Professional Documents
Culture Documents
Docsis Cable Modem, Connection Process
Docsis Cable Modem, Connection Process
Connection Process
1
Objectives
!Examine a DOCSIS system
!Define the DOCSIS modes
! RF Return
! Telco Return
Wide-Area
Network
CMTS
Network Side
Interface
Cable
Modem
Termination
System
(CMTS)
Cable
Network
HFC
Cable Modem
(CM)
CM Customer Premises
Equipment Interface
Customer
Premises
Equipment
NM
Data Services
- High Speed
- Packet Data
- IP Routing
- IP Multicast
- CM open Architecture
Satellite
Headend or Central
Office
CMTS
Internet
On-line
Services
Laser
HFC
Combiner/
Splitter
Local
Server
Video
Local
Programming
COAX
Cable Modem
Splitter
Fiber
Node
PC or MAC
Television
DHCP
Server
TOD
Server
TFTP
Server
Home Subscriber
4
TOD: Time of Day; TFTP: Trivial File Transfer Protocol; DHCP: Dynamic Host Configuration Protocol
DHCP Process
! The following parameters will be requested by the Cable
Modem (CM) from the DHCP server
DHCP
Server
! UDP port 69
! Small and easy to implement
! Read and write to and from remote servers
TFTP Process
! The following settings MUST be included in the
configuration file:
" Network Access Configuration Setting
" Class of Service Configuration Setting
TFTP
Server
"
"
"
"
"
"
"
"
"
"
"
"
"
Downstream Frequency
Upstream Channel ID
Vendor ID
Baseline Privacy
Software Upgrade filename
SNMP Write-Access Control
SNMP MIB Object
Software Server IP Address
CPE Ethernet MAC Address
Maximum Number of CPEs (32 Max)
SNMP IP Address (if applicable)
Telephone Settings (if applicable)
Vendor-Specific Configuration (if applicable)
9
10
11
! Synchronous Transmission
"
"
"
"
12
! Shared time slots for Maintenance & Requests (e.g. for new
modems with no SID to come online)
13
14
15
16
!Frequency Range
! 5 to 42 MHz (Edge to Edge)
17
B a n d w id t h
U s e d (K H z )
160
320
640
1280
2560
200
400
800
1600
3200
QPSK
D a ta R a te
(k b p s )
320
640
1280
2560
5120
16 Q AM
D a ta R a te
(k b p s )
640
1280
2560
5120
10240
18
HFC
MODEM
CMTS
19
QAM Signal
HFC
MODEM
CMTS
20
SYNC Message
HFC
MODEM
CMTS
21
MODEM
CMTS
22
Initial Ranging
!CMTS periodically transmits MAP messages
!Upstream Bandwidth Allocation Map (MAP) includes:
! Initial Maintenance Interval (broadcast interval) with start and end of
connection opportunity
MAP Message
HFC
CMTS
MODEM
RNG-REQ
23
Auto Adjustments
!CMTS receives initial Ranging Request from CM
!CMTS responds with Ranging Response (unicast)
! assigns a SID and allocates bandwidth to this SID
! adjust power level, timing offset, and frequency adjustment
! Sets downstream and upstream channels
RNG-RSP
HFC
MODEM
CMTS
24
Admission Control
!CMTS allocates a Temporary SID for the CM and puts the CM in
the Forwarding Tables
!CMTS sends MAP with Station Maintenance opportunity for
that SID
!CM ranges with new settings
!CMTS sends RNG-RSP to indicate success or failure of
Admission
MAP Message
HFC
CMTS
MODEM
RNG-REQ
25
Bandwidth Requests
! Uses special MAC frame (REQ - 6 bytes only)
! Can also piggyback request on data frame
! Uses a 4-byte Extended Header TLV
26
MAPS
!The upstream time is allocated to modems in the MAP
message
! MAP is variable length, typically 5-15 ms
27
MAP Example
28
IP Connectivity
!CM sends a broadcast DHCP request via the CMTS to the
DHCP Server
!DHCP server returns:
! IP address and Subnet Mask
! CM configuration file name and IP address of TFTP server
! UTC time offset to establish local time
! TOD Server IP address
Server
DHCP-REQ
HFC
LAN/WAN
CMTS
MODEM
DHCP-RSP
29
Time of Day
!CM sends a request to the ToD Server
!ToD Server responds: GMT
Server
ToD-REQ
HFC
LAN/WAN
CMTS
MODEM
ToD-RSP
30
Server
TFTP-REQ
HFC
LAN/WAN
CMTS
MODEM
TFTP-RSP
31
Registration
!CM generates a Registration Request (REG-REQ)
!Includes configuration parameters received from TFTP
configuration file:
! Downstream frequency, Upstream channel ID
! Network access configuration settings
! Class of Service
! Modem Capabilities
! Modem IP address
REG-REQ
HFC
MODEM
CMTS
32
Registration
!CMTS
! checks CMs MAC address and authentication signature on the
parameters
! assigns a SID
! provides bandwidth for CM requested Class of Service
! modifies forwarding table to allow full user data if the modem
requested Network Access
! sends REG-RSP to CM (CM can pass unencrypted data)
REG-RSP
HFC
MODEM
CMTS
33
Baseline Privacy
!Follows modem registration
!Provides user data privacy by encrypting traffic flows,
upstream and downstream
!Provides cable operators basic protection from theft of service
!Mechanisms for:
! authentication: CM to CMTS and CMTS to CM
! key distribution: traffic keys and lifetimes
! data encryption applied to Sid's
34
Security Association
!If CM is configured for Baseline Privacy in the modem TFTP
configuration file:
! CM sends Authorization Request
Public key, MAC address, and SIDs
! CMTS responds with an Authorization Response
Authorization Key (encrypted KEK)
Key Sequence number and Lifetimes
List of SIDs (for each requested Class of Service)
AUTH-REQ
HFC
CMTS
MODEM
AUTH-RSP
35
Security Association
!CM requests Key Request for each SID
!CMTS responds with DES encrypted TEK for each SID
!CM can now pass encrypted data
KEY-REQ
HFC
CMTS
MODEM
TEK
36
DOCSIS Today
! DOCSIS 1.0
! Product Interoperability across available CMTSs
! 64 and 256 QAM modulation (downstream) formats
! 6-MHz occupied spectrum coexists with all other signals on the cable
plant
! Variable-depth interleaver supports both latency-sensitive and insensitive data.
