Guest

Cable Modem Termination Systems (CMTS)

Configuring DHCP, ToD, TFTP services on Cisco's CMTS: All-In-One Configuration

Document ID: 28990

Updated: Nov 08, 2006

   Print

Introduction

This document shows a configuration on Cisco's Cable Modem Termination System (CMTS) that acts as a Dynamic Host Configuration Protocol (DHCP), ToD, and TFTP server. It also explains how to built the DOCSIS configuration file using CLI on the CMTS. This configuration is known as "all-in-one configuration for Cisco's CMTS."

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.

Prerequisites

The reader should have a basic understanding of the DOCSIS protocol and Cisco IOS command line on the uBR series routers.

Components Used

The hardware use in this document were from the Cisco uBR7200, uBR7100 or uBR10k CMTS and DOCSIS compliant cable modems.

Description

A DOCSIS compliant cable modem requires access to three types of servers in order to successfully come online.

  • The first is a DHCP server, which provides the cable modem with an IP address, a subnet mask and other IP related parameters.

  • The second is an RFC868 compliant Time of Day (ToD) server which lets the modem know what the current time is. A cable modem needs to know the time in order to be able to properly add accurate timestamps to its event log.

  • The third is a Trivial File Transfer Protocol (TFTP) server from which a cable modem is able to download a DOCSIS configuration file containing cable modem specific operational parameters.

Most of cable operators use Cisco Network Registrar (CNR) as the DHCP, DNS, and TFTP servers. ToD server is not part of CNR. The ToD server that is used depends upon the platform on their system. The ToD should be RFC868 compliant. For UNIX systems, it is included in Solaris, it is only necessary to make sure the file "inetd.conf" that lives in "/etc" directory contains the following lines:

# Time service is used for clock synchronization.
#
time��� stream� tcp���� nowait� root��� internal
time��� dgram�� udp���� wait��� root��� internal

For Windows, the most common software that is used is Greyware leavingcisco.com.

The following table shows the Cisco IOS® Software Release versions in which different server capabilities have been added to the CMTS.

Server Capabilities Cisco IOS Software Release
DHCP 12.0(1)T
ToD 12.0(4)XI�
TFTP 11.0 (for all platforms)

This document will explain each of these features. The configuration on the CMTS that contains all of these capabilities is what we call "all-in-one configuration for the cmts". With this configuration you do not need any additional servers to test your cable plants to provide high speed internet access.

It is also possible to configure a DOCSIS configuration file residing on the CMTS instead of the TFTP server. According to the release notes, you need at least Cisco IOS Software Release 12.1(2)EC1 to use this feature.

Although this "all-in-one configuration" is very convenient for lab environment, initial testing, small deployments, and troubleshooting, it is not scalable to support a very large number of cable modems. So it is NOT recommended to use this configuration in operational cable plants with large deployments of cable modems.

TAC engineers use this configuration very often to be able to eliminate variables while troubleshooting cable problems.

The Cisco IOS Dynamic Host Configuration Protocol (DHCP) service on a CMTS

Cisco routers running a Cisco IOS Software Release of 12.0(1)T or greater have the ability to act as DHCP servers. This DHCP service may be configured to provide DHCP leases to cable modems and Customer Premise Equipment (CPE) such as PCs and workstations.

There is a minimum set of DHCP options that cable modems typically require in order to come on line. These are:

  • An IP address (The yiaddr field in the DHCP packet header)

  • A subnet mask (DHCP Option 1)

  • The local time offset from GMT in seconds (DHCP Option 2)

  • A default router (DHCP Option 3)

  • The IP address of a ToD server (DHCP Option 4)

  • The log server (DHCP option 7)

  • The IP address of a TFTP server (The siaddr field in the DHCP packet header)

  • The name of a DOCSIS configuration file (The file field in the DHCP packet header)

  • A DHCP lease time in seconds (DHCP Option 51)

In the router this can be configured as follows:

!
ip dhcp pool cm-platinum
�� network 10.1.4.0 255.255.255.0
�� bootfile platinum.cm
�� next-server 10.1.4.1�
�� default-router 10.1.4.1�
�� option 7 ip 10.1.4.1�
�� option 4 ip 10.1.4.1�
�� option 2 hex ffff.8f80
�� lease 7 0 10
!

The explanation of each command is as follows:

  • The dhcp pool command defines the name of the scope (cm-platinum which means platinum service for cable modems).

  • The network provides the IP address and the subnet mask (DHCP option 1).

  • The bootfile provides the boot file name which in this case is platinum.cm.

  • The next-server command specifies the TFTP server IP address (in this case is the primary ip address in the interface c4/0).

  • The default-router is the default gateway, which in this case is the primary IP address of interface c4/0 (option3).

  • Option 7 is the Log server dhcp option.

  • Option 4 is the ToD server ip address (primary ip address of interface c4/0).

  • Option 2 is the time offset option for GMT - 8 hr (-8 hr = -28800 sec = ffff.8f80 in hex).

  • The lease time is 7 days 0 hours 10 minutes.

Note: To learn more about how to convert an offset time decimal value into hexadecimal, read Tech Tip How to Calculate the Hexadecimal Value for DHCP Option 2 (time offset).

For CPE devices the following options are the minimum in order to be able to operate successfully.

  • An IP address (The yiaddr field in the DHCP packet header)

  • A subnet mask (DHCP Option 1)

  • A default router (DHCP Option 3)

  • The IP address of one or more Domain Name Servers (DHCP Option 6)

  • A domain name (DHCP Option 15)

  • A DHCP Lease time in seconds (DHCP Option 51)

!
ip dhcp pool pcs-c4�

! -- the scope for the hosts

    network 172.16.29.0 255.255.255.224

! -- the ip address and mask for the hosts

��� next-server 172.16.29.1

! -- tftp server, in this case we put the secondary add.

