Table Of Contents
Advanced-mode DOCSIS Set-Top Gateway 1.1 for the Cisco CMTS
Contents
Prerequisites for Advanced-mode DOCSIS Set-Top Gateway
General Prerequisites for A-DSG 1.1
IP Multicast Prerequisites for A-DSG 1.1
IP Unicast Prerequisites for A-DSG 1.1
Restrictions for A-DSG 1.1
DSG Restrictions
DSG Configuration File Transfer Operations
DSG Configuration for Cable Per Physical Downstream Static Multicast Support
Resolved Caveats in Cisco IOS Release 12.3(13a)BC
Information About Advanced-mode DOCSIS Set-Top Gateway
A-DSG 1.1 Features and Enhancements for the Cisco CMTS
A-DSG 1.1 and CISCO-CABLE-DSG-IF-MIB
A-DSG 1.1 Tunnels
A-DSG 1.1 Classifiers
A-DSG 1.1 Downstream Channel Descriptor (DCD)
A-DSG 1.1 Process
A-DSG 1.1 Rule
General Feature Overview for DOCSIS Set-Top Gateway
Out-of-Band Messaging
Basic Structure of the A-DSG 1.1 Network
Using Point of Deployment Modules and DSG Tunnels
DSG Addressing
DSG Operation
Primary Benefits of DOCSIS Set-Top Gateway
How to Configure Advanced-mode DOCSIS Set-Top Gateway 1.1 on the Cisco CMTS
Configuring Global A-DSG 1.1 Settings for the Cisco CMTS
What to Do Next
Configuring A-DSG 1.1 Interface Settings for the Cisco CMTS
Prerequisites
Examples
Configuring Additional Features for Advanced-mode DOCSIS Set-Top Gateway 1.1 on the Cisco CMTS
Configuring Cable Per Physical Downstream Static Multicast Support (optional)
Configuring IP IGMP Static-Group
Configuring IP Multicast Operations
Configuring NAT to Support Unicast Messaging (optional)
Configuring WAN Interfaces for MultiCast Operations
Configuring a Standard IP Access List for Packet Filtering (Optional)
Configuring a Standard IP Access List for Multicast Group Filtering (Optional)
How to Monitor the Advanced-mode DOCSIS Set-Top Gateway Feature
Displaying Advanced-mode DOCSIS Set-Top Gateway Tunnel Configurations
Examples from DSG 1.0 and Cisco IOS Release 12.3(9)
Examples from DSG Issue 0.9
Configuration Examples for Advanced-mode DOCSIS Set-Top Gateway
A-DSG 1.1 Global Configuration Examples
show cable dsg tunnel
A-DSG 1.1 Cable Interface Configuration Examples
Unicast Messaging Configuration Example
Packet Filtering Access List Configuration Example
IP Multicast Access List Configuration Example
IP Multicast Rate-Limiting Access List Configuration Example
Additional References
Related Documents
Standards
MIBs
RFCs
Technical Assistance
System Messages
Cisco IOS Release 12.3(13a)BC System Messages
Debug System Messages
Command Reference for Advanced-mode DSG Issue 1.1
cable dsg cfr
cable dsg chan-list
cable dsg client-list
cable dsg timer
cable dsg vendor param
cable dsg tunnel
cable igmp static-group
cable downstream dsg chan-list
cable downstream dsg dcd-enable
cable downstream dsg rule
cable downstream dsg timer
cable downstream dsg vendor-param
ip igmp static-group
debug cable dsg
show cable dsg tunnel
show interface cable dsg downstream
Glossary
Advanced-mode DOCSIS Set-Top Gateway 1.1 for the Cisco CMTS
This document describes the Advanced-mode DOCSIS Set-Top Gateway (A-DSG) Issue 1.1 on the Cisco Cable Modem Termination System (CMTS), commencing with Cisco IOS release 12.3(13a)BC.
DSG is a CableLabs® specification that allows cable headend equipment such as the Cisco CMTS to provide a class of cable services known as out-of-band (OOB) messaging. OOB messaging is sent to set-top boxes (STBs) over existing Data-over-Cable Service Interface Specifications (DOCSIS) cable networks.
A-DSG 1.1 allows cable Multiple System Operators (MSOs) and other service providers to combine both DOCSIS and Set-top Box (STB) operations over a single, open and vendor-independent network without requiring any changes to the existing DOCSIS network infrastructure. A-DSG 1.1 introduces several additional and powerful enhancements to the Cisco CMTS and subscriber networks using DSG technology, described further in this document.
Note 
Cisco IOS Release 12.3(13a)BC introduces a brand new command-line interface (CLI) and associated commands to support Advanced-mode DSG 1.1. These commands are not interoperable with the CLI commands supporting DSG Issue 1.0 and earlier issues prior to Cisco IOS Release 12.3(13a)BC.
When installed on the Cisco router, Cisco IOS Release 12.3(13a)BC converts any pre-existing DSG 1.0 configuration in the startup configuration to A-DSG 1.1 configuration in the running configuration. Cisco IOS 12.3(13a)BC does not support nor run DSG 1.0 configuration, nor does A-DSG 1.1 support the DSG 1.0 SNMP MIB on the 12.3(13a)BC IOS images.
Feature Specifications for Advanced-mode DOCSIS Set-Top Gateway
Feature History
|
Release
|
Modification
|
Release 12.3(21)BC
|
The cable igmp static-group command was introduced.
