How-to for arris eMTAs on docsis 1.1 networks using dhcpd

42 posts / 0 new

Wed, 05/14/2008 - 14:07

kwesibrunee

Arris eMTAs work very well with sip, however getting them initially provisioned can be tough.

I have successfully deployed docsis 1.1 arris eMTAs with dhcpd using SIP. I am going to post my configs here sanitized of course for others to learn from.

What is needed to make it work is thus:
DHCP server capable of option 122 (I use dhcpd)
SIP firmware for arris modems (obtained through arris)
SIP Server (Third party or Asterisk server)
TFTP server
time of day server
log server(optional)
software to create/edit modem and mta configs (packetace from arris or the open source package docsis are sufficient)

The way my DHCP is setup is using matches, if a dhcp request comes in starting with "docsis" in its vendor-class-identifier it is classified as a modem, if the vendor-class-identifier starts with "pktc" it is treated as a mta.
Further more I use groups to differentiate between different levels of service. We authenticate both modems and clients/mtas so they must be present in the server to get an IP.
This particular server only hands out IPs for Voip modems and MTAs so all other requests are denied. I use Omapi to dynamically add/remove clients without restarting dhcpd.

We have multiple tiers of service, only listed a few, we also offer a Voip only service which has no internet access.

The way I prioritize voip traffic is with separate service flows, one for voip traffic one for everything else, both upstream and downstream.

Our SIP termination is provided by a third party. During testing I used our Asterisk server for SIP termination.

DHCPd runs on debian, and we use a Cisco 7246VXR as our cmts.

Here are the relevant configs

------------------------------------------------------------------------------------------------------------------
dhcpd.conf

ddns-update-style none;
ignore client-updates;
omapi-port 9991;
key omapi_key {
algorithm HMAC-MD5;
secret "Our encrypted Key";
};
omapi-key omapi_key;

option space docsis-mta;
option docsis-mta.dhcp-server-1 code 1 = ip-address;
option docsis-mta.dhcp-server-2 code 2 = ip-address;
option docsis-mta.provision-server code 3 = { integer 8, string };
option docsis-mta.as-req-as-rep-1 code 4 = { integer 32, integer 32, integer 32 };
option docsis-mta.as-req-as-rep-2 code 5 = { integer 32, integer 32, integer 32 };
option docsis-mta.krb-realm-name code 6 = string;
option docsis-mta.tgs-util code 7 = integer 8;
option docsis-mta.timer code 8 = integer 8;
option docsis-mta.ticket-ctrl-mask code 9 = integer 16;
option docsis-mta-pkt code 122 = encapsulate docsis-mta;

option docsis-mta.dhcp-server-1 192.168.224.40;
option docsis-mta.provision-server 0 "\003mta\007domains\003net\000";
option docsis-mta.krb-realm-name "\005BASIC\0011\000";

class "CM" {
  match if substring(option vendor-class-identifier,0,6) = "docsis";
  spawn with option agent.remote-id;
  vendor-option-space docsis-mta;
  default-lease-time 604800;
  max-lease-time 604800;
  min-lease-time 302400;
  option time-offset -21600;
  next-server 192.168.224.40;
  option tftp-server-name "192.168.224.40";
  option time-servers 192.168.224.33;
  option log-servers 192.168.224.40;
  option domain-name "mta.domains.net";
  ddns-updates off;
  option routers 10.1.6.1;
  option subnet-mask 255.255.0.0;
  option docsis-mta.dhcp-server-1 192.168.224.40;
}

class "MTA" {
  match if substring(option vendor-class-identifier,0,5) = "pktc1";
  spawn with option agent.remote-id;
  default-lease-time 21600;
  max-lease-time 21600;
  min-lease-time 10800;
  option domain-name "mta.domains.net";
  ddns-updates off;
  option domain-name-servers 192.168.245.13, 192.168.245.10;
  option subnet-mask 255.255.0.0;
  option routers 10.1.6.1;
  option log-servers 192.168.224.40;
  option time-servers 192.168.224.33;
  option tftp-server-name "192.168.224.40";
  next-server 192.168.224.40;
  option time-offset -18000;
  option host-name = host-decl-name;
  option docsis-mta.provision-server 0 "\003mta\007domains\003net\000";
  option docsis-mta.krb-realm-name "\005BASIC\0011\000";
}

/* The subnet the dhcp server is in */
subnet 192.168.224.32 netmask 255.255.255.224 {
}
/* A shared network for CMs and MTAs */
shared-network cableplant {
  /*The subnet the requests come from generally the cable interfaces IP*/
  subnet 192.168.225.0 netmask 255.255.255.0 {
  }
  /* the subnet for CMs and MTAs*/
  subnet 10.1.0.0 netmask 255.255.0.0 {
    /*this pool is for known MTAs*/
    pool {
      range 10.1.60.2 10.1.64.254;
      allow members of "MTA";
      deny unknown-clients;
    }
    /*This pool is for known cable modems*/
    pool {
     range 10.1.65.2 10.1.69.254;
      allow members of "CM";
      deny unknown-clients;
    }
  }
}
/* Group for Plus users*/
group Plus {
  filename "Plus.bin";
  option bootfile-name "Plus.bin";
}
/*Group for Voip only users*/
group VoipOnly {
  filename "VoipOnly.bin";
  option bootfile-name "VoipOnly.bin";
}

/* an MTA entry */
host nh4797942e084be960 {
  hardware ethernet 00:00:00:00:00:00;
}
/* a Cable Modem entry */
host nh46fd2a7608bc2710 {
  hardware ethernet 00:00:00:00:00:01;
  group "Plus";
}

the line
spawn with option agent.remote-id;
is necessary because the CMTS is acting as a proxy for dhcp requests

on cisco cmts's you need to add
ip dhcp relay information option
so that this information is added to the dhcp request
------------------------------------------------------------------------------------------------------------------
Modem Configs

and decoded config files for modem configs using docsis software located at http://docsis.sourceforge.net

The modems are configured to upgrade to the sip firmware if they are not using it already,

this line
SnmpMibObject enterprises.4115.1.3.1.1.2.3.5.4.0 Integer 3 ;
Turns on the web interface on the wan side

and this line
SnmpMibObject enterprises.4115.1.3.3.1.2.3.6.0 Integer 9 ;
tells the modem that the mta file will be in the format macaddress.bin

the rest is standard docsis

#docsis -d Plus.bin
Main
{
  NetworkAccess 1;
  SnmpMibObject enterprises.4115.1.3.1.1.2.3.5.4.0 Integer 3 ;
  SnmpMibObject docsDevSwAdminStatus.0 Integer 2; /* allowProvisioningUpgrade */
  MaxCPE 3;
  MaxClassifiers 20;
  GlobalPrivacyEnable 1;
  SnmpMibObject enterprises.4115.1.3.3.1.2.3.6.0 Integer 9 ;
  SwUpgradeServer 192.168.224.40;
  SwUpgradeFilename "TS050237C_112907_NA.MODEL_4_5_6.SIP.img";
  MfgCVCData 0x308203a63082028ea00302010202106c0943ec39872d8fecda6c489e5e9030300d06092a864886f70d0101050500308197310b300906035504061302555331393037060355040a133044617461204f766572204361626c65205365727669636520496e746572666163652053706563696669636174696f6e7331153013060355040b130c4361626c65204d6f64656d73313630340603550403132d444f43534953204361626c65204d6f64656d20526f6f7420436572746966696361746520417574686f72697479301e170d3031303931323030303030305a170d3133303931313233353935395a306a310b300906035504061302555331223020060355;
  MfgCVCData 0x040a1319417272697320496e7465726163746976652c204c2e4c2e432e310f300d060355040b1306444f43534953312630240603550403131d436f646520566572696669636174696f6e20436572746966696361746530820122300d06092a864886f70d01010105000382010f003082010a0282010100d40c5aeacfd1e9ab5f9e5088ca835eeb487369852ccd9a92e2f7fde9b28caaca21189c0b696ce1f2666c0bc8c7183877ce519e527030daf8437538ec12caa44922472397f5259e067131d046f67b1e2b25ef37b443b89d3f86db6655252595c427a6d641db7b392e8e01d7bbdf73d2138a85553747d6c0685f76bc80c82e755f8acc87c65650a1;
  MfgCVCData 0x492f14b48c97a806327949c5faaa438ac5f0a976474fd26cde4556d52bfa5dc7508fa7f150fa454c681f5108085296f2c94c371b57cd193e8939d6268c8cd96e3e8a06caba6d5cb82989c1751e21e77f09ca73da4daa1fde5bc68bed4b8eb5b0ea3abb23d4249790b2a093dde0806573138cbb99fdceb6ffc10203010001a31a301830160603551d250101ff040c300a06082b06010505070303300d06092a864886f70d0101050500038201010094f271a8bbbac1d7fc054260170b59f0b6ac9da70d0148699e0d240b033d9c34918f7737cd45b822edf9e1bec4c5b030d878b6378b5a7995d032e933ec0ae0db436a3f52181ffee08e0cd4f6201f1115;
  MfgCVCData 0x0f4cf1bef41c9c58ef166582b5e7f1aa1afcd7badeb7b0097845c2d95ee89f66767f3bc080c2994e8c39ca9f22bcc22151ba9221b7ca87e81fdad3fcf48feb61c739ec751ac00afacd88ccc99d11ee6a96c5a591f625875ed7af60460e7330dee05ec183d1717af3f2702df0253fd1a49cbca6a654b37cb7846f91c11e3a83d1e68c28aa25a35d9849393b009b9a5328e5729017d35bb841d62f950007ba7d73e2fff4e14d0f3a49193805495714811b;
  BaselinePrivacy
  {
    AuthTimeout 10;
    ReAuthTimeout 10;
    AuthGraceTime 600;
    OperTimeout 10;
    ReKeyTimeout 10;
    TEKGraceTime 600;
    AuthRejectTimeout 60;
    SAMapWaitTimeout 1;
    SAMapMaxRetries 4;
  }
  UsServiceFlow
  {
    UsServiceFlowRef 1;
    QosParamSetType 7;
    TrafficPriority 1;
    MaxRateSustained 256000;
    SchedulingType 2;
    RequestOrTxPolicy 0x0000008a;
  }
  UsServiceFlow
  {
    UsServiceFlowRef 2;
    QosParamSetType 7;
    TrafficPriority 7;
    MaxRateSustained 256000;
    SchedulingType 2;
    RequestOrTxPolicy 0x0000008a;
  }
  UsPacketClass
  {
    ClassifierRef 2;
    ServiceFlowRef 2;
    IpPacketClassifier
    {
      IpDstAddr 192.168.68.4;
      IpProto 257;
      IpDstMask 255.255.255.255;
    }
    ActivationState 1;
  }
  DsServiceFlow
  {
    DsServiceFlowRef 101;
    QosParamSetType 7;
    TrafficPriority 1;
    MaxRateSustained 1500000;
  }
  DsServiceFlow
  {
    DsServiceFlowRef 102;
    QosParamSetType 7;
    TrafficPriority 7;
    MaxRateSustained 256000;
  }
  DsPacketClass
  {
    ClassifierRef 102;
    ServiceFlowRef 102;
    RulePriority 1;
    ActivationState 1;
    IpPacketClassifier
    {
      IpProto 257;
      IpSrcAddr 192.168.68.4;
      IpSrcMask 255.255.255.255;
    }
  }
  /*EndOfDataMkr*/
}

