Creating DOCSIS Cable modem configuration files 1)Basics
First one must obtain a program to convert text config files to binary DOCSIS format. A free, console program is found here here.. Install as usual, problems with compilation are to be expected.. (docsis program last update was in 2006). Another program can be downloaded from here here(Windows (Windows only). It supports GUI and tree like view. 2) Basic settings
Our first file will just allow network acces and limit download/upload speeds: Main { NetworkAccess 1; GlobalPrivacyEnable 0; UsServiceFlow { UsServiceFlowRef 1; QosParamSetType 7; TrafficPriority 3; MaxRateSustained 128000; } DsServiceFlow { DsServiceFlowRef 2; QosParamSetType 7; TrafficPriority 3; MaxRateSustained 1000000; }
/* enables packet forwarding */ /* disables BPI(encryption) */ /* creates an upstream service flow */ /* /* /* /*
SF number */ activates SF */ sets medium priority */ max upstream transfer rate - 128kb/s */
/* creates an downstream service flow */ /* /* /* /*
SF number */ activates SF */ sets medium priority */ max downstream transfer rate - 1Mb/s */
}
Reader's comment: Please note that Ds/UsServiceRef numbers must be unique in cable modem config. On Cisco CM with same Ds and UsServiceFlowRef will end up with reject(c) status. 3) Adding advanced parameters
This file includes DS frequency, US channel number, 1 classifier, 3 service flows and limits user devices connected to modem. Main { NetworkAccess 1; GlobalPrivacyEnable 0; DownstreamFrequency 410000000; UpstreamChannelId 3; MaxCPE 3; CpeMacAddress 00:00:00:00:00:00 00:00:00:00:00:00; ; CpeMacAddress 11:11:11:11:11:11 11:11:11:11:11:11; ;
/* /* /* /* /* /* /*
enables packet forwarding */ disables BPI(encryption) */ sets DS frequency to 410MHz */ sets 3rd US channel */ allows max 3 user devices */ device #1 MAC is 00:00... */ device #2 MAC is 11:11... */
DsPacketClass { ClassifierRef 2; ServiceFlowRef 4; RulePriority 3; ActivationState 1; IpPacketClassifier { IpTos 0x0808ff; } } UsServiceFlow { UsServiceFlowRef 1; QosParamSetType 7; TrafficPriority 3; MaxRateSustained 128000; } DsServiceFlow { DsServiceFlowRef 2; QosParamSetType 7; TrafficPriority 3; MaxRateSustained 1000000; } DsServiceFlow { DsServiceFlowRef 4; QosParamSetType 7; TrafficPriority 3; MaxRateSustained 2000000; }
/* /* /* /*
Classifier number */ forwards packets using SF #4 */ Low priority classifier */ enables classifier */
/* matches ToS 0x08 */
/* /* /* /*
SF number */ activates SF */ sets medium priority */ max transfer rate - 128kb/s */
/* /* /* /*
SF number */ activates SF */ sets medium priority */ max transfer rate - 1Mb/s */
/* /* /* /*
SF number */ activates SF */ sets medium priority */ max transfer rate - 2Mb/s */
}
4) Global Parameters explained
Name
Description
Values
NetworkAccess
Controlls whether modem forwards data between 0 forwarding disabled USB/Ethernet and RF interfaces 1 forwarding enabled
GlobalPrivacyEnable
Enables BPI(encryption on RF interface)
DownstreamFrequency Specifies downstream channel frequency in Hz
0 disables BPI 1 enables BPI Frequency in HZ
UpstreamChannelId
Specifies the upstream channel number for that downstream
Desired upstream channel number
MaxCPE
Number of MAC addresses(computers, network devices), that modem will learn and forward Number of such devices packets from. This includes managed switches, APs etc.
CpeMacAddress
Specifies MAC address of a computer/device. Number of CpeMacAddress commands must be less or equal MaxCPE. Usefull when you don't want the modem to learn Access point's IP address
MaxClassifiers
Maximum number of admitted and active upstream classifiers, that modem is allowed to have
DocsisTwoEnable
Enables DOCSIS 2.0
0 disabled, 1 enabled
GenericTLV
Allows to enter TLVs unsupported by program
Sytnax: TlvCode XXX TlvLength X TlvValue 0xXX
SwUpgradeFilename
Specifies firmware filename on TFTP server.