Information for the ip igmp static-group command was added.
|
Release 12.3(13a)BC
|
Advanced-mode DSG 1.1 (A-DSG) introduced for the following Cisco universal broadband routers:
•Cisco uBR10012 router with these field-replaceable units:
–Cisco uBR10-LCP2-MC16C/MC16E/MC16S Cable Interface Line Card
–Cisco uBR10-LCP2-MC28C Cable Interface Line Card
–Cisco uBR10-MC5X20S/U Broadband Processing Engine
•Cisco uBR7200 Series with these field-replaceable units:
–Cisco uBR-MC16U/X and Cisco MC16C/S/E Cable Interface Line Cards
–Cisco uBR-MC28U/X and Cisco MC28C Cable Interface Line Cards
|
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Contents
•Prerequisites for Advanced-mode DOCSIS Set-Top Gateway
•Restrictions for A-DSG 1.1
•Information About Advanced-mode DOCSIS Set-Top Gateway
•How to Configure Advanced-mode DOCSIS Set-Top Gateway 1.1 on the Cisco CMTS
•Configuring Additional Features for Advanced-mode DOCSIS Set-Top Gateway 1.1 on the Cisco CMTS
•How to Monitor the Advanced-mode DOCSIS Set-Top Gateway Feature
•Configuration Examples for Advanced-mode DOCSIS Set-Top Gateway
•Additional References
•System Messages
•Command Reference for Advanced-mode DSG Issue 1.1
•Glossary
Prerequisites for Advanced-mode DOCSIS Set-Top Gateway
This section describes prerequisites for Advanced-mode DSG 1.1.
•General Prerequisites for A-DSG 1.1
•IP Multicast Prerequisites for A-DSG 1.1
•IP Unicast Prerequisites for A-DSG 1.1
General Prerequisites for A-DSG 1.1
•Cisco A-DSG 1.1 is supported on the Cisco uBR7246VXR router and the Cisco uBR10012 router with Performance Routing Engine (PRE) modules.
•Either Cisco CMTS requires 128MB in memory to support A-DSG 1.1.
•Cisco IOS release 12.3(13a)BC or a later 12.3 BC release are required.
Refer to the release notes for your Cisco CMTS for additional Cisco IOS information.
Advanced-mode DSG 1.1 (A-DSG 1.1) supports features that are currently described in the CableLabs® DOCSIS CM-SP-DSG-I03-041124 specification, which has a current state of "Issued." Refer to the "A-DSG 1.1 Features and Enhancements for the Cisco CMTS" section.
For additional information about CableLabs® DSG specifications, refer to the following resource:
•DOCSIS Set-top Gateway (DSG) Interface Specification Summary
http://www.cablemodem.com/specifications/gateway.html
IP Multicast Prerequisites for A-DSG 1.1
•IP multicast routing must be enabled on the Cisco router for proper DSG operations. To enable IP multicast routing, use the ip multicast-routing command in global configuration mode.
•To enable and configure the Advanced-mode DOCSIS Set-Top Gateway feature, Protocol Independent Multicast (PIM) must be enabled on the cable interface and all outgoing WAN interfaces using the ip pim interface command. The Advanced-mode DOCSIS Set-Top Gateway feature supports the following PIM modes:
–dense-mode—Dense mode of operation.
–sparse-mode—Sparse mode of operation.
–sparse-dense mode—The interface is treated in either sparse mode or dense mode of operation, depending on the mode in which the multicast group is operating.
•For best performance, Cisco recommends enabling fast switching of IP multicast on incoming and outgoing interfaces, using the ip mroute-cache command.
•(Optional) Multicast rate-limiting can be enabled on those cable interfaces that are configured for DSG operations, using the ip multicast rate-limit out group-list command.
•(Optional) To restrict which multicast groups can be seen by the hosts, use the ip igmp access-group command to selectively disable multicast groups from being seen by the set-top-boxes.
Tip For information on the IGMP multicast commands, see the documents listed in the "Additional References" section.
IP Unicast Prerequisites for A-DSG 1.1
•Network Address Translation (NAT) must be configured to support unicast for A-DSG 1.1 messaging on the Cisco CMTS. Refer to the "Configuring NAT to Support Unicast Messaging (optional)" section for additional information.
•The Cisco uBR10012 and Cisco uBR72436VXR routers support IP multicast that uses generic routing encapsulation (GRE) tunnels over IP unicast. In this case, the DSG server (the Cisco CMTS) or a router external to the Cisco CMTS encapsulates the IP multicast packet within an IP unicast packet. The DSG Agent then unencapsulates the IP unicast tunnel and forwards the IP multicast packet onto a DSG tunnel. Refer to the "Using Point of Deployment Modules and DSG Tunnels" section.
Restrictions for A-DSG 1.1
This section describes restrictions for Advanced-mode DSG 1.1, as supported in Cisco IOS release 12.3(13a)BC:
•Cisco A-DSG 1.1 does not support the Cisco uBR7100 series routers.
•Cisco A-DSG 1.1 does not support Service Flow Quality of Service (QoS), which is available at Layer 3. The Multicast Quality of Service (MQoS) feature can be configured separately to provide QoS for DSG tunnels. Refer to the release notes for Cisco IOS Release 12.3(13a)BC for additional information.
•Cisco A-DSG 1.1 does not support subinterfaces.
•Cisco A-DSG 1.1 does not SNMP MIBS for the prior DSG 1.0 feature.
•Cisco A-DSG 1.1 does not support tunnel security, but supports access control lists (ACLs); these must be configured to prevent cable modems or other CPE devices from sending traffic to the DSG tunnels.
Additional security configuration must be applied to verify packets in the upstream are valid. Such configurations should include the following steps:
1. interface CableX/Y/Z
2. cable source-verify
3. ip verify unicast source reachable-via rx
4. ip access-group dsg out
5. exit
In this configuration, the DSG access group should be as follows:
–ip access-list extended dsg
–deny ip <cm network> <cm network mask XOR FFFFFFFF> host <dsg tunnel cfr multicast group 1>
–deny ip <cpe network> <cpe network mask XOR FFFFFFFF> host <dsg tunnel cfr multicast group 1>
–deny ip <cm network> <cm network mask XOR FFFFFFFF> host <dsg tunnel cfr multicast group n>
–deny ip <cpe network> <cpe network mask XOR FFFFFFFF> host <dsg tunnel cfr multicast group n>
–permit ip any any
DSG Restrictions
The following restrictions apply when using DSG configuration:
DSG Configuration File Transfer Operations
DSG 1.2 does not support the copying of a DSG configuration file from a TFTP server, file system, or bootflash to the running configuration.