��� default-router 172.16.29.1
��� dns-server 172.16.30.2

! -- dns server (which is not configured on the cmts)

��� domain-name cisco.com
��� lease 7 0 10
!

When configuring the dhcp pools, it is important to include the command cable dhcp-giaddr policy in the cable interface configuration. This command has the effect of directing the DHCP server to assign leases to cable modems corresponding to the primary network number on the cable interface and leases to CPE corresponding to the secondary network number on the cable interface. If this command is missing then all DHCP leases will come from the pool corresponding to the primary network number on the cable interface. Also, as we will see in the partial configuration of the interface below, the scope cm-platinum is associated with the primary address defined on interface cable 4/0 and the scope pcs-c4 is in the network of the secondary address.

!
interface Cable4/0
�� ip address 172.16.29.1 255.255.255.224 secondary

! -- CPE network

�� ip address 10.1.4.1 255.255.255.0

! -- Cable Modem Network

�� cable dhcp-giaddr policy
!

Note that there is no cable helper-address or ip helper-address command under the cable interface. This is because DHCP requests do not need to be forwarded to an external server when the internal IOS DHCP server is utilized. If this command is added underneath the interface, and there is an external DHCP server configured, the cable modems will register with the configuration of the external DHCP.

Further DHCP Server Functionality

Other features which can be utilized using the Cisco IOS DHCP server include:

  • ip dhcp ping: Ping before lease function which ensures that the DHCP server does not issue leases for IP addresses that are already in use.

  • ip dhcp database: Storage of DHCP bindings in an external database in order to maintain MAC address to IP address relationships over a CMTS power cycle.

  • show ip dhcp: A suite of commands which can be used to monitor the operation of the DHCP server.

  • debug ip dhcp server : A suite of commands which can be used to troubleshoot the operation of the DHCP server.

All of these extra functions and features are described in the Cisco IOS DHCP server feature release notes located at Cisco IOS DHCP Server document.

The Cisco IOS Time of Day (ToD) service

After a Cable Modem successfully acquires a DHCP lease it then proceeds to attempt to contact a ToD server. Cisco CMTS products running Cisco IOS Software Release 12.0(4)XI or later are able to provide an RFC868 ToD service.

A common misconception is that the ToD service that cable modems need to utilize as a part of coming online is the same as the Network Time Protocol (NTP) service which is commonly configured on Cisco routers. The NTP service and the ToD service are incompatible. Cable Modems cannot talk to an NTP server. While cable modems must attempt to contact a Time of Day server as a part of the process of coming online, modems compliant with the latest revisions of the DOCSIS 1.0 RFI specification will still proceed to come online even if a ToD server cannot be reached.

According to the most recent releases of the specification, if a cable modem is unable to contact a ToD server then it may continue with the process of coming online. However it should periodically continue to try to contact the ToD server until it is successful. Older versions of the DOCSIS 1.0 RFI specification mandated that if a cable modem could not contact a ToD server then the modem could not come online. It is important to be aware that cable modems running older firmware may comply with this older version of the specification.

Note: Some vendor's cable modems do not interoperate with the Cisco IOS Time of Day service. If these modems are compliant with the most recent versions of the DOCSIS 1.0 RFI specification then they should continue to come online regardless. This interoperability issue is being addressed by Cisco bug ID CSCdt24107.

Note: To configure ToD on a Cisco's CMTS only two global commands are needed:

service udp-small-servers max-servers no-limit
!
cable time-server
!

The Cisco IOS Trivial File Transfer Protocol (TFTP) service

After a cable modem has attempted to contact a ToD server, it proceeds to contact a TFTP server in order to download a DOCSIS configuration file. If a binary DOCSIS configuration file can be copied to a flash device on a Cisco CMTS then the router can act as a TFTP server for that file.

The procedure to download a DOCSIS configuration file into flash is the following:

First, make sure the CMTS can reach the server where the DOCSIS config file lives:

7246VXR#ping 172.16.30.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.30.2, timeout is 2 seconds:
!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

Next, copy the file, in this case it is called silver.cm into the flash of the CMTS.

7246VXR#copy tftp flash
Address or name of remote host []? 172.16.30.2
Source filename []? silver.cm
Destination filename [silver.cm]?�

Accessing tftp://172.16.30.2/silver.cm...
Loading silver.cm from 172.16.30.2 (via Ethernet2/0): !
[OK - 76/4096 bytes]

76 bytes copied in 0.152 secs

Finally, it is always a good idea to check the flash and verify that the size of the file is correct. For this do show flash.

7246VXR#show flash
-#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name
1�� .. unknown� 2D6C7818�� 200CC��� 9������ 74 Feb 28 2001 7:39:09 silver.cm
2�� .. unknown� 1CB785DC�� 20258��� 7������ 62 Feb 20 2001 15:44:11 test.cm
3�� .. image��� 4350A04F� 7A0CC8�� 24� 7866864 Feb 27 2001 09:36:40 ubr7200-ik1s-mz.121-4.EC
4�� .. unknown� 36E5D6D3� 7A0D94��� 7������ 76 Feb 28 2001 07:23:12 gold.cm

8516204 bytes available (7867796 bytes used)

To enable the TFTP service on the CMTS there we only need to include the following command in global config mode.

tftp-server slot0:silver.cm alias silver.cm

Once this command is entered, the following will show after in the configuration:

!
tftp-server slot0:silver.cm alias silver.cm
tftp-server server��
!

For more information about the configuration of tftp server in a router see the document Additional File Transfer Commands.

The Internal DOCSIS configuration file generator

Cisco CMTS products running Cisco IOS Software Release 12.1(2)EC or later (in the EC release train) can be configured to generate and internally store DOCSIS configuration files. This is useful because it takes away the requirement of having access to an external DOCSIS configuration file generation tool. When a DOCSIS configuration file is created using the internal configuration tool, the file becomes automatically available via TFTP. In addition only cable modems on directly connected cable interfaces are able to download these configuration files.

