Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 04-CWMP (TR-069) Configuration | 159.45 KB |
Feature and hardware compatibility
Configuring ACS and CPE attributes through ACS
Configuring ACS and CPE attributes through DHCP
Configuring the ACS username and password
Configuring the CPE username and password
Configuring the CWMP connection interface
Configuring the maximum number of attempts made to retry a connection
Configuring the close-wait timer of the CPE
Configuring the CPE working mode
Specifying an SSL client policy for HTTPS connection to ACS
Displaying and maintaining CWMP
Overview
CPE WAN Management Protocol (CWMP), also called "TR-069," is a DSL Forum technical specification for remote management of home network devices. It defines the general framework, message format, management method, and data model for managing and configuring home network devices.
CWMP applies mainly to DSL access networks, which are hard to manage because end-user devices are dispersed and large in number. CWMP makes the management easier by using an autoconfiguration server to perform remote centralized management of customer premises equipment.
CWMP network framework
Figure 1 shows a basic CWMP network framework.
Figure 1 CWMP network framework
The basic CWMP network elements include:
· ACS—Autoconfiguration server, the management device in the network.
· CPE—Customer premises equipment, the managed device in the network.
· DNS server—Domain name system server. CWMP defines that an ACS and a CPE use URLs to identify and access each other. DNS is used to resolve the URLs.
· DHCP server—Assigns IP addresses to CPEs, and uses the options field in the DHCP packet to issue configuration parameters to the CPE.
Your device can work as the CPE but not the ACS.
Basic CWMP functions
Autoconnection between ACS and CPE
A CPE can connect to an ACS automatically by sending an Inform message. The following conditions might trigger an autoconnection establishment:
· A CPE starts up. A CPE can find the corresponding ACS according to the acquired URL, and automatically initiates a connection to the ACS.
· A CPE is configured to send Inform messages periodically. The CPE automatically sends an Inform message at the configured interval to establish connections.
· A CPE is configured to send an Inform message at a specific time. The CPE automatically sends an Inform message at the configured time to establish a connection.
An ACS can initiate a connection request to a CPE at any time, and can establish a connection with the CPE after passing CPE authentication.
Autoconfiguration
When a CPE logs in to an ACS, the ACS can automatically apply some configurations to the CPE for it to perform auto configuration. Autoconfiguration parameters supported by the device include the following:
· Configuration file (ConfigFile)
· ACS address (URL)
· ACS username (Username)
· ACS password (Password)
· PeriodicInformEnable
· PeriodicInformInterval
· PeriodicInformTime
· CPE username (ConnectionRequestUsername)
· CPE password (ConnectionRequestPassword)
CPE system software image file and configuration file management
The network administrator can save CPE system software image files and configuration files on the ACS and configure the ACS to automatically request the CPE to download any update made to these files. After the CPE receives an update request, it automatically downloads the updated file from the file server according to the filename and server address in the ACS request. After the CPE downloads the file, it checks the file validity and reports the download result (success or failure) to the ACS.
To back up important data, a CPE can upload the current configuration file to the specified server according to the requirement of an ACS. The device supports uploading only the vendor configuration file or log file.
|
|
NOTE: The device can download only system software images and configuration files from the ACS, and does not support digital signatures. |
CPE status and performance monitoring
An ACS can monitor the parameters of a CPE connected to it. Different CPEs have different performances and functionalities. Therefore the ACS must be able to identify each type of CPE and monitor each CPE's current configuration and configuration changes. CWMP also allows the administrator to define monitor parameters and get the parameter values through an ACS, so as to get the CPE status and statistics information.
The status and performance that can be monitored by an ACS include:
· Manufacturer name (Manufacturer)
· ManufacturerOUI
· SerialNumber
· HardwareVersion
· SoftwareVersion
· DeviceStatus
· UpTime
· Configuration file (ConfigFile)
· ACS address (URL)
· ACS username (Username)
· ACS password (Password)
· PeriodicInformEnable
· PeriodicInformInterval
· PeriodicInformTime
· CPE address (ConnectionRequestURL)
· CPE username (ConnectionRequestUsername)
· CPE password (ConnectionRequestPassword)
CWMP mechanism
RPC methods
CWMP provides the following major remote procedure call methods for an ACS to manage or monitor a CPE:
· Get—The ACS gets the value of one or more parameters from the CPE.
