Download Print this page

Motorola BSR 2000 Configuration And Management Manual

Broadband services router
Hide thumbs

Advertisement

Table of Contents
BSR 2000
Configuration and
Management Guide
526360-001-00 Rev. B
Release 1.0
MGBI

Advertisement

Table of Contents
loading

  Also See for Motorola BSR 2000

  Related Manuals for Motorola BSR 2000

  Summary of Contents for Motorola BSR 2000

  • Page 1 BSR 2000 Configuration and Management Guide 526360-001-00 Rev. B Release 1.0 MGBI...
  • Page 2 (such as translation, transformation or adaptation) without written permission from Motorola, Inc. Motorola reserves the right to revise this publication and to make changes in content from time to time without obligation on the part of Motorola to provide notification of such revision or change. Motorola provides this guide without warranty of any kind, either implied or expressed, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose.
  • Page 3 Caring for the Environment by Recycling When you see this symbol on a Motorola product, do not dispose of the product with residential or commercial waste. Recycling your Motorola Equipment Please do not dispose of this product with your residential or commercial waste. Some countries or regions, such as the European Union, have set up systems to collect and recycle electrical and electronic waste items.
  • Page 4 Motorola Kundeservice. Milieubewust recycleren Als u dit symbool op een Motorola-product ziet, gooi het dan niet bij het huishoudelijk afval of het bedrijfsafval. Uw Motorola-materiaal recycleren. Gooi dit product niet bij het huishoudelijk afval het of bedrijfsafval. In sommige landen of regio's zoals de Eu- ropese Unie, zijn er bepaalde systemen om elektrische of elektronische afvalproducten in te zamelen en te recycleren.
  • Page 5 Motorolas kundtjänst för hjälp. Újrahasznosítással a környezet védelméért Ha ezt a jelzést látja egy Motorola terméken, ne dobja ki azt lakossági vagy ipari hulladékba. Motorola termékének újrahasznosítása Kérjük ne dobja ki ezt a terméket lakossági vagy ipari hulladékba. Egyes országok ill. régiók, mint az Európai Unió...
  • Page 6 Motorola Motorola Motorola Motorola Motorola Motorola Motorola Motorola Motorola...
  • Page 7: Table Of Contents