The following configuration sample shows the creation of two DOCSIS config files.

The first is called disable.cm which allows a cable modem to come online but stops connected CPE devices from accessing the service provider's network. In this case we see the command "access-denied". Notice that the Downstream and Upstream speeds in this case are 1Kbps, the maximum burst size is 1600 bytes.

cable config-file disable.cm
�access-denied
�service-class 1 max-upstream 1
�service-class 1 max-downstream 1600
�timestamp
!

The reason a cable operator would have this "disable.cm" DOCSIS configuration file is because he/she wants to deny access to the CPE behind the cable modems while letting the cable modem to come online. This is a more efficient way to deny CPEs service that using the "exclude" option in CNR which will not allow the cable modem to come online and therefore the cable modem will try to get online over and over which will waste bandwidth.

Cable modems getting this DOCSIS configuration file will look like under the command show cable modem:

Cable4/0/U0 10�� online(d)� 2287��� 0.50� 6�� 0�� 10.1.4.65������ 0010.7bed.9b45

The (|| add link when available) below gives more details on this outupt. The status "online(d)" means that the cable modems is only but access is denied.

In the second example, a DOCSIS configuration file name is being created called "platinum.cm". In this case the Maximum upstream value is 1Mbps, the guarantied upstream is 100Kpbs, the maximum downstream is 10Mbps and it allows up to 30 CPE devices to be connected to this.

cable config-file platinum.cm
�service-class 1 max-upstream 1000
�service-class 1 guaranteed-upstream 100
�service-class 1 max-downstream 10000
�service-class 1 max-burst 1600
�cpe max 30
�timestamp
!

Notice that while configuring the DOCSIS configuration file in the CMTS we do not need the statement "tftp server slot0:platinum.cm alias platinum.cm" because there is no ".cm" file stored on memory, it resides within the configuration. Further details on the Internal DOCSIS configuration file tool can be found in the document Cable Modem Termination System Commands.

Sample Diagram

A typical lab set up topology is described in the picture.

all_in_one_config1.gif

Configurations

This configuration is supported in all Cisco's CMTS platforms. This includes uBR7200, uBR7246 VXR, uBR7100, and uBR10000.

The Cisco IOS Software Release that supports all in one configuration, including the configuration of the DOCSIS configuration file, is Cisco IOS Software Release 12.1(2)EC and the subsequent EC train releases.

The following configurations were done in a uBR7246 VXR using Cisco IOS Software Release 12.1(4)EC and having a NPE300. First a basic configuration is presented and then a more advanced configuration will be shown.

Basic all-in-one configuration

The configuration below summarizes all the pieces that we explained in on the document. It has two dhcp scopes, one for the cable modems and other one for the hosts behind the cable modems.

One DOCSIS configuration file was created called platinum.cm. This file is applied to the DHCP pool called cm-platinum. The other DOCSIS configuration file called disabled.cm is not applied to anything at the moment.

There are two DHCP pools configured in this example, one for the cable modems and another one for the PC's behind the cable modems.

Note:  All-in-one configuration commands are in bold.

Basic "all-in-one config" 7246VXR
7246VXR#show run

version 12.1
no service pad
service timestamps debug datetime msec localtime

! -- provides nice timestamps on all log messages

service timestamps log datetime localtime
no service password-encryption
service linenumber
service udp-small-servers max-servers no-limit

! -- supports a large number of modems / hosts attaching quickly

!
hostname 7246VXR
!
logging buffered 1000000 debugging
enable password cable
!
cable qos profile 8
cable qos profile 10
cable qos profile 10 grant-size 1500
cable qos profile 12 guaranteed-upstream 100000
no cable qos permission create
no cable qos permission update
cable qos permission modems
cable time-server

! --� permits cable modems to obtain Time of Day (ToD) from uBR7246VXR

!
cable config-file disable.cm
�access-denied
�service-class 1 max-upstream 1
�service-class 1 max-downstream 1600
�cpe max 1
�timestamp
!
cable config-file platinum.cm
�service-class 1 max-upstream 128
�service-class 1 guaranteed-upstream 10
�service-class 1 max-downstream 10000
�service-class 1 max-burst 1600
�cpe max 10
�timestamp
!
clock timezone PDT -8
clock summer-time PDT recurring
clock calendar-valid
ip subnet-zero
ip cef

! -- Turn on cef switching / routing, anything but process� switching (no ip route-cache)

ip cef accounting per-prefix�
no ip finger
ip tcp synwait-time 5
no ip domain-lookup

! -- Prevents cmts from looking up domain names / attempting�
! -- to connect to machines when mistyping commands

ip host vxr 172.16.26.103
ip domain-name cisco.com
ip name-server 171.68.10.70
ip name-server 171.69.2.132
ip name-server 171.68.200.250
no ip dhcp relay information check
!
!
!��
ip dhcp pool cm-platinum

! -- name of the dhcp pool. This scope is for the cable modems attached�
! -- to interface cable 4/0

�� network 10.1.4.0 255.255.255.0

! -- pool of addresses for scope modems-c4/0

�� bootfile platinum.cm

! -- DOCSIS config file name associated with this pool

�� next-server 10.1.4.1

! -- IP address of TFTP server which sends bootfile

�� default-router 10.1.4.1

! -- default gateway for cable modems, necessary to get DOCSIS files

�� option 7 ip 10.1.4.1

! -- Log Server DHCP option

�� option 4 ip 10.1.4.1

! -- ToD server IP address

�� option 2 hex ffff.8f80

! -- Time offset for ToD, in seconds, HEX, from GMT, -28,000 = PST = ffff.8f80

�� lease 7 0 10

! -- lease 7 days 0 hours 10 minutes

!�
ip dhcp pool pcs-c4

! -- name of the dhcp pool. This scope is for the CPEs� attached�
! -- the cable modems that are connected to interface cable 4/0