· Set—The ACS sets the value of one or more parameters on the CPE.
· Inform—The CPE sends an Inform message to an ACS whenever the CPE initiates a connection to the ACS, or the CPE's underlying configuration changes, or the CPE periodically sends its local information to the ACS.
· Download—The ACS requires a CPE to download a specific file from the specified URL, ensuring upgrading of CPE software and auto download of the vendor configuration file.
· Upload—The ACS requires a CPE to upload a specific file to the specified location.
· Reboot—The ACS remotely reboots the CPE when the CPE encounters a failure or completes a software upgrade.
How CWMP works
The following example illustrates how CWMP works. Suppose there are two ACSs in an area: main and backup. The main ACS must restart for a system upgrade. To ensure a continuous monitoring of the CPE, the main ACS redirects all CPEs in the area to the backup ACS.
Figure 2 CWMP message interaction procedure
The following steps show how CWMP works:
1. Establish a TCP connection.
2. Initialize SSL and establish a security connection.
3. The CPE sends an Inform request message to initiate a CWMP connection. The Inform message carries the reason for sending this message in the Eventcode field. In this example, the reason is "6 CONNECTION REQUEST," indicating that the ACS requires the CPE to establish a connection.
4. If the CPE passes the authentication of the ACS, the ACS returns an Inform response, and the connection is established.
5. Upon receiving the Inform response, the CPE sends an empty message, if it has no other requests. The CPE does this in order to comply with the request/reply interaction model of HTTP/HTTPS, in which CWMP messages are conveyed.
6. The ACS queries the value of the ACS URL set on the CPE.
7. The CPE replies to the ACS with the obtained value of the ACS URL.
8. The ACS finds that its local URL value is the same as the value of the ACS URL on the CPE. Therefore, the ACS sends a Set request to the CPE to modify the ACS URL value of the CPE to the URL of the backup ACS.
9. The setting succeeds and the CPE sends a response.
10. The ACS sends an empty message to notify the CPE that it has no other requests.
11. The CPE closes the connection.
After this, the CPE initiates a connection to the backup ACS.
Feature and hardware compatibility
|
Hardware series |
Model |
CWMP compatibility |
|
WA4300 series |
WA4320-ACN |
Yes |
|
WA4320H-ACN |
Yes |
|
|
WA4320i-ACN |
Yes |
|
|
WA4320-ACN-PI |
Yes |
|
|
WA4600 series |
WA4620i-ACN/WA4620E-ACN |
No |
CWMP configuration approaches
To use CWMP, you must enable CWMP at the CLI. After that, you can configure ACS and CPE attributes at the CLI. Alternatively, the CPE may obtain some ACS and CPE attributes from the DHCP server, or the ACS may assign some ACS and CPE attributes to the CPE, depending on the CWMP implementation in your network. Support for these configuration modes varies with attributes. For more information, see "Configuring CWMP at the CLI."
Configuring ACS and CPE attributes through ACS
An ACS performs autoconfiguration of a CPE through remote management. For the primary configurable parameters, see "Autoconfiguration."
Configuring ACS and CPE attributes through DHCP
You can configure ACS parameters for the CPE on the DHCP server by using DHCP Option 43. When accessed by the CPE, the DHCP server sends the ACS parameters in DHCP Option 43 to the CPE. If the DHCP server is an H3C device that supports DHCP Option 43, you can configure the ACS parameters at the CLI with the command option 43 hex 01length URL username password, where:
· length is a hexadecimal string that indicates the total length of the length URL, username, and password arguments. No space is allowed between the 01 keyword and the length value.
· URL is the ACS address.
· username is the ACS username.
· password is the ACS password.