"filename"
SwUpgradeServer
Specifies TFTP server IP address
IP address
SnmpMibObject
Specifies OID to set
Syntax: OID type value
MAC address of one device
SnmpWriteControl
MfgCVCData
Must be used several times to represent whole Producers certificate used for firmware upgrade. certificate. Can specify 254 hex chars max at a time.
MtaConfigDelimiter Note: to create Mfg CVC Data, take mfg cert and then: hexdump -v -e ' 2/1 "%02X" ' -n 254 cert.cer
The complete MfgCVCData option would be MfgCVCData 0xOUTPUT_FROM_ABOVE; To create next portion just skip first 254 chars with s: hexdump -v -e ' 2/1 "%02X" ' -n 254 -s 254 cert.cer
Increase s by 254 for next portions. 5)Service flow parameters explained
General SF parameters: Name
Description
Values
QosParamSetType
Quality of Service Parameter Set Type. Describes whether service flow is: Provisioned, Admitted and Active. Bit0 7 Active Provisioned flag, Bit1 Admitted flag, Bit2 Active flag. For a other servce flow to be working all 3 bits must be set to 1. Binary 111 disabled equals 7 deciminal.
TrafficPriority
Sets priority for packets matching that service flow. CMTS should serve first SFs with higher priority.
0 lowest (default) 7 highest
MaxRateSustained
Maximal transfer speed in b/s.
Speed in b/s
MaxTrafficBurst
Specifies how much data can be sent in one burst.
Value in bytes
MinReservedRate
Minimal bandwidth reserverd for that service flow
Speed in b/s
MinResPacketSize
Used for calculating minreserved rate, when smaller packets are Size in sent, size from this field is taken for calculations instead of bytes. actual packet size.
ActQosParamsTimeout
Specifies how long CMTS reserves resources for that(active) service flow.
AdmQosParamsTimeout
Specifies how long CMTS reserves resources for that(admitted) Value in service flow. seconds.
ServiceClassName
Specifies service class which that servce flow is part of
Value in seconds.
"service_cla ss_name"
Downstream specific parameters: Name
DsServiceFlow
Description
Values
Creates downstream service flow
none
Number of downstream service flow must match ServiceFlowRef any number DsServiceFlowRef in packet clasifiers(if exists). Service flows with lowest numbers are (165535) taken as default no classifiers needed there. MaxDsLatency
Sprecifies maximal time between reception of packet and forwarding it to RF interface on the CMTS
Value in micro seconds.
Upstream specific parameters: Name
Description
Values
UsServiceFlow
Creates upstream service flow
UsServiceFlowRef
Number of upstream service flow must match ServiceFlowRef in packet clasifiers(if exists). Service any number (165535) flows with lowest numbers are taken as default no classifiers needed there.
none
Maximum data in bytes to be MaxConcatenatedBurst transmited in one Size in bytes, default 1522 concatenation burst SchedulingType
Scheduling type to be used in 2 Best effort, 3 NonRealTime Polling, 4 service flow RealTime Polling, 5 Unsolicited Grant Service with Activity Detection, 6 Unsolicited
Grant Service
RequestOrTxPolicy
There are 16 bits numbered from 15 to 0. Bit0 disables all cm opportunities, bit1 disables Priority Request multicast opportunities, bit2 disables Request/Data opportunities for Request/Transmission Policy Requests bit3 same for data, bit4 disables specifies behaviour of a piggyback requests with data, bit5 disables serice flow concatenation, bit6 disables fragmentation, bit7 disables payload header suppression, bit8 enables droping of packets that do not fit in the Unsolicited Grant. Example: 0x000001ff; Size
IpTosOverwrite
Enables overwriting ToS values for matchin packets
New ToS=(Old Tos AND AA) OR OO,example: 0xAAOO
I've purposely omited information about other sheduling types: UGS, UGS with AD, non realtime polling, realtime polling. Test revealed that they are only useful with VOIP and/or streaming video. One may use source ip or destination port based classifier to capture voip traffic and limit UP and downstream service flows to no more than 128k. Since its uselles for browsing the internet no one should exploit that SF. With streaming video destiantion IP of video server must be known because high speed, low latency connection is VERY likely to be exploited if unprotected properly. It might be good idea for voip to create separate IP address class for voip gateways and create best effort service flows with highest traffic priority. Adding MinReservedRate may give even better results. 6)Classifies