Esentially the same thing but with the Ethernet and USB ports disabled.
#docsis -d VoipOnly.bin
Main
{
  NetworkAccess 1;
  SnmpMibObject enterprises.4115.1.3.1.1.2.3.5.4.0 Integer 3 ;
  SnmpMibObject ifAdminStatus.5 Integer 2; /* down */
  SnmpMibObject ifAdminStatus.1 Integer 2; /* down */
  SnmpMibObject docsDevSwAdminStatus.0 Integer 2; /* allowProvisioningUpgrade */
  MaxCPE 1;
  MaxClassifiers 20;
  GlobalPrivacyEnable 1;
  SnmpMibObject enterprises.4115.1.3.3.1.2.3.6.0 Integer 9 ;
  SwUpgradeServer 192.168.224.40;
  SwUpgradeFilename "TS050237C_112907_NA.MODEL_4_5_6.SIP.img";
  MfgCVCData 0x308203a63082028ea00302010202106c0943ec39872d8fecda6c489e5e9030300d06092a864886f70d0101050500308197310b300906035504061302555331393037060355040a133044617461204f766572204361626c65205365727669636520496e746572666163652053706563696669636174696f6e7331153013060355040b130c4361626c65204d6f64656d73313630340603550403132d444f43534953204361626c65204d6f64656d20526f6f7420436572746966696361746520417574686f72697479301e170d3031303931323030303030305a170d3133303931313233353935395a306a310b300906035504061302555331223020060355;
  MfgCVCData 0x040a1319417272697320496e7465726163746976652c204c2e4c2e432e310f300d060355040b1306444f43534953312630240603550403131d436f646520566572696669636174696f6e20436572746966696361746530820122300d06092a864886f70d01010105000382010f003082010a0282010100d40c5aeacfd1e9ab5f9e5088ca835eeb487369852ccd9a92e2f7fde9b28caaca21189c0b696ce1f2666c0bc8c7183877ce519e527030daf8437538ec12caa44922472397f5259e067131d046f67b1e2b25ef37b443b89d3f86db6655252595c427a6d641db7b392e8e01d7bbdf73d2138a85553747d6c0685f76bc80c82e755f8acc87c65650a1;
  MfgCVCData 0x492f14b48c97a806327949c5faaa438ac5f0a976474fd26cde4556d52bfa5dc7508fa7f150fa454c681f5108085296f2c94c371b57cd193e8939d6268c8cd96e3e8a06caba6d5cb82989c1751e21e77f09ca73da4daa1fde5bc68bed4b8eb5b0ea3abb23d4249790b2a093dde0806573138cbb99fdceb6ffc10203010001a31a301830160603551d250101ff040c300a06082b06010505070303300d06092a864886f70d0101050500038201010094f271a8bbbac1d7fc054260170b59f0b6ac9da70d0148699e0d240b033d9c34918f7737cd45b822edf9e1bec4c5b030d878b6378b5a7995d032e933ec0ae0db436a3f52181ffee08e0cd4f6201f1115;
  MfgCVCData 0x0f4cf1bef41c9c58ef166582b5e7f1aa1afcd7badeb7b0097845c2d95ee89f66767f3bc080c2994e8c39ca9f22bcc22151ba9221b7ca87e81fdad3fcf48feb61c739ec751ac00afacd88ccc99d11ee6a96c5a591f625875ed7af60460e7330dee05ec183d1717af3f2702df0253fd1a49cbca6a654b37cb7846f91c11e3a83d1e68c28aa25a35d9849393b009b9a5328e5729017d35bb841d62f950007ba7d73e2fff4e14d0f3a49193805495714811b;
  BaselinePrivacy
  {
    AuthTimeout 10;
    ReAuthTimeout 10;
    AuthGraceTime 600;
    OperTimeout 10;
    ReKeyTimeout 10;
    TEKGraceTime 600;
    AuthRejectTimeout 60;
    SAMapWaitTimeout 1;
    SAMapMaxRetries 4;
  }
  UsServiceFlow
  {
    UsServiceFlowRef 1;
    QosParamSetType 7;
    TrafficPriority 1;
    MaxRateSustained 256000;
    SchedulingType 2;
    RequestOrTxPolicy 0x0000008a;
  }
  UsServiceFlow
  {
    UsServiceFlowRef 2;
    QosParamSetType 7;
    TrafficPriority 7;
    MaxRateSustained 256000;
    SchedulingType 2;
    RequestOrTxPolicy 0x0000008a;
  }
  UsPacketClass
  {
    ClassifierRef 2;
    ServiceFlowRef 2;
    IpPacketClassifier
    {
      IpDstAddr 192.168.68.4;
      IpProto 257;
      IpDstMask 255.255.255.255;
    }
    ActivationState 1;
  }
  DsServiceFlow
  {
    DsServiceFlowRef 101;
    QosParamSetType 7;
    TrafficPriority 1;
    MaxRateSustained 256000;
  }
  DsServiceFlow
  {
    DsServiceFlowRef 102;
    QosParamSetType 7;
    TrafficPriority 7;
    MaxRateSustained 256000;
  }
  DsPacketClass
  {
    ClassifierRef 102;
    ServiceFlowRef 102;
    RulePriority 1;
    ActivationState 1;
    IpPacketClassifier
    {
      IpProto 257;
      IpSrcAddr 192.168.68.4;
      IpSrcMask 255.255.255.255;
    }
  }
  /*EndOfDataMkr*/
}

------------------------------------------------------------------------------------------------------------------
MTA Config

Here is a decoded mta config

#docsis -d 000011112222.bin
Main
{
  MtaConfigDelimiter 1;
  VendorSpecific
  {
    VendorIdentifier 0x0000ca;
    GenericTLV TlvCode 69 TlvStringZero "*[0-4]x|*50x.*x.[T#]|*5[356]x.[T#]|*5[47]|*6[1359]|*6[27]x.[T#]|*7[02]x.[T#]|*7[389]|*74xx*x.[T#]|*75xx|*80*x.*x.*x.[T#]|*82x.[T#]|*8[89]|*9[02689]x.[T#]|*93|"; /* tlv length = 159 */
  }
  VendorSpecific
  {
    VendorIdentifier 0x0000ca;
    GenericTLV TlvCode 69 TlvStringZero "0[T#]|011x.[T#]|101x.[T#]|1411|[0-1][2-9]xxxxxxxxx|[2-9]11|[2-9]xxxxxx[T#]|[2-9]xxxxxxxxx"; /* tlv length = 90 */
  }
  SnmpMibObject pktcMtaDevEnabled.0 Integer 1; /* true */
  SnmpMibObject enterprises.4115.11.1.27.0 String "5555555555" ;
  SnmpMibObject enterprises.4115.11.1.28.0 String "5555555555" ;
  SnmpMibObject enterprises.4115.10.1.3.0 IPAddress 10.10.10.10 ;
  SnmpMibObject enterprises.4115.11.1.1.1.2.1 String "5551234567" ;
  SnmpMibObject enterprises.4115.11.1.1.1.3.1 String "5551234567" ;
  SnmpMibObject enterprises.4115.11.1.1.1.4.1 String "5551234567" ;
  SnmpMibObject enterprises.4115.11.1.1.1.5.1 String "123456789" ;
  SnmpMibObject pktcNcsEndPntConfigMWD.9 Integer 2 ;
  SnmpMibObject ifAdminStatus.9 Integer 1; /* up */
  SnmpMibObject enterprises.4115.11.1.3.0 String "192.168.68.4;5060" ;
  SnmpMibObject enterprises.4115.11.1.4.0 Integer 0 ;
  SnmpMibObject enterprises.4115.11.1.5.0 String "192.168.68.4;5060" ;
  SnmpMibObject enterprises.4115.11.1.6.0 Integer 0 ;
  SnmpMibObject enterprises.4115.11.1.7.0 HexString 0x04808000 ;
  SnmpMibObject enterprises.4115.11.1.8.0 String "PCMU;telephone-event" ;
  SnmpMibObject enterprises.4115.11.1.9.0 Integer 20 ;
  MtaConfigDelimiter 255;
}

here is what the various parts mean (contact Arris for further clarification)

VendorSpecific stuff is digit map and feature enabling (this is what our SIP provider sets)

SnmpMibObject enterprises.4115.11.1.27.0 String "5555555555" ;
SnmpMibObject enterprises.4115.11.1.28.0 String "5555555555" ;
These lines combat a bug in old sip firmware that causes calls with no caller id to be dropped the value you set these to is not important as long as it is not a real telephone number.

