The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Revised: February 9, 2009
Note | Cisco IOS Release 12.2(33)SCA integrates support for this feature on the Cisco CMTS routers. This feature is also supported in Cisco IOS Release 12.3BC, and this document contains information that references many legacy documents related to Cisco IOS 12.3BC. In general, any references to Cisco IOS Release 12.3BC also apply to Cisco IOS Release 12.2SC. |
Cisco IOS Release 12.3(13a)BC introduces support for the Common Open Policy Service (COPS) engine feature on the Cisco universal broadband routers. The Cisco Cable Modem Termination System (CMTS) also supports Access control lists (ACLs) with the COPS engine.
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://tools.cisco.com/ITDIT/CFN/. An account on http://www.cisco.com/ is not required.
Common Open Policy Service (COPS) is a protocol for communicating network traffic policy information to network devices.
COPS works in correspondence with the Resource Reservation Protocol (RSVP), which is a means for reserving network resources—primarily bandwidth—to guarantee that applications sending end-to-end across the Internet will perform at the desired speed and quality. RSVP is not configured on the Cisco CMTS, but the Cisco CMTS presumes RSVP on the network for these configurations.
Refer to the Additional References for further information about COPS for RSVP.
This section describes the tasks for configuring the COPS for RSVP feature on the Cisco CMTS.
To configure the COPS engine on the Cisco CMTS, perform the following tasks:
This feature allows you to change the Differentiated Services Code Point (DSCP) marking for COPS messages that are transmitted or received by the Cisco router. The cops ip dscp command changes the default IP parameters for connections between the Cisco router and COPS servers in the cable network.
DSCP values are used in Quality of Service (QoS) configurations on a Cisco router to summarize the relationship between DSCP and IP precedence. This command allows COPS to remark the packets for either incoming or outbound connections.
The default setting is 0 for outbound connections. On default incoming connections, the COPS engine takes the DSCP value from the COPS server initiating the TCP connection.
Note | This feature affects all TCP connections with all COPS servers. |
Perform the following steps to enable optional DSCP marking for COPS messages on the Cisco CMTS.
This feature allows you to override the default TCP receive window size that is used by COPS processes. This setting can be used to prevent the COPS server from sending too much data at one time.
Perform the following steps to change the TCP Window size on the Cisco CMTS.
Cisco IOS Release 12.3(13)BC introduces support for Access Control Lists (ACLs) for COPS. Perform the following steps to configure COPS ACLs on the Cisco CMTS.
Note | When using ACLs with cable monitor and the Cisco uBR10012 router, combine multiple ACLs into one ACL, and then configure cable monitor with the consolidated ACL. |
Command or Action | Purpose | |
---|---|---|
Step 1 | enable
Example: Router> enable |
Enables privileged EXEC mode. |
Step 2 | configure
terminal
Example: Router# configure terminal |
Enters global configuration mode. |
Step 3 | cops
listeners
access-list{
acl-num
|acl-name }
Example: Router# cops listeners access-list 40 |
Configures access control lists (ACLs) for inbound connections to all COPS listener applications on the Cisco CMTS. To remove this setting from the Cisco CMTS, us the no form of this command. |
Step 4 |
exit
Example: Router(config)# exit Router# |
Returns to privileged EXEC mode. |
Access lists can be displayed by using the show access-list command in privileged EXEC mode.
Cisco IOS Release 12.3(13)BC introduces support for Access Control Lists (ACLs) with COPS, and further supports the option of restricting the RSVP policy to specific access control lists (ACLs).
Perform the following steps to restrict the RSVP policy to specific ACLs, as already configured on the Cisco CMTS.
For ACL configuration, refer to the Configuring Access Control List Support for COPS Engine.