�� network 172.16.29.0 255.255.255.224

! -- pool of addresses for scope pcs-c4 (associated with the secondary address)

�� next-server 172.16.29.1�
�� default-router 172.16.29.1
�� dns-server 172.16.30.2�
�� domain-name cisco.com�
�� lease 7 0 10������
!
!
interface Ethernet2/0
�ip address 172.16.30.4 255.255.255.192
�no ip mroute-cache
�half-duplex
!
interface Cable4/0
�ip address 172.16.29.1 255.255.255.224 secondary

! -- used for the scope pcs-c4 so that PC's get an ip address on this network
ip address 10.1.4.1 255.255.255.0

! -- used for the scope modems-c4/0 so that cable modems get an ip address from this network

�no ip route-cache cef
�no keepalive
�cable downstream rate-limit token-bucket shaping
�cable downstream annex B
�cable downstream modulation 64qam
�cable downstream interleave-depth 32
�cable downstream frequency 555000000
�cable upstream 0 frequency 40000000
�cable upstream 0 power-level 0
�no cable upstream 0 shutdown
�cable upstream 1 shutdown
�cable upstream 2 shutdown
�cable upstream 3 shutdown
�cable upstream 4 shutdown
�cable upstream 5 shutdown
�cable dhcp-giaddr policy

! -- Used to� modify the GIADDR field of DHCPDISCOVER and DHCPREQUEST packets with a
! -- Relay IP address before they are forwarded to the DHCP server

!���������
!���������
router eigrp 202
�redistribute connected
�redistribute static
�network 10.0.0.0
�network 172.16.0.0
�no auto-summary
�no eigrp log-neighbor-changes
!���������
router rip
�version 2
�redistribute connected
�redistribute static
�network 10.0.0.0
�network 172.16.0.0
�no auto-summary
!���������
ip default-gateway 172.16.30.1
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.30.1
ip route 172.16.30.0 255.255.255.0 Ethernet2/0
ip http server
ip http authentication local
!���������
snmp-server engineID local 00000009020000E01ED77E40
snmp-server community public RO
snmp-server community private RW
tftp-server server

! -- enable the cmts to act as a tftp server

tftp-server slot0:silver.cm alias silver.cm

! -- get the DOCSIS config file called silver.cm that is pre-downloaded to flash.
! -- this DOCSIS config file is built using DOCSIS CPE Configurator.��

!���������
line con 0
�exec-timeout 0 0
�transport input none
line aux 0
�speed 19200
line vty 0 4
�session-timeout 60�
�login
!
ntp clock-period 17179977
ntp server 172.16.135.51
end

Verification Tips for Basic Configuration

First we have to make sure that the command are supported in the Cisco IOS Software Release. For this we can do show version.

7246VXR#show version
Cisco Internetwork Operating System Software�
IOS (tm) 7200 Software (UBR7200-IK1S-M), Version 12.1(4)EC, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Fri 08-Dec-00 17:35 by ninahung
Image text-base: 0x60008950, data-base: 0x612AA000

ROM: System Bootstrap, Version 12.0(19990210:195103) [12.0XE 105], DEVELOPMENT SOFTWARE
BOOTFLASH: 7200 Software (UBR7200-BOOT-M), Version 12.0(7)T,� RELEASE SOFTWARE (fc2)

7246VXR uptime is 9 minutes
System returned to ROM by reload at 09:47:00 PDT Tue Feb 27 2001
System restarted at 09:48:26 PDT Tue Feb 27 2001
System image file is "slot0:ubr7200-ik1s-mz.121-4.EC"

cisco uBR7246VXR (NPE300) processor (revision C) with 253952K/40960K bytes of memory.
Processor board ID SAB03500058
R7000 CPU at 262Mhz, Implementation 39, Rev 1.0, 256KB L2, 2048KB L3 Cache
6 slot VXR midplane, Version 2.0

Last reset from power-on
Bridging software.
X.25 software, Version 3.0.0.
4 Ethernet/IEEE 802.3 interface(s)
1 FastEthernet/IEEE 802.3 interface(s)
5 Cable Modem network interface(s)
125K bytes of non-volatile configuration memory.

16384K bytes of Flash PCMCIA card at slot 0 (Sector size 128K).
4096K bytes of Flash internal SIMM (Sector size 256K).
Configuration register is 0x2102

We need to verify that the DOCSIS configuration file is in flash.

7246VXR#show flash
-#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name
1�� .. unknown� 2D6C7818�� 200CC��� 9������ 74 Feb 28 2001 7:39:09 silver.cm
2�� .. unknown� 1CB785DC�� 20258��� 7������ 62 Feb 20 2001 15:44:11 test.cm
3�� .. image��� 4350A04F� 7A0CC8�� 24� 7866864 Feb 27 2001 09:36:40 ubr7200-ik1s-mz.121-4.EC
4�� .. unknown� 36E5D6D3� 7A0D94��� 7������ 76 Feb 28 2001 07:23:12 gold.cm

8516204 bytes available (7867796 bytes used)

Notice that the file "silver.cm" was built using DOCSIS CPE Configurator tool . For the platunum.cm file that was built in the CMTS configuration you do not need the statement "tftp server slot0:platinum.cm alias platinum.cm" because there is no "Cm" file, it resides within the configuration.

The next step is to verify that the cable modems are online. We can achieve this with the command show cable modem.