SnmpMibObject enterprises.4115.10.1.3.0 IPAddress 10.10.10.10 ;
Syslog server address

SnmpMibObject enterprises.4115.11.1.1.1.2.1 String "5551234567" ;
SnmpMibObject enterprises.4115.11.1.1.1.3.1 String "5551234567" ;
SnmpMibObject enterprises.4115.11.1.1.1.4.1 String "5551234567" ;
SnmpMibObject enterprises.4115.11.1.1.1.5.1 String "123456789" ;
These are username, displayname, login, and password respectfully

SnmpMibObject pktcNcsEndPntConfigMWD.9 Integer 2 ;
SnmpMibObject ifAdminStatus.9 Integer 1; /* up */
These turn the EMTA on and set its admin status to up.

SnmpMibObject enterprises.4115.11.1.3.0 String "192.168.68.4;5060" ;
SnmpMibObject enterprises.4115.11.1.4.0 Integer 0 ;
Proxy Address;port and type 0=ipv4

SnmpMibObject enterprises.4115.11.1.5.0 String "192.168.68.4;5060" ;
SnmpMibObject enterprises.4115.11.1.6.0 Integer 0 ;
Registrar Address;port and type 0=ipv4

SnmpMibObject enterprises.4115.11.1.7.0 HexString 0x04808000 ;
SIP Feature Switch options (our sip provider set this)

SnmpMibObject enterprises.4115.11.1.8.0 String "PCMU;telephone-event" ;
provisioned codecs

SnmpMibObject enterprises.4115.11.1.9.0 Integer 20 ;
packetization rate in millisecs

----------------------------------------------------------------------------------------------------

Please post any questions you may have about my setup here and I will answer to the best of my ability. or shoot me an email offlist at jasonp*at*cablemo*dot*com

Mon, 10/06/2008 - 12:55

cdruml

Http rather than tftp?

Pardon a newbie for a possibly simple quesition but I haven't found a solution in my own research. Our Arris eMTA pulls its config file fine via tftp but we would like it to use http instead. How can this be configured?

Fri, 10/17/2008 - 13:44

(Reply to #2) #3

kwesibrunee

As far as I know this is not

As far as I know this is not possible, tftp is the only way it can retrieve its config.

Out of curiousity why would you want it to use HTTP?

Sat, 08/01/2009 - 03:00

dummy

Using your setup

Hello,

I'm using your setup for testing purposes, and have some questions,
What ip address did you assign to your cmts? what ip addresses did you assign to your nic's in your server?
I have a arris cornerstone 1500 cmts (eurodocsis 1.1) and a couple of cablemodems (motorola sbv5121e) that i want to get online.
Further i have set up a dell server with ubuntu server edition running on it.
Are the "option vendor-class-identifier,0,6) = "docsis";" always the same by different kind of cablemodems?

I'm running into some problems,

Aug 1 10:49:12 cmserver dhcpd: DHCPDISCOVER from 00:23:ed:1c:2c:ae via 192.168.224.33: network cableplant: no free leases
Aug 1 10:49:39 cmserver last message repeated 3 times

Thanks in advance,

Regards,
Donald.

Sat, 08/01/2009 - 21:15

(Reply to #4) #5

kwesibrunee

These configs were

These configs were sanitized, i.e. not my real IPs but given this configuration

The CMTS Cable interface would have an IP from this subnet

192.168.225.0/24 typically 192.168.225.1

The DHCPD server and the CMTS ethernet interface would have an IP from this subnet

192.168.224.32 typically 192.168.224.33 and 192.168.224.34 respectfully.

Per the docsis spec docsis 1.0+ modems must give the string docsis[Version] i.e. docsis1.0, docsis2.0 etc. when they request an IP. However since you are using EuroDocsis you will need to check the spec to make sure it uses the same string....

So based on your logs sounds like your dhcp request are coming from the wrong network, 192.168.224.33 is in a subnet that does not hand off IPs this should be the subnet between the CMTS and DHCP server, not the subnet the cable interface uses.

requests should be coming from either the 192.168.225.0 subnet or the 10.1.0.0 subnet or they won't get an IP.

Wed, 08/05/2009 - 09:57

(Reply to #5) #6

dummy

Arris Cornerstone 1500 CMTS

As far as i know the arris 1500 cmts is acting like a bridge, i can only set 1 ip address, and that's the one for the ethernet interface, i can't find any setting to configure the cable interface, is setting up vlan's an option? Regards, Donald.

Wed, 08/05/2009 - 10:48

(Reply to #6) #7

kwesibrunee

I have not worked with a

I have not worked with a bridge CMTS but try this

don't change anything on the CMTS but change these lines in the dhcpd config

[B]TO[/B]

/* A shared network for CMs and MTAs */
shared-network cableplant {
/* The subnet the dhcp server is in */
subnet 192.168.224.32 netmask 255.255.255.224 {
}
/*The subnet the requests come from generally the cable interfaces IP*/
subnet 192.168.225.0 netmask 255.255.255.0 {
}

Wed, 08/05/2009 - 16:36

(Reply to #7) #8

dummy

Difference

Still got the 'no free leases error',
What's the difference between those 2 blocks of code except the order? regards, donald...

Wed, 08/05/2009 - 23:41

(Reply to #8) #9

kwesibrunee

the way dhcpd works is as

the way dhcpd works is as you can guess, you define a subnet for the network you want to serve DHCP on.
dhcpd has a quirk, it will not work unless there is a subnet declaration for at least of of the subnets assigned to its ethernet ports. So in my original example

/* The subnet the dhcp server is in */
subnet 192.168.224.32 netmask 255.255.255.224 {
}

this code block tells dhcpd that this is a subnet that dhcpd is running on, notice no statements inside it, this is because I do not want to serve IPs from this subnet it is just to "activate" dhcpd.

dhcpd has a concept of a "Shared Network" which can combine disjointed networks, and treat them as if they are the same physical network, though they are on different subnets. In a typical cable setup this correlates to the non-routeable ips for the modems and the routeable IPs for the clients, with a shared network you can treat them as a single network. moving the first subnet into the shared network tells dhcpd to treat requests from the 192.168.224.32 subnet as if they came from any of the other subnets defined in that shared network.

So you have a shared network with 10.x.x.x/255.255.0.0 modems subnet and a 192.168.x.x/255.255.255.0 subnet for clients, if a request comes in from 10.x.x.1 it will check the pools that are defined in that shared network in document order until it finds one with suitable criteria it will then hand an IP from that pool.

so in my dhcpd file I am classifying the modems. mtas and clients and setting the criteria for the different pools so modems can only match one pool, clients can only match one pool, and mta's can only match one pool.

back to your problem, please post your dhcpd.conf file and the message that is showing up in the logs about no free leases. you also need to install wireshark on your server and get a capture of the dhcpdiscover and verify the Eurodocsis modem you have is indeed sending the string "docsis1.xxxxxxxx" or "docsis2.xxxxxxx", and if it is not adjust the class appropriately. Short of installing wireshark you could also call up arris and ask them what string Eurodocsis modems send thru to dhcp.

then we can make some headway on your problem.