    Contents Preface Scope ............................xxvii Audience...........................xxvii Documentation Set ........................xxvii Conventions..........................xxviii Notes, Cautions, Warnings ......................xxix If You Need Help........................xxx Introduction Overview .............................1-1 Multiservice Support ........................1-2 Network Management and Control .....................1-2 Using the Command Line Interface Overview .............................2-1 Using a Console Session to Access the CLI ................2-2 Using a Telnet Session to Access the CLI...................2-3 CLI Command Modes .........................2-3 User EXEC Mode......................2-4...
  • Page 8 BSR 2000 Configuration and Management Guide Release 1.0 IPSec Configuration Mode ....................2-7 Router Configuration Mode .....................2-7 Route Map Configuration Mode ..................2-7 Cable Spectrum Group Mode...................2-8 Command Mode Summary....................2-8 Editing and Navigating with the CLI ..................2-11 Moving the Cursor on the Command Line..............2-12 Partial Command Names ....................2-12...
  • Page 9 Release 1.0 Defining a Group Access Level ...............3-10 Verifying Your User Account Login Configuration.........3-10 Configuring Interfaces....................3-11 Specifying System Time Information................3-11 Controlling Telnet and Console Access ..................3-13 Configuring Logging.........................3-14 Flash and NVRAM Memory Management Guidelines..........3-15 Setting Logging Control ....................3-16 Restricting Logging Rates ....................3-17 Creating a Loopback Interface for Source SYSLOG IP Address ....3-19 Configuring System Logging ..................3-19 Configuring Logging to a SYSLOG Server.............3-19...
  • Page 10 BSR 2000 Configuration and Management Guide Release 1.0 Enabling Domain Lookup and Domain List ............3-34 Configuring SNTP......................3-35 Configuring UDP Broadcast Relay ................3-37 Configuring FTP Access ....................3-38 Configuring a Loopback Interface for TFTP Packets ............3-39 Enabling the RADIUS Client on the BSR..............3-40 Configuring the RADIUS Client for Server Communication......3-40...
  • Page 11 Release 1.0 Displaying System Parameters....................3-68 Displaying System Processing Information ..............3-68 Displaying System Memory Information...............3-72 Displaying the System Version Information..............3-73 Displaying System Buffer Information ................3-75 Displaying Hardware Information..................3-77 Configuring SNMP Overview .............................4-1 Configuring SNMP Server Parameters ..................4-1 Configuring SNMP Informs and Traps ..................4-8 Setting Trap Logging Control...................4-8 Configuring a Trap Destination..................4-9 Specifying the Destination IP Address ..............4-9...
  • Page 12 BSR 2000 Configuration and Management Guide Release 1.0 Associating Groups to MIB Views ..............4-31 Configuring an SNMP Context................4-31 Configuring Packet Size......................4-32 Monitoring SNMP........................4-32 Configuring Interfaces and TCP/IP Features Overview .............................5-1 About TCP/IP Level Features .....................5-2 Setting IP Interface Addresses ....................5-2 Removing an IP Address ....................5-6...
  • Page 13 Obtaining Detailed DOCSIS 2.0 Information..........6-22 DOCSIS 2.0 and the BSR 2000..................6-22 BSR 2000 Hardware Support for DOCSIS 2.0..........6-22 BSR 2000 Software Support for DOCSIS 2.0 ..........6-23 DOCSIS 2.0 Logical Channel Configuration Task Summary........6-24 Configuring the Channel Type ..................6-24 Configuring Spectrum Power Density Maintenance for a Logical Channel....6-27 Additional S-CDMA Logical Channel Configurations ..........6-27...
  • Page 14 Configuring S-CDMA Codes Per Minislot............6-28 Configuring the S-CDMA Hopping Seed ............6-29 Configuring the S-CDMA Spreading Interval ..........6-29 Displaying the Upstream Logical Channel Configuration ..........6-29 Using the RF Sentry on the BSR 2000..................6-32 Power Level Measurement......................6-32 Configuring FFT......................6-33 Configuring the FFT Processor ..................6-33 Displaying the FFT Processor Configuration..............6-33...
  • Page 15 Release 1.0 Setting the Downstream Power Level..............6-50 Resetting a Downstream Port................6-50 Reserving Downstream Bandwidth ..............6-51 Unreserving Downstream Bandwidth ..............6-51 Cable Modem Downstream Frequency Override During Ranging ....6-52 Testing RF Carrier Modulation ................6-52 Specifying Downstream Queue Thresholds.............6-53 Limiting Downstream Multicast Traffic ............6-53 Configuring an Upstream Channel....................6-54 Initial Upstream Configuration Tasks ................6-55 Setting the Upstream Frequency ..............6-56...
  • Page 16 BSR 2000 Configuration and Management Guide Release 1.0 Disabling an Upstream Port ................6-81 Configuring the Upstream Channel Descriptor ..........6-81 Limiting the Number of Voice Calls on an Upstream Channel .......6-82 Enabling/Disabling CMTS Concatenation Capabilities ........6-83 Enabling/Disabling Concatenation for DOCSIS 1.0 or 1.1 Cable Modems ..6-83 Configuring AntiVirus/AntiWorm Protection ................6-84...
  • Page 17 Displaying Upstream Service Flow Statistics ..........6-128 Displaying Payload Header Suppression Entries...........6-128 Displaying Class of Service (Qos) Profiles............6-129 Configuring the BSR 2000 for DOCSIS 1.0+ Interoperability ........6-131 Verifying that DOCSIS 1.0+ Devices Successfully Register......6-134 Troubleshooting DOCSIS 1.0+ Interoperability ..........6-134 Implementing Spectrum Management ..................6-134 Configuring a Spectrum Group ..................6-135...
  • Page 18 BSR 2000 Configuration and Management Guide Release 1.0 Configuring the Spectrum Hopping Error Threshold ........6-147 Configuring the Spectrum Hopping Flap Threshold........6-148 Enabling and Disabling Spectrum Roll-back..........6-149 Configuring the Guard Band................6-149 Reviewing the Spectrum Group that You Created .........6-149 Viewing Your Spectrum Group Configuration ..........6-152 Applying a Spectrum Group to an Upstream Port............6-152...
  • Page 19 Release 1.0 Clearing UCC or DCC Statistics ..................6-184 Configuring Cable Intercepts ....................6-184 Enabling a Cable Intercept ...................6-184 Disabling a Cable Intercept ..................6-187 Gathering DOCSIS Network Information................6-188 Determining the Enabled DOCSIS CMTS Module Type ..........6-188 Through SNMP: .....................6-188 Through the CLI: ...................6-189 Displaying Cable Interface Parameters ................6-189 Displaying Downstream Parameters ................6-191 Viewing Downstream Port Information ............6-191...
  • Page 20 BSR 2000 Configuration and Management Guide Release 1.0 Configuring the COPS Client Timer..............7-7 Displaying COPS Connections ................7-8 Verifying the COPS Configuration ..............7-9 Configuring Event Messages....................7-9 Enabling the Event Message System ..............7-9 Configuring Event Message Parameters ............7-10 Configuring a Mask for Disabling Event Messages ........7-13 Disabling Event Messages ................7-15...
  • Page 21 Release 1.0 Configuring Routing Policy Overview .............................8-1 Defining Route Maps ........................8-2 Creating a Route Map.......................8-2 Using Match Statements to Define Routing Conditions ..........8-2 Using Set Statements to Define Routing Conditions ............8-4 Defining Access Lists and Groups ....................8-6 Configuring an IP Access List..................8-6 Configuring an AS-path Access-list.................8-7 Configuring an IP Access Group..................8-8 Creating Community Lists ......................8-8...
  • Page 22 BSR 2000 Configuration and Management Guide Release 1.0 Adjusting PIM Query Message Interval for DR...............9-8 Configuring the Type of PIM Packet Checksum..............9-8 Retrieving PIM Unicast Routes..................9-8 Configuring IGMP on an Interface .....................9-8 About IGMP ........................9-9 Enabling IGMP.......................9-10 Controlling Access to IP Multicast Groups..............9-10 Changing the IGMP Version ..................9-10...
  • Page 23 Release 1.0 Enabling RIP Authentication ....................10-7 Configuring Interpacket Delay....................10-7 Configuring Timers ........................10-8 Example ......................10-8 Configuring a Passive Interface for RIP ...................10-9 Redistributing Routes into RIP ....................10-9 Assigning a Default Metric Value for Redistributed Routes ........10-11 Gathering RIP Information......................10-11 Configuring OSPF Overview ...........................11-1 Specifications .........................11-2 Enabling OSPF..........................
  • Page 24 BSR 2000 Configuration and Management Guide Release 1.0 Displaying Network Information ..............11-22 Displaying Neighboring Routers ..............11-23 Displaying Virtual Links ................11-24 Displaying OSPF Interface Information...............11-24 Displaying OSPF Memory Information ...............11-25 Displaying OSPF Database Information ..............11-26 Configuring BGP Overview ...........................12-1 About BGP ..........................12-2 BGP Peers........................12-4...
  • Page 25 Release 1.0 Enabling and Disabling Synchronization ..............12-26 Configuring BGP Administrative Weights..............12-28 Using a Route Map ..................12-30 Using an AS Path Access List................12-30 Adjusting BGP Timers ....................12-31 Setting the Administrative Distance for a Route............12-32 Disabling Route Summarization...................12-33 Configuring Aggregate Addresses ................12-35 Assigning an Interface to BGP Session................12-37 Configuring a Default Route ..................12-38 Configuring BGP Update Flows .....................12-40...
  • Page 26 BSR 2000 Configuration and Management Guide Release 1.0 Configuring VLAN Stacking on a Bridging Cable Modem...........13-9 Enabling VLAN Stacking through an Enhanced Bridge Mode TLV....13-9 Enabling VLAN Stacking through the CLI ...........13-10 Configuring VLAN Tagged Routing..................13-11 Configuring the External L2/L3 Switch..................13-12 Bridging Packet Sizes......................13-13...
  • Page 27: Preface

    BSR 2000 Configuration and Management Guide This document provides the instructions and procedures for configuring and managing the BSR 2000. BSR 2000 Installation Guide This document describes how to install the BSR 2000 HD product. 526360-001-00 Rev. B MGBI xxvii...
  • Page 28: Conventions

    BSR 2000 Configuration and Management Guide Release 1.0 BSR 2000 Release Notes These documents provide information about features not described or incorrectly documented in the main documentation set; known problems and anomalies; product limitations; and problem resolutions. BSR 2000 SNMP MIB Reference Guide This document describes the Simple Network Management Protocol (SNMP) MIBs;...
  • Page 29: Notes, Cautions, Warnings

    Release 1.0 Preface Convention Example Explanation This font indicates system output. screen display Wed May 6 17:01:03 2000 vertical bar | page {on | off} A vertical bar separates the choices when a parameter is required. The example indicates you can enter either command: page on or page off When entering the parameter, do not type the vertical bar or the brace brackets.
  • Page 30: If You Need Help

    Outside the U.S. +1-215-323-0044 Motorola Online http://businessonline.motorola.com The TRC is on call 24 hours a day, 7 days a week. In addition, Motorola Online offers a searchable solutions database, technical documentation, and low-priority issue creation and tracking. MGBI 526360-001-00 Rev. B...
  • Page 31: Introduction

    Introduction Overview The BSR 2000™ system gives broadband carriers a competitive edge for defining, deploying, and managing broadband services. Based on Data Over Cable Service Interface Specification (DOCSIS) and PacketCable standards, the BSR carrier-class solution allows Multiple System Operators (MSOs) to offer innovative differentiated data, voice, and multimedia services.
  • Page 32: Multiservice Support

    BSR 2000 Configuration and Management Guide Release 1.0 Centralized routing and distributed forwarding provide simple configuration, scalable performance, and low cost. Deployed in a distribution hub, the BSR provides an interchange point between the regional fiber network and the cable plant. In a regional headend, it interconnects the regional network with a backbone network and allows connectivity to local content servers and management systems.
  • Page 33: Using The Command Line Interface

