer-list <timersetindex> [initialization-tdsg1 <tdsg1value>] [operational-tdsg2 <tdsg2value>] [two-way-tdsg3 <tdsg3value>] [one-way-tdsg4 <tdsg4value>] Parameter Definition <timersetindex> [initialization-tdsg1 <tdsg1value>] A decimal integer Timeout period for the DSG packets during initiation of the DSG client in seconds. use the following command: configure cable dsg no timer-list <timersetindex> Some valid forms of this command include: To create timer-list 1 with all default values.2.C4 CMTS configure cable dsg timer-list Default Access Level Privileged – 15 Mode Global Configuration Prompt C4<config># Purpose Creates or deletes the configuration of DSG timers that will be associated with a given downstream channel. Valid range is 0-65335 and the default is set at 600 seconds (10 minutes). Valid range is 0-65335 and the default is set at 2 seconds. use the following command: C4# configure cable dsg timer-list 1 Release 4.

use the following command: C4# configure cable dsg timer-list 1 no 26-76 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions If a timer list had not been created. create a timer list with default values and then set the timer tdsg1 to 30 and tdsg3 to 60 with the following command: C4# configure cable dsg timer-list 1 initialization-tdsg1 30 two-way-tdsg3 60 To remove timer list 1.

use the following command: C4# configure cable dsg tunnel 1 tunnel-group 1 client-id-list 1 mac-address 00:01:02:03:04:05 service-class-name dsgtunnelclass enable Release 4.C4 CMTS configure cable dsg tunnel Default Access Level Privileged – 15 Mode Global Configuration Prompt C4<config># Purpose This command provisions a DSG tunnel. DSG tunnel group that this DSG tunnel belongs to. Standard ARRIS PROPRIETARY — All Rights Reserved 26-77 . Identifier of the list of client-IDs that should be listening on this DSG tunnel. MAC address of the DSG tunnel Enables or disables the row status. use the following command: configure cable dsg no tunnel <tunnelid> Some valid forms of this command include: To create a tunnel. It associates the tunnel-group and client identifier lists in addition to indicating a mac address and service class name for the tunnel. Valid values are 1 to 65335. configure cable dsg tunnel <tunnelid> [tunnel-group <tunnelgrpid>] [client-id-list <clientlist>] [mac-address <macaddr>] [service-class-name <servclass>] [enable | disable] Parameter Definition <tunnelid> [tunnel-group <tunnelgrpid>] [client-id-list <clientlist>] [mac-address <macaddr>] [enable | disable} Unsigned integer that represents the tunnel to be displayed. [service-class-name <servclass>] Name of the service class to be applied to this tunnel NO Command C4# Example To delete the dsg tunnel.2. The default value is set to enabled.

configure cable dsg tunnel <tunnelid> classifier <classid> [priority <priority>] [source-network <srclp>[/<prefixlength>]] [dest-ip <destip>] [dest-portrange <destportstart-desportend>] [include-in-dcd] Parameter Definition <tunnelid> <classid> [priority <priority>] [source-network <srclp>[/<prefixlength>]] [dest-ip <destip>] [dest-port-range <destportstartdestportend>] [include-in-dcd] Unsigned integer that represents the tunnel to be displayed. The srclp is the IP address to be matched for this classifier. This is the inclusive lower bound of the transport layer port range along with the inclusive upper bound of the transport layer port range that is to be matched. The default is to not include the classifier in the DCD message. DSG tunnel group to which this DSG tunnel belongs. use the following command: C4# configure cable dsg classifier tunnel 1 classifier 1source-net 10.10. The prefixlength is the length of the CIDR prefix carried in srclp. Priority of the classifier.0/24 dest-ip 224. Valid values are 1 to 65335.3 includein-dcd 26-78 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .10. Includes the classifier in the DCD message.10.10. The destination IP address to be matched.10.26 CLI Command Descriptions configure cable dsg tunnel <tunnelid> classifier <classid> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose This command provisions a classifier and associates the classifier with a DSG tunnel. Example Some valid forms of this command include: To create a classifier.

2.C4 CMTS To modify a classifier. Standard ARRIS PROPRIETARY — All Rights Reserved 26-79 . use the following command: C4# configure cable dsg classifier tunnel 1 no classifier 1 Release 4. use the following command: C4# configure cable dsg tunnel 1 classifier 1 priority 5 destport-range 24-225 To delete a classifier for tunnel 1.

Multiple vendors may be added to the same set by repeating the command with the same <vendorsetid> but with different oui values. it uniquely identifies an entry on the vsp-list. Vendor assigned Organization Unique ID (3 hexidecimal octets) Up to 50 hexidecimal octet containing the vendor-specific information to be sent. When combined with the vendorsetid.26 CLI Command Descriptions configure cable dsg vsp-list Default Access Level Privileged – 15 Mode Global Configuration Prompt C4<config># Purpose Adds or deletes a piece of vendor-specific settings to a set of vendor-specific information which is grouped to be transmitted together. Valid values are 1 to 65335. Multiple vendor values may be added/deleted for the same vendor oui with repeated calls to the command providing the same <vendorsetid>. use the following command: C4# configure cable dsg no vsp-list <vendorsetid> [index <vendorindex>] Example Some valid forms of the command include: 26-80 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . NO Command To remove this vendor set or entry from the vendor set. configure cable dsg vsp-list <vendorsetid> [index <vendorindex>] [oui <oui>] [value <vendorvalue>] Parameter Definition <vendorsetid> [index <vendorindex>] [oui <oui>] [value <vendorvalue>] Identifier of the vendor set to be associated with the downstream interface.

use the following command: C4# configure cable dsg no vsp-list 4 index 1 Release 4.C4 CMTS Use the following command to create a row in set 1 for vendor 010203 and assuming no rows exist for the vsp-list. use the following command: C4# configure cable dsg vsp-list 2 no To delete a specific row in a vsp-list. use the following command: C4# configure cable dsg vsp-list 1 index 1 value 010102030405060708090a0b0c0d0e0f To delete all rows for a given vsp-list. In this example. the vendor value for oui 010203 will be assigned index 1. C4# configure cable dsg vsp-list 1 oui 010203 value 00:01:02:03:04:05:06:07:08:09:0a:0b:oc:0d:0e:0f:20:21:22: 23:24:25:26:27:28:29:2a:2b:2c:2d:2e:2f:30:31:32 To modify the vendor value of a row.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-81 .

The index of a filter within the current group.26 CLI Command Descriptions configure cable filter group <group> index <index> log Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose An IP filter will be marked for capturing packets into the capture FIFO. Range is from 1 to 31. This command only instructs the hardware to capture a packet when it matches the IP filter. There will be separate commands that will actually cause the captured packet to be placed into the log. NO Command C4# To delete this packet filter. configure cable filter group <group number> index <index> log Parameter Definition <group number> index <index> The number assigned to the group.023. type the following command: configure cable no filter group <group number> index <index> log Related Command(s) show ip filter all 26-82 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Valid range is 1-1.

NO Command To disable the threshold used to monitor the power adjustment in the flap list. use the following command: C4# configure cable flap-list power-adjust threshold no Release 4.C4 CMTS configure cable flap-list power-adjust threshold Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the threshold used to monitor the power adjustment in the flap list.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-83 . configure cable flap-list power-adjust threshold <10-100> Parameter Definition <10-100> The threshold in Tenths dB.

0 modems registered on the C4 CMTS.26 CLI Command Descriptions configure cable fragmentation-docsis10 Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the C4 CMTS to allow DOCSIS® 1. use the following command: C4# configure no cable fragmentation-docsis10 26-84 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . configure cable fragmentation-docsis10 NO Command To disable fragmentation in all DOCSIS® 1.0 modems to utilize fragmentation.

NO Command To restore the default value (which is based on the Annex A (EuroDOCSIS) and/or Annex B (North American) configuration. North-American . Accepts upstream frequency ranges that conform to the extended range used in Japan (5 MHz to 55 MHz).Accepts upstream frequency ranges that conform to the DOCSIS specifications (5 MHz to 42 MHz). configure cable freq-range <european | japanese | northamerican> Parameter Definition European <european | japanese | north-american> Japanese - Accepts the upstream frequency ranges that conform with the EuroDOCSIS specifications (5 MHz to 65 Mhz).C4 CMTS configure cable freq-range Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the range of frequencies that are acceptable on upstreams.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-85 . use the following command: C4# configure cable no freq-range Release 4.

The minimum recommended value is 300 seconds.26 CLI Command Descriptions configure cable load-interval Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the interval for utilization calculations. NOTE Changes to the cable load-interval are not immediate and will take effect after the current interval has expired. setting this value too low will drain CPU resources. configure cable load-interval <0 | 300-86400> Parameter Definition <0 | 300-86400> The interval in seconds to collect/compute utilization data NO Command To disable the interval used for utilization calculations. WARNING On large systems. use the following command: C4# configure cable load-interval no 26-86 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

2.C4 CMTS configure cable max-qos-active-timeout Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the maximum QoS Active Timeout the C4 is willing to allow. If a larger value is received in a CM request. Related Command(s) configure cable max-qos-admitted-timeout Release 4. NOTE If PacketCable is enabled. the C4 will return this value instead of the response. Increasing the default value or setting the value to 0 (which represents infinity) is not recommended. configure cable max-qos-active-timeout <0-65535> Parameter Definition <0-65535> Maximum time in seconds. Standard ARRIS PROPRIETARY — All Rights Reserved 26-87 . The default values serve as a precaution for freeing resources in the event that any device or transmission path in the network does not perform as required. the active timeout should be set at 30 seconds. Default is 30 seconds.

NOTE If PacketCable is enabled. the admitted timeout should be set at 200 seconds.26 CLI Command Descriptions configure cable max-qos-admitted-timeout Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the maximum QoS Admitted Timeout the C4 is willing to allow. Default is 200 seconds. configure cable max-qos-admitted-timeout <0-65535> Parameter Definition <0-65535> Maximum time in seconds. Related Command(s) configure cable max-qos-active-timeout 26-88 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The default values serve as a precaution for freeing resources in the event that any device or transmission path in the network does not perform as required. Increasing the default value or setting the value to 0 (which represents infinity) is not recommended. If a larger value is received in a CM request. the C4 will return this value instead of the response.

1 cable modems. our provisioned default has been set to 96. This value is global for the chassis. Standard ARRIS PROPRIETARY — All Rights Reserved 26-89 .2. Any CM value set with this command will override the C4 default.C4 CMTS configure cable max-traffic-burst-docsis11 Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the downstream maximum traffic burst size for DOCSIS 1. Default is 96000 Release 4. configure cable max-traffic-burst-docsis11 <value> Parameter Definition <value> Maximum traffic burst in bytes for this service flow as used in the token bucket traffic policing algorithm.000 to provide better throughput for applications such as ftp. NOTE Although DOCSIS has a defined default value of 3044.

IP address.400 seconds. configure cable modem remote-query [<polling-rate> [<community>]] Parameter Definition [<polling-rate> Defines the time interval (in seconds) between two polling cycles of CM data collection. S/N ratio and UTP). To verify that the option is enabled. you will know at a glance the state of a single modem and overall status of the plant.26 CLI Command Descriptions configure cable modem remote-query Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the cable modem SNMP remote query settings to allow query of the cable modem (CM) performance statistics. use the following command: configure cable modem no remote-query NOTE The remote-query function is off by default. Default string = public. use the following command: C4# show running-config | include remote-query The following is an example of the output returned by the system: cable modem remote-query 1800 Related Command(s) configure snmp-server community 26-90 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . By polling the cable modems periodically using SNMP and caching the information (e. Valid range is from 30 to 86. Note: the community string is only allowed if the polling-rate has been input. Defines the SNMP community string used for polling CMs.g. Default value is 1800 seconds. MAC address. [<community>]] NO Command C4# To restore the default values.

Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-91 . There are two of this type: modulation profiles 1 and 2. otherwise you will overwrite the defaults). (It is recommended that you do not use 1 or 2. Each user-defined modulation profile is defined by a channel type. User-defined modulation profiles provide a shortcut method for a user to easily create modulation profiles just by specifying the desired channel type and modulation rate. There are also user-defined modulation profiles. such as tdma (which is for 2Dx12U). Basically.C4 CMTS configure cable modulation-profile <id> iuc Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Creates a new modulation profile or modifies an existing profile.2. Each upstream port must be associated with an existing modulation profile. The first is a default modulation profile that is automatically created for the user. user-defined modulation profiles allow the user to specific the channel type and the modulation rate for the data IUCs and the rest of the information for the modulation profile is filled in with recommended values. The userdefined profile defines most of the parameters for that modulation and channel type. Modulation profiles must be created and then associated with specified upstream ports There are two types of modulation profiles that are present in the C4 CMTS when the CAM boots up. and a modulation type. such as 16QAM. then the existing modulation profile will be overwritten by the new one. User-defined modulation profiles can be assigned to any number from 3–n to create a new profile. Modulation profiles are pre-defined sets of upstream channel parameters which make it easier to configure or reconfigure upstream channels. If you choose a number that is already in use.

The number of the modulation profile. There is no software-defined limit to the number of possible modulation profiles.26 CLI Command Descriptions These recommended values are generic values that should work across a wide variety of plants. configure cable modulation-profile <id> iuc <interval usage code> [mod <qpsk|qam8|qam16|qam32|qam64| qam1281>] [pre-len <preamble len>] [diff <true|false>] [fec-tbytes <no of bytes>] [fec-len <FEC code word length>] [seed <scrambler seed>] [burst-len <max burst len>] [last-cw <true|false>] [scrambler <true|false>] [guard-time-size <0|8–96|no>] [int-depth <depth>] [int-blocksize <blocksize>] [pre-type <preamble type>] [tcm <on|off>] [int-stepsize <stepsize>] [spreader <on|off>] [subframecode <subframe size>] [docsis-mode <tdma | atdma | scdma |tdmaandatdma> Parameter ID Description Identifier. 26-92 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Users may want to optimize these values to the specific needs of their cable plant.