Previously, with DSG 1.1, when copying the DSG configuration file from a file system or TFTP server to the running configuration, DSG rule error checking may disable a previously configured and valid DSG tunnel configuration. This issue has not been observed in DSG 1.1 when loading the DSG configuration file from the startup configuration, as during a reload.
DSG Configuration for Cable Per Physical Downstream Static Multicast Support
Cable Per Physical Downstream Static Multicast support was first enabled on DSG in Cisco IOS Release 12.3(13a)BC.
Beginning with Cisco IOS 12.3(21)BC, the following a new CLI is enabled for the Cable Per Physical Downstream Static Multicast feature:
cable igmp static-group <multicast group>
This CLI will only exist on Slave interfaces and, in order to eliminate any confusion with the DSG configuration, will only be display at "show run" if configured via a CLI. If this new CLI is configured by DSG, the CLI will remain hidden for that particular multicast group.
Note If a subinterface is configured at a virtual bundle interface, the subinterface number option for this CLI must be configure to match up the desired subinterface devices.
Note Any Multicast group being used by DSG (or CLI) within the same CMTS, should not be used for CLI (or DSG) configuration.
Resolved Caveats in Cisco IOS Release 12.3(13a)BC
This document will cite Caveats resolved in Cisco IOS release 12.3(13a)BC. However, such Caveats are listed in the following release note documents on Cisco.com:
•Release Notes for Cisco uBR10012 Universal Broadband Router for Cisco IOS Release 12.3 BC
http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/prod_release_note09186a0080326360.html
•Release Notes for Cisco uBR7200 Series for Cisco IOS Release 12.3 BC
http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/prod_release_note09186a00803265f8.html
Information About Advanced-mode DOCSIS Set-Top Gateway
This section contains the following topics, and describes the Advanced-mode DOCSIS Set-Top Gateway feature for the Cisco CMTS, with emphasis on Advanced-mode DSG Issue 1.1 (A-DSG):
•A-DSG 1.1 Features and Enhancements for the Cisco CMTS
•General Feature Overview for DOCSIS Set-Top Gateway
•Primary Benefits of DOCSIS Set-Top Gateway
A-DSG 1.1 Features and Enhancements for the Cisco CMTS
A-DSG 1.1 and Cisco IOS Release 12.3(13a)BC introduce a significant and powerful set of features to MSOs and the Cisco CMTS. These features represent a significant change from DSG 1.0 and earlier DSG issues. Architectural and configuration changes unique to A-DSG 1.1 emphasize the following:
•A-DSG 1.1 Tunnels
•A-DSG 1.1 Classifiers
•A-DSG 1.1 Downstream Channel Descriptor (DCD)
•A-DSG 1.1 Process
•A-DSG 1.1 Rule
A-DSG 1.1 and CISCO-CABLE-DSG-IF-MIB
Cisco IOS Release 12.3(13a)BC does not support the CISCO-CABLE-DSG-IF-MIB. Support for this MIB requires Cisco IOS Release 12.3(9a)BC.
A-DSG 1.1 Tunnels
The A-DSG Agent (the Cisco CMTS) allows the mapping of an IP multicast address to a DSG tunnel MAC address.
Multiple IP multicast addresses can be mapped to a single tunnel, but a specific IP multicast address can only be mapped to one tunnel.
A-DSG tunnels are configured in global configuration mode. Then, classifiers are created with tunnel associations, also in global configuration mode. The association maps an IP multicast address to the tunnel MAC address. Interface configurations then construct the DCD messages that contain both global and interface information about the A-DSG 1.1 tunnel.
When removing the A-DSG tunnel configuration, all DSG classifiers, rules, and classifiers in the rule configuration associated to that tunnel must be unlinked.
For configuration information, refer to the "Configuring Global A-DSG 1.1 Settings for the Cisco CMTS" section.
A-DSG 1.1 Classifiers
A classifier for A-DSG 1.1 is used to provide additional layer 3 and layer 4 filtering for the DSG tunnel. The A-DSG multicast software module applies the classifier parameters to incoming packets received from the A-DSG server in order to assign packets to the appropriate A-DSG tunnel.
Note The A-DSG tunnel must be configured before a classifier can be associated with it.
Before changing the classifier tunnel association to another DSG tunnel, if a classifier is associated to a rule, then you must remove the classifier that is associated with the rule.
For configuration information, refer to the "Configuring Global A-DSG 1.1 Settings for the Cisco CMTS" section.
A-DSG 1.1 Downstream Channel Descriptor (DCD)
Unlike earlier issues of DSG, Advanced-mode DSG (A-DSG) uses a DOCSIS MAC Management Message called the Downstream Channel Descriptor (DCD) message, and this DCD message manages the DSG Tunnel traffic. The DCD message is sent once per second on each downstream and is used by the DSG Client to determine which tunnel and classifier to use.
The DCD has a DSG address table located in the DOCSIS MAC management message. The primary difference between DSG 1.0 (and earlier issues) and A-DSG 1.1 is that advanced mode uses DCD messages to manage the DSG tunnels.
The DCD message contains a group of DSG Rules and DSG Classifiers, including the following:
•DSG rules and rule priority
•DSG classifiers
•DSG channel list type/length value (TLV)
•DSG client identifier (whether broadcast, CA System, application, or MAC-level)
•DSG timer list
•DSG upstream channel ID (UCID) list
•Vendor-specific information field
This collection of DSG rules and classifiers in the DCD message is known as the DSG Address Table. The DCD message is sent by DSG Agent (Cisco CMTS) once per second on each downstream.