    The CLI is used to perform basic management tasks and to configure protocols and physical layer interfaces for the BSR. For detailed information on CLI commands, refer to the BSR 2000 Command Reference Guide. This chapter discusses the following topics:...
  • Page 34: Using A Console Session To Access The Cli

    BSR 2000 Configuration and Management Guide Release 1.0 Using a Console Session to Access the CLI This section describes accessing the CLI by connecting a terminal or PC with terminal emulation software to the BSR’s console port. The BSR supports one CLI session through its console port.
  • Page 35: Using A Telnet Session To Access The Cli

    Release 1.0 Using the Command Line Interface Using a Telnet Session to Access the CLI This section describes accessing the CLI by establishing a telnet session to the BSR. Note: If an IP address has not been configured for the Ethernet interface and a password has not been configured for the BSR, you can not access the BSR through telnet.
  • Page 36: User Exec Mode

    BSR 2000 Configuration and Management Guide Release 1.0 • User EXEC Mode • Privileged EXEC Mode Configuration command line interface modes allow you to make changes to the BSR’s running configuration. The configuration modes are as follows: • Global Configuration Mode •...
  • Page 37: Privileged Exec Mode

    Release 1.0 Using the Command Line Interface Privileged EXEC Mode Privileged EXEC mode includes the commands in User EXEC mode, additional system configuration commands, and the configure command, which serves as a gateway to access the remaining command modes and high-level testing commands, such as debugging commands.
  • Page 38: Interface Configuration Mode

    BSR 2000 Configuration and Management Guide Release 1.0 Interface Configuration Mode Interface Configuration commands modify the operation of an interface, such as an Ethernet port, and allow you to enable features on a per-interface basis. Interface Configuration mode is available for cable, Ethernet, GigaEthernet, and loopback interface types.
  • Page 39: Ipsec Configuration Mode

    Release 1.0 Using the Command Line Interface To exit PacketCable Configuration mode and return to Global Configuration mode, enter the exit or end commands. To exit PacketCable Configuration mode and return to Privileged EXEC mode, press Ctrl-Z. IPSec Configuration Mode IPSec (IP Security) Configuration mode is used to configure a security policy that protects network traffic between two IPSec peers.
  • Page 40: Cable Spectrum Group Mode

    BSR 2000 Configuration and Management Guide Release 1.0 To exit Route-map Configuration mode and return to Global Configuration mode, enter the exit or end commands. To exit Route-map Configuration mode and return to Privileged EXEC mode, press Ctrl-Z. Cable Spectrum Group Mode The spectrum management system monitors the upstream signal integrity, and collects upstream spectrum information.
  • Page 41 Release 1.0 Using the Command Line Interface Table 2-2 Command Mode Access, Prompt, and Exit Details Mode Access Name Means Prompt Display Exit Means User EXEC Console or Telnet To exit the CLI, MOT> enter the logout or exit commands. To enter Privileged EXEC mode, enter the...
  • Page 42 BSR 2000 Configuration and Management Guide Release 1.0 Table 2-2 Command Mode Access, Prompt, and Exit Details Mode Access Name Means Prompt Display Exit Means Interface From Global To return to MOT(config-if)# Configuration Configuration Global mode, enter the Configuration interface mode, enter the command.
  • Page 43: Editing And Navigating With The Cli

    Release 1.0 Using the Command Line Interface Table 2-2 Command Mode Access, Prompt, and Exit Details Mode Access Name Means Prompt Display Exit Means PacketCable From Global To return to MOT(config-pktcable)# Configuration Configuration Global mode, enter the Configuration packet-cable mode, enter the command.
  • Page 44: Moving The Cursor On The Command Line

    BSR 2000 Configuration and Management Guide Release 1.0 Moving the Cursor on the Command Line Table 2-3 describes the key sequences to move the cursor on the command line to make corrections or changes, or scroll back to the beginning of the command line.
  • Page 45: Deleting Command Line Entries

    Release 1.0 Using the Command Line Interface Deleting Command Line Entries Table 2-4 describes the key sequences to delete command entries. Table 2-4 Deletion Keys Press ... Function Backspace key Erases the character to the left of the cursor. Ctrl-W Deletes the word to the left of the cursor.
  • Page 46: Disabling And Resetting Commands

    BSR 2000 Configuration and Management Guide Release 1.0 Disabling and Resetting Commands The no form of a command disables the command or resets the command to the default value. The command without the keyword no re-enables a disabled feature or enables a feature that is disabled by default.
  • Page 47: Using The Command History

    Release 1.0 Using the Command Line Interface WORD is the alias name for the command The alias is removed for the associated command. The show aliases command displays a list of all aliases: MOT# show aliases Alias Examples The following example creates an alias for the enable command, accessible from the Privileged EXEC mode.
  • Page 48: Disabling The Command History Feature

    BSR 2000 Configuration and Management Guide Release 1.0 Press Ctrl-P or the up arrow key - Use this action to recall commands, displaying the most recent command first. Repeat the key sequence to display successively older commands.The up arrow key displays the most recent commands on the current CLI command mode.
  • Page 49: Getting Help

    Release 1.0 Using the Command Line Interface If the <WORD> to be matched has more than one space character in a row, then the entire text string must be surrounded by quotation marks and any imbedded space characters in the string to be matched must be included as part of the <WORD>.
  • Page 51: Configuring The System

    This chapter describes the initial configuration procedures necessary to configure the BSR 2000™ system using its command line interface (CLI). For further information on the CLI commands described in this chapter, refer to the BSR 2000 Command Reference Guide. This chapter discusses the following topics:...
  • Page 52: Initial Configuration Tasks

    BSR 2000 Configuration and Management Guide Release 1.0 Initial Configuration Tasks This section describes the initial basic configuration tasks for configuring the BSR: Gathering Network Information Required Servers Accessing the CLI to Set System Passwords Specifying a Host Name Configuring User Login Accounts...
  • Page 53: Accessing The Cli To Set System Passwords

    Note: Make sure that the serial cable is connected properly and the terminal application is configured correctly. Refer to the BSR 2000 Installation Guide for more information. 1. Start your terminal or terminal application to connect to the BSR. Refer to...
  • Page 54: Setting System Passwords

    BSR 2000 Configuration and Management Guide Release 1.0 MOT>enable The Password prompt displays. 5. To enter Privileged EXEC mode, press the Enter key at the password prompt. The password is a null value by default. 6. Use the configure command to enter Global Configuration mode in order to set...
  • Page 55 Release 1.0 Configuring the System If you want to turn off the service password encryption feature so that passwords entered in the future are no longer encrypted, use the no service password-encryption command in Global Configuration mode: MOT(config)# no service password-encryption Note: The no service password-encryption command does not unencrypt passwords that are already encrypted.
  • Page 56: Specifying A Host Name

    BSR 2000 Configuration and Management Guide Release 1.0 5. The show running-config command displays configuration information currently running on the BSR. You have the option of displaying the entire running configuration or displaying specific configuration information. Use the show running-config command in Privileged EXEC mode to verify that the...
  • Page 57: Configuring User Login Accounts

    Release 1.0 Configuring the System MOT(config)# hostname <WORD> where: WORD is the new system network name. After you execute this command, the Command Line Interface (CLI) prompt changes to the new host name: newhostname(config)# Configuring User Login Accounts Define a unique system login account for each user requiring access to the command line interface.
  • Page 58: Defining A User Name Without A Password