7246VXR#show cable modem
Interface�� Prim Online���� Timing Rec��� QoS CPE IP address����� MAC address
����������� Sid� State����� Offset Power
Cable4/0/U0 75�� online���� 2290��� 0.00� 5�� 1�� 10.1.4.2������� 0010.7bed.9b23
Cable4/0/U0 76�� online���� 2809��� 0.00� 5�� 0�� 10.1.4.3������� 0002.fdfa.0a63
Cable4/0/U0 77�� online���� 2288��� 0.25� 5�� 1�� 10.1.4.5������� 0010.7bed.9b45
Cable4/0/U0 78�� online���� 2810��� 0.50� 5�� 0�� 10.1.4.4������� 0004.2752.ddd5
Cable4/0/U0 79�� online���� 2813��� 0.25� 5�� 0�� 10.1.4.6������� 0002.1685.b5db
Cable4/0/U0 80�� online���� 2812�� -0.50� 5�� 0�� 10.1.4.7������� 0001.64ff.e47d


Notice that all the cable modems are online. The ones connected to interface cable 4/0/U0 are in the network 10.1.4.0. We can see from the configuration that their ip addresses are taken from the dhcp pool called "cm-platinum".

Also notice that cable modems with Mac addresses 0010.7bed.9b23, and 0010.7bed.9b45 respectively, have a CPE behind. Those cable modems come online with the default bridging configuration. Those PCs are configured with DHCP so that they can get their IP address from the network.

7246VXR#show interface cable 4/0 modem 0
SID�� Priv bits� Type����� State���� IP address��� method��� MAC address
75��� 00�������� host����� unknown�� 172.16.29.2�� static��� 00c0.4f97.61c5
75��� 00�������� modem���� up������� 10.1.4.2����� dhcp����� 0010.7bed.9b23
76��� 00�������� modem���� up������� 10.1.4.3����� dhcp����� 0002.fdfa.0a63
77��� 00�������� host����� unknown�� 172.16.29.3�� dhcp����� 00a0.243c.eff5
77��� 00�������� modem���� up������� 10.1.4.5����� dhcp����� 0010.7bed.9b45
78��� 00�������� modem���� up������� 10.1.4.4����� dhcp����� 0004.2752.ddd5
79��� 00�������� modem���� up������� 10.1.4.6����� dhcp����� 0002.1685.b5db
80��� 00�������� modem���� up������� 10.1.4.7����� dhcp����� 0001.64ff.e47d

The following pictures show that those PCs get an IP address from the pools called "pcs-c4."

all_in_one_config2.gif

We can also see from this PC that the TCP/IP settings are to obtain ip address automatically.

all_in_one_config3.gif

Advanced all-in-one Configuration

This section provides a more sophisticated configuration example which involves the hierarchy functionality of dhcp pools. The way DHCP pool hierarchy works is that any DHCP pool with a network number that is a subset of another pool's network number inherits all the characteristics of that other pool. This saves repetition in DHCP server configuration. However, if the same specification is done with a different parameter then the parameter will be overwritten. This example will show a general pool with a bootfile called platinum.cm and a subset of this pool will have a bootfile called disable.cm.

In addition to the DHCP pools created in the basic example, we have special requirements for two cable modems.

The cable modem 0010.7bed.9b45 will be denied access. This means that the cable modem will be granted an IP address but it will not come online. For this we will create the following pool:

ip dhcp pool cm-0010.7bed.9b45
�� host 10.1.4.65 255.255.255.0
�� client-identifier 0100.107b.ed9b.45
�� bootfile disable.cm

The most notable feature of this configuration example is the section where special DHCP pools corresponding to individual cable modem MAC addresses are specified. This is so that the DHCP server can send unique DHCP options to these modems. In order to specify a particular cable modem the "client-identifier" parameter is used. The "client-identifier" must be set to 01 followed by the MAC address of the device the entry corresponds to. The 01 corresponds to hardware type of ethernet for DHCP.

Note: When changing config files for a modem it is necessary to do the following so that the cable modem gets the manually configured parameters:

  • Clear the ip dhcp binding table using the command clear ip dhcp binding <ip address> ."

  • Reset the cable modem in question using the command clear cable modem <mac address > res.

The cable modem 0010.7bed.9b23 also has an special requirement. This will get a different quality of service. Therefore a different bootfile is associated to the scope. See the partial configuration below:

ip dhcp pool cm-0010.7bed.9b23
�� host 10.1.4.66 255.255.255.0
�� client-identifier 0100.107b.ed9b.23
�� bootfile silver.cm

!

When configuring DHCP pools for specific cable modems it is always a good practice to give a relevant name. Also, since a specific ip address is assigned to the pool using the host command, we need to add the global command ip dhcp exclude 10.1.4.60 10.1.4.70. This command tells DHCP do not hand out addresses belonging to this range.