The DCD message provides several functions, such as the following:
•Provides a consolidated keep-alive mechanism for all DSG Tunnels on a particular downstream.
•Provides an address substitution and classification mechanism to increase the flexibility and security of the DSG tunnel.
•Allows the use of multicast addresses.
•Allows the MSO to assign any Set-top Device to any DSG tunnel.
•Enables global changes to the DSG Client timers that allow operator-driven changes in DSG eCM performance.
The maximum DCD message length is no more than the minimum of 1522 bytes long or the MTU size. If the DCD message length is greater, the DCD message is fragmented and the DCD message is sent in pieces. In that case, the A-DSG agent needs to space out the DCD fragment within one second.
A-DSG 1.1 supports the CableLabs® DOCSIS CM-SP-DSG-I03-041124 specification, with these primary differences between DSG 1.0 and A-DSG 1.1:
•A-DSG 1.1 enables the learning of dynamic tunnel definitions. DSG 1.0 only had static tunnel definitions (set on the STB).
•A-DSG 1.1 supports several new command-line interface (CLI) configuration and show commands for advanced-mode configuration and network information.
For global configuration information, refer to the "Configuring Global A-DSG 1.1 Settings for the Cisco CMTS" section.
For interface configuration information, refer to the "Configuring A-DSG 1.1 Interface Settings for the Cisco CMTS" section.
A-DSG 1.1 Process
The Advanced DSG 1.1 processor handles the construction and transmission of the DCD message on each downstream. A DCD timer is defined for each downstream and it is initialized during startup. The timer is started when the interface is up and DCD is enabled. The Advanced DCD process wakes up when the timer expires and handles the DCD processing.
For global and timer configuration information, refer to the "Configuring Global A-DSG 1.1 Settings for the Cisco CMTS" section.
For interface configuration information, refer to the "Configuring A-DSG 1.1 Interface Settings for the Cisco CMTS" section.
A-DSG 1.1 Rule
The parameters associated with the DSG rule are used by the DSG Client to determine which DSG Tunnel to receive and if there are any classifiers to apply. DSG rules are included in the DCD message. All the DSG parameters i.e. tunnels, classifiers, client ID list, vendor specific parameters, and UCID range must be configured before it can be associated to the DSG rule. When removing the rule configuration, the global configuration of the tunnel and classifiers associated to that rule should remain same.
For global and timer configuration information, refer to the "Configuring Global A-DSG 1.1 Settings for the Cisco CMTS" section.
For interface configuration information, refer to the "Configuring A-DSG 1.1 Interface Settings for the Cisco CMTS" section.
General Feature Overview for DOCSIS Set-Top Gateway
The Advanced-mode DOCSIS Set-Top Gateway (DSG) feature allows the Cisco CMTS to provide a class of cable services known as out-of-band (OOB) messaging to set-top boxes (STBs) over existing DOCSIS networks. This allows MSOs and other service providers to combine both DOCSIS and STB operations over one, open, vendor-independent network, without any change to the existing network or cable modems.
Out-of-Band Messaging
Out-of-band (OOB) messages allow network control and management messages to be sent to customer premises equipment (CPE) devices, without interfering with the normal data traffic flow. OOB messages also have an advantage over in-band messages in that OOB messages are not dependent on the type of traffic or applications being sent over the network. This allows new OOB messages to be developed and implemented, without requiring any corresponding changes in the network application software.
Previously, OOB messages have been carried over dedicated channels that use proprietary video standards such as SCTE/DVS-167, SCTE/DVS-178, and DVB-RCCL/DAVIC-RCC. These existing systems have the following limitations:
•Multiple System Operators (MSOs) and other service providers are locked into legacy systems that require proprietary application servers and STBs, which might require additional licensing fees and service charges.
•Existing OOB messages (DVS167/178) are delivered over legacy transport mechanisms that are not adaptable for future service offerings.
•Upstream performance limitations (a maximum of 256 kbps) are unsuitable for large-scale deployment of a variety of interactive, real-time services.
To respond to these limitations, the CableLabs consortium developed the DSG specification to provide a multi-vendor solution that works with both legacy STB and DOCSIS transport paths. This allows MSOs and other service providers to use their legacy systems and STBs over their existing DOCSIS cable plants, while still preparing for DSG-capable STBs that support applications such as Video-on-Demand (VoD), online gaming and other interactive services.
DSG systems allow a wide variety of OOB messages, such as the following standard messages, in addition to generic and vendor-defined messages:
•Conditional Access (CA) messages, to identify which programs and services to which a user is entitled
•System Information (SI) messages for the management of the STB and its channels.
•Electronic program guide (EPG) to provide up-to-date program information for STB services and programs.
Basic Structure of the A-DSG 1.1 Network
The Advanced-mode DOCSIS Set-Top Gateway feature implements the DSG specification on the Cisco CMTS platform, allowing a Cisco CMTS to support both STBs and cable modems over the existing DOCSIS cable network. The CMTS creates a one-way IP datagram channel, called a DSG tunnel, to transport OOB messages to the STBs, allowing the consolidation of cable modem and STB traffic over the same DOCSIS downstream channel.
A typical DSG network contains the following components:
•Customer Premises Equipment (CPE)—Set-top box or computer that receives the cable signals coming from the cable modem termination system (CMTS).
•Set-Top Box (STB)—Customer premises equipment (CPE) that can access subscription and pay-per-view broadcast television services and interactive TV services. In a DSG network, each STB is a member of one or more multicast groups, which allows the STB to receive the OOB messages that are needed to receive the programs they are authorized to view.