    BSR 2000 Configuration and Management Guide Release 1.0 Table 3-1 User Login Account Parameters Parameter Description privilege Defines user account privileges. Read-only privileges allow a user access to the Privileged EXEC command line mode only. Read-write privileges allow a user access to all command...
  • Page 59: Defining A User Name With An Encrypted Password

    Release 1.0 Configuring the System Defining a User Name with an Encrypted Password Follow these steps to define a user account that is encrypted: 1. Use the username password command in Global Configuration mode to define a password for a user account that is encrypted: MOT (config)#username <WORD>...
  • Page 60: Defining A Group Access Level

    BSR 2000 Configuration and Management Guide Release 1.0 For example: MOT (config)#username newuser privilege rw Defining a Group Access Level To define a group access level for a user account, use the following command in Global Configuration mode: MOT (config)#username <WORD> user-group {isp <1-1> | mso | sysadmin}...
  • Page 61: Configuring Interfaces

    Release 1.0 Configuring the System no service password-encryption username root user-group sysadmin username root password 0 root username manuf user-group sysadmin username manuf password 0 river username diag user-group sysadmin username diag password 0 delta username ispuser user-group isp 1 username ispuser privilege rw username ispuser password 0 ispuser username msouser user-group mso...
  • Page 62 BSR 2000 Configuration and Management Guide Release 1.0 2. Enter the end command to return to Privileged EXEC mode to set the system clock and enter the clock set command: MOT #clock set <hh:mm:ss> <1-31> <MONTH> <2000-2035> where: hh:mm:ss is the hour, minute, and second in hh:mm:ss format.
  • Page 63: Controlling Telnet And Console Access

    Release 1.0 Configuring the System Controlling Telnet and Console Access Follow these steps to configure telnet and console access to the BSR: 1. The default time-out value for a telnet session is five minutes. Use the session-timeout telnet command in Global Configuration mode to configure the amount of time (retroactively) that telnet sessions can stay connected to the BSR: MOT(config)# session-timeout telnet <0-30>...
  • Page 64: Configuring Logging

    BSR 2000 Configuration and Management Guide Release 1.0 3. The default number of concurrent telnet sessions are 64. Use the telnet session-limit command in Global Configuration mode to specify a limit on the number of concurrent telnet sessions allowed to the BSR: Note: Setting the session-limit to "0"...
  • Page 65: Flash And Nvram Memory Management Guidelines

    Release 1.0 Configuring the System Restricting logging rates allows you to control the amount of logging traffic to eliminate any potential congestion on the network (refer to Restricting Logging Rates on page 3-17). EVT logging provides the ability to monitor internal system to allow additional informational granularity for diagnostics and troubleshooting (refer to Configuring EVT Logging on page 3-25).
  • Page 66: Setting Logging Control

    BSR 2000 Configuration and Management Guide Release 1.0 The Flash log file can be much larger than the docsDevEventTable and has a maximum size that is configurable with the logging buffered command. If the Flash log file’s maximum size is smaller than the equivalent of 100 log entries, then the docsDevEventTable would reflect the size of the Flash log file.
  • Page 67: Restricting Logging Rates

    Release 1.0 Configuring the System Table 3-3 CLI Logging Default Destination/Severity Levels trap disabled SYSLOG disabled Table 3-4 DOCSIS Logging Default Destination/Severity Levels Destination Default Severity Level console disabled log buffer (local) notice or higher trap notice, warning, error, critical SYSLOG notice, warning, error, critical Restricting Logging Rates...
  • Page 68 BSR 2000 Configuration and Management Guide Release 1.0 The following example indicates that the rate-limit on logged messages is 10 messages per second: MOT (config)#logging rate-limit 10 1s The logging admin-status command controls the rate of log messages with respect to the threshold, if any, specified with the logging rate-limit command.
  • Page 69: Creating A Loopback Interface For Source Syslog Ip Address

    Release 1.0 Configuring the System Creating a Loopback Interface for Source SYSLOG IP Address The logging source-interface loopback command allows an operator to control the source IP address of SYSLOG packets generated by the BSR by specifying a loopback interface as the source IP address for SYSLOG packets. The normal convention for generated SYSLOG packets is to set the source IP address equal to the IP address of the outgoing interface.
  • Page 70 BSR 2000 Configuration and Management Guide Release 1.0 A.B.C.D is the IP address of the SYSLOG server For example: MOT (config )# logging 10.10.10.53 2. Specify the logging facility with the logging facility command in Global Configuration mode: MOT (config )# logging facility {local0 | local1 | local2 | local3 | local4 | local5...
  • Page 71: Configuring Console Logging

    Release 1.0 Configuring the System The following example configure the SYSLOG server to log all messages from warnings (severity level 4) up to emergencies (severity level 0): MOT (config )# logging trap warnings MOT (config )# logging snmp-trap warnings 4. Enable logging with the logging on command. MOT (config )# logging on 5.
  • Page 72: Configuring The Logging Buffer

    BSR 2000 Configuration and Management Guide Release 1.0 3. Verify the console logging configuration with the show running-config command in all modes except User EXEC: MOT (config )# show running-config | inc logg Configuring the Logging Buffer Buffering is used to provide space on the BSR’s internal buffer or on the SYSLOG server for the latest log messages.
  • Page 73: Configuring Logging Reports

    Release 1.0 Configuring the System 4. Use the show log command in Privileged EXEC or Global Configuration mode to see messages logged in the internal buffer. The oldest message is displayed first. Clearing the Logging Buffer 1. Clear the logging buffer with the clear log command in all modes except User EXEC: MOT #clear log 2.
  • Page 74 BSR 2000 Configuration and Management Guide Release 1.0 local log all messages to local-nonvolatile memory (NVRAM) local-syslog log all messages to local NVRAM and the SYSLOG server local-trap log messages, excluding the specified trap level, to local NVRAM local-trap-syslog log messages, excluding the specified trap level, to local...
  • Page 75: Configuring Evt Logging

    Release 1.0 Configuring the System Configuring EVT Logging The EVT system is an enhancement to the BSR logging mechanism that provides the ability to monitor internal system events. This allows for additional granularity in monitoring system activity. As EVT monitored events occur, they can be logged in a similar manner as the existing BSR logging mechanism although the configuration procedure for EVT logging is different.
  • Page 76: Evt Logging Default Configurations

    BSR 2000 Configuration and Management Guide Release 1.0 This section describes how to configure EVT logging parameters. The tasks for configuring EVT logging include the following: Configuring EVT Logging Displaying EVT Counts Clearing EVT Counts Disabling EVT Logging Restoring EVT Default Logging Configurations EVT Logging Default Configurations Each individual EVT has a “logging flags”...
  • Page 77 One of the fifteen possible combinations of “l”, “t”, “s”, and “c”, appearing in that order, determine which of the four logging flag bits are set. slot is always 0 for the BSR 2000. group is an optional name of an EVT group.
  • Page 78: Displaying Evt Counts

    BSR 2000 Configuration and Management Guide Release 1.0 removes all previous logging evt set configurations. MOT (config)# no logging evt removes all previous logging evt set and logging evt clear configurations. Displaying the EVT Configuration Use the following commands to display EVT configuration information:...
  • Page 79: Restoring Evt Default Logging Configurations