When you configure the ACS URL, username and password, follow these guidelines:
· The three arguments take the hexadecimal format and the ACS URL and username must each end with a space (20 in hexadecimal format) for separation.
· The three arguments must be input in 2-digit, 4-digit, 6-digit, or 8-digit segments, each separated by a space.
For example, configure the ACS address as http://169.254.76.31:7547/acs, username as 1234, and password as 5678, as follows:
<Sysname> system-view
[Sysname] dhcp server ip-pool 0
[Sysname-dhcp-pool-0] option 43 hex 0127 68747470 3A2F2F31 36392E32 35342E37 362E3331 3A373534 372F6163 73203132 33342035 3637 38
In the option 43 hex command:
· 27 indicates that the length of the subsequent hexadecimal strings is 39 characters.
· 68747470 3A2F2F31 36392E32 35342E37 362E3331 3A373534 372F6163 73 corresponds to the ACS address http://169.254.76.31/acs.
· 3132 3334 corresponds to the username 1234.
· 35 3637 38 corresponds to the password 5678.
· 20 is the end delimiter.
For more information about DHCP, DHCP Option 43, and the option command, see Layer 3—IP Services Configuration Guide.
Configuring CWMP at the CLI
Some tasks in this section can also be performed on the ACS or DHCP server. For a CWMP parameter, the setting assigned by the ACS has the same priority as the CLI setting, and the setting issued by the DHCP server has lower priority than the CLI setting. The ACS-assigned setting and the CLI setting override each other, and whichever is configured the last takes effect.
Complete the following tasks to configure CWMP at the CLI:
|
Task |
Remarks |
|
Required. |
|
|
Configuring ACS attributes: |
|
|
Required. Supports configuration through ACS, DHCP, and CLI. |
|
|
Optional. Supports configuration through ACS, DHCP, and CLI. |
|
|
Configuring CPE attributes: |
|
|
Optional. Supports configuration through ACS and CLI. |
|
|
Optional. Supports configuration through CLI only. |
|
|
Optional. Supports configuration through ACS and CLI. |
|
|
· Configuring the maximum number of attempts made to retry a connection |
Optional. Supports configuration through CLI only. |
|
Optional. Supports configuration through CLI only. |
|
|
Optional. Supports configuration through CLI only. |
|
|
· Specifying an SSL client policy for HTTPS connection to ACS |
Optional. Supports configuration through CLI only. |
Enabling CWMP
CWMP configurations can take effect only after you enable CWMP.
To enable CWMP:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Enable CWMP. |
cwmp enable |
By default, CWMP is disabled. |
Configuring ACS attributes
Configuring the ACS URL
You can assign only one ACS for a CPE and the ACS URL you configured overwrites the old one, if any.
To configure the ACS URL:
|
Step |
Command |
Remarks |
|
system-view |
N/A |
|
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Configure the ACS URL. |
cwmp acs url url |
By default, no ACS URL is configured. |
Configuring the ACS username and password
To pass ACS authentication, make sure that the configured username and password are the same as those configured for the CPE on the ACS.
To configure the ACS username and password:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Configure the ACS username for connection to the ACS. |
cwmp acs username username |
By default, no ACS username is configured for connection to the ACS. |
|
4. Configure the ACS password for connection to the ACS. |
cwmp acs password [ cipher | simple ] password |
Optional. You can specify a username without a password for authentication, but must make sure that the ACS has the same authentication setting as the CPE. By default, no ACS password is configured for connection to the ACS. |
Configuring CPE attributes
Configuring the CPE username and password
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Configure the CPE username for connection to the CPE. |
cwmp cpe username username |
By default, no CPE username is configured for connection to the CPE. |
|
4. Configure the CPE password for connection to the CPE. |
cwmp cpe password [ cipher | simple ] password |
Optional. You can specify a username without a password for authentication, but make sure that the ACS has the same authentication setting as the CPE. By default, no CPE password is configured for connection to the CPE. |
Configuring the CWMP connection interface
The CWMP connection interface is the interface that the CPE uses to communicate with the ACS. The CPE sends the IP address of this interface in the Inform messages and the ACS replies to this IP address for setting up a CWMP connection.
