Cisco INA2320 Installation and Configuration Guide
Table of Contents
Cisco INA2320 Features
In-Band and Out-of-Band Operation
Ethernet Backbone Interface
Number of Upstream and Downstream Channels
Modulation Schemes Supported
Quality of Service
Authentication and Accounting
Authentication and Accounting Using SNMPNetwork Address Translation and IP Routing
Authentication and Accounting Using RADIUS
Network Security Using a Shared Secret (for RADIUS Communication)
IP Routing and IP Filtering
This chapter provides an introduction to the Cisco DVB INA2320 Interactive Network Adapter and its functions. This chapter contains the following sections:
The Cisco DVB INA2320 is the headend unit controlling the bidirectional broadband data communication over the hybrid fiber-coaxial (HFC) network to the customer premises equipment (CPE) that is connected to the HFC network. The Cisco DVB INA2320 is based on the open Digital Video Broadcast (DVB) standards.
The Cisco DVB INA2320 interfaces to DVB-compliant CPE and provides the link to the backbone network toward the Internet Protocol (IP) hosts using an Ethernet interface.
You can configure and monitor the Cisco DVB INA2320 using the Cable DVB/DAVIC Management Program; this program is based on Simple Network Management Protocol (SNMP) standard. The Cisco DVB INA2320 supports the Cisco Subscriber Registration Center (C), which is used to configure and manage broadband modems and to enable and administer subscriber self-registration.
The Cisco DVB INA2320 is compliant with the standards listed in "Standards Compliance List"
Figure 1-1 shows an example of a cable data system.
Figure 1-1: Example of a Typical Cable Data System
The Cisco DVB INA2320 is a modular system built into a standard 19-inch subrack. See Figure 1-2.
Figure 1-2: Front View of the Cisco DVB INA2320
The Cisco DVB INA2320 includes the following modules:
You can update the software of the Cisco DVB INA2320 remotely, without physically accessing the unit. The update is performed from an FTP server connected to the Ethernet.
The Cisco DVB INA2320 has an alarm relay connector to be connected to external alarm systems. In the event of a major unit failure, the external alarm system can report the alarm situation and raise attention to the INA creating the alarm.
On the front plates of the Cisco DVB INA2320 modules, alarm LEDs provide information for monitoring the operational status of each module.
The Cisco DVB INA2320 Interactive Network Adapter supports in-band and out-of-band data traffic; it can control DVB cable modems and DVB set-top boxes in one network. The in-band operation is used for DVB cable modems. The out-of-band operation is used for DVB interactive set-top boxes.
You configure each downstream channel of the INA2320 for in-band or out-of-band operation in the Cable DVB/DAVIC Management Program. For instructions on how to configure in-band or out-of-band operation, see the "INA Modulator Setup" section.
The Cisco DVB INA2320 is connected to the backbone network via a 10/100 Mbps Ethernet network adapter.
On the downstream side, the Cisco DVB INA2320 can support two downstream channels. The Modulator module enables one downstream channel per default.
On the upstream, the Cisco DVB INA2320 can support up to eight upstream channels. One or two Demodulator modules can be installed in the Cisco DVB INA2320. Each Demodulator module demodulates four incoming upstream channels.
When receiving the Cisco DVB INA2320, all ordered upstream and downstream channels are enabled. As the demand for upstream channel capacity grows, you can add further upstream channels.
All upstream and downstream channels are managed in the Cable DVB/DAVIC Management Program as one system in a flexible way. To order an upgrade kit to add a Demodulator module, contact your local Cisco Systems representative.
On hybrid fiber-coaxial networks with 8-MHz channel spacing, the Cisco DVB INA2320 uses the full 8-MHz bandwidth and can provide a channel bit rate of up to 42 Mbps on one 64QAM modulated downstream channel.
The Cisco DVB INA2320 supports several downstream modulation schemes. The following list shows the modulation schemes supported:
The downstream modulation scheme is configured in the Cable DVB/DAVIC Management Program.
On the upstream, the modulation type QPSK is used.
The Cisco DVB INA2320 supports different types of quality of service (QoS). In the Cable DVB/DAVIC Management Program, you specify the individual profiles of quality of service. A QoS profile is assigned to each connected cable modem.
Up to 32 profile entries can be configured in the Cable DVB/DAVIC Management Program. For each entry, you can set the following parameters:
These settings can be set separately for the upstream and downstream channels for one profile.
Each time you configure a new modem or a new set-top box, you assign one of the defined quality-of-service entries to the unit. For more information on how to set up quality-of-service profiles, see the "Quality of Service" section.