Thu, 08/06/2009 - 11:19

(Reply to #9) #10

dummy

My setup

I captured the packet class identifiers with tshark, and tried also these full strings in the dhcpd.conf class identifiers: scientific atlanta epc 2203 -> docsis2.0:052c01010102010203010104010105010106010107010f0801100901000a01010b01180c01010d0201000e020100 motorola sb5101e -> docsis2.0:052401010102010203010104010105010106010107010f0801100901000a01010b01180c0101 motorola sbv5121e -> docsis2.0:053501010102010203010104010105010106010107010f0801100901000a01010b01180c01010d0200700e0200100f0101100400000004 thomson thg540 -> docsis2.0:053501010102010203010104010105010106010107010f0801100901000a01010b01180c01010d0201000e0201000f0101100400000004 arris tm702b -> docsis3.0: [code] cat /etc/dhcp3/dhcpd.conf ddns-update-style none; ignore client-updates; omapi-port 9991; key omapi_key { algorithm HMAC-MD5; secret "defcb4a645ef6sdfe2cef6a1"; }; omapi-key omapi_key; option space docsis-mta; option docsis-mta.dhcp-server-1 code 1 = ip-address; option docsis-mta.dhcp-server-2 code 2 = ip-address; option docsis-mta.provision-server code 3 = { integer 8, string }; option docsis-mta.as-req-as-rep-1 code 4 = { integer 32, integer 32, integer 32 }; option docsis-mta.as-req-as-rep-2 code 5 = { integer 32, integer 32, integer 32 }; option docsis-mta.krb-realm-name code 6 = string; option docsis-mta.tgs-util code 7 = integer 8; option docsis-mta.timer code 8 = integer 8; option docsis-mta.ticket-ctrl-mask code 9 = integer 16; option docsis-mta-pkt code 122 = encapsulate docsis-mta; option docsis-mta.dhcp-server-1 192.168.224.34; option docsis-mta.provision-server 0 "\003mta\007domains\003net\000"; option docsis-mta.krb-realm-name "\005BASIC\0011\000"; class "CM" { match if substring(option vendor-class-identifier,0,6) = "docsis2.0"; spawn with option agent.remote-id; vendor-option-space docsis-mta; default-lease-time 604800; max-lease-time 604800; min-lease-time 302400; option time-offset -21600; next-server 192.168.224.34; option tftp-server-name "192.168.224.34"; option time-servers 192.168.224.34; option log-servers 192.168.224.34; option domain-name "mta.domains.net"; ddns-updates off; option routers 10.1.6.1; option subnet-mask 255.255.0.0; option docsis-mta.dhcp-server-1 192.168.224.34; } class "MTA" { match if substring(option vendor-class-identifier,0,5) = "docsis3.0"; spawn with option agent.remote-id; default-lease-time 21600; max-lease-time 21600; min-lease-time 10800; option domain-name "mta.domains.net"; ddns-updates off; option domain-name-servers 10.0.0.1, 192.168.0.1; option subnet-mask 255.255.0.0; option routers 10.1.6.1; option log-servers 192.168.224.34; option time-servers 192.168.224.34; option tftp-server-name "192.168.224.34"; next-server 192.168.224.34; option time-offset -18000; option host-name = host-decl-name; option docsis-mta.provision-server 0 "\003mta\007domains\003net\000"; option docsis-mta.krb-realm-name "\005BASIC\0011\000"; } # The subnet the dhcp server is in (eth0, i don't want to serve dhcp on this interface) subnet 10.0.0.0 netmask 255.255.255.224 { } # A shared network for CMs and MTAs shared-network cableplant { # The subnet the requests come from generally the cable interfaces IP (eth1 via cmts) subnet 192.168.224.0 netmask 255.255.255.0 { } # the subnet for CMs and MTAs subnet 10.1.0.0 netmask 255.255.0.0 { # this pool is for known MTAs pool { range 10.1.60.2 10.1.64.254; allow members of "MTA"; deny unknown-clients; } # This pool is for known cable modems*/ pool { range 10.1.65.2 10.1.69.254; allow members of "CM"; deny unknown-clients; } } } # Group for Plus users group Plus { filename "Plus.bin"; option bootfile-name "Plus.bin"; } # Group for Voip only users*/ group VoipOnly { filename "VoipOnly.bin"; option bootfile-name "VoipOnly.bin"; } # an MTA entry host nh4797942e084be960 { hardware ethernet 00:00:00:00:00:00; } # a Cable Modem entry host nh46fd2a7608bc2710 { hardware ethernet 00:00:00:00:00:01; group "Plus"; } [/code] [code] Login: root Password: *********** [cmts] console> manage Management subsystem, v2.9. Type 'help' for commands. [cmts] box# ip-level [cmts] ip-level# info Parameter Value --------- ----- config-ip-address 192.168.224.33 config-ip-subnet 255.255.255.224 config-ip-gateway 192.168.224.34 default-ttl 255 (value) dns-control enabled dns-domain-name "cmts.domainname.net" [cmts] ip-level# [/code] [code] root@cmserver:/etc/dhcp3# ifconfig eth0 Link encap:Ethernet HWaddr 00:24:e8:63:e1:22 inet addr:10.0.0.28 Bcast:10.0.0.31 Mask:255.255.255.224 inet6 addr: 2001:960:66d:0:224:e8ff:fe63:e122/64 Scope:Global inet6 addr: fe80::224:e8ff:fe63:e122/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:29017 errors:0 dropped:0 overruns:0 frame:0 TX packets:15466 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:15416081 (15.4 MB) TX bytes:2102589 (2.1 MB) Interrupt:36 Memory:da000000-da012700 eth1 Link encap:Ethernet HWaddr 00:24:e8:63:e1:23 inet addr:192.168.224.34 Bcast:192.168.224.63 Mask:255.255.255.224 inet6 addr: fe80::224:e8ff:fe63:e123/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:80 errors:0 dropped:0 overruns:0 frame:0 TX packets:77 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:43305 (43.3 KB) TX bytes:26626 (26.6 KB) Interrupt:48 Memory:dc000000-dc012700 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:40 errors:0 dropped:0 overruns:0 frame:0 TX packets:40 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:10346 (10.3 KB) TX bytes:10346 (10.3 KB) root@cmserver:/etc/dhcp3# tail -f /var/log/syslog Aug 6 19:06:50 cmserver dhcpd: DHCPDISCOVER from 00:23:ed:1c:2c:ae via 192.168.224.33: network cableplant: no free leases [/code] When i move the [code] # The subnet the dhcp server is in */ subnet 10.0.0.0 netmask 255.255.255.224 { } [/code] inside the shared-network cableplant i get an extra error (Multiple interfaces match the same shared network: eth0 eth1) plus the no free leases error [code] root@cmserver:/etc/dhcp3# tail -f /var/log/syslog Aug 6 19:12:26 cmserver dhcpd: Internet Systems Consortium DHCP Server V3.1.1 Aug 6 19:12:26 cmserver dhcpd: Copyright 2004-2008 Internet Systems Consortium. Aug 6 19:12:26 cmserver dhcpd: All rights reserved. Aug 6 19:12:26 cmserver dhcpd: For info, please visit http://www.isc.org/sw/dhcp/ Aug 6 19:12:26 cmserver dhcpd: Wrote 0 class decls to leases file. Aug 6 19:12:26 cmserver dhcpd: Wrote 0 group decls to leases file. Aug 6 19:12:26 cmserver dhcpd: Wrote 0 deleted host decls to leases file. Aug 6 19:12:26 cmserver dhcpd: Wrote 0 new dynamic host decls to leases file. Aug 6 19:12:26 cmserver dhcpd: Wrote 0 leases to leases file. Aug 6 19:12:26 cmserver dhcpd: Multiple interfaces match the same shared network: eth0 eth1 Aug 6 19:13:26 cmserver dhcpd: DHCPDISCOVER from 00:23:ed:1c:2c:ae via 192.168.224.33: network cableplant: no free leases [/code] Thanks for your time, what else can i do? Regards, Donald.

Thu, 08/06/2009 - 13:31

(Reply to #10) #11

kwesibrunee

I see two problems right off

I see two problems right off the bat

match if substring(option vendor-class-identifier,0,6) = "docsis2.0";

and

match if substring(option vendor-class-identifier,0,5) = "docsis3.0";

these should be

match if substring(option vendor-class-identifier,0,6) = "docsis";

and

match if substring(option vendor-class-identifier,0,5) = "pktc1";

respectively

the first one checks first 6 characters of the the vendor-class-identifier for the string "docsis" the way you have it now it is checking the first 6 chars against the string "docsis2.0" which is 8 chars long needless to say it will never match.

MTA's spit out a vendor-class-identifier in the form ptkc1.0xxxxxxxx or ptkc1.5xxxxxxxx when they come out with subsequent versions they will likely be pktc2.0xxxxxxxx etc..
for your purposes though matching the first 5 chars to the string "ptkc1" is a safe bet.

as for the multiple networks problem in the log file this is because you have 10.0.0.28 bound to eth0 ifdown that interface as it is not needed, and restart dhcpd, will solve that issue.

Thu, 08/06/2009 - 16:16

(Reply to #11) #12

dummy

I changed the class

I changed the class identifiers, but that won't change a thing... still get the 'no free leases' error...

eth0 10.0.0.28 -> 10.0.0.1 is my gateway to internet at the moment, so i can't bring eth0 down...

if i comment out the 10.0.0.0 subnet in dhcpd.conf i get:

root@cmserver:/etc/dhcp3# tail -f /var/log/syslog
Aug 7 00:10:53 cmserver dhcpd: Wrote 0 new dynamic host decls to leases file.
Aug 7 00:10:53 cmserver dhcpd: Wrote 0 leases to leases file.
Aug 7 00:10:53 cmserver dhcpd:
Aug 7 00:10:53 cmserver dhcpd: No subnet declaration for eth0 (10.0.0.28).
Aug 7 00:10:53 cmserver dhcpd: ** Ignoring requests on eth0. If this is not what
Aug 7 00:10:53 cmserver dhcpd: you want, please write a subnet declaration
Aug 7 00:10:53 cmserver dhcpd: in your dhcpd.conf file for the network segment
Aug 7 00:10:53 cmserver dhcpd: to which interface eth0 is attached. **
Aug 7 00:10:53 cmserver dhcpd:
Aug 7 00:11:01 cmserver ntpd[3127]: clock is now synced
Aug 7 00:12:26 cmserver dhcpd: DHCPDISCOVER from 00:23:ed:1c:2c:ae via 192.168.224.33: network cableplant: no free leases
Aug 7 00:12:53 cmserver last message repeated 3 times

Clueless.... :-S

Thu, 08/06/2009 - 16:52

(Reply to #12) #13

kwesibrunee

one more small issue to correct and you should be in business

if the dhcp requests are not coming accross eth0 you can safely remove its subnet from the shared network.

Ok see another minor issue,

this blob

pool {
range 10.1.65.2 10.1.69.254;
allow members of "CM";
deny unknown-clients;
}

tells it to accept members of CM class but deny "unknown" clients. unknown to dhcpd means not available in the dhcpd.conf file or dynamically added and in the dhcpd.leases file.

looking at your config there is no mention of a host entry for the device with mac address 00:23:ed:1c:2c:ae

you can either change one of your existing host entries to 00:23:ed:1c:2c:ae or just create another
i.e. change

host nh46fd2a7608bc2710 {
hardware ethernet 00:00:00:00:00:01;
group "Plus";
}

host nh46fd2a7608bc2710 {
hardware ethernet 00:23:ed:1c:2c:ae;
group "Plus";
}

Fri, 08/07/2009 - 08:28

#14

dummy

It works

Okay, that works,

root@cmserver:/etc/dhcp3# tail -f /var/log/syslog
Aug 7 16:18:57 cmserver dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
Aug 7 16:18:59 cmserver dhcpd: Internet Systems Consortium DHCP Server V3.1.1
Aug 7 16:18:59 cmserver dhcpd: Copyright 2004-2008 Internet Systems Consortium.
Aug 7 16:18:59 cmserver dhcpd: All rights reserved.
Aug 7 16:18:59 cmserver dhcpd: For info, please visit http://www.isc.org/sw/dhcp/
Aug 7 16:18:59 cmserver dhcpd: Wrote 0 class decls to leases file.
Aug 7 16:18:59 cmserver dhcpd: Wrote 0 group decls to leases file.
Aug 7 16:18:59 cmserver dhcpd: Wrote 0 deleted host decls to leases file.
Aug 7 16:18:59 cmserver dhcpd: Wrote 0 new dynamic host decls to leases file.
Aug 7 16:18:59 cmserver dhcpd: Wrote 1 leases to leases file.
Aug 7 16:19:41 cmserver dhcpd: DHCPDISCOVER from 00:23:ed:1c:2c:ae via 192.168.224.33
Aug 7 16:19:42 cmserver dhcpd: DHCPOFFER on 10.1.65.2 to 00:23:ed:1c:2c:ae via 192.168.224.33
Aug 7 16:19:42 cmserver dhcpd: DHCPREQUEST for 10.1.65.2 (192.168.224.34) from 00:23:ed:1c:2c:ae via 192.168.224.33
Aug 7 16:19:42 cmserver dhcpd: DHCPACK on 10.1.65.2 to 00:23:ed:1c:2c:ae via 192.168.224.33

I only miss the part for 'unknown' cablemodems or mta's, do you create another pool for them without the deny unknown-clients option? so they will come online and you can send them to an registration page or something using a fake dns that only resolves to 1 page (the registration page)?