NOTE: The Advanced PHY types are provided for channels carrying combined DOCSIS 1. Release 4. frequency. A multicast SID must be used to indicate the size of the data message that can be sent.0 bursts only.X. 3 Initial Ranging (Also called Initial Maintenance). Standard ARRIS PROPRIETARY — All Rights Reserved 26-93 . The cable modem uses this region in the upstream map interval if the number of minislots required to send the message is greater than the maximum burst interval for a short data grant in the Upstream Channel Descriptor (UCD) message. If the class of the SID associated with the request IE is broadcast. 5 Short Data Grants This unicast IE gives permission to a specific cable modem to transmit one or more PDUs. range request messages are sent in this IE when it contains a broadcast SID.0 compatible. 6 Long Data Grants This unicast IC gives permission to a specific cable modem to transmit one or more PDUs. The timing adjustments allow for the round trip delay of the fiber/optic plant plus the time to transmit the range request message. 8 Data Ack CMTS sets to map length. An initial range request message can be sent either with a broadcast SID or with a unicast SID depending upon the situation.0. Short data grants are used only when a cable modem is transmitting via an upstream channel that is compatible with DOCSIS 1. It allows parameters to be optimized for UGS flows.x and DOCSIS 2. The IUC typically has an assigned numeric value. A DOCSIS 1. If the class of the SID associated with the request IE is unicast. This IE is not used by the C4 CMTS map algorithm and as such changes made to this IE will have no affect on upstream data transmissions. Only the range request message — no other data — can be sent in this IE. This IE is unicast. The reason that grants can be split into short and long data grants is for the sake of FEC encoding. 7 Null Information Element Ending offset of the previous grant. which normally carry VoIP.X cable modem can only send a range request message during this IE. Used to bound the length of the last actual interval allocation. meaning cable modems must contend with each other when transmitting. Long data grants are used only when a cable modem is transmitting via an upstream channel that is compatible with DOCSIS 1.C4 CMTS Parameter Description Interval Usage Code. This IE allows cable modems a method to adjust their timing. Normally. 11 Advanced PHY UGS This IE is new with DOCSIS 2.X. IUC 4 Periodic Ranging (Also called Station Maintenance). 10 Advanced PHY Long This IE is the same as a long data grant expect that it is used when the cable modem is communicating via an upstream channel that is DOCSIS 2. then cable modems must contend with each other for upstream bandwidth. 2 Request/Data Either data requests or short data messages can be sent in this portion of the upstream map interval. It defines what kind of Information Element (IE) is being sent from the CMTS to the cable modems: • • • • • • Request = 1 Request/Data = 2 Initial Ranging = 3 Periodic Ranging = 4 Short Data Grants = 5 Long Data Grants = 6 • • • • • Null Information Element (IE) = 7 Data Ack = 8 Advanced PHY Short Data Grant = 9 Advanced PHY Long Data Grant = 10 Advanced PHY Unsolicited Grant = 11 1 Request This portion of the upstream map interval is used by cable modems to request bandwidth for data transmission. 9 Advanced PHY Short This IE is the same as a short data grant expect that it is used when the cable modem is communicating via an upstream channel that is DOCSIS 2.0 bursts and also for channels carrying DOCSIS 2.0 compatible. This IE is used so that cable modems can perform station maintenance. A DOCSIS 2. then this is an opportunity for a single cable modem to request additional bandwidth. The reason that grants can be split into short and long data grants is for the sake of FEC encoding.0 cable modem can send a range request message or an initial range request message depending upon the type of the upstream channel. and transmit power so that they can reliably communicate with the CMTS. The cable modem uses this region in the upstream map interval if the number of minislots required to send the message is less than or equal to the maximum burst interval specified for a short data grant in the Upstream Channel Descriptor (UCD) message.2.

In general. A DOCSIS 1. The 15-bit seed value for the scrambler polynomial. The preamble also helps the receiver to accurately receive an upstream burst. Forward Error Correction (T) The number of bytes with errors that can be corrected with FEC in the size specified in the codeword information byte length. Contact technical support for further assistance if experiencing these problems. where T = 0–10 for a DOCSIS 1. A type 5 TLV signifies that the channel is DOCSIS 2. DOCSIS 2. 5 and 6 with 16 QAM must have a preamble length in the range of 80 to 256. • For a TDMA upstream channel. The FEC codeword contains both the FEC information bytes and the FEC parity bytes and can be between 18 and 255 bytes. Forward Error Correction. DOCSIS 1. Some seeds will work better than others for producing a good distribution of 1's and 0's without a contiguous string of either 1's or 0's. For both short data and advanced PHY short data grant IEs. • All other cases for IUCs of 3 and 4 must have a preamble length in the range of 100 to 768. The range of possible values is from 0-32767. For each byte that can be corrected there are two additional FEC parity bytes that are added to the FEC codeword. a zero value implies that the IE is not limited. • For IUCs 9. • All other cases for IUCs of 1. False = disabled. diff Differential Encoding True = enabled. the preamble length must be in the range of 32 to 128 bits. pre-len fec-tbytes fec-len seed burst-len 26-94 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . IUCs of 3 or 4 without differential encoding must have a preamble length in the range of 32 to 384 bits. The pseudo random generator (randomizer) is used so that the data stream will not produce a long string of either 1's or 0's. Range = 0–255. IUCs of 1. • Otherwise. mod 1 = QPSK 2 = 16QAM 3 4 5 6 = 8QAM = 32QAM = 64QAM =128QAM (SCDMA only) Preamble Length The preamble serves to put the FEC and randomizer (also called the scrambler) into known states before the data is transmitted. Note: Even with the above guidelines. The number of codeword parity bytes is 2xT. A shorter codeword will increase the amount of overhead but allow for more errors to be corrected in the total data frame. Length of Codeword (K) The number of bytes in the information bytes of the FEC codeword. • For a TDMA or TDMAandATDMA upstream channel. There are additional restrictions upon the preamble length depending on the type of CAM. 2Dx12U CAM • For a TDMA or TDMAandATDMA upstream channel. Assuming that FEC is enabled. Burst length The maximum number of minislots that can be used by the IE. an IUC with 16 QAM modulation must have a preamble length in the range of 64 to 256 bits. The FEC codeword contains both the FEC information bytes and the FEC parity bytes.0 compatible. this field must be present and must contain a non-zero value. the preamble length must be in the range of 40 to 512.26 CLI Command Descriptions Parameter Description Modulation type Values 3–6 must not be used when the upstream channel is only DOCSIS 1.X (type 4 TLV) requires the preamble length to be between 0 and 1024 bits.X only compatible channel is signified in the UCD message with a descriptor encoded with a type 4 TLV.0 (type 5 TLV) requires the preamble length to be between 0 and 1536 bits. the FEC codeword can contain from 16 to 253 information bytes. IUCs of 3 and 4 with 16 QAM must have a preamble length in the range of 200 to 768. 5 and 6 must have a preamble length in the range of 40 to 256. 10 and 11. 1Dx8U CAM • For a TDMA upstream channel. Changing the seed for the pseudo random generator will cause the generator to produce a different pattern of ones and zeroes if the same input data is sent to the pseudo random generator. Note: the only channel type that the 1Dx8U CAM supports is TDMA.0 upstream channel. A value of zero indicates that FEC is disabled.0 upstream channel and 0–16 for a DOCSIS 2. it is possible to choose parameters such that the Preamble Superstring which contains the preamble strings for all the different IUCs does not fit within either the 1024 or the 1536 bit limits.X compatible.

There are three different states for the ATDMA Byte Interleaver signified by the values: 0 = dynamic mode. the C4 CMTS only supports the usage of spreader off for IUC 4. This parameter represents the number of bytes that can be used by the ATDMA interleaver when in the dynamic mode of operation. 1 = off. 10 and 11 with a TDMAandATDMA upstream channel. To obtain optimum benefit of the ATDMA interleaver. ATDMA Byte Interleaver Depth This parameter must be present for all IUCs with an ATDMA upstream channel or IUCs 9. This field indicates whether the scrambler or randomizer is enabled or not. 10 and 11 with a TDMAandATDMA upstream channel. Standard ARRIS PROPRIETARY — All Rights Reserved 26-95 . ATDMA Byte Interleaver Block Size This parameter must be present for all IUCs with an ATDMA upstream channel or IUCs 9. A sub-frame can vary in size from 1 code up to the total number of active codes. With qpsk1 the preamble’s constellation is at a higher power level when compared to qpsk0. IUC 3 must use spreader off. this parameter must not be present. False = disabled. Upstream DOCSIS-Mode This parameter contains the type of the upstream channel which must correspond to one of the following values: guard-time-size last-cw scrambler int-depth int-blocksize pre-type tcm int-stepsize spreader subframe-code docsis-mode • • • • tdma atdma scdma tdmaandatdma Release 4. the data throughput is similar to what is received if the next lower value for the modulation type is used. In dynamic mode. interleaving is performed on a sub-frame basis. False = fixed length. In fixed mode. This bit acts like a parity bit for decoding the rest of the bits in the symbol. this parameter must not be present. interleaving is performed on a sub-frame basis. Range = 2*(K+2T) – 2048. For all other cases. 10 and 11 must use spreader on. Trellis Coded Modulation TCM must only be used with an SCDMA upstream channel. True = shortened. 9. True = enabled.x channels must use the qpsk0 constellation pattern. By definition SCDMA channels have no additional time between frames. 2-floor(2048/(K + 2T)) = fixed mode. TCM causes one bit in the symbol to be used for encoding purposes. The values for the TCM are either on or off.0 upstream channels. However. This field is required for non-SCDMA channels and according to the RFI specification must contain a value of at least 5 symbols. Since one bit is removed from the symbol for encoding purposes. there are two modes of spreader operation: on and off. The interleaver step size determines the manner in which symbols are interleaved within the sub-frame. consequently. this parameter cannot be used. there is one FEC codeword per row and the depth is the number of rows in the interleaving matrix. DOCSIS 1. Preamble Type For DOCSIS 2. This value may be derivable from other network and architectural parameters. According to the RFI specification.C4 CMTS Parameter Description Guard Time This is the amount of time measured in symbols that must exist between successive frames. and IUCs 1. Range = 1–31. This option must be present for an SCDMA channel and must not be present for all other upstream channel types. This option must be present for an SCDMA channel and must not be present for all other upstream channel types. Last Codeword This indicates whether the last FEC codeword is of a fixed length or shortened. SCDMA Codes per Sub-Frame In an SCDMA upstream channel. use a value of 2048. SCDMA Interleaver Step Size In an SCDMA upstream channel. The codes per sub-frame define the size of the sub-frame. This option must be present for a SCDMA channel and must not be present for all other upstream channel types. there are two possible constellation patterns that can be used for the QPSK preamble: qpsk0 and qpsk1. the system chooses the row and column sizes of the interleaving matrix to obtain optimum burst noise robustness. SCDMA Spreader In an SCDMA upstream channel. And IUC 4 can use either on or off. Range = 8–96 symbols.2. For all other cases.

5 short tdma q16 168 F 6 78 338 23 8 T T . enter the following command: C4# configure cable modulation-profile 20 tdma qam-16 Modulation profile 20 as defined by the above command: Interval Chan Mod Pre Dif FEC FEC Scr Max Guar L Scr ---Atdma--. For example.4 station tdma qpsk 384 F 5 34 338 0 48 F T .26 CLI Command Descriptions Example There is almost no limit to the number of modulation profiles you can create. if you want to use the user-defined profile for TDMA and 16QAM to create modulation profile 20.3 initial tdma qpsk 640 F 5 34 338 0 48 F T .- 26-96 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .Prea -----Scdma----Usage Type Type Len Enc CW amb Bur Time C amb Int Int mble TCM Int Sp Sub Code En Len Seed Siz Size S En Depth Block Type En Size En Cod --------------------------------------------------------------------------------------------1 request tdma qpsk 64 F 0 16 338 0 8 F T .6 long tdma q16 192 F 8 220 338 0 8 T T .

C4 CMTS C4# configure cable modulation-profile 1 iuc 1 control active mod qpsk pre-len 64 diff false fec-tbytes 0 fec-len 16 seed 338 burst-len 2 guard-time-size 8 last-cw false scrambler true configure cable modulation-profile 1 iuc 2 control active mod qpsk pre-len 64 diff false fec-tbytes 5 fec-len 34 seed 338 burst-len 2 guard-time-size 8 last-cwfalse scrambler true configure cable modulation-profile 1 iuc 3 control active mod qpsk pre-len 128 diff false fec-tbytes 5 fec-len 34 seed 338 burst-len 0 guard-time-size 48 last-cw false scrambler true configure cable modulation-profile 1 iuc 4 control active mod qpsk pre-len 128 diff false fec-tbytes 5 fec-len 34 seed 338 burst-len 0 guard-time-size 48 last-cw false scrambler true configure cable modulation-profile 1 iuc 5 control active mod qpsk pre-len 72 diff false fec-tbytes 5 fec-len 78 seed 338 burst-len 12 guard-time-size 8 last-cw true scrambler true configure cable modulation-profile 1 iuc 6 control active mod qpsk pre-len 80 diff false fec-tbytes 8 fec-len 220 seed 338 burst-len 0 guard-time-size 8 last-cw true scrambler true NO Command In order to delete an IUC from a modulation profile or the entire modulation profile. use the following command: configure cable modulation-profile <id> {iuc <iuc-id>} no Release 4.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-97 .

then all IUCs for the given modulation profile are deleted. then that IUC will not be deleted. If the IUC is omitted. 26-98 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . then a notice is given indicating that no action was performed. then only that IUC is deleted.26 CLI Command Descriptions NOTE If the IUC is provided. If an IUC is being used by an upstream. If the user attempts to delete an IUC that does not exist or a modulation profile that does not contain at least one IUC.

Valid range is 0-5. NOTE The default percentage increase for downstream dynamic flows will be 1 percent and is global for the chassis. Release 4.2.C4 CMTS configure cable percentaddtldsbandwidth Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the dynamic downstream service flow’s maximum traffic rate. configure cable percentaddtldsbandwidth <percent> Parameter Definition <percent> Percentage increase. Standard ARRIS PROPRIETARY — All Rights Reserved 26-99 .

Enter multiple lines as needed. as needed. {manufacturer <manufacturer The hexadecimal data for the manufacturer CA certificate. Hence. {root <root cert hex-data>} The hexadecimal data for the root CA certificate. The user should enter multiple lines. 26-100 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . and use a blank line to data>} terminate the string. Enter multiple lines cert hex-data>} as needed. configure cable privacy add-certificate {cm <mac address> <cm cert hex-data>} | {manufacturer <manufacturer cert hex-data>} | {root <root cert hexdata>} Parameter Definition The MAC address of the cable modem and the cable modem hexidecimal data {cm <mac address> <cm hexfor the CM certificate. a certificate entered when there is no active CAM will be considered a manufacturer certificate. to terminate the string. and use a blank line to terminate the string.26 CLI Command Descriptions configure cable privacy add-certificate Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Provides the ability to add and delete X. and use a blank line to terminate the string. NOTE This command is applicable to BPI+ modem operation and has no affect on BPI operation. The decision whether a certificate is root is made on a Cable Access Module (CAM) and not the System Control Module (SCM).509 digital certificates to either the Certificate Authority (CA) certificate MIB table or the Cable Modem (CM) certificate MIB table. NOTE This command requires multiple lines to enter the hex data of the certificate. Enter multiple lines as needed. using a blank line (hitting return twice) or a line that begins with a comment character ! or #.