•Point of Deployment (POD) module—Removable security card that is plugged into a STB to uniquely identify and authenticate the STB. This allows the CA servers to securely identify the STB and determine which programs and services it is authorized to receive.
•Network Controller—Network controllers originate out of band (OOB) DSG messages whose destinations are STBs.
•Conditional Access Server—Server systems that encrypt video programs using conditional access (CA) techniques so that only authorized subscribers are able to decrypt and view the programs. Typically, each vendor providers their own CA servers, which also maintain the other back office support systems that are necessary for billing and network management of the STBs.
•DSG Gateway—CMTS that forwards the DSG traffic from the network controllers to STBs.
•DSG Tunnel—This is an IP multicast datagram stream originating at the DOCSIS Set-Top Gateway and carrying out-of-band messages intended for set-top terminals. It is carried over the downstream DOCSIS channel and is identified by a well-known Ethernet MAC address. The well-known Ethernet unicast MAC address is reserved and published by the CA/POD provider. Multiple DSG tunnels may exist on a single downstream DOCSIS channel.
The CA servers transmit OOB messages on the network using multicast IP packets, which are received by STBs that are members of the appropriate multicast groups.
Figure 1 shows a typical DSG network.
Figure 1 DSG Network Diagram
Using Point of Deployment Modules and DSG Tunnels
CA vendors typically provide a Point of Deployment (POD) security module to each set-top box customer. Each POD contains a unique ID and a unique X.509 digital certificate that allows the CA/POD vendor's provisioning systems to securely identify and authenticate each set-top box.
Having securely identified and authenticated a set-top box, the CA/POD vendor transmits the OOB messages to the STB over a DSG tunnel, which is an IP multicast datagram stream carried over the DOCSIS downstream channel. Each DSG tunnel is identified by a well-known Ethernet unicast address that is reserved and published by the CA/POD vendor.
The CA/POD vendors can use the different DSG tunnels to provide different services. For example, one CA/POD vendor could define one tunnel for an Electronic Program Guide (EPG), another tunnel for conditional access (CA) programming, a third tunnel for emergency alerts, and a fourth tunnel for software upgrades. Other vendors can define their tunnels in different ways to provide other services.
DSG Addressing
The Advanced-mode DOCSIS Set-Top Gateway feature uses the following types of addressing to ensure that the proper OOB messages are delivered to the appropriate STBs:
•Well-known MAC address—Defines the DSG tunnel being used. Each CA/POD vendor reserves and publishes one or more well-known MAC addresses that it uses for its particular services. The POD security modules from that vendor instruct the STB to examine packets for one or more of the vendor's MAC addresses. If a packet has the correct well-known MAC address, the STB reads that particular packet.
•IP Multicast address—Each STB is a member of at least one multicast group. The STB itself does not use these IP addresses, but the Cisco CMTS uses these IP multicast addresses to perform the appropriate multicast joins for the appropriate STBs. This ensures that the STB receives the traffic that is appropriate for its multicast group.
The Cisco CMTS router supports an unlimited number of destination multicast addresses, which can be mapped to MAC addresses as follows:
•One-to-one mapping—One IP multicast group per one DSG tunnel (MAC address)
•Many-to-one mapping—Multiple IP multicast groups per one DSG tunnel (MAC address)
Note Cisco IOS Releases prior to 12.3(13a)BC do not support one-to-many mappings (one IP multicast group per multiple MAC addresses/DSG tunnel). This means that multiple CA vendors cannot use the same DSG tunnel (that is, two vendors on the same interface cannot be using a tunnel with the same IP multicast address).
DSG Operation
DSG maps traffic based on the incoming multicast address or a well-known unicast address. The Cisco CMTS performs the following functions when the CMTS receives an OOB packet from the CA servers over the IP network:
1. The CMTS looks at the destination address (either the multicast group address or the well-known unicast address that the network controller and the CMTS agree on).
2. If the destination IP address matches the multicast group or the unicast address that will be translated via NAT, then MAC addresses for the packet are overwritten.
3. The CMTS then forwards the new packet on the downstream ports that are mapped to those well-known MAC addresses, using either a unicast or multicast broadcast, as appropriate.
4. The STBs on those downstream channels receive the packet and examine the MAC address, based on the tunnels identified for it in a DSG Rule for A-DSG 1.1, or based on the well-known MAC address of the device (for DSG Issues 1.0 and 0.9). The IP address is only examined if is part of a classifier in the DCD.
5. If the MAC address is a well-known MAC address for the appropriate CA/POD vendor, the STB reads the packet and operates on the OOB messages that it contains.
Primary Benefits of DOCSIS Set-Top Gateway
The Advanced-mode DOCSIS Set-Top Gateway feature provides the following benefits to cable MSOs, service providers, and their partners and customers.
Part of CableLabs Specifications
The Advanced-mode DOCSIS Set-Top Gateway feature is a CableLabs (http://www.cablelabs.com) specification allows cable MSOs and service providers to create and deploy new interactive services over existing cable networks. Providers can introduce new services, without impacting their existing customers.
Supports Existing DOCSIS Cable Networks
The Advanced-mode DOCSIS Set-Top Gateway feature interoperates with existing DOCSIS-capable networks that can support new interactive services, such as VoD and online gaming, that are expected to become available on cable networks in the future. DOCSIS cable operators can deploy innovative interactive services using the best of the available advanced STB products and middleware and applications software, while still preserving their investment in existing headend systems.
Provides Additional Services
The Advanced-mode DOCSIS Set-Top Gateway feature allows cable operators to offer Internet access, e-mail, chat services, and other high-bandwidth services, in addition to the existing STB services (such as EPG and CA). Providers can deliver high-speed data services to their cable TV subscribers using the DOCSIS network.