Regards,
Donald.

Fri, 08/07/2009 - 11:19

(Reply to #14) #15

kwesibrunee

Glad your up and Running

Glad you got it up and running that is like 3/4 of the battle right there.....

Yes you can add another Subnet for unknown modems, but to get the unknown clients/MTAs to come online to only get to a registration page is a little trickier.... However I don't think it will work with a bridged CMTS, due to the fact that your DHCP requests come from the same IP

The way I have gotten it to work is to have two different dhcp servers, one for modems, one for clients/mtas.

The trick is to have dhcp requests from clients/mtas behind known modems pull from one subnet of IPs and clients behind unknown modems pull from another subnet. It can be done with Cisco CMTSes but I am certain the way I do it would not work for you using a bridged CMTS.

I am setting up some new dhcpd servers over the next few days, I just had an idea of a way it could work for possibly even a bridge CMTS I will try it and let you know.

Mon, 08/10/2009 - 17:52

(Reply to #15) #16

dummy

Tftp an Ntp Server

Hi,

How can the cablemodems/mta's reach the ntp server and tftp server (192.168.224.32) if they are on another subnet 10.1.0.0 (in my case using a bridged cmts) ?
I'm getting error messages in the modem log (ToD request sent - No Response Received) and (TFTP Failed - request sent - No Response)

*edit*
When i create a virtual network interface eth1:0 with ip 10.1.66.1 and change all the 192.168.224.34 to 10.1.66.1 in dhcpd.conf (time servers and dhcp servers and gateways) the modem can now reach the tftp server and tod server, now the last thing to do is create some good configs... is there any good tool for it?

Regards,
Donald.

Mon, 08/10/2009 - 18:08

(Reply to #16) #17

kwesibrunee

arris PacketAce is the best

arris PacketAce is the best for Arris Modems very easy to use, with a lot of templates to get you started

If you can't get access to it, requires a contract id with Arris, there are a couple of alternatives,

docsis.sourceforge.net is a cli tool that can create configs, the ones included here were created by packetace but decoded by docsis, they will reencode just fine with docsis as well.

cisco also has a docsis config generator, though it is not actively being updated any more it is a good generic decoder/encoder.

Mon, 08/17/2009 - 11:25

(Reply to #17) #18

dummy

Some errors

Already set up the dhcpd servers? i'm a bit further now, but i'm still struggling to get the mta online, see logs, Do you know why it takes three DISCOVERS and OFFERS for the mta to get an ip, while the cablemodem gets it directly? why is the mta waiting? Any idea what the "bad udp checksums" are? All the modems i have in stock are using packetcable firmware, that's why it won't work with all the sip example mta configs here at this site. Is is possible to use sip firmware and sip configs by using ONE sip mta config file for every mta? instead of different sip configs for the mta's? Hope you can help me out, [code] Aug 17 19:10:03 cmserver dhcpd: DHCPDISCOVER from 00:1e:69:6c:62:8a via 10.1.0.2 Aug 17 19:10:04 cmserver dhcpd: DHCPOFFER on 10.1.0.11 to 00:1e:69:6c:62:8a via 10.1.0.2 Aug 17 19:10:06 cmserver dhcpd: DHCPREQUEST for 10.1.0.11 (10.1.0.1) from 00:1e:69:6c:62:8a via 10.1.0.2 Aug 17 19:10:06 cmserver dhcpd: DHCPACK on 10.1.0.11 to 00:1e:69:6c:62:8a via 10.1.0.2 Aug 17 19:10:06 cmserver dhcpd: 3 bad udp checksums in 5 packets Aug 17 19:10:06 cmserver atftpd[5683]: Creating new socket: 10.1.0.1:55151 Aug 17 19:10:06 cmserver atftpd[5683]: Serving xtra.cfg to 10.1.0.11:1026 Aug 17 19:10:09 cmserver atftpd[5683]: End of transfer Aug 17 19:10:09 cmserver atftpd[5683]: Server thread exiting Aug 17 19:10:17 cmserver dhcpd: DHCPDISCOVER from 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:18 cmserver dhcpd: DHCPOFFER on 10.1.6.10 to 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:21 cmserver dhcpd: DHCPDISCOVER from 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:21 cmserver dhcpd: DHCPOFFER on 10.1.6.10 to 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:29 cmserver dhcpd: DHCPDISCOVER from 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:29 cmserver dhcpd: DHCPOFFER on 10.1.6.10 to 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:45 cmserver dhcpd: DHCPDISCOVER from 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:45 cmserver dhcpd: DHCPOFFER on 10.1.6.10 to 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:47 cmserver dhcpd: DHCPREQUEST for 10.1.6.10 (10.1.0.1) from 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:47 cmserver dhcpd: DHCPACK on 10.1.6.10 to 00:1e:69:6c:62:8b via 10.1.0.2 Aug 17 19:10:48 cmserver atftpd[5683]: Creating new socket: 10.1.0.1:35165 Aug 17 19:10:48 cmserver atftpd[5683]: Serving mta.bin to 10.1.6.10:1029 Aug 17 19:10:48 cmserver atftpd[5683]: End of transfer Aug 17 19:10:48 cmserver atftpd[5683]: Server thread exiting Aug 17 19:10:48 10.1.6.10 001e696c628b MTA[Thomson]:<4000950904><2892844470>Configuration File Error - Missing Parameter Aug 17 19:10:48 10.1.6.10 001e696c628b MTA[Thomson]:<4000951502><2892844470>Provisioning Complete - Fail [/code] Best regards, Donald.

Wed, 08/19/2009 - 01:16

(Reply to #18) #19

kwesibrunee

Some Ideas for you

Reguarding the 3 requests and UDP checksum errors, could be a noise related problem, try opening a ping window to the modem/mta while it is trying to come online and send it the largest packet you can without it fragmenting should be 1472 bytes... if you get some severe packet loss then you have an issue.

Do you have arris MTAs? or are you using Thompson....

if you are using arris
connect to the telnet client on the modem and watch the dhcp transaction, if telnet is not on connect to http://[modemIP]/techsupport.html and turn telnet on. You can troubleshoot the dhcp very well from here....

Wed, 08/19/2009 - 10:15

(Reply to #19) #20

dummy

UDP Checksum error

I don't think that's the issue, i'm not working in a 'live' environment, just a test environment, the cablemodems are directly attached to the cmts using diplex filters and attenuators, the cnr is 40 dB.
Yes, i have also arris mta's, the TM702b, and Motorola sbv5121e mta's , Scientific Atlanta's Webstar EPC2203 mta's.
I can try the ping test, and get back here...

Wed, 08/18/2010 - 08:16

#21

rbTechLLC

Just a note of thanks

I'd just like to take a quick moment to say "Thank You!!!" for sharing your experiences and configs; I've been administering a small cable system for nearly 10 years using a homegrown trouble ticketing and provisioning system (http://suptrac.sourceforge.net), and the Arris terminals threw me for a huge loop. Your posting has been invaluable in getting the new eMTAs running on our network!

Rubin
rbTechnologies, LLC
1970 VT Route 14 South
East Montpelier, VT 05651
(802)223-4448 x101
rbennett@thatitguy.com
http://thatitguy.com

Business networking services, Linux, Unix and Windows, firewalls, network security, local and Wide Area networking experts.

Thu, 08/19/2010 - 11:53

#22

rbTechLLC

Just a note of thanks

Rubin
rbTechnologies, LLC
1970 VT Route 14 South
East Montpelier, VT 05651
(802)223-4448 x101
rbennett@thatitguy.com
http://thatitguy.com

Business networking services, Linux, Unix and Windows, firewalls, network security, local and Wide Area networking experts.

Tue, 05/15/2012 - 17:10

#23

wnycable

Cablesight, Doxcontrol & Arris MTA's

Anyone ever worked with Cablesight and Doxcontrol software for provisioning the MTA's in the Arris 402, 502 and so on?
I have an Arris 1500 running 1.1. Cablesight ad's say it works with them but so far no go and the manual that came with it is of no help.

Thanks,
wnycable

Thu, 06/07/2012 - 19:21

(Reply to #23) #24

emkowale

doxcontrol

I haven't used it. Cablesight is the best in the biz for repairing CMTSs though. Setting up these things to work with VoIP can be tough. This forum is an awesome place to start and get ideas, but If you want to get up and running and start making money I can set you up and train you on whatever system you use. I have used several dial-tone providers and I love Asterisk. I don't charge much. It's more of a hobby to keep my skills sharp for my own systems. Drop me an e-mail.

eric@starlightcable.com

Mon, 08/20/2012 - 09:54

(Reply to #24) #25

wnycable

Problem Solved by Jim Lacey of Laceytech

Jim Lacey of Laceytech took care of everything. Works great!

http://www.laceytech.com/

Thu, 08/02/2012 - 03:26

#26

husamaga

some help please?

i have this configuration of DHCP server with option 122.
i have 2 CMTS's connected and 1 server.
when i start DHCP it goes up.
at first i get no free leases, fix it, then dhcp works about 30 sec, then crashes, any help?
also didn't get the CPE to get an IP address.