4fc1 30820301 308201e9 a0030201 02021063 c0b1304a b58e7875 9f8e0fff 0d06092a 864886f7 0d010105 05003081 94310b30 09060355 04061302 30200603 55040a13 19417272 69732049 6e746572 61637469 76652c20 432e310f 300d0603 55040b13 06444f43 53495331 19301706 0355040b 77616e65 652c2047 656f7267 69613135 30330603 55040313 2c417272 61626c65 204d6f64 656d2052 6f6f7420 43657274 69666963 61746520 6f726974 79301e17 0d303231 30313031 35333333 335a170d 32323130 33333333 5a306831 0b300906 03550406 13025553 31223020 06035504 72726973 20496e74 65726163 74697665 2c204c2e 4c2e432e 31193017 0b131053 7577616e 65652c20 47656f72 67696131 1a301806 03550403 3a30303a 43413a33 313a3446 3a433130 819f300d 06092a86 4886f70d 0003818d 00308189 02818100 c0e835d3 ad4aa79a e3459ac1 8785106e 0af44148 e29a8d10 441dd6ba 6bedc362 81f217f6 1db4a6c9 ee478c26 445c5302 cd8fbab9 71064e5b 0cc75a9a 075db12f 3337dc06 dbac8548 bb86ac3c 189b91a5 5a10d283 a9a364dd 308b41bb cf8607cf 8a2c3fcf a84a06b3 e8618f32 2ebf24f3 02030100 01300d06 092a8648 86f70d01 03820101 003c59f6 6e95d5f0 72849b6f c743b77e 337b1990 f4c05e10 cce0cfe7 e32db220 5c8a9e57 b196be1e e4c8ea17 963d5d33 e490034b 3eec302e e6aefdd7 bf2f42ef 36ed5d7c 96e1b3bf f26a1f50 09018613 ce5014cb 75347366 37a88631 9837eedd b8d465b5 642de57e ff9dfb0d 7a757b19 4207c16e c166e182 7ce66062 52a0ed4d 08d8ab9b 5fd137c6 c9e10cd9 33ba26ea 8b246890 a0980ea6 11878bb0 21c99067 074b4599 6ddada32 125bc83f dc51678b c718c46f e1edb38c d2f86529 e9e6aa3b d0cbd40c 41f9c47d b2e6347d 012d0d5f dec307fa 37bf850d c0a81d94 6f4ea818 ba 2bbbd030 55533122 4c2e4c2e 13105375 69732043 41757468 31303135 0a131941 06035504 13113030 01010105 58c39d59 f67792e3 63083e7a f011ed2e 01050500 68975e4a e4d2853d e6146376 a50c89da 7ad6f423 b4d8c79d 0903ea0c 53c5b4bb Release 4. C4<config>#cable privacy add-certificate cm 0000.C4 CMTS NO Command To remove the certificate.ca31. use the following command (the entire hex string must be included): C4# configure cable privacy no add-certificate {cm <mac address> <cm cert hex-data>} | {manufacturer <manufacturer cert hex-data>} | {root <root cert hexdata>} Example Following is an example of adding a chained CM certificate to the CMTS provisioned CM cert table MIB.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-101 .

26 CLI Command Descriptions Example The following is an example of adding a chained manufacturer certificate to the CMTS CA cert table MIB. C4<config>#cable privacy add-certificate manufacturer 308203da 308202c2 a0030201 02021045 529c2654 797e1623 0d06092a 864886f7 0d010105 05003081 97310b30 09060355 30370603 55040a13 30446174 61204f76 65722043 61626c65 20496e74 65726661 63652053 70656369 66696361 74696f6e 040b130c 4361626c 65204d6f 64656d73 31363034 06035504 53204361 626c6520 4d6f6465 6d20526f 6f742043 65727469 7574686f 72697479 301e170d 30313039 31323030 30303030 31323335 3935395a 30819431 0b300906 03550406 13025553 0a131941 72726973 20496e74 65726163 74697665 2c204c2e 06035504 0b130644 4f435349 53311930 17060355 040b1310 2047656f 72676961 31353033 06035504 03132c41 72726973 6f64656d 20526f6f 74204365 72746966 69636174 65204175 82012230 0d06092a 864886f7 0d010101 05000382 010f0030 dbc20e77 3c2baa6c 4cc6ca4e b1c1f6c5 6ea5bc2a fd2de0e7 1e5d820b f70399b6 85c332f2 e645bff1 1e906f5d f9a65acd edb35eb1 96f53cf6 453a21bb 5f16f82d 46333c21 220edae7 ba18d0c2 f8a9b315 09c0b145 ef72c1a8 b89fb531 dbcda062 f43d2ec7 e51af53a d2155c64 811b6598 c7a67887 b3396432 5e7ec6b1 ae6056ab f38b7eae 7b0a616f 96aeeddf 79a6c724 fa959ac0 53e49646 71423c4d c43902c1 f5850ed8 18d9140f 7b68b899 9dae9dd2 014f4efc 1b66b501 5e7f97fd 14a59f29 02030100 01a32330 21301206 03551d13 0101ff04 08300601 03551d0f 04040302 0106300d 06092a86 4886f70d 01010505 35364871 2ea4f27f 61f1fc8e f6e0aee5 ed10a7d9 c08e7454 eebcbe9d 14e58c52 5c08360e ccf1bb1e 124afeb4 36790d02 7a7af344 84ea7b8b c135cb1d c18ad415 bb296f74 0d9cf9e1 2f902b7b 683e6776 f99b56fc a85db596 8f0c07fd ed5cf696 b4fdcc2c cb13e7e5 2911e41b f1908eda 72b9ef53 c819df80 04384132 a766bed0 2ddff865 281a1aff 2cdd7883 9af19afb 03f49678 943c7153 82f6f168 123dd439 fd7221d1 c76414d7 51821b88 fcc717d7 9ea522c9 93c239e5 e3130528 8e5d0946 c6e72318 04061302 20536572 73311530 03132d44 66696361 5a170d32 31223020 4c2e432e 53757761 20436162 74686f72 82010a02 2112a94f 8a4bf4f8 d7a7db6a 6bdb2d6d b87d0f86 e7d5e569 b0d543c9 a75ff024 01ff0201 00038201 30a5ef8d 0299195c abf8061b e2b061f7 48dd3076 7b1a5f8d 7218c479 dc378ffc 0a9e9c30 55533139 76696365 13060355 4f435349 74652041 31303931 06035504 310f300d 6e65652c 6c65204d 69747930 82010100 f8a139f7 147eb79d 527e6938 54d225c4 4e4e7c9d 9e419fd5 ff5ce333 8832a4b1 00300b06 01002bf8 31c78c50 778806f0 74d36ba6 b1825ffd e3e606c9 82949271 34be7cc1 a695 Related Command(s) show cable show cable show cable show cable privacy manufacturer-cert-list privacy root-cert-list privacy ca-certificates privacy cm-certificates 26-102 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Standard ARRIS PROPRIETARY — All Rights Reserved 26-103 .C4 CMTS configure cable privacy ca-cert-trust Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Provides the ability to change the trust state of an existing X. C4# cable privacy ca-cert-trust 6 trusted The following is an example of the output returned by the system: Trust state for certificate authority certificate 6 set to trusted Related Command(s) show cable privacy manufacturer-cert-list show cable privacy root-cert-list show cable privacy ca-certificates Release 4. Valid range is 1-100 CA certificate trust state is trusted. CA certificate trust state is untrusted. configure cable privacy ca-cert-trust <index> <trusted | untrusted |chained | root> Parameter Definition <index> <trusted | untrusted | chained | root> CA certificate index. CA certificate trust state is root. Example The following example changed the trust state of the CA certificate at index 6 to trusted. CA certificate trust state is chained. NOTE This command is applicable to BPI+ modem operation and has no affect on BPI operation.509 digital certificate authority (CA) certificate.2.

4fc1 untrusted The following is an example of the output returned by the system: Status of cable modem 0000.ca31.4fc1 certificate is untrusted Related Command(s) show cable privacy cm-certificates 26-104 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . NOTE This command is applicable to BPI+ modem operation and has no affect on BPI operation.4fc1 to untrusted.509 digital cable modem (CM) certificate. CM certificate trust state is untrusted. C4# configure cable privacy cm-cert-trust 0000.ca31. Example The following example changed the trust state of the provisioned CM certificate with MAC address 0000.ca31. configure cable privacy cm-cert-trust <mac> <trusted |untrusted> Parameter Definition <mac> <trusted | untrusted> MAC address of cable modem CM certificate trust state is trusted.26 CLI Command Descriptions configure cable privacy cm-cert-trust Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Provides the ability to change the trust state of an existing X.

use the following command: configure no proto-throttle dhcp Release 4.C4 CMTS configure cable proto-throttle <arp | dhcp> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables DHCP and ARP throttling. use the following command: configure no proto-throttle arp .or - Example C4# NO Command C4# The following command would enable DHCP throttling: configure proto-throttle dhcp To disable DHCP throttling.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-105 . configure cable proto-throttle <arp | dhcp> ] Parameter <arp | dhcp> Definition Enable either ARP or DHCP throttling Example C4# NO Command C4# The following command would enable ARP throttling: configure proto-throttle arp To disable ARP throttling.

configure cable proto-throttle {interval <seconds> | maxburst <size>} Parameter Definition Seconds needed to let one throttleable packet go upstream when throttled. Valid range is 1 to 15. use the following command: C4# configure proto-throttle interval 5 max-burst 10 26-106 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions configure cable proto-throttle <interval | max-burst> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures throttle settings. {interval <seconds>} {max-burst <size>} Example To set the interval for 5 seconds and the max-burst size to 10. Valid range is 1 to 10 seconds. Sets the maximum allowable burst size of throttleable packet.

configure cable tcp-smoothing <1d8u | 2d12u> Parameter Definition Specify either the 1Dx8U or 2Dx12U Cable Access Module (CAM). use the following command: C4# configure cable no tcp-smoothing 1d8u NO Command Release 4. use the following command: C4# configure cable tcp-smoothing 1d8u To return to the default value. Standard ARRIS PROPRIETARY — All Rights Reserved 26-107 . <1d8u | 2d12u> Example To configure the smoothing value on the 1Dx8U CAM.C4 CMTS configure cable tcp-smoothing <1d8u | 2d12u> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the TCP smoothing value to be programmed into the hardware on the specified interface.2.

units in tens of milliseconds Fast poll interval. run the show cable unicastpolling command. units in tens of milliseconds Definition [slow-intvl <20-10000>] [fast-intvl <20-10000>] [fast-period <20-5000>] Example C4# Following are some example commands and their output: configure cable unicast-polling pri 0 slow-intvl 20 To view the results of this command.-------. Following is an example of the output returned by the system: C4# show cable unicast-polling slow fast fast priority interval interval period -------.26 CLI Command Descriptions configure cable unicast-polling pri <0-7> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the settings for unicast polling priorities.-------.-------0 20 0 0 1 0 0 0 2 0 0 0 3 0 0 0 4 125 25 500 5 100 20 500 6 75 15 500 7 50 10 500 26-108 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . configure cable unicast-polling pri <0-7> [slow-intvl <201000>] [fast-intvl <20-10000>] [fast-period <20-50000>] Parameter <0-7> DOCSIS service flow priority Slow poll interval. units in tens of milliseconds Fast poll timeout.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-109 . run the show cable unicastpolling command. Following is an example of the output returned by the system: C4# show cable unicast-polling slow fast fast priority interval interval period -------.C4 CMTS c4# configure cable unicast-polling pri 1 fast-intvl 21 To view the results of this command.2.-------. run the show cable unicastpolling command.-------0 20 0 0 1 0 21 0 2 0 0 0 3 0 0 0 4 125 25 500 5 100 20 500 6 75 15 500 7 50 10 500 C4# configure cable unicast-polling pri 1 fast-period 22 To view the results of this command.-------.-------0 20 0 0 1 0 21 22 2 0 0 0 3 0 0 0 4 125 25 500 5 100 20 500 6 75 15 500 7 50 10 500 Release 4.-------.-------. Following is an example of the output returned by the system: C4# show cable unicast-polling slow fast fast priority interval interval period -------.

-------.-------0 20 0 0 1 0 21 22 2 23 24 25 3 0 0 0 4 125 25 500 5 100 20 500 6 75 15 500 7 50 10 500 26-110 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Following is an example of the output returned by the system: C4# show cable unicast-polling slow fast fast priority interval interval period -------.26 CLI Command Descriptions C4# configure cable unicast-polling pri 2 slow-intvl 23 fastintvl 24 fast-period 25 To view the results of this command.-------. run the show cable unicastpolling command.

C4 CMTS configure cable upstream-lockup-detection modem-threshold <int> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Sets the parameters controlling the upstream lockup detection. Release 4. configure cable upstream-lockup-detection modem-threshold <int> Parameter Definition <int> Minimum number of modems on upstream necessary for lockup detection.2. Standard ARRIS PROPRIETARY — All Rights Reserved 26-111 .

26 CLI Command Descriptions configure cableauthstring Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Sets the authorization string on the CMTS to match the value in the cable modem initialization file. With no string specified. configure cableauthstring [<string>] Parameter Definition [<string>] Shared secret between the CMTS and the cable modem configuration file generator or provisioning server. this command sets the authorization string used during CMTS MIC calculations. type the following command: C4# configure cableauthstring no [<string>] 26-112 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The cableauthstring may be up to 64 bytes long. this command enables/disables the CMTS MIC check during cable modem registration. This string must match the key used to create the MD5 digest in the cable modem initialization file. When a string is specified. NO Command To enable just the CMTS MIC check for the existing string.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-113 .C4 CMTS configure cable-group <cablegroupid> Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the cable group. configure cable-group <cablegroupid> Parameter Definition <cablegroupid> The cable group ID NO Command C4# Related Command(s) To remove a cable group.2. use the following command: configure no cable-group <cablegroupid> configure cable-group <cablegroupid> cable <slot>/<port> load-balance configure interface cable <slot>/<mac> cable upstream <uport> cable-group-id <cablegroupID> Release 4.

configure cable-group <cablegroupid> cable <slot> loadbalance Parameter Definition <cablegroupid> <slot>/<port> The cable group ID Cable Access Module slot and port of the specified cable group. Related Command(s) configure cable-group <cablegroupid> configure interface cable <slot>/<mac> cable upstream <uport> cable-group-id <cablegroupID> 26-114 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions configure cable-group <cablegroupid> cable <slot>/<port> load-balance Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Activates load balancing in the specified cable group on the Cable Access Module in the specified slot/port.

configure clock network <ntd | tod> Parameter Definition <ntd | tod> Network time synchronization protocol of either NTD or TOD. Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-115 .2.C4 CMTS configure clock network Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Sets the network time synchronization protocol to either the NTP or TOD.