Provides the Capability to Use Multiple CA/POD Vendors
The Advanced-mode DOCSIS Set-Top Gateway feature allows cable operators to offer services from many CA/POD vendors, as opposed to existing networks that typically limit the operator to only one vendor per network. This allows greater flexibility in combining or sharing operations between operators or providers.
Uses Standard DOCSIS Networks
The Advanced-mode DOCSIS Set-Top Gateway feature uses existing DOCSIS 1.0, DOCSIS 1.1, and DOCSIS 2.0 networks. MSOs and other service providers can continue to create open-standard, vendor-independent DOCSIS networks, without having to maintain legacy STB systems that could disrupt DOCSIS operations.
Simplifies Network Operations and Cost
MSOs and other service providers can use one simplified return channel architecture to support both STBs and DOCSIS cable modems, instead of using two separate return channels. This lowers the complexity of managing CPE devices and requires less investment in headend equipment, which in turn lowers the overall operations and support costs.
Supports Higher Density of STBs
Depending on the CMTS platform, the higher bandwidth available in DOCSIS networks allows MSOs and other service providers to support a higher maximum number of STBs per headend system.
How to Configure Advanced-mode DOCSIS Set-Top Gateway 1.1 on the Cisco CMTS
This section contains two procedures, both of which are required to enable and configure A-DSG 1.1 on the Cisco CMTS:
•Configuring Global A-DSG 1.1 Settings for the Cisco CMTS
•Configuring A-DSG 1.1 Interface Settings for the Cisco CMTS
Configuring Global A-DSG 1.1 Settings for the Cisco CMTS
Global configuration commands for A-DSG 1.1 configure the following settings on the Cisco CMTS:
•A-DSG tunnels
•A-DSG clients
•A-DSG classifiers
•Additional parameters such downstream channel lists, vendor specific parameters, and DSG timers
These global A-DSG settings and parameters are uniquely identified by A-DSG indexes. The indexes are then used with interface commands to define DCD messages. The interface commands define the DSG rules, tunnel traffic, and parameters to include in the DCD message. The following procedure describes global configuration for A-DSG 1.1, to precede interface configuration.
SUMMARY STEPS
1. enable
2. configure terminal
3. cable dsg tunnel <tunnel-id> mac_addr <mac addr> [enable | disable]
4. cable dsg cfr <cfr index> dest-ip <ipaddr> [tunnel <tunnel index>] | [dest-port <start> <end>] | [priority <priority>] | [src-ip <ipaddr>] | [src-prefix-len <len>] [enable | disable]
5. cable dsg chan-list <list-index> index <entry-index> freq <freq>
6. cable dsg client-list <client-list-id> id-index <id> { application-id | ca-system-id | mac-addr} <value> | broadcast }
7. cable dsg timer <index> [Tdsg1 <Tdsg1>] | [Tdsg2 <Tdsg2>] | [Tdsg3 <Tdsg3>] | [Tdsg4 <Tdsg4>]
8. cable dsg vendor-param <group-id> vendor <vendor-index> oui <oui> value <value-in-TLV>
9. Ctrl^Z
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
enable
Example:
Router> enable
|
Enables privileged EXEC mode.
•Enter your password if prompted.
|
Step 2
|
configure terminal
Example:
Router# configure terminal
|
Enters global configuration mode.
|
Step 3
|
cable dsg tunnel <tunnel-id> mac_addr <mac
addr> [enable | disable]
Example:
Router(config)# cable dsg tunnel 1 mac_addr
0006.0006.0006 enable
|
Creates A-DSG 1.1 tunnels. The destination MAC address must be set when using this command. To remove this configuration from the Cisco CMTS, use the no form of this command. To disable A-DSG 1.1 tunnels on the Cisco CMTS, use the disable form of this command.
•tunnel-id—This is an integer from 1-65535 that identifies the A-DSG tunnel in related show and configuration commands.
•mac_addr mac-addr—(Required) Destination MAC address.
•enable—Enables the specified A-DSG tunnel.
•disable—Disables the specified A-DSG tunnel.
|
Step 4
|
cable dsg cfr <cfr index> dest-ip <ipaddr>
[tunnel <tunnel index>] |
[dest-port <start> <end>] |
[priority <priority>] |
[src-ip <ipaddr> | src-prefix-len <len>] |
[enable | disable]
Example:
Router(config)# cable dsg cfr 1 dest-ip
224.10.10.101 tunnel 1 dest-port 0 65535
priority 1
|
Defines and enables A-DSG 1.1 classifiers on the Cisco CMTS. This command creates a unique CFR index for the A-DSG 1.1 classifier. To remove the specified A-DSG 1.1 classifiers from the Cisco CMTS, use the no form of this command. To disable one or more specified A-DSG 1.1 classifiers, but retain their configuration, use the disable form of this command.
•cfr index—
•dest_ip <ipaddr>—destination IP address
•tunnel <tunnel index>—tunnel index
•dest-ports <start> <end>—destination TCP/UDP ports range
•priority <priority>—Classifier priority
•src-ip <ipaddr> —source IP address
•src-prefix-len <len>—prefix length
•enable—enable classifier
•disable—disable classifier
|
Step 5
|
cable dsg chan-list <list-index> index
<entry-index> freq <freq>
Example:
Router(config)# cable dsg chan-list 1 index
1 freq 47000000
|
Configures the A-DSG 1.1 downstream channel list. The channel list is a list of DSG channels (downstream frequencies) that set-top boxes can search to find the DSG tunnel appropriate for their operation. To remove the A-DSG 1.1 channel list from the Cisco CMTS, us the no form of this command.
•list-index—an index used to indicate a group of channels (downstream frequencies) to include in the DCD messages for an interface.
•entry-index—DSG channel frequency entry index.