Command or Action | Purpose | |
---|---|---|
Step 1 | enable
Example: Router> enable |
Enables privileged EXEC mode. Enter your password if prompted. |
Step 2 | configure
terminal
Example: Router# configure terminal |
Enters global configuration mode. |
Step 3 |
interface
cable (slot
/subslot
/port
}
Example: Router(config)#interface cable 8/0/1 Router(config-if)# |
Enters interface configuration mode. |
Step 4 | ip rsvp policy cops
ACL-1 ACL-2
servers
iP-addr1 IP-addr2
Example: Router(config-if)# ip rsvp policy cops 40 160 servers 161.44.130.164 161.44.129.2 |
Tells the router to apply RSVP policy to messages that match the specified ACLs, and specifies the COPS server or servers for those sessions. |
Step 5 | exit
Example: Router(config)# exit Router# |
Returns to privileged EXEC mode. |
Once COPS is enabled and configured on the Cisco CMTS, you can verify and track configuration by using one or all of the show commands in the following steps.
Command or Action | Purpose | |
---|---|---|
Step 1 | enable
Example: Router> enable |
Enables privileged EXEC mode. Enter your password if prompted. |
Step 2 | show
cops
servers
Example: Router# show cops servers |
Displays server addresses, port, state, keepalives, and policy client information. |
Step 3 | show
ip
rsvp
policy
cops
Example: Router# show ip rsvp policy cops |
Displays policy server addresses, ACL IDs, and client/server connection status. |
Step 4 | show
ip
rsvp
policy
Example: Router# show ip rsvp policy |
Displays ACL IDs and their connection status. |
The following examples display three views of the COPS engine configuration on the Cisco router. These respective show commands verify the COPS engine configuration.
This example displays the policy server address, state, keepalives, and policy client information:
Router# show cops servers COPS SERVER: Address: 161.44.135.172. Port: 3288. State: 0. Keepalive: 120 sec Number of clients: 1. Number of sessions: 1. COPS CLIENT: Client type: 1. State: 0.
This example displays the policy server address, the ACL ID, and the client/server connection status:
Router# show ip rsvp policy cops COPS/RSVP entry. ACLs: 40 60 PDPs: 161.44.135.172 Current state: Connected Currently connected to PDP 161.44.135.172, port 0
This example displays the ACL ID numbers and the status for each ACL ID:
Router# show ip rsvp policy Local policy: Currently unsupported COPS: ACLs: 40 60 . State: CONNECTED. ACLs: 40 160 . State: CONNECTING.
Cisco IOS Release 12.3(13a)BC and later releases support the following commands for debugging the COPS Engine on the Cisco CMTS:
To enable debugging processes for PacketCable with the COPS engine, use the debug packetcable cops command in privileged EXEC mode. To disable debugging, use the no form of this command.
debug packetcable cops
no debug packetcable cops
The following example illustrates the debug packetcable cops command.
Router# debug packetcable cops Pktcbl COPS msgs debugging is on
To enable and display debugging processes for PacketCable gate control, use the debug packetcable gate control command in privileged EXEC mode. To disable this debugging, use the no form of this command:
debug packetcable gate control
no debug packetcable gate control
The following example illustrates gate control debugging:
Router# debug packetcable gate control Pktcbl gate control msgs debugging is on
To enable and display debugging processes for PacketCable subscribers, use the debug packetcable subscriber command in privileged EXEC mode. To disable this debugging, use the no form of this command:
debug packetcable subscriber IP-addr
no debug packetcable subscriber IP-addr
The following example illustrates the activation of the debug packetcable subscriber command for the specified IP address:
Router# debug packetcable subscriber 68.1.2.5 Pktcbl on the subscriber debugging is on
To display current debugging information that includes PacketCable COPS messages on the Cisco CMTS, use the show debug command in privileged EXEC mode.