Advanced "all-in-one config" 7246VXR
7246VXR# show run

version 12.1
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
no service password-encryption
service linenumber
service udp-small-servers max-servers no-limit
!
hostname 7246VXR
!
logging buffered 1000000 debugging
!
cable qos profile 8
cable qos profile 10
cable qos profile 10 grant-size 1500
cable qos profile 12 guaranteed-upstream 100000
no cable qos permission create
no cable qos permission update
cable qos permission modems
cable time-server
!
cable config-file disable.cm
�access-denied
�service-class 1 max-upstream 1
�service-class 1 max-downstream 1600
�cpe max 1
�timestamp
!
cable config-file platinum.cm
�service-class 1 max-upstream 128
�service-class 1 guaranteed-upstream 10
�service-class 1 max-downstream 10000
�service-class 1 max-burst 1600
�cpe max 10
�timestamp
!
clock timezone PDT -8
clock summer-time PDT recurring
clock calendar-valid
ip subnet-zero
no ip finger
no ip domain-lookup
ip host vxr 172.16.26.103
ip domain-name cisco.com
ip name-server 171.68.10.70
ip name-server 171.69.2.132
ip name-server 171.68.200.250
ip dhcp excluded-address 10.1.4.60 10.1.4.70
!
ip dhcp pool cm-platinum
�� network 10.1.4.0 255.255.255.0
�� bootfile platinum.cm
�� next-server 10.1.4.1�
�� default-router 10.1.4.1�
�� option 7 ip 10.1.4.1�
�� option 4 ip 10.1.4.1�
�� option 2 hex ffff.8f80
�� lease 7 0 10
!
ip dhcp pool pcs-c4
�� network 172.16.29.0 255.255.255.224
�� next-server 172.16.29.1�
�� default-router 172.16.29.1�
�� dns-server 172.16.30.2�
�� domain-name cisco.com
�� lease 7 0 10
!
ip dhcp pool cm-0010.7bed.9b45
�� host 10.1.4.65 255.255.255.0
�� client-identifier 0100.107b.ed9b.45
�� bootfile disable.cm
!
ip dhcp pool cm-0010.7bed.9b23
�� host 10.1.4.66 255.255.255.0
�� client-identifier 0100.107b.ed9b.23
�� bootfile silver.cm
!
!
interface Ethernet2/0
�ip address 172.16.30.4 255.255.255.192
�no ip mroute-cache
�half-duplex
!
interface Cable4/0
�ip address 172.16.29.1 255.255.255.224 secondary
�ip address 10.1.4.1 255.255.255.0
�no keepalive
�cable downstream rate-limit token-bucket shaping
�cable downstream annex B
�cable downstream modulation 64qam
�cable downstream interleave-depth 32
�cable downstream frequency 555000000
�cable upstream 0 frequency 40000000
�cable upstream 0 power-level 0
�no cable upstream 0 shutdown
�cable upstream 1 shutdown
�cable upstream 2 shutdown
�cable upstream 3 shutdown
�cable upstream 4 shutdown
�cable upstream 5 shutdown
�cable dhcp-giaddr policy
!
router eigrp 202
�redistribute connected
�redistribute static
�network 10.0.0.0
�network 172.16.0.0
�no auto-summary
�no eigrp log-neighbor-changes
!
router rip
�version 2
�redistribute connected
�redistribute static
�network 10.0.0.0
�network 172.16.0.0
�no auto-summary
!
ip default-gateway 172.16.30.1
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.30.1
ip route 172.16.30.0 255.255.255.0 Ethernet2/0
ip http server
ip http authentication local
!
access-list 188 permit tcp any any eq www log
access-list 188 permit ip any any
route-map docsis permit 10
!
snmp-server engineID local 00000009020000E01ED77E40
snmp-server community public RO
snmp-server community private RW
tftp-server slot0:silver.cm alias silver.cm
tftp-server server

line con 0
�exec-timeout 0 0
�transport input none
line aux 0
�speed 19200
line vty 0 4
�session-timeout 60�
�exec-timeout 0 0
�login
!
ntp clock-period 17179973
end

Verification Tips for Advanced Configuration

The verification of this configuration focuses on the services that the cable modems are getting, specially 0010.7bed.9b45 and 0010.7bed.9b23. We need to be sure that they are getting the addresses that were manually configured with and the service.

The first thing to test is that 0010.7bed.9b45 will come online but service will be denied. For this we let's take a look at the show cable modem command:

7246VXR#show cable modem
Interface�� Prim Online���� Timing Rec��� QoS CPE IP address����� MAC address
����������� Sid� State����� Offset Power
Cable4/0/U0 7��� online���� 2813��� 0.00� 7�� 0�� 10.1.4.7������� 0002.1685.b5db
Cable4/0/U0 8��� online���� 2809��� 0.25� 7�� 0�� 10.1.4.10������ 0002.fdfa.0a63
Cable4/0/U0 9��� online���� 2288�� -0.25� 5�� 1�� 10.1.4.66������ 0010.7bed.9b23
Cable4/0/U0 10�� online(d)� 2287��� 0.50� 6�� 0�� 10.1.4.65������ 0010.7bed.9b45
Cable4/0/U0 11�� online���� 2809�� -0.50� 7�� 0�� 10.1.4.6������� 0001.64ff.e47d
Cable4/0/U0 12�� online���� 2812�� -0.50� 7�� 0�� 10.1.4.9������� 0004.2752.ddd5

There are several points to notice here:

  • Cable modem 0010.7bed.9b23 got IP address 10.4.1.66 as specified in the scope cm-0010.7bed.9b23. There is a computer attached to it and it gets its ip address from pool pcs-c4.

  • Cable modem 0010.7bed.9b23 has a different QoS.

  • Cable modem 0010.7bed.9b45 got IP address 10.1.4.65 as specified in the scope cm-0010.7bed.9b45. There is a computer attached to it, however the CPE value is 0. The reason is that the service is denied.

  • The Online State of 0010.7bed.9b45 is online(d) which means that the cable modem comes online but the access to the cable network is denied. See the output of debug cable mac log verbose from cable modem.