    Release 1.0 Configuring the System Restoring EVT Default Logging Configurations The following no logging evt clear command options restore the EVT default logging configurations: MOT (config)# no logging evt clear [<slot:group>] [<range>] This command sequence removes the corresponding “logging evt clear” entry from the running configuration file and restores the default logging control for the EVT group.
  • Page 80: Disabling The Bpi Authorization Reject Message

    BSR 2000 Configuration and Management Guide Release 1.0 Disabling the BPI Authorization Reject Message Use the logging disable bpi_auth_reject_messages command in Global Configuration mode to disable the logging of extraneous "BPI authorization reject" DOCSIS error messages. The no logging disable bpi_auth_reject_messages enables the logging of this error message.
  • Page 81: Sending Messages To Bsr Users

    Release 1.0 Configuring the System logging facility local7 Sending Messages to BSR Users Use the following commands to send messages to BSR users: Use the broadcast command to broadcast a message to all connected users at any given moment, as shown in Privileged EXEC mode: MOT# broadcast <WORD>...
  • Page 82: Configuring Dhcp Relay

    BSR 2000 Configuration and Management Guide Release 1.0 Configuring UDP Broadcast Relay Configuring FTP Access Configuring a Loopback Interface for TFTP Packets Enabling the RADIUS Client on the BSR Configuring Secure Shell Server Security Configuring TACACS+ Configuring DHCP Relay This section describes how to configure the BSR to forward UDP broadcasts, including IP address requests, from Dynamic Host Configuration Protocol (DHCP) clients.
  • Page 83: Configuring Dns

    MOT# show running-config Configuring DNS Domain Name System (DNS) maps host names to IP addresses. For example, it allows you to reference the host motorola.com instead of having to remember that its IP address is 198.93.23.13. Configuring DNS involves the following tasks:...
  • Page 84: Configuring The Domain Name

    BSR 2000 Configuration and Management Guide Release 1.0 Configuring the Domain Name For each BSR, you should configure the name of the domain in which the BSR is located. This is the default domain name that is appended to host names that are not fully qualified.
  • Page 85: Configuring Sntp

    It then binds to the first server that replies. All subsequent transactions happen in unicast mode. For example: MOT (config)#sntp server 192.168.1.253 MOT (config)#sntp server sntpd.motorola.com 2. Authenticate SNTP time sources with the sntp authenticate command in Global Configuration mode. 526360-001-00 Rev. B...
  • Page 86 BSR 2000 Configuration and Management Guide Release 1.0 MOT (config)#sntp authenticate Note: If you configure the BSR to operate in authenticated mode, you must also configure an authentication key and a trusted key. 3. Configure an authentication a key for the trusted time source with the sntp authentication-key md5 command on Global Configuration mode.
  • Page 87: Configuring Udp Broadcast Relay

    Release 1.0 Configuring the System 7. To display information about SNTP, use the show sntp command in Privileged EXEC mode. MOT #show sntp 8. Verify that the information was entered correctly by displaying the running configuration. MOT# show running-config Configuring UDP Broadcast Relay Network hosts occasionally employ UDP broadcasts to determine address, configuration, and name information.
  • Page 88: Configuring Ftp Access

    BSR 2000 Configuration and Management Guide Release 1.0 You can forward the following protocols: For example: MOT (config)#ip forward-protocol udp 35 2. Enter the cable interface from Global Configuration mode. MOT (config)#interface cable <X/Y> where: X is 0. Y is the cable port number.
  • Page 89: Configuring A Loopback Interface For Tftp Packets

    Release 1.0 Configuring the System MOT (config)#ip ftp username <WORD> where: WORD is the FTP user name that is up to 31 characters. Use the no ip ftp username command to delete the entry. 2. To specify the FTP password to be used for the FTP connection, use the ip ftp password command in Global Configuration mode.
  • Page 90: Enabling The Radius Client On The Bsr

    BSR 2000. The BSR 2000 uses the RADIUS client to authenticate this RADIUS encrypted password with a remote RADIUS server. If the RADIUS server validates the password, the user gains access to the BSR 2000.
  • Page 91 Release 1.0 Configuring the System 0-65535 is the optionally defined UDP port for the RADIUS authentication server. The default port is 1812. cr is a command return that configures the RADIUS server host without a UDP port designation. 3. Use the radius-server key command in Global Configuration mode to define the shared encryption key that is exchanged between the RADIUS server and BSR RADIUS client: Note: It is recommended that the authentication key text string be more than...
  • Page 92: Configuring A Loopback Interface For Radius Packets

    Configuring RADIUS Client Access Before you configure RADIUS client access parameters, ensure that user password parameters are configured on the BSR 2000 and the RADIUS server. Refer to Accessing the CLI to Set System Passwords on page 3-3 for more information.
  • Page 93 Release 1.0 Configuring the System local-password allows password authentication by a locally configured password if there is no response from the RADIUS server. If the RADIUS client is not configured with the local-password command argument, access to the BSR is denied if there is no response from the RADIUS server. 2.
  • Page 94: Viewing Radius Client Statistics

    BSR 2000 Configuration and Management Guide Release 1.0 where: local-password allows password authentication by a locally configured password if there is no response from the RADIUS server. If the RADIUS client is not configured with the local-password command argument, access to the BSR is denied when there is no response from the RADIUS server.
  • Page 95: Enabling Ssh

    1. Host keys are required for the SSH Server and can either be generated in the BSR 2000 or generated on another BSR 2000 and copied into the BSR 2000. Use the ssh-keygen2 tool in Privileged EXEC mode to generate authentication key files...
  • Page 96: Managing Ssh Parameters

    BSR 2000 Configuration and Management Guide Release 1.0 3. Use the ssh enable command in Global Configuration mode to enable the SSH process: Note: The no ssh enable command disables the SSH process. If SSH is disabled, all existing SSH sessions will be terminated.
  • Page 97 Release 1.0 Configuring the System aes192-cbc is the AES with 192-bit keys. aes256-cbc is the AES with 256-bit keys. any attempts all possible Ciphers, none excluded. arcfour streams cipher with 128-bit keys. blowfish-cbc Blowfish in CBC mode, with 128-bit keys. cast128-cbc CAST cipher in cbc mode.
  • Page 98 BSR 2000 Configuration and Management Guide Release 1.0 The default time-out for an SSH session is 5 minutes. Use the ssh timeout command in Global Configuration mode to specify an inactivity timeout value for SSH sessions: Note: Specifying a value of "0" will disable time-out for SSH sessions.
  • Page 99: Viewing And Logging Out Ssh Sessions

    Release 1.0 Configuring the System Viewing and Logging out SSH Sessions Follow these steps to view and log out SSH sessions: 1. The show users ssh command displays information about active SSH sessions including the username, user group and privilege level, the IP address of the show users ssh command in originating host, and the session ID.
  • Page 100: Configuring Tacacs

    BSR 2000 Configuration and Management Guide Release 1.0 Table 3-5 describes the show ssh config command output field descriptions: Table 3-5 show ssh config Command Output Field Descriptions Output Field Description SSH2 Secure Shell The SSH version number. sshTaskId The task identifier for this SSH session.
  • Page 101: Configuring Tacacs+ Servers