•freq—Center frequency of the downstream channel in Hz. This value must be a multiple of 62500 Hz.
|
Step 6
|
cable dsg client-list <client-list-id>
id-index <id> { application-id |
ca-system-id | mac-addr} <value> |
broadcast }
Example:
Router(config)# cable dsg client-list 1
id-index 1 broadcast
|
Configures additional client parameters. To remove this configuration, use the no form of the command.
•client-list <client-list-id>—an integer between 1-65535.
•id-index <id>—References a specific client entry within the client list.
•application-id <value>—DSG Client type Application ID
•broadcast —DSG Client type broadcast
•ca-system-id —DSG Client type CA system ID
•mac-addr <value>—DSG Client type Mac address
|
Step 7
|
cable dsg timer <index> [Tdsg1 <Tdsg1>] |
[Tdsg2 <Tdsg2>] | [Tdsg3 <Tdsg3>] | [Tdsg4
<Tdsg4>]
Example:
Router(config)# cable dsg timer 1 Tdsg1 1
Tdsg2 2 Tdsg3 3 Tdsg4 4
|
Configures the A-DSG 1.1 timer entry to be associated to the downstream channel, and encoded into the DCD message. To remove the cable DSG timer from the Cisco CMTS, use the no form of this command.
•index—Alphanumeric index identifier
•Tdsg1 <Tdsg1>—DSG Initialization Timeout (Tdsg1) setting
•Tdsg2 <Tdsg2>—DSG Operational Timeout (Tdsg2) setting
•Tdsg3 <Tdsg3>—DSG Two-Way Retry Timer (Tdsg3) setting
•Tdsg4 <Tdsg4>—DSG One-Way Retry Timer (Tdsg4) setting
|
Step 8
|
cable dsg vendor-param <group-id> vendor
<vendor-index> oui <oui> value
<value-in-TLV>
Example:
Router(config)# cable dsg vendor-param 1
vendor 1 oui ABCDEA value 0101AB
|
Configures vendor-specific parameters for A-DSG 1.1. To remove this configuration from the Cisco CMTS, use the no form of this command.
•vendor—DSG vendor parameters vendor index setting.
•oui—DSG vendor parameters vendor OUI setting. Includes the 0803<oui> tlv in the VSIF.
•value—DSG vendor parameters vendor value setting.
|
Step 9
|
Ctrl^Z
Example:
Router(config)#
|
Returns to privileged EXEC mode.
|
What to Do Next
After global settings are defined for A-DSG 1.1, interface configurations must complete the configuration on the Cisco CMTS. Refer to the "Configuring A-DSG 1.1 Interface Settings for the Cisco CMTS" section.
For additional information about global configuration commands, refer to the "Command Reference for Advanced-mode DSG Issue 1.1" section.
Configuring A-DSG 1.1 Interface Settings for the Cisco CMTS
A-DSG 1.1 parameters are uniquely identified by A-DSG indexes in global configuration mode. Then, those indexes are used with the interface commands in this section to define DCD messages. These interface commands define the DSG rules, tunnel traffic, and additional parameters to include in the DCD message.
Prerequisites
Global configurations for A-DSG 1.1 must be defined and enabled on the Cisco CMTS in order to complete A-DSG 1.1 interface configurations and A-DSG operation.
SUMMARY STEPS
1. enable
2. configure terminal
3. cable downstream dsg chan-list
4. cable downstream dsg timer
5. cable downstream dsg vendor-param
6. cable downstream dsg rule
7. cable downstream dsg dcd-enable
8. Ctrl^Z
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
enable
Example:
Router> enable
|
Enables privileged EXEC mode.
•Enter your password if prompted.
|
Step 2
|
configure terminal
Example:
Router# configure terminal
|
Enters global configuration mode.
|
Step 3
|
interface cable slot/subslot/port
Example:
Router(config)# interface c8/0/1
|
Enters interface configuration mode for the specified interface.
|
Step 4
|
cable downstream dsg chan-list
<list-index>
Example:
Router(config-if)# cable downstream dsg
chan-list 2
|
Associates the A-DSG channel list entry to a downstream channel, to be included in the DCD message. To remove this setting, use the no form of this command.
•chan-list—Sets the downstream A-DSG 1.1 channel list.
•list-index—This is an integer between 1 and 65535.
|
Step 5
|
cable downstream dsg timer <timer-index>
Example:
Router(config-if)# cable downstream dsg
timer 3
|
Associates the DSG timers entry to a downstream channel, to be included in the DCD message. To remove this setting, use the no form of this command.
•timer-index—This is an integer between 1 and 65535.
|
Step 6
|
cable downstream dsg vendor-param
<vsif-grp-id>
Example:
Router(config-if)# cable downstream dsg
vendor-param 2
|
Associates A-DSG vendor parameters to a downstream, to be included in the DCD message. To remove this configuration from the Cisco CMTS, use the no form of this command.
•vsif-grp-id—Value identifies vendor-specific parameters by the specified ID.
|
Step 7
|
cable downstream dsg rule <rule-id>
priority <priority>
cable downstream dsg rule vendor-param
<vsif-grp-id>
cable downstream dsg rule <rule-id> ucid
<ucid1> | [<ucid1> <ucid2>...<ucidn>]
cable downstream dsg rule <rule-id> cfr
<cfr-index> [ <cfr-index>]
cable downstream dsg rule <rule-id> [
enable | disable ]
Example:
Router(config-if)# cable downstream dsg
rule 1 clients 1 tunnel 1
|
Defines and associates a rule for A-DSG to the downstream channel. Rules are disabled by default once they are created. To enable a rule you must use the enable form of this command. To disable a current configuration, use the disable form of this command.