dd=day. 2004. on October 4. configure clock set <yyyy:mm:dd:hh:mm:ss> Parameter Definition <yyyy:mm:dd:hh:mm:ss> yyyy = year.hh=hour. mm=month.26 CLI Command Descriptions configure clock set Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Manually sets the clock to the specified date and time. mm=minutes. ss=seconds Example To manually set the clock for 9:15 a. Enter a 4 digit year.m. use the following command: C4# clock 2004:10:04:09:15:00 26-116 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

e. Examples of canonical TZ names are Europe/Paris or America/Chicago or Asia/Hong_Kong. but no DST adjustments are made when local time is displayed or logged. Standard ARRIS PROPRIETARY — All Rights Reserved 26-117 . the built-in local TZ and DST rules for that TZ location name are activated.com> (1996-08-05) This file contains a table with the following columns: 1.g. The TZ and DST adjustments are made automatically whenever the local time is displayed or logged. When a GMT (Greenwich Mean Time) offset is given. Latitude and longitude of the zone's principal location. This includes automatic adjustment of local time to TZ & DST and setting of the TZ abbreviation according to the rules. use the following command: C4# configure clock no timezone NOTE Following are the C4 CMTS TZ zone descriptions actually running on the C4 CMTS. When a canonical <timezone name> is given.C4 CMTS configure clock timezone Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the local timezone (TZ) and daylight saving time (DST) rules based on canonical <timezone name> or GMT offset. the local TZ is set accordingly. Release 4.2. ISO 3166 2-character country code. America/Chicago Greenwich Mean Time offset in the form of plus or minus hours (hh) or hours and minutes (hh:mm) NO Command To disable the currently active network time synchronization protocol client and allow the local time of day clock to operate without network synchronization. Note: this information from <eggert@twinsun. configure clock timezone <timezone name> | <GMT [+ | hh[:mm]]> Parameter Definition <timezone name> <GMT [+ | -hh[:mm]]> Country name/zone location. 2.

where that does not contradict (1). Anvers Island Mawson Station. Terre Adelie Syowa Station.CN. Zone name used in value of TZ environment variable. then by order within the country that: (1) makes some geographical sense. Comments. then longitude (+ is east).SA. 5. Ross Island Amundsen-Scott Station. TF) most locations (CB. 4.TM) Jujuy (JY) Catamarca (CT) Mendoza (MZ) AR AR AR AR AS AT AU -3124-06411 -2411-06518 -2828-06547 -3253-06849 -1416-17042 +4813+01620 -3133+15905 America/Cordoba America/Jujuy America/Catamarca America/Mendoza Pacific/Pago_Pago Europe/Vienna Australia/Lord_Howe Lord Howe Island 26-118 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .SJ.LP. E Ongul I E Argentina (BA.SL. and (2) puts the most populous zones first. Code AD AE AF AG AI AL AM AN AO AQ AQ AQ AQ AQ AQ AQ AQ AQ AR Coordinates +4230+00131 +2518+05518 +3431+06912 +1703-06148 +1812-06304 +4120+01950 +4011+04430 +1211-06900 -0848+01314 -7750+16636 -9000+00000 -6448-06406 -6736+06253 -6835+07758 -6617+11031 -7824+10654 -6640+14001 -690022+0393524 -3436-05827 TZ (Timezone) Europe/Andorra Asia/Dubai Asia/Kabul America/Antigua America/Anguilla Europe/Tirane Asia/Yerevan America/Curacao Africa/Luanda Antarctica/McMurdo Antarctica/South_Pole Antarctica/Palmer Antarctica/Mawson Antarctica/Davis Antarctica/Casey Antarctica/Vostok Antarctica/Dumont DUrville Antarctica/Syowa America/ Buenos_Aires Comments McMurdo Station. first latitude (+ is north).CH. SC.FM. S Magnetic Pole Dumont-d'Urville Base.CC. Vestfold Hills Casey Station. present if and only if the country has multiple rows.SE. DF.SF. 3.MN.LR. ailey Peninsula Vostok Station.26 CLI Command Descriptions in ISO 6709 sign-degrees-minutes-seconds format: either +-DDMM+-DDDMM or +-DDMMSS+-DDDMMSS. The table is sorted first by country.RN. South Pole Palmer Station. Holme Bay Davis Station.NQ .ER.

CE. PR) Pernambuco Tocantins Alagoas.Holiday Islands South Australia Northern Territory Western Australia Atlantic islands Amapa. PI. Sergipe S & SE Brazil (BA. ES. RS) Mato Grosso. Standard ARRIS PROPRIETARY — All Rights Reserved 26-119 .Yancowinna Queensland .most locations New South Wales .2. Rondonia Roraima E Amazonas W Amazonas Acre Newfoundland Island Release 4. DF. RJ. PR. SP. RN. GO. Mato Grosso do Sul W Para. MG. E Para NE Brazil (MA.most locations Queensland .C4 CMTS Code AU AU AU AU AU AU AU AU AU AW AZ BA BB BD BE BF BG BH BI BJ BM BN BO BR BR BR BR BR BR BR BR BR BR BR BR BR BS BT BW BY BZ CA Coordinates -4253+14719 -3749+14458 -3352+15113 -3157+14127 -2728+15302 -2016+14900 -3455+13835 -1228+13050 -3157+11551 +1230-06858 +4023+04951 +4352+01825 +1306-05937 +2343+09025 +5050+00420 +1222-00131 +4241+02319 +2623+05035 -0323+02922 +0629+00237 +3217-06446 +0456+11455 -1630-06809 -0351-03225 -0127-04829 -0343-03830 -0803-03454 -0712-04812 -0940-03543 -2332-04637 -1535-05605 -0846-06354 +0249-06040 -0308-06001 -0640-06952 -0958-06748 +2505-07721 +2728+08939 -2545+02555 +5354+02734 +1730-08812 +4734-05243 TZ (Timezone) Australia/Hobart Australia/Melbourne Australia/Sydney Australia/Broken_Hill Australia/Brisbane Australia/Lindeman Australia/Adelaide Australia/Darwin Australia/Perth America/Aruba Asia/Baku Europe/Sarajevo America/Barbados Asia/Dhaka Europe/Brussels Africa/Ouagadougou Europe/Sofia Asia/Bahrain Africa/Bujumbura Africa/Porto-Novo Atlantic/Bermuda Asia/Brunei America/La_Paz America/Noronha America/Belem America/Fortaleza America/Recife America/Araguaina America/Maceio America/Sao_Paulo America/Cuiaba America/Porto_Velho America/Boa_Vista America/Manaus America/Eirunepe America/Rio_Branco America/Nassau Asia/Thimphu Africa/Gaborone Europe/Minsk America/Belize America/St_Johns Comments Tasmania Victoria New South Wales . SC.

Manitoba & west Ontario Central Time . of Congo most locations Easter Island & Sala y Gomez 26-120 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .west British Columbia Pacific Time .Alberta.most locations Central Standard Time Saskatchewan . W Labrador.midwest Mountain Time . British Columbia Pacific Time .Thunder Bay.Ontario & Quebec most locations Eastern Time .central Nunavut Central Time .east Nunavut Eastern Standard Time . E Quebec & PEI Atlantic Time . Ontario Eastern Standard Time Pangnirtung.26 CLI Command Descriptions Code Coordinates TZ (Timezone) Comments Atlantic Time . Nunavut Eastern Standard Time .west Nunavut Central Standard Time Saskatchewan . Ontario Central Time .places that did not observe DST 19661971 Atlantic Time .north Yukon CA +4439-06336 America/Halifax CA CA CA +4612-05957 +5320-06025 +4531-07334 America/Glace_Bay America/Goose_Bay America/Montreal CA CA CA CA CA CA CA CA CA CA +4901-08816 +4823-08915 +6608-06544 +6344-06828 +6245-09210 +4953-09709 +4843-09429 +6903-10505 +5024-10439 +5017-10750 America/Nipigon America/Thunder_Bay America/Pangnirtung America/Iqaluit America/Rankin_Inlet America/Winnipeg America/Rainy_River America/Cambridge_Bay America/Regina America/Swift_Current CA CA CA +5333-11328 +6227-11421 +6825-11330 America/Edmonton America/Yellowknife America/Inuvik CA CA CA CA CC CD CD CF CG CH CI CK CL CL +5946-12014 +4916-12307 +6043-13503 +6404-13925 -1210+09655 -0418+01518 -1140+02728 +0422+01835 -0416+01517 +4723+00832 +0519-00402 -2114-15946 -3327-07040 -2710-10927 America/Dawson_Creek America/Vancouver America/Whitehorse America/Dawson Indian/Cocos Africa/Kinshasa Africa/Lubumbashi Africa/Bangui Africa/Brazzaville Europe/Zurich Africa/Abidjan Pacific/Rarotonga America/Santiago Pacific/Easter west Dem.Rainy River & Fort Frances.south Yukon Pacific Time .Nova Scotia (most places). of Congo east Dem.central Northwest Territories Mountain Time . Rep.Ontario & Quebec places that did not observe DST 1967-1973 Eastern Time .E Labrador Eastern Time .Nova Scotia . Rep.Dawson Creek & Fort Saint John. east British Columbia & west Saskatchewan Mountain Time .west Northwest Territories Mountain Standard Time . NB.

C4 CMTS Code CM CN CN CN CN CN CO CR CU CV CX CY CZ DE DJ DK DM DO DZ EC EC EE EG EH ER ES ES ES ET FI FJ FK FM FM FM FM FO FR GA GB GB GD Coordinates +0403+00942 +3114+12128 +4545+12641 +2934+10635 +4348+08735 +3929+07559 +0436-07405 +0956-08405 +2308-08222 +1455-02331 -1025+10543 +3510+03322 +5005+01426 +5230+01322 +1136+04309 +5540+01235 +1518-06124 +1828-06954 +3647+00303 -0210-07950 -0054-08936 +5925+02445 +3003+03115 +2709-01312 +1520+03853 +4024-00341 +3553-00519 +2806-01524 +0902+03842 +6010+02458 -1808+17825 -5142-05751 +0931+13808 +0725+15147 +0658+15813 +0519+16259 +6201-00646 +4852+00220 +0023+00927 +512830-0001845 +5435-00555 +1203-06145 TZ (Timezone) Africa/Douala Asia/Shanghai Asia/Harbin Asia/Chongqing Asia/Urumqi Asia/Kashgar America/Bogota America/Costa_Rica America/Havana Atlantic/Cape_Verde Indian/Christmas Asia/Nicosia Europe/Prague Europe/Berlin Africa/Djibouti Europe/Copenhagen America/Dominica America/Santo_Domingo Africa/Algiers America/Guayaquil Pacific/Galapagos Europe/Tallinn Africa/Cairo Africa/El_Aaiun Africa/Asmera Europe/Madrid Africa/Ceuta Atlantic/Canary Africa/Addis_Ababa Europe/Helsinki Pacific/Fiji Atlantic/Stanley Pacific/Yap Pacific/Truk Pacific/Ponape Pacific/Kosrae Atlantic/Faeroe Europe/Paris Africa/Libreville Europe/London Europe/Belfast America/Grenada Comments east China .2. Tibet & most of Xinjiang Uyghur southwest Xinjiang Uyghur mainland Galapagos Islands mainland Ceuta & Melilla Canary Islands Yap Truk (Chuuk) Ponape (Pohnpei) Kosrae Great Britain Northern Ireland Release 4.Gansu. Yunnan. Guizhou. Heilongjiang central China . Guangdong. etc.Beijing. Sichuan. Shanghai. etc. Standard ARRIS PROPRIETARY — All Rights Reserved 26-121 .

north of Scoresbysund Scoresbysund / Ittoqqortoormiit Thule / Pituffik Java & Sumatra west & central Borneo east & south Borneo. west Timor Irian Jaya & the Moluccas 26-122 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Celebes. Nusa Tengarra.26 CLI Command Descriptions Code GE GF GH GI GL GL GL GL GM GN GP GQ GR GS GT GU GW GY HK HN HR HT HU ID ID ID ID IE IL IN IO IQ IR IS IT JM JO JP KE KG Coordinates +4143+04449 +0456-05220 +0533-00013 +3608-00521 +6411-05144 +7646-01840 +7030-02215 +7634-06847 +1328-01639 +0931-01343 +1614-06132 +0345+00847 +3758+02343 -5416-03632 +1438-09031 +1328+14445 +1151-01535 +0648-05810 +2217+11409 +1406-08713 +4548+01558 +1832-07220 +4730+01905 -0610+10648 -0002+10920 -0507+11924 -0232+14042 +5320-00615 +3146+03514 +2232+08822 -0720+07225 +3321+04425 +3540+05126 +6409-02151 +4154+01229 +1800-07648 +3157+03556 +353916+1394441 -0117+03649 +4254+07436 TZ (Timezone) Asia/Tbilisi America/Cayenne Africa/Accra Europe/Gibraltar America/Godthab America/ Danmarkshavn America/ Scoresbysund America/Thule Africa/Banjul Africa/Conakry America/Guadeloupe Africa/Malabo Europe/Athens Atlantic/ South_Georgia America/Guatemala Pacific/Guam Africa/Bissau America/Guyana Asia/Hong_Kong America/ Tegucigalpa Europe/Zagreb America/Port-au-Prince Europe/Budapest Asia/Jakarta Asia/Pontianak Asia/Makassar Asia/Jayapura Europe/Dublin Asia/Jerusalem Asia/Calcutta Indian/Chagos Asia/Baghdad Asia/Tehran Atlantic/Reykjavik Europe/Rome America/Jamaica Asia/Amman Asia/Tokyo Africa/Nairobi Asia/Bishkek Comments most locations east coast. Bali.

Govi-Altai. Gur'yev). Mangghystau (Mankistau) West Kazakhstan most locations Kwajalein southwest Mali northeast Mali most locations Bayan-Olgiy. Uvs. Sukhbaatar Release 4. Hovd. Kzyl-Orda) Aqtobe (Aktobe) Atyrau (Atirau. Zavkhan Dornod. Standard ARRIS PROPRIETARY — All Rights Reserved 26-123 .C4 CMTS Code KH KI KI KI KM KN KP KR KW KY KZ KZ KZ KZ KZ LA LB LC LI LK LR LS LT LU LV LY MA MC MD MG MH MH MK ML ML MM MN MN MN MO MP Coordinates +1133+10455 +0125+17300 -0308-17105 +0152-15720 -1141+04316 +1718-06243 +3901+12545 +3733+12658 +2920+04759 +1918-08123 +4315+07657 +4448+06528 +5017+05710 +4431+05016 +5113+05121 +1758+10236 +3353+03530 +1401-06100 +4709+00931 +0656+07951 +0618-01047 -2928+02730 +5441+02519 +4936+00609 +5657+02406 +3254+01311 +3339-00735 +4342+00723 +4700+02850 -1855+04731 +0709+17112 +0905+16720 +4159+02126 +1239-00800 +1446-00301 +1647+09610 +4755+10653 +4801+09139 +4804+11430 +2214+11335 +1512+14545 TZ (Timezone) Asia/Phnom_Penh Pacific/Tarawa Pacific/Enderbury Pacific/Kiritimati Indian/Comoro America/St_Kitts Asia/Pyongyang Asia/Seoul Asia/Kuwait America/Cayman Asia/Almaty Asia/Qyzylorda Asia/Aqtobe Asia/Aqtau Asia/Oral Asia/Vientiane Asia/Beirut America/St_Lucia Europe/Vaduz Asia/Colombo Africa/Monrovia Africa/Maseru Europe/Vilnius Europe/ Luxembourg Europe/Riga Africa/Tripoli Africa/Casablanca Europe/Monaco Europe/Chisinau Indian/ Antananarivo Pacific/Majuro Pacific/Kwajalein Europe/Skopje Africa/Bamako Africa/Timbuktu Asia/Rangoon Asia/Ulaanbaatar Asia/Hovd Asia/Choibalsan Asia/Macau Pacific/Saipan Comments Gilbert Islands Phoenix Islands Line Islands most locations Qyzylorda (Kyzylorda.2.