    Release 1.0 Configuring the System Authentication is a service that determines who the user is and whether they are allowed access to the BSR. Authorization is a service that determines what tasks the user is allowed to do on the BSR. Accounting is a service that collects data related to resource usage.
  • Page 102 BSR 2000 Configuration and Management Guide Release 1.0 Specifying a Global Retry Count - A global retry count is the number of command authentication attempts that all TACACS+ clients make with all TACACS+ server before going to the next configured/available TACACS+ server.
  • Page 103 Release 1.0 Configuring the System timeout 1-1000 specifies a timeout value in seconds for this TACACS+ server. The default value is 10. Note: Specifying timeout or key parameters with the tacacs-server host command overrides any global values entered with the tacacs-server key, tacacs-server...
  • Page 104 BSR 2000 Configuration and Management Guide Release 1.0 tacacs-server retry <0-100> (config)# where: 0-100 specifies the number of connection attempts that TACACS+ client makes with TACACS+ server for authentication, authorization or accounting. The default value is 3. Specifying a Global Timeout Value...
  • Page 105: Enabling Aaa

    Release 1.0 Configuring the System Use the ip tacacs source-interface loopback command, in Global Configuration mode, to configure an Ethernet interface, as follows MOT(config)# ip tacacs source-interface loopback <1-64> where: 1-64 is the loopback interface number Enabling AAA AAA is a network security model that consists of a software framework that provides methods for authentication, authorization and accounting on the BSR.
  • Page 106: Configuring Aaa Authorization

    BSR 2000 Configuration and Management Guide Release 1.0 Configuring Administrative Authentication Configuring AAA administrative authentication determines if a user can access privilege level 15 (system administrator) on the BSR by establishing one or more authentication methods that are invoked when an attempt is made to access this privilege level.
  • Page 107: Configuring Aaa Accounting

    Release 1.0 Configuring the System Configuring Command Authorization Command authorization determines if a user is allowed to run commands at a specified privilege level. Use the aaa authorization commands default command, in Global Configuration mode, to configure command authorization, as follows: aaa authorization commands {exec | isp-ro | isp-rw | mso-ro | (config)# mso-rw | sysadmin} default {local | none | tacacs}...
  • Page 108 BSR 2000 Configuration and Management Guide Release 1.0 Configuring Terminal Session Accounting Configuring Command Use Accounting Configuring command use accounting provides resource usage data for commands used at a specified privilege level. Use the aaa accounting commands default command, in Global Configuration mode, to enable command use accounting, as...
  • Page 109: Displaying Tacacs+ Information

    Release 1.0 Configuring the System tacacs uses TACACS+ as the accounting method. Configuring Terminal Session Accounting Configuring terminal session accounting provides resource usage data for a specified terminal session. Use the aaa accounting exec default command, in Global Configuration mode, to enable privilege level authorization, as follows: #aaa accounting exec {none | start-stop | stop-only | wait-start} (config) default {local | none | tacacs}...
  • Page 110: Clearing Tacacs+ Statistics

    Upgrading BSR System Software Before You Download Software Follow these steps before downloading software to the BSR 2000: 1. Use the dir command in Privileged EXEC mode to ensure that you have enough memory space in Nonvolatile Random Access Memory (NVRAM) for the new...
  • Page 111 For example: MOT# delete nvram:image_file.bin ? [confirm] 4. In order to download files to the BSR 2000, you must properly configure your FTP or TFTP server and verify that your local FTP or TFTP server is running and configured properly by doing the following: Check for the correct file names and ensure that these files are located in the proper directory on the FTP or TFTP server.
  • Page 112: Downloading Image Files To Nvram

    WORD is the username configured on the FTP server 7. Ensure that the correct FTP password is configured on the BSR 2000 for communication with the FTP server. If the required FTP password is not displayed in the running configuration or is incorrect, use the ip ftp password command in Global Configuration mode as shown below: MOT(config)# ip ftp password <LINE>...
  • Page 113: Downloading Image Files To Flash Memory

    Release 1.0 Configuring the System 3. Enter the full path from the FTP root directory and the new application or boot image file name after the Source file name prompt and press the Enter key. Source file name [ ]? For example: Source file name [ ]? /pub/image_file.Z 4.
  • Page 114 FTP username and password are set correctly on the BSR 2000 using the ip ftp username and ip ftp password commands. If you are using TFTP to transfer the image files, a username and password are not necessary and the copy tftp: nvram: command can be substituted for the copy ftp: nvram: command.
  • Page 115: Upgrading Bsr System Software

    BSR system software (boot ROM, FPGA, and Application image, respectively) while the BSR is in operation. Caution: When upgrading and downgrading BSR 2000 boot ROM images and Application image, ensure that this is done through a console session only and only during a scheduled maintenance window.
  • Page 116: Upgrading The Boot Rom

    BSR 2000 Configuration and Management Guide Release 1.0 Upgrading the Boot ROM Use the boot-update command to upgrade the boot ROM as follows: MOT #boot-update <prefix> <string> where: <prefix> is the server IP addess <string> is the boot image name.
  • Page 117: Saving And Viewing Your Configuration

    Release 1.0 Configuring the System filename is the name of the operating image archive file, which contains the application image, boot image, and FPGA files from which to boot. For example: MOT#boot system NVRAM:image_file.Z Saving and Viewing Your Configuration Saving the current running configuration to nonvolatile random access memory (NVRAM) is done to prevent your current configuration from being lost the next time the BSR is rebooted.
  • Page 118: Displaying System Parameters

    BSR 2000 Configuration and Management Guide Release 1.0 exclude filters for output that excludes the specified string. include filters for output that includes the specified string. WORD is the specified string. The configuration parameters that you have set should appear in the show running-config command output.
  • Page 119 Release 1.0 Configuring the System All CPU accounting is approximate, there are 103 ticks per second NAME total % (ticks) delta % (ticks) -------- ------- ------------------ ------------------ tExcTask f7fc738 000.01%( 113) 000.00%( TaskMon 83544d8 000.00%( 000.00%( ctrlMon 8356ef8 000.00%( 000.00%( tWdbTask ad39c08 000.00%(...
  • Page 120 BSR 2000 Configuration and Management Guide Release 1.0 Use the show process command with the stack keyword in Privileged EXEC mode to display the size, current usage, and highest usage of each process stack: MOT# show process stack [procID | procName] where: procID is the task ID number in decimal or hexadecimal form.
  • Page 121 Release 1.0 Configuring the System MOT# show process cpu All CPU accounting is approximate, there are 503 ticks per second NAME total % (ticks) delta % (ticks) -------- ------- ------------------ ------------------ tExcTask fbfd9f8 000.00%( 000.00%( TaskMon eeaf558 000.00%( 000.00%( tShell eeea688 000.00%( 000.00%(...
  • Page 122: Displaying System Memory Information

    BSR 2000 Configuration and Management Guide Release 1.0 Use the show process semaphores command in Privileged EXEC mode display information about the Semaphore ID number on which process is waiting: MOT# show process semaphores Figure 3-4 displays an example of the show process semaphores command...
  • Page 123: Displaying The System Version Information