IP and port based classifier UsPacketClass { ServiceFlowRef 3; ClassifierRef 11; RulePriority 68; ActivationState 1; IpPacketClassifier { IpSrcAddr 192.168.0.0; IpSrcMask 255.255.255.0; SrcPortStart 1024; SrcPortEnd 2000; IpDstAddr 113.206.95.144; IpDstMask 255.255.255.248; DstPortStart 80; DstPortEnd 80; IpProto 6; } }
MAC address based classifier UsPacketClass { ServiceFlowRef 3;
/* /* /* /* /* /* /* /*
Matches: */ source IPs from 192.168.0.0 */ to 192.168.0.255 */ source ports from 1024 */ to 2000 */ destination IPs from 113.206.95.144 */ to 113.206.95.151 */ destination port 80 */
/* TCP protocol */
ClassifierRef 11; RulePriority 68; ActivationState 1; LLCPacketClassifier { SrcMacAddress 00:11:22:33:44:55 /* Matches that MAC address }
*/
}
General classifier parameters: Name
Description
Values
DsPacketClass
Creates downstream classifier
none
UsPacketClass
Creates upstream classifier
none
ClassifierRef
Number of classifier, must be unique in config file
any number (1255)
ServiceFlowRef
ServiceFlowRef number of service flow, which is used if packets matches that classifier.
Number of existing SF
RulePriority
Specifies the priority for the classifier. Higher number higher priority. Classifiers with higher priority are checked first.
any number (0255)
ActivationState Enables classfier DscAction
1 enabled,0 disabled?
What to do with classifier when Dynamic Service Change Request is recived
0 Add clasifier,1 replace classifier, 2 delete classifier
IP classifier parameters: Name
Description
Values
IpPacketClassifier Creates IP classifier match
none
IpTos
Matches ToS values
0xLLHHMM, where LL low tos, HH high tos, MM tos mask. Matches packets, where LL >= (tos AND MM) <= HH.
IpSrcAddr
Matches source IP
IP address
IpSrcMask
Specifies source mask. Match = SrcIP AND SrcMask
IP address
IpDstAddr
Matches destination IP
IP address
IpDstMask
Specifies destination mask. Match = DstIP AND DstMask
IP address
SrcPortStart
Matches source ports staring 0(default)65535 from that value
SrcPortEnd
Matches source ports ending 065535(default) on that value
DstPortStart
Matches destination ports staring from that value
0(default) 65535
DstPortEnd
Matches destination ports ending on that value
065535(default)
IpProto
Matches IP protocol
1 ICMP, 6 TCP, 17 UDP 256 any, 257 TCP+UDP, 0 ignore this field
LLC classifier parameters: Name
Description
Values
LLCPacketClassifier
Creates LLC(MAC) classifier match
none
DstMacAddress
Matches destination MAC
MAC address
SrcMacAddress
Matches source MAC
MAC address
EtherType
Matches ethertype
Ethertype in hex
802.1q classifier parameters: Name
Description
Values
IEEE802Classifier
Creates 802.1P/Q classifier match
none
UserPriority
Matches priority field
07
VlanID
Matches vlan ID field
04095
IP, LLC and IEEE802 matches may be used together in one classifier. 7) SNMP parameters for use in docsis configuration files
SNMP v1 access table:
Allows readonly access for community string some_password from 192.168.0.1/24 coming only from RF interface of a CM. .1 means that it's first entry remember to change when adding more. SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject
docsDevNmAccessStatus.1 Integer 4; /* createAndGo */ docsDevNmAccessIp.1 IPAddress 192.168.0.1 ; docsDevNmAccessIpMask.1 IPAddress 255.255.255.0 ; docsDevNmAccessControl.1 Integer 2; /* read */ docsDevNmAccessInterfaces.1 HexString 0x40; docsDevNmAccessCommunity.1 String "some_password" ;
Nmaccess entries explained: Name
Description
Values
docsDevNmAccessStatus
1 active, 2 inactive, 4 create and Configures row creation and activate, 5 create and deactivate, 6 it's activation delete. Stick wtih 4.
docsDevNmAccessIp
Specifies source IP of a
IP address
SNMP query matching this rule. docsDevNmAccessIpMask
Specifies source IP mask of a SNMP query matching this mask address rule.