Chihuahua Mountain Standard Time . Durango. Nuevo Leon.Coahuila.most locations Central Time .S Baja. Nayarit. Yucatan Central Time .Sonora Pacific Time peninsular Malaysia Sabah & Sarawak most locations Chatham Islands Society Islands Marquesas Islands Gambier Islands 26-124 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Tamaulipas Mountain Time . Sinaloa Mountain Time .Campeche.26 CLI Command Descriptions Code MQ MR MS MT MU MV MW MX MX MX MX MX MX MX MX MY MY MZ NA NC NE NF NG NI NL NO NP NR NU NZ NZ OM PA PE PF PF PF PG PH PK PL PM Coordinates +1436-06105 +1806-01557 +1644-06213 +3554+01431 -2010+05730 +0410+07330 -1547+03500 +1924-09909 +2105-08646 +2058-08937 +2540-10019 +2313-10625 +2838-10605 +2904-11058 +3232-11701 +0310+10142 +0133+11020 -2558+03235 -2234+01706 -2216+16530 +1331+00207 -2903+16758 +0627+00324 +1209-08617 +5222+00454 +5955+01045 +2743+08519 -0031+16655 -1901+16955 -3652+17446 -4355-17630 +2336+05835 +0858-07932 -1203-07703 -1732-14934 -0900-13930 -2308-13457 -0930+14710 +1435+12100 +2452+06703 +5215+02100 +4703-05620 TZ (Timezone) America/Martinique Africa/Nouakchott America/Montserrat Europe/Malta Indian/Mauritius Indian/Maldives Africa/Blantyre America/Mexico_City America/Cancun America/Merida America/Monterrey America/Mazatlan America/Chihuahua America/Hermosillo America/Tijuana Asia/Kuala_Lumpur Asia/Kuching Africa/Maputo Africa/Windhoek Pacific/Noumea Africa/Niamey Pacific/Norfolk Africa/Lagos America/Managua Europe/Amsterdam Europe/Oslo Asia/Katmandu Pacific/Nauru Pacific/Niue Pacific/Auckland Pacific/Chatham Asia/Muscat America/Panama America/Lima Pacific/Tahiti Pacific/Marquesas Pacific/Gambier Pacific/Port_Moresby Asia/Manila Asia/Karachi Europe/Warsaw America/Miquelon Comments Central Time .Quintana Roo Central Time .

Kamchatka Moscow+10 .Kaliningrad Moscow+00 . Standard ARRIS PROPRIETARY — All Rights Reserved 26-125 .Magadan Moscow+09 .west Siberia Moscow+03 .2.C4 CMTS Code PN PR PS PT PT PT PW PY QA RE RO RU RU RU RU RU RU RU RU RU RU RU RU RU RU RW SA SB SC SD SE SG SH SI SJ SJ SK SL SM SN SO SR ST Coordinates -2504-13005 +182806-0660622 +3130+03428 +3843-00908 +3238-01654 +3744-02540 +0720+13429 -2516-05740 +2517+05132 -2052+05528 +4426+02606 +5443+02030 +5545+03735 +5312+05009 +5651+06036 +5500+07324 +5502+08255 +5601+09250 +5216+10420 +6200+12940 +4310+13156 +4658+14242 +5934+15048 +5301+15839 +6445+17729 -0157+03004 +2438+04643 -0932+16012 -0440+05528 +1536+03232 +5920+01803 +0117+10351 -1555-00542 +4603+01431 +7800+01600 +7059-00805 +4809+01707 +0830-01315 +4355+01228 +1440-01726 +0204+04522 +0550-05510 +0020+00644 TZ (Timezone) Pacific/Pitcairn America/Puerto_Rico Asia/Gaza Europe/Lisbon Atlantic/Madeira Atlantic/Azores Pacific/Palau America/Asuncion Asia/Qatar Indian/Reunion Europe/Bucharest Europe/Kaliningrad Europe/Moscow Europe/Samara Asia/Yekaterinburg Asia/Omsk Asia/Novosibirsk Asia/Krasnoyarsk Asia/Irkutsk Asia/Yakutsk Asia/Vladivostok Asia/Sakhalin Asia/Magadan Asia/Kamchatka Asia/Anadyr Africa/Kigali Asia/Riyadh Pacific/Guadalcanal Indian/Mahe Africa/Khartoum Europe/Stockholm Asia/Singapore Atlantic/St_Helena Europe/Ljubljana Arctic/Longyearbyen Atlantic/Jan_Mayen Europe/Bratislava Africa/Freetown Europe/San_Marino Africa/Dakar Africa/Mogadishu America/Paramaribo Africa/Sao_Tome Comments mainland Madeira Islands Azores Moscow-01 .Novosibirsk Moscow+04 .west Russia Moscow+01 .Sakhalin Island Moscow+08 .Caspian Sea Moscow+02 .Yenisei River Moscow+05 .Amur River Moscow+07 .Lena River Moscow+07 .Urals Moscow+03 .Bering Sea Svalbard Jan Mayen Release 4.Lake Baikal Moscow+06 .

Wayne County Eastern Standard Time .most locations Eastern Time .Indiana most locations Eastern Standard Time .Indiana Crawford County Eastern Standard Time .Kentucky Louisville area Eastern Time .Indiana Starke County Eastern Standard Time .Indiana Switzerland County Central Time 26-126 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .Kentucky . E Lugansk central Crimea Great Britain Northern Ireland Johnston Atoll Midway Islands Wake Island Eastern Time Eastern Time .26 CLI Command Descriptions Code SV SY SZ TC TD TF TG TH TJ TK TM TN TO TP TR TT TV TW TZ UA UA UA UA UG UK UK UM UM UM US US US US US US US US US Coordinates +1342-08912 +3330+03618 -2618+03106 +2128-07108 +1207+01503 -492110+0701303 +0608+00113 +1345+10031 +3835+06848 -0922-17114 +3757+05823 +3648+01011 -2110+17510 -0833+12535 +4101+02858 +1039-06131 -0831+17913 +2503+12130 -0648+03917 +5026+03031 +4837+02218 +4750+03510 +4457+03406 +0019+03225 +512830-0001845 +5435-00555 +1700-16830 +2813-17722 +1917+16637 +404251-0740023 +421953-0830245 +381515-0854534 +364947-0845057 +394606-0860929 +382232-0862041 +411745-0863730 +384452-0850402 +415100-0873900 TZ (Timezone) America/El_Salvador Asia/Damascus Africa/Mbabane America/Grand_Turk Africa/Ndjamena Indian/Kerguelen Africa/Lome Asia/Bangkok Asia/Dushanbe Pacific/Fakaofo Asia/Ashgabat Africa/Tunis Pacific/Tongatapu Asia/Dili Europe/Istanbul America/Port_of_Spain Pacific/Funafuti Asia/Taipei Africa/Dar_es_Salaam Europe/Kiev Europe/Uzhgorod Europe/Zaporozhye Europe/Simferopol Africa/Kampala Europe/London Europe/Belfast Pacific/Johnston Pacific/Midway Pacific/Wake America/New_York America/Detroit America/Louisville America/Kentucky/ Monticello America/Indianapolis America/Indiana/ Marengo America/Indiana/ Knox America/Indiana/ Vevay America/Chicago Comments most locations Ruthenia Zaporozh'ye.Michigan .

. Standard ARRIS PROPRIETARY — All Rights Reserved 26-127 . TZ (Timezone) America/Menominee America/North_Dakota/Center America/Denver America/Boise America/Shiprock America/Phoenix America/Los_Angeles America/Anchorage America/Juneau America/Yakutat America/Nome America/Adak Pacific/Honolulu America/Montevideo Asia/Samarkand Asia/Tashkent Europe/Vatican America/St_Vincent America/Caracas America/Tortola America/St_Thomas Asia/Saigon Pacific/Efate Pacific/Wallis Pacific/Apia Asia/Aden Indian/Mayotte Europe/Belgrade Africa/Johannesburg Africa/Lusaka Africa/Harare EST5EDT CST6CDT MST7MDT PST8PDT EST MST HST Comments Central Time . . Coordinates +450628-0873651 +470659-1011757 +394421-1045903 +433649-1161209 +364708-1084111 +332654-1120424 +340308-1181434 +611305-1495401 +581807-1342511 +593249-1394338 +643004-1652423 +515248-1763929 +211825-1575130 -3453-05611 +3940+06648 +4120+06918 +4154+01227 +1309-06114 +1030-06656 +1827-06437 +1821-06456 +1045+10640 -1740+16825 -1318-17610 -1350-17144 +1245+04512 -1247+04514 +4450+02030 -2615+02800 -1525+02817 -1750+03103 ...Navajo Mountain Standard Time ..C4 CMTS Code US US US US US US US US US US US US US UY UZ UZ VA VC VE VG VI VN VU WF WS YE YT YU ZA ZM ZW ...Michigan Wisconsin border Central Time . .2. . . .. .. .Alaska panhandle Alaska Time .Alaska panhandle neck Alaska Time ...south Idaho & east Oregon Mountain Time . . .Arizona Pacific Time Alaska Time Alaska Time . ..west Alaska Aleutian Islands Hawaii west Uzbekistan east Uzbekistan Release 4..North Dakota Oliver County Mountain Time Mountain Time .. ...

number 1.0 mode for the DOCSIS 1.26 CLI Command Descriptions configure cos-mapping Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Defines values to be used by a cable modem registering in DOCSIS 1. the following command defines a COS profile. For example. Valid range is 1-16 Example This command can be used to create up to sixteen class of service profiles for 1. that redefines only one of the default parameters.0 modems.1 specific settings on a per Class ID basis. configure cos-mapping <up-max-traffic-burst> <down-maxtraffic-burst> <down-min-reserved-rate> <up-min-reservedpacket> <down-min-reserved-packet> <up-tos-and-mask> <uptos-or-mask> <down-max-latency> [class-id] Parameter Definition <up-max-traffic-burst> <down-max-traffic-burst> <down-min-reserved-rate> <up-min-reserved-packet> <down-min-reserved-packet> <up-tos-and-mask> <up-tos-or-mask> <down-max-latency> [class-id] Maximum upstream traffic bucket size (bytes) Maximum downstream traffic bucket size (bytes) Guaranteed minimum downstream rate (bits/sec) Minimum upstream packet size (bytes) Minimum downstream packet size (bytes) AND Mask for overwriting IP packet's TOS value OR Mask for overwriting IP packet's TOS value Max latency to forward a packet to RF interface Class of Service profile ID. Different values can be assigned to these parameters for each of the sixteen different profiles. Different profiles can be assigned to the 1.0 CMs by means of their TFTP config files. upstream maximum traffic burst: configure cos-mapping class-id 1 96000 up-max-traffic-burst 26-128 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

Standard ARRIS PROPRIETARY — All Rights Reserved 26-129 .C4 CMTS If users leave out the class-id from the command.0 modems support only the last. then that parameter is redefined for all sixteen profiles.0 mode: upstream max traffic burst downstream max traffic burst downstream minimum reserved rate upstream minimum reserved packet downstream minimum reserved packet upstream TOS AND mask upstream TOS OR mask downstream max latency 3044 96000 0 0 0 0xff 0 0 Release 4. The C4 CMTS assigns the following default values to the DOCSIS1.2.1 Parameters for 1.1-specific parameters for all modems that register in 1. The following command redefines the upstream maximum traffic burst for all the profiles: configure cos-mapping up-max-traffic-burst 96000 Defining DOCSIS 1. DOCSIS 1. COS Profile ID.0 Modems — Of all the parameters defined in the table above.

type the following command: configure no counts collection 26-130 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions configure counts collection rate Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the rate at which counts are collected. NO Command C4# To disable collection of counts. configure counts collection rate <collection rate> Parameter Definition <collection_rate> Collection rate in minutes from 15 through 1440.

2. NO Command C4# To delete the mapping.C4 CMTS configure crypto dynamic-map Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enters the configure crypto dynamic-map command mode to create or alter an IPSec dynamic map. use the following command: configure no crypto dynamic-map <dyn-map-name> <seq-num> Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-131 . This command is used to configure the C4 to only respond to an IKE exchange initiated by a peer. configure crypto dynamic-map <dyn-map-name> <seq-num> Parameter Definition <dyn-map-name> <seq-num> The textual name assigned to the crypto dynamic map entry. The number assigned to the crypto dynamic map entry. Valid range is 0-255. Only one seq-num is permitted per dyn-map-name.

Only one seq-num is permitted per dyn-map-name. Valid range is 0-255.26 CLI Command Descriptions configure crypto dynamic-map <dyn-map-name> <seq-num> match address Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Assigns an ACL number of an existing extended ACL entry that provides the selection criteria for packets to flow through the IPSec SAs. use the following command: configure no crypto dynamic-map <dyn-map-name> <seq-num> match address <acc-list-num> 26-132 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . NO Command C4# To disable the match address. The number assigned to the crypto dynamic map entry. Valid range is 100199. configure crypto dynamic-map <dyn-map-name> <seq-num> match address <acc-list-num> Parameter Definition <dyn-map-name> <seq-num> <acc-list-num> The textual name assigned to the crypto dynamic map entry. The numeric identifier assigned to the extended ACL entry.

Standard ARRIS PROPRIETARY — All Rights Reserved 26-133 . Only one seq-num is permitted per dyn-map-name. use the following command: configure no crypto dynamic-map <dyn-map-name> <seq-num> set peer <ipaddr> Release 4. The number assigned to the crypto dynamic map entry. If this dynamic map does not exist.C4 CMTS configure crypto dynamic-map <dyn-map-name> <seq-num> set peer Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the ISAKMP peer in a crypto dynamic map entry. Valid range is 0-255. The IP address of the ISAKMP peer. NO Command C4# To delete the ISAKMP peer.2. configure crypto dynamic-map <dyn-map-name> <seq-num> set peer <ipaddr> Parameter Definition <dyn-map-name> <seq-num> <ipaddr> The textual name assigned to the crypto dynamic map entry. it is created.