If the interface that connects the CPE to the ACS is the only Layer 3 interface that has an IP address on the device, you do not need to specify the CWMP connection interface. If multiple Layer 3 interfaces are configured, specify the CWMP connection interface to make sure the IP address of the interface that connects to the ACS is sent to the ACS for setting up CWMP connection.
To configure a CWMP connection interface:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Set the interface that connects the CPE to the ACS. |
cwmp cpe connect interface interface-type interface-number |
The default CWMP connection interface depends on the device model. |
Sending Inform messages
Inform messages need to be sent during the connection establishment between a CPE and an ACS. You can configure the Inform message sending parameter to trigger the CPE to initiate a connection to the ACS.
Sending an Inform message periodically
To configure the CPE to periodically send Inform messages:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Enable the periodic sending of Inform messages. |
cwmp cpe inform interval enable |
By default, this function is disabled. |
|
4. Configure the interval between sending the Inform messages. |
cwmp cpe inform interval seconds |
Optional. By default, the CPE sends an Inform message every 600 seconds. |
Sending an Inform message at a specific time
To configure the CPE to send an Inform message at a specific time:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Configure the CPE to send an Inform message at a specific time. |
cwmp cpe inform time time |
By default, no time is set. The CPE is not configured to send an Inform message at a specific time. |
Configuring the maximum number of attempts made to retry a connection
If a CPE fails to establish a connection to an ACS or the connection is interrupted during the session (the CPE does not receive a message indicating the normal close of the session), the CPE can automatically reinitiate a connection to the ACS.
To configure the maximum number of attempts that the CPE can make to retry a connection:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Configure the maximum number of attempts that the CPE can make to retry a connection. |
cwmp cpe connect retry times |
Optional. By default, the CPE regularly sends connection requests to the ACS until a connection is set up. |
Configuring the close-wait timer of the CPE
The close-wait timer is used mainly in the following cases:
· During the establishment of a connection, if the CPE sends a connection request to the ACS, but the CPE does not receive a response within the configured close-wait timeout, the CPE considers the connection as having failed.
· After a connection is established, if there is no packet interaction between the CPE and the ACS within the configured close-wait timeout, the CPE considers the connection to be invalid and disconnects the connection.
To configure the close-wait timer for the CPE:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Set the CPE close-wait timer. |
cwmp cpe wait timeout seconds |
Optional. The default is 30 seconds. |
Configuring the CPE working mode
Configure the device to operate in one of the following CPE modes depending on its position in the network:
· Gateway mode—Enables the ACS to manage the device and any CPE attached to the device. Use this mode if the device is the egress to the WAN and has lower-level CPEs.
· Device mode—If no CPEs are attached to the device, configure the device to operate in device mode.
Disable CWMP before you change the CPE working mode.
To configure the working mode of the CPE:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Configure the working mode of the CPE. |
cwmp device-type { device | gateway } |
By default, the device operates in gateway mode. |
Specifying an SSL client policy for HTTPS connection to ACS
CWMP uses HTTP or HTTPS for data transmission. If the ACS uses HTTPS for secure access, its URL begins with https://. You must configure an SSL client policy for the CPE to authenticate the ACS for establishing an HTTPS connection. For more information about configuring SSL client policies, see Security Configuration Guide.
To specify an SSL client policy for the CPE to establish an HTTPS connection to the ACS:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter CWMP view. |
cwmp |
N/A |
|
3. Specify an SSL client policy. |
ssl client-policy policy-name |
By default, no SSL client policy is configured. |
Displaying and maintaining CWMP
|
Task |
Command |
Remarks |
|
Display CWMP configuration. |
display cwmp configuration [ | { begin | exclude | include } regular-expression ] |
Available in any view. |
|
Display the current status of CWMP. |
display cwmp status [ | { begin | exclude | include } regular-expression ] |
Available in any view. |