Router# show debug PacketCable Client: Pktcbl COPS msgs debugging is on PacketCable specific: Debugging is on for Subscriber 68.1.2.4, Mask 255.255.255.255 SLOT 6/0: Nov 19 04:57:09.219: %UBR10000-5-UNREGSIDTIMEOUT: CMTS deleted unregistered Cable Modem 0002.8a8c.8c1a SLOT 6/0: Nov 19 04:57:12.279: %UBR10000-5-UNREGSIDTIMEOUT: CMTS deleted unregistered Cable Modem 0002.8a8c.92ae *Nov 19 04:57:19.751: PktCbl(cops): Received callback [code 2, handle: 0x63982B08] from COPS engine *Nov 19 04:57:19.751: PktCbl(cops): Received a COPS DEC message, flags is 0x1 *Nov 19 04:57:19.755: PktCbl(cops): Received callback [code 2, handle: 0x63982B08] from COPS engine *Nov 19 04:57:19.755: PktCbl(cops): Received a COPS DEC message, flags is 0x1 *Nov 19 04:57:19.755: PktCbl(cops): Received callback [code 2, handle: 0x63982B08] from COPS engine *Nov 19 04:57:19.755: PktCbl(cops): Received a COPS DEC message, flags is 0x1 *Nov 19 04:57:19.755: PktCbl(cops): Received callback [code 2, handle: 0x63982B08] from COPS engine *Nov 19 04:57:19.755: PktCbl(ndle: 0x63982B08] from COPS engine
The following sections provide COPS for RSVP configuration examples on the Cisco CMTS:
The following example specifies the COPS server and enables COPS for RSVP on the server. Both of these functions are accomplished by using the ip rsvp policy cops command. By implication, the default settings for all remaining COPS for RSVP commands are accepted.
Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ip rsvp policy cops servers 161.44.130.168 161.44.129.6 Router(config)# exit
The following examples display three views of the COPS for RSVP configuration on the router, which can be used to verify the COPS for RSVP configuration.
This example displays the policy server address, state, keepalives, and policy client information:
Router# show cops servers COPS SERVER: Address: 161.44.135.172. Port: 3288. State: 0. Keepalive: 120 sec Number of clients: 1. Number of sessions: 1. COPS CLIENT: Client type: 1. State: 0.
This example displays the policy server address, the ACL ID, and the client/server connection status:
Router# show ip rsvp policy cops COPS/RSVP entry. ACLs: 40 60 PDPs: 161.44.135.172 Current state: Connected Currently connected to PDP 161.44.135.172, port 0
This example displays the ACL ID numbers and the status for each ACL ID:
Router# show ip rsvp policy Local policy: Currently unsupported COPS: ACLs: 40 60 . State: CONNECTED. ACLs: 40 160 . State: CONNECTING.
Related Topic |
Document Title |
---|---|
Cisco CMTS Commands |
|
COPS for RSVP |
http://www.cisco.com/en/US/docs/ios-xml/ios/qos_rsvp/configuration/12-4t/cops_rsvp.html http://www.cisco.com/en/US/docs/ios/12_1t/12_1t1/feature/guide/CopsRSVP.html |
Standard |
Title |
---|---|
PKT-SP-ESP-I01-991229 |
PacketCable™ Electronic Surveillance Specification ( http://www.packetcable.com ) |
MIB |
MIBs Link |
---|---|
|
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: |
RFC |
Title |
---|---|
General RFC Resources |
http://www.rfc-editor.org/rfcsearch.html
|
Description |
Link |
---|---|
The Cisco Technical Support & Documentation website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content. |
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://tools.cisco.com/ITDIT/CFN/. An account on http://www.cisco.com/ is not required.
Note | The below table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature. |
Feature Name |
Releases |
Feature Information |
---|---|---|
Access Control for COPS/TCP Ports |
12.3(13a)BC |
Support for Common Open Policy Service (COPS) engine and Access Control Lists for COPS introduced for the Cisco uBR10012 router and Cisco uBR7246VXR router. The following commands are new or modified: |
PacketCable Client Accept Timeout |
12.3(21)BC |
Support for the PacketCable Client Accept Timeout feature was added. |
COPS Support for PacketCable |
12.2(33)SCA |
This feature was integrated into Cisco IOS Release 12.2(33)SCA. Support for the Cisco uBR7225VXR Universal Broadband Router was added. |