Aug 1 13:56:41 luka dhcpd: DHCPDISCOVER from 00:11:e6:e6:d9:60 via 10.0.0.1: network 10.0.0/16: no free leases
Aug 1 13:57:21 luka dhcpd: DHCPDISCOVER from 00:11:e6:e6:d9:60 via 10.0.0.1: network 10.0.0/16: no free leases
Aug 1 13:57:25 luka dhcpd: DHCPDISCOVER from 00:11:e6:e6:d9:60 via 10.0.0.1: network 10.0.0/16: no free leases
Aug 1 13:57:34 luka dhcpd: DHCPDISCOVER from 00:11:e6:e6:d9:60 via 10.0.0.1
Aug 1 13:57:35 luka dhcpd: DHCPOFFER on 10.0.255.254 to 00:11:e6:e6:d9:60 via 10.0.0.1
Aug 1 14:03:00 luka dhcpd: DHCPDISCOVER from 00:11:e6:e6:d9:60 via 10.0.0.1
Aug 1 14:03:01 luka dhcpd: DHCPOFFER on 10.0.255.254 to 00:11:e6:e6:d9:60 via 10.0.0.1
Aug 1 14:03:42 luka dhcpd: DHCPDISCOVER from 00:11:e6:e6:d9:60 via 10.0.0.1
Aug 1 14:03:43 luka dhcpd: DHCPOFFER on 10.0.255.254 to 00:11:e6:e6:d9:60 via 10.0.0.1

[root@luka tftpboot]# cat /var/log/messages |grep cpp
Aug 1 13:57:51 luka abrt[12726]: saved core dump of pid 11681 (/usr/local/sbin/dhcpd) to /var/spool/abrt/ccpp-2012-08-01-13:57:50-11681.new/coredump (17870848 bytes)

ddns-update-style none;
ignore client-updates;
option space docsis-mta;
option docsis-mta.dhcp-server-1 code 1 = ip-address;
option docsis-mta.dhcp-server-2 code 2 = ip-address;
option docsis-mta.provision-server code 3 = { integer 8, string };
option docsis-mta.as-req-as-rep-1 code 4 = { integer 32, integer 32, integer 32 };
option docsis-mta.as-req-as-rep-2 code 5 = { integer 32, integer 32, integer 32 };
option docsis-mta.krb-realm-name code 6 = string;
option docsis-mta.tgs-util code 7 = integer 8;
option docsis-mta.timer code 8 = integer 8;
option docsis-mta.ticket-ctrl-mask code 9 = integer 16;
option docsis-mta-pkt code 122 = encapsulate docsis-mta;
option docsis-mta.dhcp-server-1 172.61.164.5;
option docsis-mta.provision-server 0 "\003luka\007dot\003com\000";
option docsis-mta.krb-realm-name "\005BASIC\0011\000";

class "CM" {
match if substring(option vendor-class-identifier,0,6) = "docsis";
spawn with option agent.remote-id;
vendor-option-space docsis-mta;
default-lease-time 604800;
max-lease-time 604800;
min-lease-time 302400;
option time-offset -21600;
next-server 172.61.164.5;
option tftp-server-name "172.61.164.5";
option time-servers 172.61.164.5;
option domain-name "luka.dot.com";
ddns-updates off;
option routers 10.0.0.1;
option subnet-mask 255.255.0.0;
option docsis-mta.dhcp-server-1 172.61.164.5;
}

class "MTA" {
match if substring(option vendor-class-identifier,0,5) = "pktc1";
spawn with option agent.remote-id;
default-lease-time 21600;
max-lease-time 21600;
min-lease-time 10800;
option domain-name "luka.dot.com";
ddns-updates off;
option domain-name-servers 8.8.8.8;
option routers 10.0.0.1;
option subnet-mask 255.255.0.0;
option time-servers 172.61.164.5;
option tftp-server-name "172.61.164.5";
next-server 109.175.22.5;
option time-offset -18000;
option host-name = host-decl-name;
option docsis-mta.provision-server 0 "\003luka\006dot\003net\000";
option docsis-mta.krb-realm-name "\005BASIC\0011\000";
}

#/* The subnet the dhcp server is in */
subnet 172.61.164.0 netmask 255.255.255.0 {
}

#/* A shared network for CMs and MTAs */
#CMTS 1 - LUKA
# /*The subnet the requests come from generally the cable interfaces IP*/
shared-network cableplant {
subnet 172.61.165.0 netmask 255.255.255.0 {
option routers 172.61.165.1;
range dynamic-bootp 172.61.165.2 172.61.165.254;
}
subnet 172.61.166.0 netmask 255.255.254.0 {
option routers 172.61.166.1;
range dynamic-bootp 172.61.166.2 172.61.167.254;
}

subnet 172.61.168.0 netmask 255.255.255.128 {
option routers 172.61.168.1;
}
}
#CMTS 2 - location2
shared-network cableplant {
subnet 172.61.168.128 netmask 255.255.255.128 {
option routers 172.61.168.129;
}

subnet 172.61.169.0 netmask 255.255.255.0 {
option routers 172.61.169.1;
range dynamic-bootp 172.61.169.2 172.61.169.254;
}

subnet 172.61.170.0 netmask 255.255.254.0 {
option routers 172.61.170.1;
range dynamic-bootp 172.61.170.2 172.61.171.254;
}

subnet 172.61.172.0 netmask 255.255.254.0 {
option routers 172.61.172.1;
range dynamic-bootp 172.61.172.2 172.61.173.254;
}
}
# /* the subnet for CMs and MTAs*/
# /*this pool is for known MTAs*/
subnet 10.0.0.0 netmask 255.255.0.0 {
pool {
range 10.0.0.2 10.0.100.254;
allow members of "MTA";
deny unknown-clients;
}
# /*This pool is for known cable modems*/
pool {
range 10.0.100.2 10.0.255.254;
allow members of "CM";
deny unknown-clients;

# /* the subnet for CMs and MTAs - location 2*/
# /*this pool is for known MTAs*/
subnet 10.1.0.0 netmask 255.255.0.0 {
pool {
range 10.1.100.2 10.1.100.254;
allow members of "MTA";
deny unknown-clients;
}
# /*This pool is for known cable modems*/
pool {
range 10.1.0.2 10.1.99.254;
allow members of "CM";
deny unknown-clients;
}
}
}
#/* Group for Plus users*/
group Plus {
filename "Plus.bin";
option bootfile-name "Plus.bin";
}
#/*Group for Voip only users*/
group VoipOnly {
filename "VoipOnly.bin";
option bootfile-name "VoipOnly.bin";
}

#/* an MTA entry */
host nh4797942e084be960 {
hardware ethernet 00:11:e6:e6:d9:60;
group "Plus";
}
}
#/* a Cable Modem entry */
#host nh46fd2a7608bc2710 {
# hardware ethernet 00:00:00:00:00:01;
# group "Plus";
#}

i use CENT-OS, Cisco modems cpx2203, CMTS CIsco 7246 VXR.
i can send my config file for modems if there a need.
thanks

Wed, 08/01/2012 - 15:42

(Reply to #26) #27

kwesibrunee

Looks good to me, is there a

Looks good to me, is there a reason why your doing dynamic bootp in your ranges? I would try it without that using just the Range command and see how it goes.

Thu, 08/02/2012 - 03:22

(Reply to #27) #28

husamaga

i'm doing dynamic because i

i'm doing dynamic because i don't have a lot of ip's so i cant reserve ip's for custuomers.
tha system was working fine until now, now when i use option 122 and cable modem config for cisco modems i have these problems.
Do i need to create any kind of lists on CMTS? or classefiers?
Do i have to use omapi key?
i also do not use ip dhcp relay information option is it needed for working with option 122?

is the MTA config looks good?

the MTA config:

Main
{
NetworkAccess 1;
SnmpMibObject saCmSwAdminStatus.1 Integer 2; /* saCmSwAllowProvisioningUpgrade */
SnmpMibObject saCmSwMethod.1 Integer 2; /* unsecure */
SnmpMibObject saCmMtaCliAccessType.0 Integer 1; /* enableTelnetPermanent */
SnmpMibObject saCmMtaCliAccessInterface.0 HexString 0x80 ;
SnmpMibObject saCmMtaCliAccessUsername.0 String "public" ;
SnmpMibObject saCmMtaCliAccessPassword.0 String "public" ;
SnmpMibObject cmConsoleMode.0 Integer 0; /* disable */
SnmpMibObject saCmMtaCountMtaAsCpe.0 Integer 0; /* false */
SnmpMibObject saCmMtaProvisioningMode.0 Integer 2; /* twoConfigFilesDHCP */
SnmpMibObject enterprises.4115.1.3.1.1.2.3.5.4.0 Integer 3 ;
SnmpMibObject docsDevSwAdminStatus.0 Integer 2; /* allowProvisioningUpgrade */
MaxCPE 3;
MaxClassifiers 20;
GlobalPrivacyEnable 0;
SnmpMibObject enterprises.4115.1.3.3.1.2.3.6.0 Integer 9 ;
SwUpgradeServer 172.61.164.5;
SwUpgradeFilename "epx2203-ESIP-5-v202r1162-091102cs.bin";
MfgCVCData 0x3082038130820269A003020102021025E506F4870A8A20792A2450F4A3C5A6300D06092A864886F70D0101050500306F310B30090603550406130
24245311F301D060355040A131674436F6D4C616273202D204575726F2D444F4353495331153013060355040B130C4361626C65204D6F64656D73312830260603550
403131F4575726F2D444F43534953204361626C65204D6F64656D20526F6F74204341301E170D3034303631363030303030305A170D3134303631353233353935395
A306E310B30090603550406130255533121301F060355040A1318536369656E74696669632D41746C616E74612C20496E632E31143012060355040B130B4575;
MfgCVCData 0x726F2D444F43534953312630240603550403131D436F646520566572696669636174696F6E20436572746966696361746530820122300D06092A8
64886F70D01010105000382010F003082010A0282010100C898982DB5D3FDE6F72BF1222E3AFBAA0CAAA2D4BBFBCBD922610295B7363CE22DC6338BF01AA6F514D62
3EC416B4C3F0E8C1B1471BE514C29FAF571BF12FEE7096279472C84D636EAADA4E32934D10963E42680F83B7972C0451D5B391E62B4AE3B5FD307219B060D7042645
F08E0A795B009E9267135037123E16C798906C5CADB2C09ACA57E436CFE81841F3924BBC5749D220DAE7678F4DA41E7FC24A518715FBB785758E6BA95689263;
MfgCVCData 0x5973AC6ECAB32064966370C5F61EE9A8EDA88F6C49C82DB744AE226F71CA39A866A96B96631A2B417A13B3C1D27AE6F06D93923E6A43A514BB3D8
D1752E8C0CE2499DB683473F9AAAEC4D03DD4FB06C92FB374A90203010001A31A301830160603551D250101FF040C300A06082B06010505070303300D06092A86488
6F70D0101050500038201010052FC60EED3BCF322776DB86D5CB73796EA300E2661E5506EAD0A82F5094DE449115359AE5A8299E14D8C3616B7610C4A7FCE3C9F7A6
34C33E80A41618E0A8C07BEB3BA29136CEF654C1507FD6D013A54D330830443723E364091BFC0CCC8BF374D17F421DD1D1B01B336A3F46BD91FC89B83CB2B0A;
MfgCVCData 0x8DA2C40A876E8BEFE521EB2369CB171D687F67158417F1833D0B168D74128EE80090A6C45D8C8BAA227237B18C61137373628339BCBACAE6455DE
FE25338E1CEB23E37EBF21E148949C0D4763B3C39E337A99AAF311175AF4823EB3F6370DE01BC5D96F0CFFA054D6E55034FF07ADF22EA55A3FD6E176B36A55FFE300
AF14301F67F0581626F3F223BB916;
BaselinePrivacy
{
AuthTimeout 10;
ReAuthTimeout 10;
AuthGraceTime 600;
OperTimeout 10;
ReKeyTimeout 10;
TEKGraceTime 600;
AuthRejectTimeout 60;
SAMapWaitTimeout 1;
SAMapMaxRetries 4;
}
UsServiceFlow
{
UsServiceFlowRef 1;
QosParamSetType 7;
TrafficPriority 1;
MaxRateSustained 256000;
SchedulingType 2;
RequestOrTxPolicy 0x0000008a;
}
UsServiceFlow
{
UsServiceFlowRef 2;
QosParamSetType 7;
TrafficPriority 7;
MaxRateSustained 256000;
SchedulingType 2;
RequestOrTxPolicy 0x0000008a;
}
UsPacketClass
{
ClassifierRef 2;
ServiceFlowRef 2;
IpPacketClassifier
{
IpDstAddr 172.61.164.33;
IpProto 257;
IpDstMask 255.255.255.255;
}
ActivationState 1;
}
DsServiceFlow
{
DsServiceFlowRef 101;
QosParamSetType 7;
TrafficPriority 1;
MaxRateSustained 1500000;
}
DsServiceFlow
{
DsServiceFlowRef 102;
QosParamSetType 7;
TrafficPriority 7;
MaxRateSustained 256000;
}
DsPacketClass
{
ClassifierRef 102;
ServiceFlowRef 102;
RulePriority 1;
ActivationState 1;
IpPacketClassifier
{
IpProto 257;
IpSrcAddr 172.61.164.33;
IpSrcMask 255.255.255.255;
}
}
/*EndOfDataMkr*/
}

Thanks

Thu, 08/02/2012 - 04:47

(Reply to #28) #29

grosche

DHCP Server

Which version of dhcp3-server you are using? a test version?

This both Option are not correct:

option docsis-mta.provision-server 0 "\003luka\007dot\003com\000";
option docsis-mta.provision-server 0 "\003luka\006dot\003net\000";

003 says three digits or letters follow

that would be correct:

option docsis-mta.provision-server 0 "\004luka\003dot\003com\000";
option docsis-mta.provision-server 0 "\004luka\003dot\003net\000";

Thu, 08/02/2012 - 05:50

#30

husamaga

Hello,

Hello,
Thanks for your reply,
I'm using dhcpd version 3.
the dhcpd server crash when i activate the ip dhcpd relay option on CMTS. when i turn it off the dhcp dont crash, but don't offer the cm ip.
i changed the letter numbers. and try it again, still have the sam problem.

Thanks.

Thu, 08/02/2012 - 11:33

(Reply to #30) #31

kwesibrunee

you don't need dhcp

you don't need dhcp information relay option on your CMTS but if it only works when it is on perhaps there are other settings funky on your cmts.

Could you post your bundle or Cable interface config?

Fri, 08/03/2012 - 00:53

(Reply to #31) #32

husamaga

interface Cable6/0

interface Cable6/0
no ip address
cable shared-secret 7 xxxxxxxxxxxxxxxxxxxxx
no cable packet-cache
cable bundle 1
cable downstream channel-id 60
cable downstream rate-limit token-bucket
cable downstream annex A
cable downstream modulation 256qam
cable downstream frequency 378000000
no cable downstream rf-shutdown
cable downstream rf-power 53
cable upstream max-ports 4
cable upstream 0 connector 0
cable upstream 0 frequency 52000000
cable upstream 0 ingress-noise-cancellation 200
cable upstream 0 docsis-mode atdma
cable upstream 0 channel-width 6400000 6400000
cable upstream 0 minislot-size 1
cable upstream 0 range-backoff 3 6
cable upstream 0 modulation-profile 241
no cable upstream 0 shutdown
cable upstream 1 connector 1
cable upstream 1 frequency 52000000
cable upstream 1 ingress-noise-cancellation 200
cable upstream 1 docsis-mode atdma
cable upstream 1 channel-width 6400000 6400000
cable upstream 1 minislot-size 1
cable upstream 1 range-backoff 3 6
cable upstream 1 modulation-profile 241
no cable upstream 1 shutdown
cable upstream 2 connector 2
cable upstream 2 frequency 52000000
cable upstream 2 ingress-noise-cancellation 200
cable upstream 2 docsis-mode atdma
cable upstream 2 channel-width 6400000 6400000
cable upstream 2 minislot-size 1
cable upstream 2 range-backoff 3 6
cable upstream 2 modulation-profile 241
no cable upstream 2 shutdown
cable upstream 3 connector 3
cable upstream 3 frequency 52000000
cable upstream 3 ingress-noise-cancellation 200
cable upstream 3 docsis-mode atdma
cable upstream 3 channel-width 6400000 6400000
cable upstream 3 minislot-size 1
cable upstream 3 range-backoff 3 6
cable upstream 3 modulation-profile 241
no cable upstream 3 shutdown
!
interface Cable6/1
no ip address
cable shared-secret 7 xxxxxxxxxxxxxxxxxxx
no cable packet-cache
cable bundle 1
cable downstream channel-id 60
cable downstream rate-limit token-bucket
cable downstream annex A
cable downstream modulation 256qam
cable downstream frequency 378000000
no cable downstream rf-shutdown
cable downstream rf-power 53
cable upstream max-ports 4
cable upstream 0 connector 4
cable upstream 0 frequency 52000000
cable upstream 0 ingress-noise-cancellation 200
cable upstream 0 docsis-mode atdma
cable upstream 0 channel-width 6400000 6400000
cable upstream 0 minislot-size 1
cable upstream 0 range-backoff 3 6
cable upstream 0 modulation-profile 241
no cable upstream 0 shutdown
cable upstream 1 connector 5
cable upstream 1 frequency 52000000
cable upstream 1 ingress-noise-cancellation 200
cable upstream 1 docsis-mode atdma
cable upstream 1 channel-width 6400000 6400000
cable upstream 1 minislot-size 1
cable upstream 1 range-backoff 3 6
cable upstream 1 modulation-profile 241
no cable upstream 1 shutdown
cable upstream 2 connector 6
cable upstream 2 frequency 52000000
cable upstream 2 ingress-noise-cancellation 200
cable upstream 2 docsis-mode atdma
cable upstream 2 channel-width 6400000 6400000
cable upstream 2 minislot-size 1
cable upstream 2 range-backoff 3 6
cable upstream 2 modulation-profile 241
no cable upstream 2 shutdown
cable upstream 3 connector 7
cable upstream 3 frequency 52000000
cable upstream 3 ingress-noise-cancellation 200
cable upstream 3 docsis-mode atdma
cable upstream 3 channel-width 6400000 6400000
cable upstream 3 minislot-size 1
cable upstream 3 range-backoff 3 6
cable upstream 3 modulation-profile 241
no cable upstream 3 shutdown
----------------------------------------------------------------
interface Bundle1
ip address 172.61.166.1 255.255.254.0 secondary
ip address 172.61.165.1 255.255.255.0 secondary
ip address 172.61.168.1 255.255.255.128 secondary
ip address 10.0.0.1 255.255.0.0
cable arp filter request-send 3 2
cable arp filter reply-accept 3 2
cable dhcp-giaddr policy
cable helper-address 172.61.164.5
arp timeout 60
!
ip default-gateway 172.61.164.1
ip classless
ip route 0.0.0.0 0.0.0.0 172.61.164.1
no ip http server
no ip http secure-server
!

Fri, 08/03/2012 - 05:14

(Reply to #32) #33

grosche

try this...

comment spawn with option agent.remote-id;
and try the cm and mta get an ip with deaktivated relay agent

you want to allow unknown CM and MTA? why?