If this command is not used. The global lifetime is specified by the configure crypto ipsec security-association lifetime command. configure crypto dynamic-map <dyn-map-name> <seq-num> set security-assocation lifetime seconds <seconds> Parameter Definition <dyn-map-name> <seq-num> <seconds> The textual name assigned to the crypto dynamic map entry. Valid range is 60 (1 min) to 129600 (36 hrs). the global lifetime is applied. Only one seq-num is permitted per dyn-map-name.26 CLI Command Descriptions configure crypto dynamic-map <dyn-map-name> <seq-num> set security-association lifetime seconds Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Assign an IPSec life duration that causes each security association to expire after the specified number of seconds has lapsed. The number assigned to the crypto dynamic map entry. NO Command C4# To restore the lifetime to its global value. The IPSec SA lifetime in seconds. Valid range is 0-255. use the following command: configure no crypto dynamic-map <dyn-map-name> <seq-num> set security-association lifetime seconds 26-134 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .

it is created. Standard ARRIS PROPRIETARY — All Rights Reserved 26-135 . configure crypto dynamic-map <dyn-map-name> <seq-num> set transform-set <trans-set-name> Parameter Definition <dyn-map-name> <seq-num> <trans-set-name> The textual name assigned to the crypto dynamic map entry. The IPSec transform set name associated with the crypto dynamic map NO Command To remove the IPSec transform set name from the dynamic map. use the following command: C4# configure no crypto dynamic-map <dyn-map-name> <seq-num> set transform-set <trans-set-name> Release 4. Only one seq-num is permitted per dyn-map-name.C4 CMTS configure crypto dynamic-map <dyn-map-name> <seq-num> set transform-set Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Associates an existing IPSec transform set name with the IPSec dynamic map. The number assigned to the crypto dynamic map entry. If this dynamic map does not exist. Valid range is 0-255.2.

Default is 3600 (1 hr.26 CLI Command Descriptions configure crypto ipsec security-association lifetime seconds Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures a global IPSec life duration that causes each security association to expire after the specified number of seconds has lapsed. 26-136 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . This parameter applies to all maps and dynamic-maps unless an overriding lifetime is configured within each map/dynamic-map. configure crypto ipsec security-association lifetime seconds <seconds> Parameter Definition <seconds> Global IPSec SA lifetime in seconds.). Valid range is 60 (1 min) to 129600 (36 hrs).

configure crypto ipsec transform-set <trans-set-name> Parameter Definition <trans-set-name> The name assigned to the transform set.2. NO Command To remove the named security transform set entry.C4 CMTS configure crypto ipsec transform-set Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enters the cfg-crypto-tran command mode to create or alter an IPSec transform set. use the following command: C4# configure no crypto ipsec transform-set <trans-set-name> Release 4. The minimum length is 1 and maximum length is 32. Standard ARRIS PROPRIETARY — All Rights Reserved 26-137 .

If this transform set does not exist. NO Command C4# To restore the default. use the following command: configure no crypto ipsec transform-set <trans-set-name> authentication 26-138 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Authentication method for ESP mode. configure crypto ipsec transform-set <trans-set-name> authentication <esp-md5-hmac | esp-sha-hmac> Parameter Definition <trans-set-name> <esp-md5-hmac | esp-shahmac> The name assigned to the transform set. Default value is MD5-hmac. it will be created. either MD5-hmac or SHA-hmac.26 CLI Command Descriptions configure crypto ipsec transform-set <trans-set-name> authentication Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the ESP authentication algorithm to be used for the specified named security transform set entry.

either 3DES or NULL.2. it will be created. The encryption cipher for ESP mode. Default value is 3DES. configure crypto ipsec transform-set <trans-set-name> encryption <esp-3des | esp-null> Parameter Definition <trans-set-name> <esp-3des | esp-null> The name assigned to the transform set.C4 CMTS configure crypto ipsec transform-set <trans-set-name> encryption Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the encryption algorithm to be used to provide secrecy protection for ESP. Standard ARRIS PROPRIETARY — All Rights Reserved 26-139 . NO Command C4# To restore the default. use the following command: configure no crypto ipsec transform-set <trans-set-name> encryption Release 4. If this transform set does not exist.

configure crypto ipsec transform-set <trans-set-name> mode <transport> Parameter Definition <trans-set-name> <transport> The name assigned to the transform set. If this transform set does not exist. use the following command: configure no crypto ipsec transform-set <trans-set-name> mode 26-140 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . NO Command C4# To restore the default. it will be created. The encapsulation mode used in the transform payload of an IKE negotiation (fixed).26 CLI Command Descriptions configure crypto ipsec transform-set <trans-set-name> mode Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the encapsulation mode used in the transform payload of an IKE negotiation.

2.C4 CMTS configure crypto isakmp enable Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Enables the IKE daemon process. configure crypto isakmp enable NO Command C4# To disable the IKE daemon process. If a configured map is incomplete. Release 4. use the following command: configure no crypto isakmp enable NOTE All ISAKMP security associations are removed and each peer is informed of this action. Standard ARRIS PROPRIETARY — All Rights Reserved 26-141 . the IKE daemon will not be enabled.

use the following command: configure no crypto isakmp key address <peer-address> 26-142 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . Minimum key length is 1 character and maximum key length is 64.26 CLI Command Descriptions configure crypto isakmp key Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures a pre-shared crypto key to be used with a specific ISAKMP peer. NO Command C4# To disable the pre-share key. NOTE The PacketCable Security Spec recommends a minimum length of 22 characters to provide adequate key entropy to prevent cracking. IP address of the remote peer. configure crypto isakmp key <keystring> address <peer-address> Parameter Definition <keystring> <peer-address> Pre-shared key string in ASCII characters.

C4 CMTS configure crypto isakmp local-address Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Configures the local address for ISAKMP phase 1 and 2 negotiations. The Internet Key Exchange (IKE) daemon will listen at this address on UDP port 500. Default value is 5.2. Replace the default 0.0. The global ISAKMP maximum number of message retransmits and the global maximum time for an ISAKMP exchange (negotiation) can be tuned as necessary. Default value is 120. Valid range is 2 to 400 seconds. configure crypto isakmp local-address <local-address> [retransmits <n>] [max-exch-time <seconds>] Parameter Definition <local-address> The local IP address of the interface that the IKE daemon listens on.0. The local-address default is 0. The global ISAKMP maximum number of message retransmits.0.0. [retransmits <n>] [max-exch-time <seconds>] Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-143 . Valid range is 0-12. The global maximum time for an ISAKMP exchange.0 with the IP address of either the SCM active interface (out-of-band management) or loopback interface (in-band management). using UDP port 500.0. but is not valid to the IKE daemon.

A lower number indicates a higher priority. The maximum number of policies is 255. 1 = the 768 bit Diffie-Hellman group (default) 2 = the 1024 bit Diffie-Hellman group ISAKMP SA lifetime in seconds. The C4 CMTS and each ISAKMP peer negotiate an acceptable policy. Default value is 86400. ISAKMP Diffie-Hellman group. ISAKMP authentication method. ISAKMP hash algorithm. configure crypto isakmp policy <1-10000> [authentication <pre-share>] [encryption <3des>] [hash <md5 | sha>] [group <1 | 2>] [lifetime <60-604800>] Parameter Definition <1-10000> <pre-share> <3des> <md5 | sha> <1 | 2> <60-604800> ISAKMP policy priority. Default value is md5. NO Command C4# To delete the policy. use the following command: configure no crypto isakmp policy <1-10000> 26-144 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions configure crypto isakmp policy Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Creates a global ISAKMP policy (proposal) used during phase 1 exchanges. ISAKMP encryption transform. The parameters of the acceptable policy are then used to create an ISAKMP security association to protect phase 2 exchanges. Each global policy applies to all ISAKMP peers.

The crypto key import command imports SSH public or private keys from a local file. configure crypto key export {public-key <path/filename> | private-key <path/filename>} Parameter Definition {public-key <path/filename> The path/filename of the public-key to be exported | <private-key <path/filename>} The path/filename of the private-key to be exported Related Command(s) configure crypto key import Release 4.C4 CMTS configure crypto key export Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config># Purpose Exports the SSH keys to the file system.2. The crypto key export command exports pre-existing or pre-generated SSH public or private keys to a local file. Standard ARRIS PROPRIETARY — All Rights Reserved 26-145 . This eliminates the need to regenerate the keys and prevents the display of security alert messages for any keys that have been precached at the SSH client.

26 CLI Command Descriptions

configure crypto key generate
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Generate the host private/public key pair for the SSH server. NOTE Configure the Cadant hostname and domain name before using this command (configure hostname and configure ip dns domainname). The string “hostname@domain.name” will be embedded as a comment in the generated key pair(s). configure crypto key generate <dsa>
Parameter Definition

<dsa>

Specifies DSA format for key pair for SSH2 server

Related Command(s)

configure hostname configure ip domain-name configure ip unreachables

26-146

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure crypto key import
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Imports the existing SSH public/private keys from the file system into the MIB table. configure crypto key import {public-key <path/filename> | private-key <path/filename>}
Parameter Definition

{public-key <path/filename> The path/filename of the public-key to be imported | <private-key <path/filename>} The path/filename of the private-key to be imported

Related Command(s)

configure crypto key export

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-147

26 CLI Command Descriptions

configure crypto key zeroize
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Deletes the SSH server’s host public/private key pair(s) for the CMTS SSH server. NOTE Stop the SSH server before deleting any of its host keys (use the shutdown command). configure crypto key zeroize <dsa>
Parameter Definition

<dsa>

Specifies DSA format for key pair for SSH2 server

26-148

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure crypto map <map-name> <seq-num> ipsec-isakmp
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Enters the config-crypto-m command mode to create or alter an IPSec map. A map defines the IPSec parameters to negotiate with the peer, during the ISAKMP phase 2 exchange. A map also defines the C4 CMTS's role during ISAKMP exchanges. The "initiator/responder" combination role (aka, "initiator" role) is configured using the following commands: configure crypto map <map-name> <seq-num> ipsec-isakmp match address <ext-acl-num> configure crypto map <map-name> <seq-num> ipsec-isakmp set peer <peer-address> configure crypto map <map-name> <seq-num> ipsec-isakmp set transform-set <name> configure crypto map <map-name> <seq-num> ipsec-isakmp set security-association lifetime seconds <seconds> The responder-only role is configured using a dynamic-map and the following map command: configure crypto map <map-name> <seq-num> ipsec-isakmp dynamic <name>
Parameter Definition

<map-name> <seq-num>

The textual name assigned to the crypto map entry (up to 32 characters in length) The sequence number of the IPSec map. Only one seq-num is permitted per map-name. Valid range is 0-255.

NO Command C4#

To remove an IPSec map, use the following command: configure no crypto map <map-name> <seq-num>

NOTE The no command will only delete a map if an exact match for the map name and sequence number are found.

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-149

26 CLI Command Descriptions

configure crypto map <map-name> <seq-num> ipsec-isakmp dynamic
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Configures an IPSec map, which defines the IPSec parameters to negotiate with the peer, during the ISAKMP phase 2 exchange. This command references a dynamic-map, which also defines the C4 CMTS's ISAKMP exchange role as responder-only. configure crypto map <map-name> <seq-num> ipsec-isakmp dynamic <name>
Parameter Definition

<map-name> <seq-num> <name>

The textual name assigned to the crypto map entry (up to 32 characters in length) The sequence number of the IPSec map. Only one seq-num is permitted per map-name. Valid range is 0-255. The dynamic map name.

NO Command C4#

To remove the IPSec map, use the following command: configure no crypto map <map-name> <seq-num> ipsec-isakmp dynamic

26-150

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure crypto map <map-name> <seq-num> ipsec-isakmp match address
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Assigns an ACL number of an existing extended ACL entry that provides the selection criteria for packets to flow through the IPSec SAs. If this map does not exist, it is created. configure crypto map <map-name> <seq-num> ipsec-isakmp match address <ext-acl-num>
Parameter Definition

<map-name> <seq-num> <ext-acl-num>

The textual name assigned to the crypto map entry (up to 32 characters in length) The sequence number of the IPSec map. Only one seq-num is permitted per map-name. Valid range is 0-255. The numeric identifier assigned to the extended ACL entry. Valid range is 100199.

NO Command C4#

To disable the match address, use the following command: configure no crypto map <map-name> <seq-num> match address <ext-acl-num>

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-151

26 CLI Command Descriptions

configure crypto map <map-name> <seq-num> ipsec-isakmp set peer
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Configures an ISAKMP peer in a crypto map entry. If this map does not exist, it is created. configure crypto map <map-name> <seq-num> ipsec-isakmp set peer <peer-address>
Parameter Definition

<map-name> <seq-num> <peer-address>

The textual name assigned to the crypto map entry (up to 32 characters in length) The sequence number of the IPSec map. Only one seq-num is permitted per map-name. Valid range is 0-255. The IP address of the ISAKMP peer.

NO Command C4#

To delete the ISAKMP peer, use the following command: configure no crypto map <map-name> <seq-num> ipsec-isakmp set peer <peer-address>

26-152

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure crypto map <map-name> <seq-num> ipsec-isakmp set security-association lifetime seconds
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Assign an IPSec life duration that causes each security association to expire after the specified number of seconds has lapsed. If this map does not exist, it is created. If this command is not used, the global IPSec lifetime is applied. The global lifetime is specified by the "configure crypto ipsec security association lifetime" command. configure crypto map <map-name> <seq-num> ipsec-isakmp set security-association lifetime seconds <seconds>
Parameter Definition

<map-name> <seq-num> <seconds>

The textual name assigned to the crypto map entry (up to 32 characters in length) The sequence number of the IPSec map. Only one seq-num is permitted per map-name. Valid range is 0-255. The IPSec SA lifetime in seconds. Valid range is 60-1296000.

NO Command C4#

To restore the lifetime to its global value, use the following command: configure no crypto map <map-name> <seq-num> ipsec-isakmp set security-association lifetime seconds

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-153

26 CLI Command Descriptions

configure crypto map <map-name> <seq-num> ipsec-isakmp set transform-set
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Associates an existing IPSec transform-set name with the IPSec map. If this map does not exist, it is created. configure crypto map <map-name> <seq-num> ipsec-isakmp set transform-set <name>
Parameter Definition

<map-name> <seq-num> <name>

The textual name assigned to the crypto map entry (up to 32 characters in length) The sequence number of the IPSec map. Only one seq-num is permitted per map-name. Valid range is 0-255. The IPSec transform set name associated with the map.

NO Command C4#

To remove the transform-set name, use the following command: configure no crypto map <map-name> <seq-num> ipsec-isakmp set transform-set <name>

26-154

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure diag
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Starts a diagnostic or requests results for the previous diagnostic. If a specific diagnostic name is not specified, the entire diagnostic suite will be run. If the “halt” keyword is entered, running diagnostics will be halted. NOTE The slot must be administratively shut down (configure slot X shutdown) before this command may be executed. configure diag <slot> [name <device | memory | parity | loopback | function>] [previous] [halt]
Parameter Definition

<slot> [name <device | memory | parity | loopback | function>] [previous] [halt]

The chassis slot in which the targeted card resides. Valid values are from 0-20. Name of the specific diagnostic test. Displays the previous diagnostic command run on designated slot. Quits the diagnostic operation.