docsDevNmAccessControl
Specifies access privileges
2 RO, 3 RW, 4 RO with traps, 5 RW with traps, 6 traps
docsDevNmAccessInterfaces
Specifies matching interface
0x40 cable, 0x80 ethernet, 0xC0,0x00 both
docsDevNmAccessCommunity
Specifies the community string
"desired_community_string"
Firewall rule:
This firewall rule prevents users from sending mail using port 25(SMTP). Note that by setting docsDevFilterIpDefault to 2(drop) one can allow only selected traffic insted of droping it. SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject SnmpMibObject
docsDevFilterIpControl.7 Integer 1; /* discard */ docsDevFilterIpIfIndex.7 Integer 0 ; docsDevFilterIpDirection.7 Integer 3; /* both */ docsDevFilterIpBroadcast.7 Integer 2; /* false */ docsDevFilterIpSaddr.7 IPAddress 0.0.0.0 ; docsDevFilterIpSmask.7 IPAddress 0.0.0.0 ; docsDevFilterIpDaddr.7 IPAddress 0.0.0.0 ; docsDevFilterIpDmask.7 IPAddress 0.0.0.0 ; docsDevFilterIpProtocol.7 Integer 6 ; docsDevFilterIpSourcePortLow.7 Integer 0 ; docsDevFilterIpSourcePortHigh.7 Integer 65535 ; docsDevFilterIpDestPortLow.7 Integer 25 ; docsDevFilterIpDestPortHigh.7 Integer 25 ; docsDevFilterIpStatus.7 Integer 4; /* createAndGo */
Notable parameters Name
Description
Values
docsDevFilterIpControl
Discards or accepts the traffic
1 discard, 2 accept
docsDevFilterIpDirection
Specifies the direction of packet to match.
1 incoming, 2 outgoing, 3 both directions
docsDevFilterIpBroadcast Matches ONLY broadcast traffic.
1 yes, 0 no
Other:
Specifies maximal number of source IPs that modem is forwarding from Ethernet and USB interfaces. WARNING: Undesired operation on some modems allows only 1 IP per MAC address. This may sound good but PCs get modem assigned(192.168.100.X) and windows private IPs all the time. Result: no network access. SnmpMibObject docsDevCpeIpMax.0 Integer 3 ;
8) Other configuarion parameters
Currently other parameters are only listed. Will write descriptions when there's time. Baseline Privacy, must be turned on by GlobalPrivacyEnable. Name
Description
Values
SAMapWaitTimeout SAMapMaxRetries BaselinePrivacy
Specifies BPI options
none tree
AuthTimeout ReAuthTimeout AuthGraceTime ReKeyTimeout TEKGraceTime AuthRejectTimeout SNMPv3 specific: Name
SnmpV3Kickstart
Description
Specifies SNMPv3 engine options
Values
none tree
SnmpV3SecurityName SnmpV3MgrPublicNumber Name
SnmpV3TrapReceiver
Description
Specifies SNMPv3 traps settings
Values
none tree
SnmpV3TrapRxIP SnmpV3TrapRxPort SnmpV3TrapRxType SnmpV3TrapRxTimeout SnmpV3TrapRxRetries SnmpV3TrapRxFilterOID SnmpV3TrapRxSecurityName
"security_name"
PHS Payload header supression: Name
PHS PHSClassifierRef PHSClassifierId PHSServiceFlowRef PHSServiceFlowId
Description
Specifies PHS options
Values
none tree
PHSField PHSIndex PHSMask PHSSize PHSVerify Vendor specific: Name
Description
Values
VendorSpecific
Specifies vendor specific options
none tree
VendorIdentifier
Specifies vendor identifier
vendor id 0xIIIIII
Modem Capabilities:
Everything shuld be enabled by default so use it only to disable things. Name
ModemCapabilities ConcatenationSupport ModemDocsisVersion FragmentationSupport PHSSupport IGMPSupport BaselinePrivacySupport DownstreamSAIDSupport UpstreamSIDSupport DCCSupport SubMgmtControl SubMgmtFilters
Latest articles: •
•
•
•
Banalna konfiguracja TPLinka TLWR340G[PL] Generating SSL Certificates[EN] Configuring traps and snmptrapd[EN] Configuring uBR7246[EN]
Contact: email:
[email protected]
Description
Starts the tree
Values
none