21:52:16:� 78736.550 CMAC_LOG_RESET_RANGING_ABORTED��������������
21:52:16:� 78736.554 CMAC_LOG_STATE_CHANGE���������������������� reset_interface_state
21:52:16:� 78736.558 CMAC_LOG_STATE_CHANGE���������������������� reset_hardware_state
21:52:17:� 78737.024 CMAC_LOG_STATE_CHANGE���������������������� wait_for_link_up_state
21:52:17:� 78737.028 CMAC_LOG_DRIVER_INIT_IDB_RESET������������� 0x082B9CA8
21:52:17:� 78737.032 CMAC_LOG_LINK_DOWN��������������������������
21:52:17:� 78737.034 CMAC_LOG_LINK_UP����������������������������
21:52:17:� 78737.040 CMAC_LOG_STATE_CHANGE���������������������� ds_channel_scanning_state
21:52:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface cable-modem0, changed state to down
21:52:18:� 78738.386 CMAC_LOG_UCD_MSG_RCVD���������������������� 1
21:52:19:� 78739.698 CMAC_LOG_DS_64QAM_LOCK_ACQUIRED������������ 747000000
21:52:19:� 78739.702 CMAC_LOG_DS_CHANNEL_SCAN_COMPLETED����������
21:52:19:� 78739.704 CMAC_LOG_STATE_CHANGE���������������������� wait_ucd_state
21:52:20:� 78740.368 CMAC_LOG_UCD_MSG_RCVD���������������������� 1
21:52:22:� 78742.396 CMAC_LOG_UCD_MSG_RCVD���������������������� 1
21:52:22:� 78742.398 CMAC_LOG_ALL_UCDS_FOUND���������������������
21:52:22:� 78742.402 CMAC_LOG_STATE_CHANGE���������������������� wait_map_state
21:52:22:� 78742.406 CMAC_LOG_FOUND_US_CHANNEL������������������ 1
21:52:24:� 78744.412 CMAC_LOG_UCD_MSG_RCVD���������������������� 1
21:52:24:� 78744.416 CMAC_LOG_UCD_NEW_US_FREQUENCY�������������� 39984000
21:52:24:� 78744.420 CMAC_LOG_SLOT_SIZE_CHANGED����������������� 8
21:52:24:� 78744.500 CMAC_LOG_UCD_UPDATED������������������������
21:52:24:� 78744.560 CMAC_LOG_MAP_MSG_RCVD�����������������������
21:52:24:� 78744.564 CMAC_LOG_INITIAL_RANGING_MINISLOTS��������� 41
21:52:24:� 78744.566 CMAC_LOG_STATE_CHANGE���������������������� ranging_1_state
21:52:24:� 78744.570 CMAC_LOG_RANGING_OFFSET_SET_TO������������� 9610
21:52:24:� 78744.574 CMAC_LOG_POWER_LEVEL_IS�������������������� 55.0� dBmV (commanded)
21:52:24:� 78744.578 CMAC_LOG_STARTING_RANGING�������������������
21:52:24:� 78744.580 CMAC_LOG_RANGING_BACKOFF_SET��������������� 0
21:52:24:� 78744.586 CMAC_LOG_RNG_REQ_QUEUED�������������������� 0
21:52:24:� 78744.622 CMAC_LOG_RNG_REQ_TRANSMITTED����������������
21:52:24:� 78744.626 CMAC_LOG_RNG_RSP_MSG_RCVD�������������������
21:52:24:� 78744.628 CMAC_LOG_RNG_RSP_SID_ASSIGNED�������������� 10
21:52:24:� 78744.632 CMAC_LOG_ADJUST_RANGING_OFFSET������������� 2286
21:52:24:� 78744.636 CMAC_LOG_RANGING_OFFSET_SET_TO������������� 11896
21:52:24:� 78744.638 CMAC_LOG_STATE_CHANGE���������������������� ranging_2_state
21:52:24:� 78744.644 CMAC_LOG_RNG_REQ_QUEUED�������������������� 10
21:52:25:� 78745.654 CMAC_LOG_RNG_REQ_TRANSMITTED����������������
21:52:25:� 78745.658 CMAC_LOG_RNG_RSP_MSG_RCVD�������������������
21:52:25:� 78745.660 CMAC_LOG_RANGING_SUCCESS��������������������
21:52:25:� 78745.680 CMAC_LOG_STATE_CHANGE���������������������� dhcp_state
21:52:25:� 78745.820 CMAC_LOG_DHCP_ASSIGNED_IP_ADDRESS���������� 10.1.4.65
21:52:25:� 78745.824 CMAC_LOG_DHCP_TFTP_SERVER_ADDRESS���������� 10.1.4.1
21:52:25:� 78745.826 CMAC_LOG_DHCP_TOD_SERVER_ADDRESS����������� 10.1.4.1
21:52:25:� 78745.830 CMAC_LOG_DHCP_SET_GATEWAY_ADDRESS�����������
21:52:25:� 78745.834 CMAC_LOG_DHCP_TZ_OFFSET�������������������� -28800
21:52:25:� 78745.836 CMAC_LOG_DHCP_CONFIG_FILE_NAME������������� disable.cm
21:52:25:� 78745.840 CMAC_LOG_DHCP_ERROR_ACQUIRING_SEC_SVR_ADDR��
21:52:25:� 78745.846 CMAC_LOG_DHCP_COMPLETE����������������������
21:52:25:� 78745.968 CMAC_LOG_STATE_CHANGE���������������������� establish_tod_state
21:52:25:� 78745.978 CMAC_LOG_TOD_REQUEST_SENT�������������������
21:52:26:� 78746.010 CMAC_LOG_TOD_REPLY_RECEIVED���������������� 3192525217
21:52:26:� 78746.018 CMAC_LOG_TOD_COMPLETE�����������������������
21:52:26:� 78746.020 CMAC_LOG_STATE_CHANGE���������������������� security_association_state
21:52:26:� 78746.024 CMAC_LOG_SECURITY_BYPASSED������������������
21:52:26:� 78746.028 CMAC_LOG_STATE_CHANGE���������������������� configuration_file_state
21:52:26:� 78746.030 CMAC_LOG_LOADING_CONFIG_FILE��������������� disable.cm
21:52:26: %LINEPROTO-5-UPDOWN: Line protocol on Interface cable-modem0, changed state to up
21:52:27:� 78747.064 CMAC_LOG_CONFIG_FILE_PROCESS_COMPLETE�������
21:52:27:� 78747.066 CMAC_LOG_STATE_CHANGE���������������������� registration_state
21:52:27:� 78747.070 CMAC_LOG_REG_REQ_MSG_QUEUED�����������������
21:52:27:� 78747.076 CMAC_LOG_REG_REQ_TRANSMITTED����������������
21:52:27:� 78747.080 CMAC_LOG_REG_RSP_MSG_RCVD�������������������
21:52:27:� 78747.082 CMAC_LOG_COS_ASSIGNED_SID������������������ 1/10
21:52:27:� 78747.088 CMAC_LOG_RNG_REQ_QUEUED�������������������� 10
21:52:27:� 78747.090 CMAC_LOG_NETWORK_ACCESS_DENIED��������������
21:52:27:� 78747.094 CMAC_LOG_REGISTRATION_OK��������������������
21:52:27:� 78747.096 CMAC_LOG_STATE_CHANGE���������������������� establish_privacy_state
21:52:27:� 78747.100 CMAC_LOG_PRIVACY_NOT_CONFIGURED�������������
21:52:27:� 78747.102 CMAC_LOG_STATE_CHANGE���������������������� maintenance_state
21:52:31:� 78751.122 CMAC_LOG_RNG_REQ_TRANSMITTED����������������
21:52:31:� 78751.124 CMAC_LOG_RNG_RSP_MSG_RCVD�������������������
21:52:37:� 78757.164 CMAC_LOG_RNG_REQ_TRANSMITTED����������������
21:52:37:� 78757.168 CMAC_LOG_RNG_RSP_MSG_RCVD�������������������
21:52:43:� 78763.206 CMAC_LOG_RNG_REQ_TRANSMITTED����������������
21:52:43:� 78763.210 CMAC_LOG_RNG_RSP_MSG_RCVD�������������������
21:52:49:� 78769.250 CMAC_LOG_RNG_REQ_TRANSMITTED����������������
21:52:49:� 78769.252 CMAC_LOG_RNG_RSP_MSG_RCVD