Fri, 08/03/2012 - 06:07

(Reply to #33) #34

husamaga

i don't want to allow unknown

i don't want to allow unknown modems and mta.
i just want the mta's to get working/online.

thanks

Tue, 08/07/2012 - 08:09

(Reply to #34) #35

husamaga

still have the problem! can't

still have the problem! can't get it working :(
any ideas

thanks

Wed, 08/08/2012 - 02:06

(Reply to #35) #36

grosche

try this...

authoritative;
ddns-update-style none;

allow leasequery;
use-host-decl-names on;

default-lease-time 3600;
max-lease-time 7200;

# DOCSIS Config Parameter
option space docsis-mta;
option docsis-mta.dhcp-server-1 code 1 = ip-address;
option docsis-mta.dhcp-server-2 code 2 = ip-address;
option docsis-mta.provision-server code 3 = { integer 8, string };
option docsis-mta.as-req-as-rep-1 code 4 = { integer 32, integer 32, integer 32 };
option docsis-mta.as-req-as-rep-2 code 5 = { integer 32, integer 32, integer 32 };
option docsis-mta.krb-realm-name code 6 = string;
option docsis-mta.ticket-gs-util code 7 = integer 8;
option docsis-mta.provision-timer code 8 = integer 8;
option docsis-mta.ticket-ctrl-mask code 9 = integer 16;
option docsis-mta-pkt code 122 = encapsulate docsis-mta;

# CM Software Version
option space docsis-cm;
option docsis-cm.serial-number code 4 = string;
option docsis-cm.software-version code 6 = string;
option docsis-cm.organization-id code 8 = string;
option docsis-cm.hardware-model code 9 = string;
option docsis-cm-pkt code 43 = encapsulate docsis-cm;

# Default Werte
option domain-name "domain.net";
option domain-name-servers 10.0.0.254;
filename =
concat(
suffix(concat("0",binary-to-ascii(16,8,"",substring(hardware,1,1))),2),
suffix(concat("0",binary-to-ascii(16,8,"",substring(hardware,2,1))),2),
suffix(concat("0",binary-to-ascii(16,8,"",substring(hardware,3,1))),2),
suffix(concat("0",binary-to-ascii(16,8,"",substring(hardware,4,1))),2),
suffix(concat("0",binary-to-ascii(16,8,"",substring(hardware,5,1))),2),
suffix(concat("0",binary-to-ascii(16,8,"",substring(hardware,6,1))),2),
"");

class "sb5100e" {
match if (option docsis-cm.organization-id = 00:20:40)
and (option docsis-cm.hardware-model = "SB5100E")
and not (option docsis-cm.software-version = "SB5100E-2.3.8.0-GA-00-NOSH");
filename "sb5100e-upgrade.bin";
}

class "sbv5121e" {
match if (option docsis-cm.organization-id = "002040")
and (option docsis-cm.hardware-model = "SBV5121E")
and not (option docsis-cm.software-version = "SBV5121E-SIP-1.0.7-SCM-06-SHPC ");
filename "sbv5121e-upgrade.bin";
}

# Management
subnet 10.0.0.0 netmask 255.255.255.0 {
deny unknown-clients;
}

# CM
subnet 10.0.1.0 netmask 255.255.255.0 {
deny unknown-clients;
}

# MTA
subnet 10.0.2.0 netmask 255.255.255.0 {
deny unknown-clients;
}

# CPE
subnet 10.0.3.0 netmask 255.255.255.0 {
range 10.0.3.100 10.0.3.200;
option routers 10.0.3.1;
}

group {
# CM without MTA

option routers 10.0.1.1;
option log-servers 10.0.0.254;
option ntp-servers 10.0.0.254;
option time-servers 10.0.0.254;
option time-offset 7200;
option tftp-server-name "10.0.0.254";
next-server 10.0.0.254;
option docsis-mta.dhcp-server-1 0.0.0.0;

host sb5100e { hardware ethernet 00:11:22:33:44:55; fixed-address 10.0.1.11; }
}

group {
# CM with MTA

host sb5121e-1 { hardware ethernet 00:11:22:33:44:55; fixed-address 10.0.1.12; }
host sb5121e-2 { hardware ethernet 00:11:22:33:44:55; fixed-address 10.0.1.13; }
}

group {
# MTA

option routers 10.0.2.1;
option log-servers 10.0.0.254;
option ntp-servers 10.0.0.254;
option time-servers 10.0.0.254;
option time-offset 7200;
option tftp-server-name "10.0.0.254";
next-server 10.0.0.254;
option docsis-mta.provision-server 0 "\00210\0010\0010\003254\000";
option docsis-mta.krb-realm-name "\005BASIC\0011\000";

host mta-1 { hardware ethernet 00:11:22:33:44:55; fixed-address 10.0.2.12; }
host mta-2 { hardware ethernet 00:11:22:33:44:55; fixed-address 10.0.2.13; }
}

Wed, 09/19/2012 - 04:56

(Reply to #36) #37

husamaga

Ok,

Ok,
i just set every thing, and i get to the state when the modem get reject(pk) it says that i need to set a kek privacy key. i don't realy know where to set that key, or how not to use it.
any one can help?
Regards

MAC Address IP Address I/F MAC Prim RxPwr Timing Num BPI
State Sid (dBmv) Offset CPE Enb
000e.5cd1.xxxx 10.0.99.254 C6/0/U2 reject(pk) 414 0.00 980 0 Y

Wed, 09/19/2012 - 06:21

(Reply to #37) #38

kwesibrunee

Check the time on your CMTS

Check the time on your CMTS and your time server if there is too great a variance modems will come up in this state.

Otherwise post your modem config, because it is likely an issue there.

Tue, 09/25/2012 - 06:33

(Reply to #38) #39

husamaga

as i check, the time is OK .

I configures everything, but still not successful with MTA.
the MTA didn't pick up the mac.bin file so i stuck there.
this is my errors from the MTA:

Login successfully...
==========================
+ Start SNMP Provision +
==========================
BOS: Task 0x80730700 acknowledged reset.
TaskProceedToShutdown() not signaling task (HPRT) (task already DONE)
TaskCreate - taskRessurrect HPRT
MTA FQDN is from Flash :
dnsAddr.
dnsBosSemCreate.
dnsBosSemGive.
ERROR: Empty CA format , Set Call Agent IpAddr as ca@[0.0.0.0]

CM> ERROR resolving address mta.domain.com by DNS Server.

==========================
+ Start SNMP Provision +
==========================

TaskCreate - spawn new task KRBM
TaskCreate - spawn new task KMAP
TaskCreate - spawn new task KMAS

ERROR resolving address mta.domain.com by DNS Server.
ERROR: prfInitSnmpV2SimpleFlows - Prov FQDN "mta.domain.com" Cannot be Resolved.
WARNING - prfProvTaskmain - unable to resolve FDQN in sub-option-3

ERROR resolving address mta.domain.com by DNS Server.
[SNMP]ERROR: SNMP Mgr FQDN ("mta.domain.com") cannot be resolved.
ERROR: Empty CA format , Set Call Agent IpAddr as ca@[0.0.0.0]
ERROR: Empty CA format , Set Call Agent IpAddr as ca@[0.0.0.0]
EMTA: Enabling anti-spoofing measures

INFO: dhcp_callback() - DHCP Callback called, Event 0x05:
[BRCM_DHCP_CLI_EV_LEASE_RELEASED]

DHCP SW length:28
szBuf = 0 14 f8

INFO: dhcp_callback() - DHCP Callback called, Event 0x07:
[BRCM_DHCP_CLI_EV_OFFER_RECEIVED]

INFO: dhcpParseProvData() - Opt-6: MTA DNS Servers (Option-6) Received - len=8..
.
INFO: dhcpParseProvData() - Opt-6: MTA Primary DNS Server (Option-6) Received -
8.8.8.8
INFO: dhcpParseProvData() - Opt-6: MTA Secondary DNS Server (Option-6) Received
- 0x172.xxx.xxx.xxx
INFO: dhcpParseProvData() - Opt-6: MTA Secondary DNS Server (Option-6) Received
- 0x172.xxx.xxx.xxx

BASIC☺1

INFO: dhcp_callback() - DHCP Callback called, Event 0x08:
[BRCM_DHCP_CLI_EV_ACK_RECEIVED]

BASIC☺1
Configuring IPSEC library with IP address 172.xxx.xxx.xxx

INFO: dhcp_callback() - DHCP Callback called, Event 0x00:
[BRCM_DHCP_CLI_EV_BOUND]

BASIC☺1
INFO: prfDhcpProv() - Disabling the DHCP ANTI-Spoofing!
EMTA: Disabling anti-spoofing measures
Task 0x80730700 notified of reset, waiting for ack...

BOS: Task 0x80730700 acknowledged reset.
TaskProceedToShutdown() not signaling task (HPRT) (task already DONE)
TaskCreate - taskRessurrect HPRT
MTA FQDN is from Flash :
ERROR: Empty CA format , Set Call Agent IpAddr as ca@[0.0.0.0]

ERROR resolving address xxx.xxx.xx by DNS Server.

- Can any one give me a hand?

Regards

Tue, 09/25/2012 - 11:56

(Reply to #39) #40

kwesibrunee

it is complaining that mta

it is complaining that mta.domains.net does not resolve to an ip address. in your dhcpd.conf change the line

option docsis-mta.provision-server 0 "\003mta\007domains\003net\000";

to something that resolves i.e.

option docsis-mta.provision-server 0 "\003www\007example\003com\000";

That should get you one step closer. Don't forget to restart dhcpd.

Mon, 10/01/2012 - 03:50

(Reply to #40) #41

husamaga

Thanks for your answer,

Solved the dhcpd server & 2 config files.
i get the MTA registred with mac.bin config file.
now i have the (line up) in the log of mta, and i can call my mta.

Regards

Wed, 07/22/2015 - 01:06

#42

rajeshp

Issue with PC2.0 MTA provisioning

I provisioned the CM and MTA successfully, which i can confirm from in event log on GUI:

7/21/2015 21:50 16 MTA TFTP: Successful
7/21/2015 21:50 26 MTA PROV: Successful!
7/21/2015 21:50 3 Voice Line State Change, Line Number = 1, Prev State = OOS, New State = IS
7/21/2015 21:59 65523 SIP General Failure

but after that its failing to register with Proxy server

but it says "SIP General Failure", i dont know why it is.
I can see the bellow message in CM console log :
sendUserReq: No response from SNMP Agent - Select timed-out.
sendUserReq: Retry Number 5 to get the response from snmp agent

It seems like device is trying to send the sendUserReq to SNMP Agent, as per my knowledge the MTA sends the SIP request to Proxy server and NOT to SNMP Agent.i am not sure the purpose of sendUserReq here.can you please elaborate it.

Thanks in advance!!!

File attachments:

CMconsoleLog.txt

Main menu

Navigation

You are here

How-to for arris eMTAs on docsis 1.1 networks using dhcpd

Main menu

Navigation

User login

You are here

How-to for arris eMTAs on docsis 1.1 networks using dhcpd