NO Command C4#

To halt the running of diagnostics, type the following: configure no diag <slot> or C4# configure diag <slot> halt To run all diagnostic tests on all devices on the module in slot 5, type the following command: C4# configure diag 5

Example

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-155

26 CLI Command Descriptions

configure diag <slot> loop
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Starts a diagnostic loop command. configure diag <slot> loop <loop count> [diagnostic command]
Parameter Definition

<slot> <loop count> [diagnostic command]

The chassis slot in which the targeted card resides. Valid values are from 0-20. The number of times to command should run. The diagnostic command to run.

Example

To run all diagnostic tests on the Fabric Control Module in slot 17 ten times, type the following command: C4# configure diag 17 loop 10 To run the Fabric Control Module in slot 17 CIDR ten times, use the following command: C4# configure diag 17 loop 10 device cidr

Example

26-156

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure disconnect ssh <integer>
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Disconnects an active SSH connection. configure disconnect ssh <integer>
Parameter Definition

<integer>

ID of the SSH connection that needs to be killed.

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-157

26 CLI Command Descriptions

configure disk volume
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Configures the disk volume utility. The disk is partitioned into three volumes: system, update, and image. configure disk volume <name> scm <scm> [critical-threshold <0-100>] [major-threshold <0-100>] [minor-threshold <0100>] [auto-delete-file]
Parameter Definition

<name> <scm> [critical-threshold <0-100>] [major-threshold <0-100>] [minor-threshold <0-100>] [auto-delete-file]

Disk volume name, e.g. /system, /update, /image SCM module number. Valid number is 19 or 20. The threshold when exceeded will cause a trap sent with diskVolumeUsageLevel of diskVolumeUsageCritical The threshold when exceeded will cause a trap sent with diskVolumeUsageLevel of diskVolumeUsageMajor The threshold when exceeded will cause a trap sent with diskVolumeUsageLevel of diskVolumeUsageMinor Automatic deletion of unused files when critical-threshold is exceeded.

26-158

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Example

Following is an example of configuring the disk volumes of the System Control Module in slot 19: C4# configure disk volume /system scm 19 critical-threshold 90 configure disk volume /system scm 19 major-threshold 80 configure disk volume /system scm 19 minor-threshold 70 configure disk volume /system scm 19 auto-delete-file no configure disk volume /update scm 19 critical-threshold 100 configure disk volume /update scm 19 major-threshold 80 configure disk volume /update scm 19 minor-threshold 70 configure disk volume /update scm 19 auto-delete-file no configure disk volume /active scm 19 critical-threshold 90 configure disk volume /active scm 19 major-threshold 80 configure disk volume /active scm 19 minor-threshold 70 configure disk volume /active scm 19 auto-delete-file no

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-159

26 CLI Command Descriptions

configure disk volume <name> scm <scm> clone-access
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

The active and standby SCMs will now forward all log messages to each other once the cards have reached the IS-INIT operational state. Therefore, the log messages which were formerly only accessible on the standby processor will now be present in the SCM’s log. In order to access PMD files on the standby processor, or do any file system access, the C4 CMTS will provide additional mount points in the file system to give direct access to the standby SCM’s fie system volumes. Any command that currently accesses files on the active SCM will now be able to directly access files on the disk of the standby SCM. A mount point of /clone/system will be created for the /system file system of the other SCM, a mount point of /clone/update will be created for the /update file system of the other SCM, and a mount point of the /clone/active will be created for the /active file system of the other SCM. Once an SCM goes to the STBY state, its /update partition will be mounted on the active SCM under the /clone/update mount point, and the files on the /update partition on the standby processor will be visible on the active SCM. configure disk volume <name> scm <scm> clone-access
Parameter Definition

<name> <scm>

Disk volume name, e.g. /system, /update, /image SCM module number. Valid number is 19 or 20.

NO Command

To stop forwarding log messages to the mate SCM disk/volume, use the following command: C4# configure disk volume <name> scm <scm> no clone-access

Related Command(s)

cd copy dir

26-160

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure enable
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Sets the password for granting access to privileged commands. configure enable {privilege <level>} [password <password>] [text]
Parameter Definition

[privilege <level>]

Privilege level for which the password applies. Current level range is 0 -15. To see default levels, use the command: show privilege exec The password (byte string) you want assigned. The system currently allows up to 16 characters for password. Command or command mode

[password <password>] [text]

NO Command

To clear the password used to grant access to privileged commands to null, type the following command: C4# configure no enable password To set the password to gobears for access to privileged commands, type the following command: C4# configure enable password gobears If you want to limit access to the configure interface cable commands, for example, you would type: C4# configure enable privilege level 7 password gobears configure interface

Example

Example

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-161

26 CLI Command Descriptions

Related Command(s)

disable configure privilege exec level configure authentication

26-162

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure fan monitor <0-2> shutdown
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Disables the specified fan monitor. configure fan monitor <0-2> shutdown
Parameter Definition

<0-2>

Fan unit number. Fan units are number 0, 1 or 2.

NO Command C4#

To enable the specified fan monitor, type the following command: configure fan monitor <0-2> no shutdown

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-163

26 CLI Command Descriptions

configure fan speed-control shutdown
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

Disables automatic control of fan speed. NOTE The default setting is disabled. configure fan speed-control shutdown

NO Command C4#

To enable automatic control of fan speed, use the following command: configure fan speed-control no shutdown

CAUTION

This feature is implemented in software releases 3.3.1 and 4.0.x. Users downgrading to a load prior to 3.3.1 should first disable automatic fan control. Failure to do so limits fan speed by default to 80% of maximum. The chassis would then have to be power cycled to return the fans to full speed.
With this feature enabled, the maintenance SW will poll the temperature sensors on all active cards every 60 seconds. For cards with multiple sensors, all onboard sensors will be read and the one with the highest reading will be used to drive the fan controller algorithm. When the highest module temperature exceeds 60ºC for CAMs or 45ºC for any other front module, the temperature sensing algorithm increases the current fan speed by 10% of maximum. If the highest module temperature falls below 55ºC for CAMs or 40ºC for any other front module, then the fan speed is decreased by 10% of the maximum speed. Finally, if any module registers a temperature in excess of 65ºC, the algorithm increases the fan speed to 100%. All three fan modules are controlled as a group. If any fan fails, the fan controller automatically speeds up the remaining fans to full speed (100%). When the faulted fan is replaced, the controller returns the fans to the last speed setting. After each speed change, the speed controller allows 180 seconds for the fans to stabilize before allowing the next change.

26-164

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

Related Command(s)

configure fan monitor <0-2> shutdown show environment show temperature

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-165

26 CLI Command Descriptions

configure ftp-server
Access Level Privileged Mode Global configuration Prompt C4<config>#

Purpose

The FTP server on the C4 CMTS is disabled for security purposes. Use this command to enable it. NOTE The FTP server in loads prior to 3.3.0 was hardcoded to ON. With this release, the default is set to OFF. FTP access is denied until the FTP server is enabled. C4# configure ftp-server To once again disable FTP access, use the following command: C4# configure ftp-server no

NO Command

26-166

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure hostname
Default Access Level Privileged – 15 Mode Global configuration Prompt C4<config>#

Purpose

The hostname is assigned to a chassis and is used in command prompts and system messages unless the configure prompt command has overridden it. configure hostname <name>
Parameter Definition

<name>

Alphanumeric name for the CMTS.

Example

If you want the user defined hostname of the C4 CMTS to be c4-chicago, you would type the following command: C4# configure hostname c4-chicago The system prompt would return and look like: c4-chicago#

Related Command(s)

configure prompt

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-167

26 CLI Command Descriptions

configure interface cable <slot>/<mac>[<.subinf#>]
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Enter the cable interface configuration mode for the specified slot and MAC domain number and the optional subinterface number. configure interface cable <slot>/<mac>[<.subinf#>]
Parameter Definition

<slot> <mac>[<.subinf#>]

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1) and the subinterface number (valid numbers are 0 to 254.)

26-168

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot> authorization-module open-dynamic-flow-policy
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Indicates that a DSx message is not required to have a PacketCable Gate-ID and authorizes non-PacketCable DQoS DSx activity on the CAM. This command should be run on all Cable Access Modules, including any spare CAMs, which will be used for DSx DQoS call processing. Use this command to enable nonPacketCable telephony. NOTE This is the default operation. configure interface cable <slot> authorization-module open-dynamic-flow-policy
Parameter Definition

<slot>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15.

NO Command

To explicitly block any non-PacketCable DQoS DSx activity, use the command shown below. NOTE If PacketCable is enabled, this command must be run on all equipped CAM slots. C4# configure interface cable <slot> authorization-module no open-dynamic-flow-policy

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-169

26 CLI Command Descriptions

configure interface cable <slot> authorization-module packetcable
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Allows for authorization of PacketCable DQos DSx activity on the Cable Access Module. This command should be run on all Cable Access Modules, including any spare CAMs, which will be used for DSx DQoS call processing. NOTE This is the default operation configure interface cable <slot> authorization-module packetcable
Parameter Definition

<slot>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15.

NO Command C4#

To disable PacketCable authorization, use the following command: configure interface cable <slot> authorization-module no packetcable

26-170

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable bundle <master slot>[/master port]
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Configures a cable interface to belong to the bundle group identified by the master interface. configure interface cable <slot>/<mac> cable bundle <master slot/master port>
Parameter Definition

<slot> <mac> <master slot> [/master port]

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Chassis slot number assigned as the cable bundle master Port number assigned as the cable bundle master

NO Command

To remove the cable interface bundle group, use the NO form of this command. C4# configure interface cable <slot>/<mac> no cable bundle <master slot/master port>

Related Command(s)

show cable bundle

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-171

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable bundle master
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Designate the cable interface as the master of the bundle group. configure interface cable <slot>/<mac>] cable bundle <master slot/master port>
Parameter Definition

<slot> <mac>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1).

26-172

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable dhcp-giaddr
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Determines the IP address that the C4 CMTS’s DHCP relay agent places in the giaddr field of relayed DHCP messages. When set to primary, the cable interface’s primary IP address is used for both CM and CPE DHCP messages. When set to policy, the cable interface’s primary IP address is used for CMs, while the interface’s secondary IP address is used for CPEs. configure interface cable <slot>/<mac> cable dhcp-giaddr {primary | policy}
Parameter Definition

<slot> <mac>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Primary —When the DHCP Relay Agent is defined for Primary operation on specific CAM physical interface, the Primary IP address of the interface will be used to populate the gi_addr field of all DHCP messages originating from either CMs or Hosts (CPEs)

{primary | policy}

Policy—When the DHCP Relay Agent is defined for Policy operation on a specific CAM physical interface, the Primary IP address of messages originating from CMs. For Hosts (CPEs), a designated secondary IP address of the interface will be used. If multiple secondary IP address are defined for dhcp-giaddr support, then the DHCP Relay Agent used round-robin selection, choosing the next entry in the list with each new DHCP transaction.

Example

To configure DHCP Relay Agent for primary operation on the CAM in slot 5, port 0, use the following command: C4# configure interface cable 5/0 cable dhcp-giaddr primary

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-173

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable downstream annex
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the MPEG framing format standard for a downstream port on a Cable Access Module to either Annex A (Europe) or Annex B (North America). configure interface cable <slot>/<mac> cable downstream annex <a | b>

Parameter

Definition

Default

<slot> <mac> <a | b>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Where B= A= the DOCSIS (North American) cable standard the EuroDOCSIS (European) cable standard
®

N/A N/A B

26-174

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream clone-group-enable
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Enables clone group operation on the specified downstream. Clone groups are used when the set of upstream channels associated with the same downstream channel are split into different cable groups. Clone groups result in different physical upstream paths for upstream channels that share the same downstream. Cable operators may use clone groups to control the number of subscribers per cable group. Another reason would be to limit the number of good upstream frequencies available in a cable group. NOTE Clone groups must be comprised of all 1D8U or all 2Dx12U CAMs. Do not mix CAM types. configure interface cable <slot>/<mac> cable downstream clone-group-enable <true|false>

Parameter

Definition

Default

<slot> <mac>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). true = aligned false = not aligned

N/A N/A

<true|false>

When set to true, this will align the start of the Initial Maintenance regions across all of the upstreams associated with the downstream.

false

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-175

configure interface cable <slot>/<mac> cable downstream dsg dcd-enable Parameter Definition <slot> <mac> The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. NO Command To disable DCD messages on the specified downstream channels from being transmitted. use the following command: C4# configure interface cable <slot>/<mac> cable dsg downstream dsg no dcd-enable Example To enable DCD messages to be transmitted on the downstream channel for the interface 1/0. use the following command: C4# configure interface cable 1/0 cable downstream dsg dcdenable 26-176 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . The MAC domain number (valid numbers are 0 or 1).26 CLI Command Descriptions configure interface cable <slot>/<mac> cable downstream dsg dcd-enable Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable># Purpose Enable DCD messages to be transmitted on downstream channels that do not carry DSG Tunnels.

configure interface cable <slot>/<mac> cable downstream description <text> Parameter Definition <slot> <mac> <text> The chassis slot in which the targeted Cable Access Module resides.. Valid values are 0 through 15. Descriptive information. NO Command C4# To remove the description. The MAC domain number (valid numbers are 0 or 1). Standard ARRIS PROPRIETARY — All Rights Reserved 26-177 . type the following command: configure interface cable <slot>/<mac> cable downstream description no Release 4. e.C4 CMTS configure interface cable <slot>/<mac> cable downstream description Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable># Purpose Allows you to add a comment or a description to help you remember what is attached to this interface.2. identifies area served.g.

The MAC domain number (valid numbers are 0 or 1). NO Command C4# To remove the association. configure interface cable <slot>/<mac> cable downstream dsg ds-frequency-list <chllistindex> Parameter Definition <slot> <mac> <chllistindex> The chassis slot in which the targeted Cable Access Module resides. use the following command: C4# configure interface cable 1/0 cable downstream dsg dsfrequency-list 1 To deconfigure the downstream-list. Valid values are 0 through 15. use the following command: configure interface cable <slot>/<mac> cable downstream dsg no ds-frequency-list Example Following are some valid forms of this command: To initialize a dsg configuration for the downstream-limit. use the following command: C4# configure interface cable 1/0 cable downstream dsg no dsfrequency-list 26-178 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 .26 CLI Command Descriptions configure interface cable <slot>/<mac> cable downstream dsg ds-frequency-list <chllistindex> Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable># Purpose Associates the list of downstream frequencies that is to be included in the DCD message that is sent down the specified interface. The number assigned to the channel list.

The MAC domain number (valid numbers are 0 or 1). ds-frequency-list and DCD values for the specified interface. Standard ARRIS PROPRIETARY — All Rights Reserved 26-179 . Valid values are 0 through 15.C4 CMTS configure interface cable <slot>/<mac> cable downstream dsg no Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable># Purpose Clears the VSP-list. configure interface cable <slot>/<mac> cable downstream dsg no Parameter Definition <slot> <mac> The chassis slot in which the targeted Cable Access Module resides. Release 4. timer-list.2.