The output of this debug shows that the Network Access is Denied.

7246VXR#show cable modem detail
Interface�� SID� MAC address��� Max CPE� Concatenation� Rx SNR
Cable4/0/U0 7��� 0002.1685.b5db 10������ yes����������� 33.52
Cable4/0/U0 8��� 0002.fdfa.0a63 10������ yes����������� 33.24
Cable4/0/U0 9��� 0010.7bed.9b23 1������� no������������ 33.29
Cable4/0/U0 10�� 0010.7bed.9b45 1������� no������������ 33.23
Cable4/0/U0 11�� 0001.64ff.e47d 10������ yes����������� 33.20
Cable4/0/U0 12�� 0004.2752.ddd5 10������ yes����������� 33.44

Notice that the Max CPE for cable modems with special scopes is 1 and the rest are 10. If you see the configuration of scope platinum.cm, it has 10 CPEs specified, on the other hand, scope disable.cm has only 1 CPE. The preconfigured DOCSIS configuration file silver.cm has also only one CPE specified.

7246VXR#show interface cable 4/0 modem 0
SID�� Priv bits� Type����� State���� IP address��� method��� MAC address
7���� 00�������� modem���� up������� 10.1.4.7����� dhcp����� 0002.1685.b5db
8���� 00�������� modem���� up������� 10.1.4.10���� dhcp����� 0002.fdfa.0a63
9���� 00�������� host����� unknown�� 172.16.29.2�� static��� 00c0.4f97.61c5
9���� 00�������� modem���� up������� 10.1.4.66���� dhcp����� 0010.7bed.9b23
10��� 00�������� modem���� up������� 10.1.4.65���� dhcp����� 0010.7bed.9b45
11��� 00�������� modem���� up������� 10.1.4.6����� dhcp����� 0001.64ff.e47d
12��� 00�������� modem���� up������� 10.1.4.9����� dhcp����� 0004.2752.ddd5

To verify that the cable modems are getting the correct level of service, we see the output of the command show cable qos profile.

7246VXR#show cable qos profile
ID� Prio Max������ Guarantee Max������� Max�� TOS� TOS�� Create� B���� IP prec.
�������� upstream� upstream� downstream tx��� mask value by����� priv� rate
�������� bandwidth bandwidth bandwidth� burst������������������� enab� enab
1�� 0��� 0�������� 0�������� 0��������� 0���� 0x0� 0x0�� cmts(r) no��� no������
2�� 0��� 64000���� 0�������� 1000000��� 0���� 0x0� 0x0�� cmts(r) no��� no������
3�� 7��� 31200���� 31200���� 0��������� 0���� 0x0� 0x0�� cmts��� yes�� no������
4�� 7��� 87200���� 87200���� 0��������� 0���� 0x0� 0x0�� cmts��� yes�� no������
5�� 4��� 64000���� 0�������� 512000���� 0���� 0x0� 0x0�� cm����� no��� no������
6�� 0��� 1000����� 0�������� 1600000��� 0���� 0x0� 0x0�� cm����� no��� no������
7�� 0��� 128000��� 10000���� 10000000�� 1600� 0x0� 0x0�� cm����� no��� no������
8�� 0��� 0�������� 0�������� 0��������� 0���� 0x0� 0x0�� mgmt��� no��� no������
10� 0��� 0�������� 0�������� 0��������� 0���� 0x0� 0x0�� mgmt��� no��� no������
12� 0��� 0�������� 100000000 0��������� 0���� 0x0� 0x0�� mgmt��� no��� no

Notice that qos ID 7 matches with the configuration on platinum.cm:

cable config-file platinum.cm
�service-class 1 max-upstream 128
�service-class 1 guaranteed-upstream 10
�service-class 1 max-downstream 10000
�service-class 1 max-burst 1600
�cpe max 10
�timestamp

The same happens with the DOCSIS configuration of disable.cm.

7246VXR#show ip dhcp binding
IP address������ Hardware address������� Lease expiration������� Type
10.1.4.6�������� 0100.0164.ffe4.7d������ Mar 08 2001 07:58 AM��� Automatic
10.1.4.7�������� 0100.0216.85b5.db������ Mar 08 2001 07:58 AM��� Automatic
10.1.4.9�������� 0100.0427.52dd.d5������ Mar 08 2001 07:58 AM��� Automatic
10.1.4.10������� 0100.02fd.fa0a.63������ Mar 08 2001 08:36 AM��� Automatic
10.1.4.65������� 0100.107b.ed9b.45������ Infinite��������������� Manual
10.1.4.66������� 0100.107b.ed9b.23������ Infinite��������������� Manual

Related Information

Updated: Nov 08, 2006
Document ID: 28990