    Release 1.0 Configuring the System Figure 3-5 displays an example of the show memory information command output: FREE LIST: addr size --- ---------- ---------- 0x6ea6718 0x6ee8248 0x6ea67e0 0x6ee8d60 0x6ea6a10 0x6ea6960 Figure 3-5 show memory information Command Output Use the show memory command in Privileged EXEC mode to display the starting address where memory is dumped in hexadecimal notation: MOT# show memory <address>...
  • Page 124 BSR 2000 Configuration and Management Guide Release 1.0 Use the show version command in all modes except User EXEC mode to display specific BSR system software and hardware version information: MOT# show version [ | {begin | exclude | include} {<WORD>}] where: | turns on output modifiers (filters).
  • Page 125: Displaying System Buffer Information

    3-6 displays typical show version command output, which presents the BSR system version information: BSR 2000(tm) version 1.0.0P16.TRAU Copyright (c) 2005 by Motorola. Compiled Wed Oct 26 13:57:24 EDT 2005 MPC7447A processor with 512MB memory.
  • Page 126 BSR 2000 Configuration and Management Guide Release 1.0 Statistics for pool: network number of FREE mbufs: 37030 number of mbufs: 38272 number of times failed to find space: number of times waited for space: number of times drained protocols for space: 0...
  • Page 127: Displaying Hardware Information

    Displaying Hardware Information The show controllers command displays detailed hardware and configuration information for the BSR 2000. Use the show controllers cable command to display RF signal information, the type of CMTS hardware installed, FEC information for both corrected and...
  • Page 128 BSR 2000 Configuration and Management Guide Release 1.0 Figure 3-8 displays typical show controllers cable command output. Interface Cable 0/0 mac_part_id=3214, rev_id=A3 MAC regs base: BAR0=0x82000000, BAR1=0x82100000 Tx ring 0xB46CE00, Free head index: 506, Used head index: 506 Tx PD in use, MAC: 0, data: 0, passthrough 0...
  • Page 129 Release 1.0 Configuring the System Figure 3-9 displays typical controller information for the Ethernet interfaces on the BSR 2000: ethernet 0/0 is up, line protocol is up Hardware address is 00:30:b8:80:d9:31 Internet address is 192.168.110.2/24 MTU 1500 bytes, BW 100000 Kbits...
  • Page 131: Configuring Snmp

    Configuring SNMP Overview This chapter describes the commands used to configure SNMP for managing the BSR 64000 system and monitoring the network using its command line interface. For further information on the CLI commands described in this chapter, refer to the BSR Command Reference Guide.
  • Page 132 BSR 2000 Configuration and Management Guide Release 1.0 1. Enter Global Configuration mode. MOT #configure 2. Type snmp-server followed by the available SNMP command and its associated parameters that are listed in Table 4-1: Table 4-1 snmp-server Commands Command Description...
  • Page 133 Release 1.0 Configuring SNMP Table 4-1 snmp-server Commands (continued) Command Description Value Default snmp-server Set SNMP cmtsBPKMTrap docs-trap-control DOCSIS traps. configured cmtsBpiInitTrap cmtsDCCAckFailTrap cmtsDCCReqFailTrap cmtsDCCRspFailTrap cmtsDynServAckFailT ap cmtsDynServReqFailTrap cmtsDynServRspFailTrap cmtsDynamicSATrap cmtsInitRegAckFailTrap cmtsInitRegReqFailTrap cmtsInitRegRspFailTrap snmp-server enable Enable SNMP Traps, informs, or traps, informs, or coexistence configured...
  • Page 134 BSR 2000 Configuration and Management Guide Release 1.0 Table 4-1 snmp-server Commands (continued) Command Description Value Default snmp-server notify Configure the 1. Specify the first RowStatus {<octet-string>} notification table. octet-string, which is active. {<octet-string>} [inform | specifies the notification trap] [nonvolatile | name.
  • Page 135 Release 1.0 Configuring SNMP Table 4-1 snmp-server Commands (continued) Command Description Value Default snmp-server notify-filter Configure 1. Specify the first {<octet-string>} {<OID>} snmpNotifyFilter octet-string, which configured. {<octet-string> [included | table. specifies the excluded] [nonvolatile | snmpNotifyFilter table volatile] [active | profile name (index #1).
  • Page 136 BSR 2000 Configuration and Management Guide Release 1.0 Table 4-1 snmp-server Commands (continued) Command Description Value Default snmp-server notify-filter Configures the 1. Specify the profile {<OID>} snmpNotifyFilter snmpNotifyFilter configured. {<octet-string> [included | subtree profile. subtree (index #2) OID, excluded] [nonvolatile |...
  • Page 137 Release 1.0 Configuring SNMP Table 4-1 snmp-server Commands (continued) Command Description Value Default snmp-server shutdown Shuts down the Disabled SNMP Agent, thus preventing it from processing incoming SNMP packets, but retains all SNMP configuration data in the event the agent is restarted.
  • Page 138: Configuring Snmp Informs And Traps

    BSR 2000 Configuration and Management Guide Release 1.0 Configuring SNMP Informs and Traps SNMP traps and informs are disabled by default. SNMP traps are generated according to standard and enterprise MIB specifications. The SNMP Agent maintains a configuration of IP hosts to which traps are sent. This section provides information...
  • Page 139: Configuring A Trap Destination

    These tables can also be manipulated directly through the CLI. Refer to the BSR 2000 Command Reference Guide for detailed descriptions of the associated CLI commands. Note: Before to using the...
  • Page 140: Specifying Specific Trap Types

    BSR 2000 Configuration and Management Guide Release 1.0 traps indicates enable SNMP traps. informs indicates enable SNMP informs. WORD is the SNMPv1/v2c community string or SNMPv3 user name. version indicates the version of notifications. If no version keyword is specified, the default is version 1.
  • Page 141: Specifying Snmp Trap Versions

    Release 1.0 Configuring SNMP A.B.C.D is the IP address of the host WORD is the SNMPv1/v2c community string or SNMPv3 user name. udp-port 0-65535 is the UDP port number. bgp specifies BGP state change traps. docsdevcmts specifies DOCSIS device CMTS traps. entity specifies entity state change traps.
  • Page 142: Enabling Informs

    BSR 2000 Configuration and Management Guide Release 1.0 Enabling Informs Use the snmp-server enable informs command in Global configuration mode to enable SNMP Informs: MOT (config)#snmp-server enable informs To disable informs, use the no snmp-server enable informs command. Note: For SNMP informs to be sent, you must also SNMP enable traps with the snmp-server enable traps command even if there are no hosts to which you are actually sending traps.
  • Page 143: Enabling Cmts Traps

    Release 1.0 Configuring SNMP ospf enables OSPF state change traps. pim enables PIM state change traps. registration enables CM (de)registration traps snmp enables SNMP state change traps. Enabling CMTS Traps CMTS traps are enabled with the snmp-server docs-trap-control command in Global Configuration mode, as follows: MOT (config)#snmp-server docs-trap-control {cmtsBPKMTrap | cmtsBpiInitTrap | cmtsDCCAckFailTrap | cmtsDCCReqFailTrap |...
  • Page 144: Restricting Trap Rates