A decimal integer index corresponding tdsgIfDownTimerIndex for a row in the dsgIfTimerTable. use the following command: C4# configure interface cable 1/0 cable downstream dsg no timer-list 26-180 ARRIS PROPRIETARY — All Rights Reserved 07/05/05 . NO Command C4# To remove the association. use the following command: configure interface cable 1/0 cable downstream dsg timerlist 1 To deconfigure the timer-list.26 CLI Command Descriptions configure interface cable <slot>/<mac> cable downstream dsg timer-list <timersetindex> Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable># Purpose Associates the timers to be included in the DCD message that is sent down the specified interface. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). use the following command: configure interface cable <slot>/<mac> cable downstream dsg no timer-list Example C4# To initialize a dsg configuration for the timer-list. configure interface cable <slot>/<mac> cable downstream dsg timer-list <timersetindex> Parameter Definition <slot> <mac> <timersetindex> The chassis slot in which the targeted Cable Access Module resides. There must be at least one row in the dsgIfTimerTable with a dsgIfTimerIndex equal to timerSetIndex for this command to succeed.

use the following command: C4# configure interface cable <slot>/<mac> cable downstream dsg no tunnel-group <tunnel-group-id> [index <grpchlindex>] Release 4. Standard ARRIS PROPRIETARY — All Rights Reserved 26-181 . The MAC domain number (valid values are 0/0 for a 1Dx8U or 0/2 for a 2Dx12U).2. Valid values are 0 through 15. Identifier of the vendor set to be associated with the tunnel group on this downstream interface. Valid value is 1 to 65335 Upstream channel number. configure interface cable <slot>/<mac> cable downstream dsg tunnel-group <tunnel-group-id> [index <grpchlindex>] [upstream-list <chlnum>] [priority <priority>] [vsp-list <endorsetid>] Parameter Definition <slot> <mac> <tunnel-group-id> [index <grpchlindex>] [upstream-list <chlnum>] [priority <priority>] [vsp-list <vendorsetid>] The chassis slot in which the targeted Cable Access Module resides. The number ranges will take the form of lower<hyphen>upper (without spaces). NO Command To remove the tunnel group or entry from the tunnel group. The priority of this rule. Identifier of the tunnel group to associate Channel index. The format for the upstream channel number is any number of individual numbers and ranges of numbers separated by a comma.C4 CMTS configure interface cable <slot>/<mac> cable downstream dsg tunnel-group <tunnelgroupid> Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable># Purpose Configures and associates a tunnel group with the downstream on a specified interface.

26 CLI Command Descriptions

Example

Following are some valid forms of this command: To create tunnel group 1 to be associated with all upstream channels on a downstream, use the following command: C4# configure interface cable 1/0 cable downstream dsg tunnelgroup 1 upstream-list 0-5 To create tunnel group 2 to be associated with upstream channels 0, 2, 3, 4, and 8 on a downstream, use the following command: C4# configure interface cable 2/0 cable downstream dsg tunnelgroup 2 upstream-list 0,2-4,8 To add a vendor parameter set to the mapping just done, use the following command: C4# configure interface cable 1/0 cable downstream dsg tunnelgroup 1 index 1 vsp-list 1 To remove the entry with the vendor parameter set that was just added, use the following command: C4# configure interface cable 1/0 cable downstream no dsg tunnel-group 1 index 1 To configure tunnel group 2 to be associated with all upstream channels on a downstream and add a vendor parameter set, use the following command: C4# configure interface cable 1/1 cable downstream dsg tunnelgroup 2 vsp-list 1 To remove the vendor parameter set just added, use the following command: C4# configure interface cable 1/1 cable downstream no dsg tunnel-group 2 index 1

26-182

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream dsg vsp-list <vendorsetid>
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Associates the vendor specific parameter data represented by the <vendorsetid> to the interface represented by the <slot>/<mac>. The vendor specific parameter data represented by the <vendorsetid> will be included in the DCD message sent on the given downstream interface. configure interface cable <slot>/<mac> cable downstream dsg vsp-list <vendorsetid>
Parameter Definition

<slot> <mac> <vendorsetid>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Identifier of the vendor set to be associated with the downstream interface.

NO Command

To remove the vendor specific parameter list from a downstream, use the following command: C4# configure interface cable <slot>/<mac> cable downstream dsg no vsp-list

Example

Some valid forms of this command include: To initialize a dsg configuration for the vsp-list, use the following command: C4# configure interface cable 1/0 cable downstream dsg vsplist 1

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-183

26 CLI Command Descriptions

To remove the association between the downstream and the vendor specific parameter, use the following command: C4# configure interface cable 1/0 cable downstream dsg no vsplist

26-184

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream frequency
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the center frequency for the downstream channel in Hz. For Cable Access Modules without integrated up-converters (IUC), the downstream frequency must be set to match the expected output frequency of the upconverter in the associated downstream path. The digital carrier frequency is specified to be the center of a 6.0 MHz channel. configure interface cable <slot>/<mac> cable downstream frequency <frequency>

Parameter

Definition

Default

<slot> <mac> <frequency>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Where frequency equals the center frequency of the DS channel Valid range = 91000000 - 857000000 (91 - 857 MHz) for DOCSIS®; 112000000 - 858000000 (112 - 858 MHz) for EuroDOCSIS

N/A N/A 321000000

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-185

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable downstream insertion-interval
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Defines the amount of time in centiseconds between broadcast ranging opportunities. A cable modem will use broadcast ranging opportunities when it is first attempting to communicate with the C4 CMTS. According to the DOCSIS® RFI specification, the maximum amount of time that this parameter can be is 200 centiseconds. Decreasing this parameter will increase the overhead on the entire system. Increasing this parameter can significantly increase the time for a cable modem to re-register after an outage. When changing this parameter, one should also consider the ranging backoff parameter which is configured per upstream channel. Ranging backoff defines the number of broadcast ranging opportunities that a cable modem must wait after experiencing a contention. If you increase the insertion interval, you will increase the time it takes cable modems to range and register. You may choose to lower the ranging-backoff parameter to offset that. configure interface cable <slot>/<mac> cable downstream insertion-interval <centiseconds>
Parameter Definition Default

<slot> <mac> <centiseconds>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Maximum permissible value is 2000. Valid range is 0 to 200 centiseconds.

N/A N/A 40 centiseconds

26-186

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream interleave-depth
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the minimum latency of the system. A higher interleave depth provides more protection from bursts of noise on the HFC network; however, higher depth also increases downstream latency which might slow TCP/IP throughput for some configurations. Low interleave depth values typically cause some packet loss on typical HFC networks because burst noise lasts beyond the error correction block (FEC) correctable length. configure interface cable <slot>/<mac> cable downstream interleave-depth {8 | 16 | 32 | 64 | 128}
Parameter Definition Default

<slot> <mac> 8 | 16 | 32 | 64 | 128

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Indicates the downstream interleave depth in taps. Valid values are DOCSIS®: 8, 16, 32, 64 and 128 taps EuroDOCSIS: 12

N/A N/A 32 taps

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-187

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable downstream invitedranging-attempts
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the maximum number of attempts by a cable modem to range to an upstream channel without being heard by the CMTS before giving up on that upstream channel. Valid range is 0 to 1024. A value of 0 means that the system should attempt to range forever. configure interface cable <slot>/<mac> cable downstream invited-ranging-attempts <number of attempts>
Parameter Definition Default

<slot> <mac> <number of attempts>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Valid range is 0 to 1024. Zero (0) means that the system would attempt to range forever.

N/A N/A 16

26-188

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream level1-threshold
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the level1 overload threshold. The threshold indicates a percentage of total bandwidth for the cumulative minimum guaranteed reserved bandwidth of the admitted/active service flows on the channel. If the level1 threshold is crossed, a notice will be logged but service flow activation and admission will be allowed. This value must be less than the values for the level2 and level3 thresholds. A value of 0 will cause the default value of 90 to be used. The C4 CMTS will allow values in the range of 0 to 1000. configure interface cable <slot>/<mac> cable downstream level1-threshold <percent>
Parameter Definition Default

<slot> <mac> <percent>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1. This is the percentage of available bandwidth on the channel that can be reserved for admitted/active service flows before the channel goes into Level 1 overload.

N/A N/A 80%

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-189

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable downstream level2-threshold
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the level2 overload threshold. The threshold indicates a percentage of total bandwidth for the cumulative minimum guaranteed reserved bandwidths of the admitted/active service flows on the channel. If the level2 threshold is crossed, a notice will be logged but service flow activation and admission will be allowed. This value must be less than the value for the level3 and greater than the level1 threshold. A value of 0 will cause the default value of 100 to be used. The C4 CMTS will allow values in the range of 0 to 1000. configure interface cable <slot>/<mac> cable downstream level2-threshold <percent>
Parameter Definition Default

<slot> <mac> <percent>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1. This is the percentage of available bandwidth on the channel that can be reserved for admitted/active service flows before the channel goes into Level 2 overload.

N/A N/A 95%

26-190

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream level3-threshold
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the level3 overload threshold. The threshold indicates a percentage of total bandwidth for the cumulative minimum guaranteed reserved bandwidth of the admitted/active service flows on the channel. Any registration, DSA or DSC request that would cause this threshold to be exceeded will be denied. This value must be greater than the values for the level1 and level2 thresholds. A value of 0 will cause the default value of 500 to be used. The C4 CMTS will allow values in the range of 0 to 1000. configure interface cable <slot>/<mac> cable downstream level3-threshold <percent>
Parameter Definition Default

<slot> <mac> <percent>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). This is the percentage of available bandwidth on the channel that can be reserved for admitted/active service flows before the channel goes into Level 3 overload.

N/A N/A 100%

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-191

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable downstream max-round-trip-delay
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the maximum round trip propagation delay for the cable plant in microseconds. This contains the maximum amount of time in microseconds that it would take a cable modem to send a message, such as a broadcast ranging attempt, to the C4 CMTS and to receive a response. This parameter is used to determine the amount of time that must be given to a cable modem to transmit broadcast ranging messages. The parameter is also used to determine the needed Map Ahead Timer for DOCSIS® Map messages. The default time is 1600 microseconds, which is roughly enough time for a cable modem up to 100 miles from the CMTS to send a message and receive the response. configure interface cable <slot>/<mac> cable downstream max-round-trip-delay <maximum round trip delay>

Parameter

Definition

Default

<slot> <mac> <maximum round trip delay>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Defines the maximum round trip propagation delay for the cable plant. Valid range is from 200-1600 microseconds.

N/A 0 1600 microseconds

26-192

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream modulation
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Downstream modulation defines the speed in bits per second at which data travels downstream to the subscriber’s cable modem. A symbol is the basic unit of modulation. QPSK encodes 2 bits per symbol. 16-QAM encodes 4 bits per symbol, 64-QAM encodes 6 bits per symbol, and 256-QAM encodes 8 bits per symbol. Setting a downstream modulation format of 256-QAM requires approximately a 6 dB higher signal-to-noise ratio (SNR) than 64-QAM at the subscriber’s cable modem. If your network is marginal or unreliable at 256-QAM, use the 64-QAM format instead. configure interface cable <slot>/<mac> cable downstream modulation <64qam | 256qam>
Parameter Definition Default

<slot> <mac> <64qam | 256qam>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). 64qam modulation rate is 6 bits per downstream symbol 256qam modulation rate is 8 bits per downstream symbol

N/A N/A 64 qam

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-193

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable downstream power-adjust
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Allows for fine adjustment of the downstream power level. The power is adjusted by taking roughly 2dB and dividing this by the number specified and then adding to the current downstream output power level. Consequently, a negative value will decrease the downstream power level and a positive value will increase the power level. configure interface cable <slot>/<mac> cable downstream power-adjust <increment>
Parameter Definition Default

<slot> <mac> <increment>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). The number of steps is a value -8 to 8. Negative values slightly decrease output power with each step; positive values increase output power. Total range of adjustment is roughly 2 dB in either direction.

N/A N/A 0

26-194

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream power-level
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets operational transmit power in tenths of a dBmV for the specified downstream port. Use any multiple of 10 in the range of 500-610 for the power-level value. This is in compliance with the DOCSIS® MIB, which calls for units of tenths of decibels per millivolt in a range of 500-610. However, the C4 CMTS supports power accuracy only to the decibel per millivolt. configure interface cable <slot>/<mac> cable downstream power-level <power level in dBmV>
Parameter Definition Default

<slot> <mac> <power level in dBmV>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). The power level indicated in tenths of a dBmV for the specified downstream port. Valid range is from 500-610 tenths of a dBmV (50-61 dBmV).

N/A N/A 500

Release 4.2, Standard

ARRIS PROPRIETARY — All Rights Reserved

26-195

26 CLI Command Descriptions

configure interface cable <slot>/<mac> cable downstream range-cycleinterval
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Refers to an internal parameter within the C4 CMTS. This internal parameter controls how often (time in centiseconds) ranging queues are served within the C4 CMTS. This value plus the value of the ranging interval should be less than 30 seconds; otherwise cable modems will start to reset due to the T4 timeout. Additionally, several additional seconds of buffer time should be given if CAM sparing is used in the system. The C4 CMTS will allow values in the range of 100 to 500. The default is 120. configure interface cable <slot>/<mac> cable downstream range-cycle-interval <centiseconds>
Parameter Definition Default

<slot> <mac> <centiseconds>

The chassis slot in which the targeted Cable Access Module resides. Valid values are 0 through 15. The MAC domain number (valid numbers are 0 or 1). Length of time between ranging cycle for the cable modem. Valid range is from 100-500 centiseconds.

N/A N/A 120 centiseconds

26-196

ARRIS PROPRIETARY — All Rights Reserved

07/05/05

C4 CMTS

configure interface cable <slot>/<mac> cable downstream ranging-interval
Default Access Level Privileged – 15 Mode Cable interface configuration Prompt C4<config-cable>#

Purpose

Sets the station maintenance interval in centiseconds between the unicast ranging opportunities that the C4 CMTS provides to the cable modems. The recommended value is 2400 centiseconds. According to the RFI specification, a T4 timeout for a cable modem is where the cable modem does not receive a unicast ranging opportunity somewhere between 30 and 35 seconds. The reason that 24 seconds is the recommended value is to handle the case of a CAM failover that will take a few seconds. Decreasing this value will increase the overhead of the overall system in the station maintenance will be performing more often in the system. Increasing the value may cause a problem in a CAM fail-over event occurs and may cause cable modems to T4 timeout if increased to greater then 3000 centiseconds. As a side note, the range cycle interval may cause jitter from one cycle to another of the amount specified for the range cycle interval. Consequently, this parameter should also be taken into consideration when setting the ranging interval. configure interface cable <s