•priority—DSG rule priority
•clients—DSG clients
•tunnel—DSG tunnel
•vendor-param—DSG vendor specific parameters
•ucid—DSG upstream channel id
•classifiers—DSG classifiers
•disable—DSG rule disable
Note For easy migration to future issues of A-DSG in upcoming Cisco IOS releases, A-DSG rules that associate with the same A-DSG tunnel must associate with the same list of classifiers.
|
Step 8
|
cable downstream dsg [ dcd-enable |
dcd-disable ]
Example:
Router(config-if)# cable downstream dsg
dcd-enable
|
Enables DCD messages to be sent on a downstream channel. This command is used when there are no enabled rules or tunnels for A-DSG currently on the Cisco CMTS. To disable DCD messages, use the disable form of this command.
|
Step 9
|
Ctrl^Z
Example:
Router(config)#
|
Returns to privileged EXEC mode.
|
Examples
The following example illustrates DSG rules associated with the same A-DSG tunnel and the same list of classifiers.
cable dsg cfr 1 dest-ip 224.2.1.1 tunnel 1
cable dsg cfr 2 dest-ip 224.2.1.2 tunnel 1
cable dsg cfr 3 dest-ip 224.2.1.3 tunnel 1
Downstream 1
cable downstream dsg rule 2 clients 1 tunnel 1
cable downstream dsg rule 2 cfr 2 3
Downstream 2
This setting below is the same tunnel as rule 2 of downstream 1.
cable downstream dsg rule 1 clients 1 tunnel 1
The setting below must be the same classifier list as rule 2 of downstream 1
cable downstream dsg rule 1 cfr 2 3
.
Configuring Additional Features for Advanced-mode DOCSIS Set-Top Gateway 1.1 on the Cisco CMTS
See the following sections for how to enable, configure, disable, and monitor the Advanced-mode DOCSIS Set-Top Gateway feature:
•Configuring Cable Per Physical Downstream Static Multicast Support (optional)
•Configuring IP IGMP Static-Group
•Configuring IP Multicast Operations
•Configuring NAT to Support Unicast Messaging (optional)
•Configuring WAN Interfaces for MultiCast Operations
•Configuring a Standard IP Access List for Packet Filtering (Optional)
•Configuring a Standard IP Access List for Multicast Group Filtering (Optional)
Configuring Cable Per Physical Downstream Static Multicast Support (optional)
This section describes how to configure support for Cable per physical downstream Static Multicast on the Cisco CMTS. Doing so will enable the Cisco CMTS to control the replication of static IP multicast streams within a cable bundle.
SUMMARY STEPS
1. configure terminal
2. ip multicast-routing
3. ip pim ssm
4. ip pim sparse-mode
5. ip igmp version 3
6. ip igmp static-group {* | group-address [source {source-address | ssm-map}] | class-map class-map-name}
7. cable igmp static-group [multicast group] source [source IP] [subinterface number]
8. cable bundle n
9. exit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure terminal
Example:
Router# configure terminal
Router(config)#
|
Enters global configuration mode.
|
Step 2
|
ip multicast-routing
Example:
Router(config)# ip multicast-routing
Router(config)#
|
Enables multicast routing on the router.
|
Step 3
|
ip pim ssm [vrf vrf-name] ssm {default | range
access-list}
Example:
Router(config)# ip pim ssm range 4
|
Defines the Source Specific Multicast (SSM) range of IP multicast addresses. To disable the SSM range, use the no form of this command.
•vrf— (Optional) Supports the multicast Virtual Private Network (VPN) routing and forwarding (VRF) instance.
•vrf-name—(Optional) Name assigned to the VRF.
•default—Defines the SSM range access list to 232/8.
•range access-list—Specifies the standard IP access list number or name defining the SSM range.
Note When an SSM range of IP multicast addresses is defined by the ip pim ssm command, no Multicast Source Discovery Protocol (MSDP) Source-Active (SA) messages will be accepted or originated in the SSM range.
For additional information about the ip pim ssm command, refer to the following document on Cisco.com:
•Cisco IOS IP Command Reference, Volume 3 of 4: Multicast, Release 12.3 T
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_reference_chapter09186a00801a7ec8.html#wp1070544
|
Step 4
|
ip pim {dense-mode | sparse-mode |
sparse-dense-mode}
Example:
Router(config-if)# ip pim dense-mode
Router(config-if)#
|
Enables Protocol Independent Multicast (PIM) on the cable interface, which is required to use the DSG feature:
•dense-mode—Enables dense mode of operation.
•sparse-mode—Enables sparse mode of operation.
•sparse-dense-mode—The interface is treated in either sparse mode, sparse-dense mode, or dense mode of operation, depending on the mode in which the multicast group operates.
Note You must configure this command on each interface that forwards multicast traffic.
|
Step 5
|
ip pim version 3
Example:
Router(config-if)# ip igmp version 3
Router#
|
Enables IGMPv3 on this interface. The default version of IGMP is set to Version 2.
|
Step 6
|
ip igmp static-group {* | group-address [source
{source-address | ssm-map}] | class-map
class-map-name}
Example:
Router(config-if)# ip igmp static-group {* |
232.1.1.7 [source {232 | ssm-map}] | class-map
static1}
Router#
|
Configure static group membership entries on the cable interface.
|
Step 7
|
cable igmp static-group [multicast group]
source [source IP] [subinterface number]
Example:
Router(config-if)# cable igmp static-group
232.1.1.1 source 10.1.1.1
|
Controls the replication of static IP multicast streams within a cable bundle.
This command can only be configured on cable physical interface as part of a Cable Bundle group.
This command, by itself, does not take any effect. It must be configure with the ip igmp static-group command, which is configured at Bundle interface.
The [source IP] option is used for SSM group range, as defined in ip pim ssm CLI. This is similar to the ip igmp static-group command usage.
The [subinteface number] option must be used if there are multiple Bundle subinterfaces (Bundle1.1, Bundle 1.2, etc.)
Note |