! The features in the upstream direction are as follows:
!Concatenation, PHS
! Efficient use of upstream channels
38
!OSS enhancements
! SNMPv3
! Full set of standard events and messages are specified
39
40
! Can DOCSIS 1.0 and 1.1 Modems Used on the Same Upstream
Channel?
! Yes.
! Managing 1.0 and 1.1 modems on the same upstream channel is a
more complex task for the CMTS
! If QoS commitments cause conflicts, the CMTS can easily move a CM
from one upstream channel to another
41
42
Quality of Service
HFC
HFC
Voice
file
CM
In
In DOCSIS
DOCSIS 1.0,
1.0, all
all services
services
compete
compete for
for upstream
upstream
bandwidth
bandwidth on
on aa best
best effort
effort
basis.
basis.
CM
In
In DOCSIS
DOCSIS 1.1,
1.1, each
each service
service
can
can get
get performance
performance
assurances
assurances based
based on
on QoS
QoS
parameters
parameters (e.g.
(e.g. bandwidth,
bandwidth,
jitter)
jitter)
43
Packet Processing
Classifier
Service Queues
Classification
Service Flow
Upstream Scheduler
Data Packet
IP Protocol
Source/Dest IP
Address
Source/Dest Port
ToS
Source/Dest MAC
Address
Upstream Scheduling
Unsolicited Grant Service
(UGS)
UGS w/ Activity Detection
Real-Time Polling
Non-Real-Time Polling
Best Effort
44
! Dynamic
! Created as needed, based on demand
! Dynamic service flow messages
Dynamic Service Add (DSA)
Dynamic Service Change (DSC)
Dynamic Service Delete (DSD)
! Either CM or CMTS can create
45
!Admitted
! The resources are reserved, but the flow is not active
!Active
! The resources are in use, data is actively being transmitted on
the flow
46
47
Fragmentation
48
Concatenation
! Transmission from single CM limited by the REQ/Grant
handshake
! Nominal latency for REQ/Grant sequence in idle network is
~2.5 msec, or ~400 Grants/sec for a single CM
! Operationally, ~150 grants/sec is typical
! Thus, transmission limited to ~150 bursts/sec
49
50
PHS Example
51
52
Strong Authentication
! DOCSIS 1.0 does not have a secure mechanism to authenticate the CM
! DOCSIS 1.1 adds strong authentication of the CM through the use of
X.509 digital certificates
! Each CM issued a unique digital certificate that is verified through the
DOCSIS root certificate authority
53
54
CM Authorization
Auth Request (CM-ID, CM-Certificate,
Security-Capability, primary SAID)
CM
CMTS
CM-ID : serial number, manufacturer ID, MAC addr, & RSA public key
CM Certificate : X.509 certificate
Security-Capability : crypto capability, BPI version
Primary SAID : CMs primary SID
Auth-Key : Authorization key encrypted with CMs public key
Key-Lifetime : remaining time that key is valid in secs
Key-Sequence-Number : Sequence number of Auth key
SA-Descriptors : Properties of the security association, including SAID, SA-type, &
cyrpto-suite
55
56
57
58
IGMP/SA-MAP Example
CM
CPE
IGMP MR (Join)
CMTS
IGMP MR (Join)
Set
Set Multicast
Multicast
MAC
MAC Filter
Filter
SA-MAP Request
SA-MAP Reply
Start
Start TEK
TEK
FSM
FSM
Multicast Data
Decrypt
Decrypt
Multicast
Multicast
Determine
Determine
SAID
SAID
Key Req/Reply
Encrypted
Multicast Data
Encrypt
Encrypt
Multicast
Multicast
Multicast Data
59
60
!Manufacturer
!MSO
!Cable Modem
!
!
!
!
61
62
SNMPv3
! Enhances the SNMP v1/v2 framework to support:
! Privacy & authentication
! Authorization
63
SNMPv3 Architecture
64
65
References
! Specifications are publically available at
www.cablemodem.com/specifications.html
! IEEE Communications, March 2001, p. 202
! Good overview article, available as PDF file
66
Return to Introduction
67