Managing modem pools for large numbers of users creates the need for significant administrative support. All cable modems or set-top boxes connected to the Cisco DVB INA2320 require attention to security, authorization, and accounting. This is best achieved by managing a single user database, which allows for authentication (verifying user name and password), accounting, and configuration information.
Figure 1-3: Schematic Overview for RADIUS Authentication and Accounting
The Cisco DVB INA2320 supports the following two methods for authentication and accounting:
The Cisco DVB INA2320 collects the user data from the connected modemsthe number of transferred bytes upstream and downstream, and other dataand stores the data in an internal database.
Using SNMP you can access and modify the authentication and accounting data and use it in third-party products. You can poll the bytes transferred to and from each modem. For additional information, see the "Modem Connection Details" section.
The Cisco DVB INA2320 operates as a RADIUS client and is responsible for passing user information from the connected cable modems and set-top boxes to designated RADIUS servers, and then acts on the response that is returned. A RADIUS server is responsible for the sign-on and authentication of the cable modems and set-top boxes. It receives user connection requests and sends authentication information to the modem, which then tries to sign on to the network.
The RADIUS server authenticates the modem using the MAC address of the cable modem or set-top box.
Each service provided via the Cisco DVB INA2320 to a cable data modem or set-top box constitutes a session. Each session has a start time and an end time. A modem can have multiple sessions in parallel, with each session generating a separate start and stop accounting record with its own Account Session Identification.
The Cisco DVB INA2320 sends information to the RADIUS servers, at the start and the end of a modem session and continuously at user-defined intervals, about the data traffic to and from each modem.
At the end of a service delivery, the Cisco DVB INA2320 sends data packets describing the type of service that was delivered and statistics such as elapsed time, number of input bytes, and number of output bytes.
To provide network security, all transactions between the Cisco DVB INA2320 and the RADIUS server are authenticated by a shared secret. The shared secret itself is never sent over the network.
In addition, all user passwords are sent encrypted between the Cisco DVB INA2320 and the RADIUS server. This eliminates the possibility that someone is snooping on an insecure network and could determine a user's password.
The Cisco DVB INA2320 can perform Network Address Translation (NAT) for the connected customer premises equipment. For backbone routing, the user can enter multiple static routing entries. For further details, see the "Routing Table" section. Use these routing entries to access PCs connected to cable modems. By setting the cable modem HFC IP address to be the gateway to the connected PC, the Cisco DVB INA2320 has the necessary information to forward IP packets to PCs outside the HFC network.
The Cisco DVB INA2320 also supports internal routing for the traffic between customer premises equipment connected to the same subnet on the hybrid fiber-coaxial network. See the "IP Routing and IP Filtering" section.
For automatic IP address allocation to the connected DVB cable modems or set-top-boxes, the DHCP/BootP relay agent in the INA relays the IP addresses requested from a connected DHCP server automatically to the connected cable modems or set-top boxes.
The Cisco DVB INA2320 can be set up to perform routing of IP data. You can specify the IP address to base routing on and the IP address of the gateway to send the IP data to. By defining the prefix length of the IP address, you set the routing criteria.
In the Cable DVB/DAVIC Management Program, the user can configure multiple entries for IP routing. For further details, see the "Routing Table" section.
A typical application for IP Routing is accessing a PC connected to a cable modem. In this case, you set the HFC IP address of the cable modem to be the gateway in the respective routing entry.
The Cisco DVB INA2320 supports Network Address Translation and Internet Group Multicast Protocol. For further details, see the "IP Details, NAT and Multicast" section.
The Cisco DVB INA2320 can be set up to filter IP frames. In the Cable DVB/DAVIC Management Program, you can configure multiple filtering entries for IP filtering. For further details, see the "Filter Table" section. In the Cable DVB/DAVIC Management Program, you enable the filtering and specify the destination IP address and the source IP address for each filter table entry.
An IP filtering criterium is that you specify how many digits the IP address must match to pass through the INA; you do this by setting the prefix length. When filtering UDP and TCP packets, you can specify the port number. For further details, see the "IP Frame Routing" section.
When the Cisco DVB INA2320 is operated in MAC bridging mode, all subscriber IP addresses are in the same broadcast domain. All data traffic is forwarded to all CPE devices in MAC bridging mode. The IP address of the Ethernet interface of the Cisco DVB INA2320 is used mainly for SNMP configuration of the unit. The subnet table is not used.
In the Cable DVB/DAVIC Management Program you can set up filters to filter the data traffic when operated in MAC bridging mode. You can set that only IP data traffic or only Point-to-Point over Ethernet (PPPoE) data traffic is allowed to pass through the Cisco DVB INA2320. For further details, see the "IP Details, NAT and Multicast" section.