    BSR 2000 Configuration and Management Guide Release 1.0 Table 4-2 CMTS Trap Definitions CMTS Trap Name Definition the failure of a dynamic service acknowledgement cmtsDynServAckFailTrap that happened during the dynamic services process and detected on the CMTS side the failure of a dynamic service request that...
  • Page 145: Disabling Traps

    Release 1.0 Configuring SNMP where: 0-2147483647 is the number of SNMP traps. 0-2147483647 is the number of seconds during which the specified number of trap messages are logged. The following example sets a limit of 100 traps per second. MOT (config)#snmp-server trap rate-limit 100 1 To restrict the rate of SNMP traps in DOCSIS logging control mode, use the logging rate-limit command in Global configuration mode: MOT (config)#logging rate-limit <0-2147483647>...
  • Page 146: Configuring A Loopback Interface For An Snmp Trap Source

    Global Configuration mode, as follows: MOT (config)#logging snmp-trap emergencies Refer to the BSR 2000 Command Reference Guide for detailed descriptions of these CLI commands. Configuring a Loopback Interface for an SNMP Trap Source The snmp-server trap-source loopback command allows an operator to control the source IP address of SNMP traps generated by the BSR by specifying a loopback interface as the source IP address for SNMP traps.
  • Page 147 Release 1.0 Configuring SNMP logging admin-status unconstrained logging snmp-trap warnings snmp-server community public rw snmp-server enable traps snmp-server host 150.31.1.180 traps version 1 public Example #2 SNMPv3 traps in proprietary logging control mode no logging control docsis logging admin-status maintainBelowThreshold logging snmp-trap warnings snmp-server engineid local 80001375030030b8022d0000 snmp-server user myuser eng-id 80001375030030b8022d0000...
  • Page 148 BSR 2000 Configuration and Management Guide Release 1.0 snmp-server host 150.21.2.61 traps version 3 noauth myuser udp-port 1500 snmp-server trap rate-limit 100 1 Example #3 SNMPv3 informs in DOCSIS logging control mode logging control docsis logging admin-status maintainBelowThreshold logging rate-limit 20 60 snmp-server engineid remote 150.31.1.180 udp-port 1596 8000052301961f01b4...
  • Page 149: Disabling Snmp

    Release 1.0 Configuring SNMP snmp-server target-addr 0x01 150.31.1.190 udp-port 162 1500 3 myusertrap MYPARAM NULL 1400 nonvolatile active snmp-server target-params MYPARAM 3 3 myusertrap noauthnopriv nonvolatile active Disabling SNMP If you must disable the SNMP, use the snmp-server shutdown command in Global Configuration mode: MOT (config)#snmp-server shutdown Configuring SNMPv3...
  • Page 150 BSR 2000 Configuration and Management Guide Release 1.0 Local SNMP engine-ID: 0030b8008300000000000000 Note: The local SNMP Engine-ID is configured as b80042005959000000000000. If the agent is not running, you can enable it by entering any SNMP command in Global Configuration mode, such as defining a community string using the snmp-server community public command.
  • Page 151 Release 1.0 Configuring SNMP auth indicates the user authentication parameter. sha indicates the HMAC-SHA algorithm for authentication. md5 indicates the HMAC-MD5 algorithm for authentication. key <string> is the standard key. local <string> is the localized authentication key for user. password <string> is the assigned password; valid size is up to 64 characters.
  • Page 152 BSR 2000 Configuration and Management Guide Release 1.0 group-name is the name of the SNMP Group. mib-view-name is the name of the MIB view for the type of process. notify specifies a notify view for this access group. read specifies a read view for this access group.
  • Page 153 The example below uses the commands described above to specify sha_user as the user, sha as the authentication algorithm, and motorola as the password. It assigns the user to an SNMP Group auth_g and specifies that this user and group combination applies for SNMPv3 only.
  • Page 154: Configuring Snmp Server Identification

    BSR 2000 Configuration and Management Guide Release 1.0 Configuring SNMP Server Identification Configuring the following parameters provides unique network identification for the SNMP Agent: Contact person System location Engine identifier Configuring System Contact Information Establish a system contact string using the snmp-server contact command in Global Configuration mode: MOT (config)#snmp-server contact <text>...
  • Page 155: Configuring Snmp Access Levels

    Release 1.0 Configuring SNMP Note: Upon shipment, the agent has a default engineID that is equal to the chassis MAC address. where: engine-id is the local or remote SNMP Engine engineID. ip-address is the remote SNMP Engine IP address. port-num is the optional UDP port number. 2.
  • Page 156: Defining A Community Name

    BSR 2000 Configuration and Management Guide Release 1.0 Figure 4-1 provides an overview of the SNMP access level configuration process and the SNMP version (v1, v2c, or v3) that supports each snmp-server command. Defining a Community Name The community name access method, used predominantly with SNMPv1 and...
  • Page 157 Release 1.0 Configuring SNMP snmp-server user user-name snmp-server community community-name Create Create Community User Model Name snmp-server group group-name user user-name snmp-server view view-name Create Create Associate Group User View Model Model snmp-server access group-name view-name snmp-server community community-name view-name Associate Associate MIB View...
  • Page 158: Configuring Usm And Vacm Security

    BSR 2000 Configuration and Management Guide Release 1.0 2. Use the no snmp-server community command to remove the specified community string. Caution: Using only a community name to establish SNMP access levels is The community string is not a completely secure access control method.
  • Page 159: Configuring A Group Model

    Release 1.0 Configuring SNMP 1. To configure a new SNMP User, use the snmp-server user command in Global Configuration mode. MOT (config)#snmp-server user <username> [auth {sha | md5} {password <password> | key <key> | local <localized_key>} [priv des56 {password <password> | key <key> | local <localized_key>}] [eng-id <engine-id>]] where: username is the new SNMP User.
  • Page 160: Configuring A Mib View

    BSR 2000 Configuration and Management Guide Release 1.0 Configuring a MIB View You can assign MIB views to SNMP Groups or community strings to limit the MIB objects that an SNMP manager can access. You can use a predefined view or create your own view.
  • Page 161: Associating Groups To Mib Views

    Release 1.0 Configuring SNMP Associating Groups to MIB Views You can associate an SNMP Group to specific SNMP MIB views. This restricts access to the MIB objects defined in the view to the SNMP Group, limiting which MIB objects an SNMP manager can access. Use the snmp-server access command in Global Configuration mode to map SNMP Groups to SNMP MIB views.
  • Page 162: Configuring Packet Size

    BSR 2000 Configuration and Management Guide Release 1.0 Example The following example shows how to create a context to be used to further restrict access: (config)#snmp-server context mycontext Configuring Packet Size 1. Use the snmp-server packetsize command in Global Configuration mode to...
  • Page 163 Release 1.0 Configuring SNMP Table 4-3 show snmp Commands Command Description show snmp context Displays SNMP v3 context information. show snmp description Displays SNMP system description. show snmp engineID Displays local and remote engineIDs. show snmp group Display the names of the SNMP Groups, security names, security models, status of the different views, and storage type for each group.
  • Page 165: Configuring Interfaces And Tcp/Ip Features

    Configuring Interfaces and TCP/IP Features Overview This chapter describes how to configure the various interfaces on the BSR and the Transmission Control Protocol/Internet Protocol (TCP/IP) features for the BSR 2000™ system. This chapter discusses the following topics: About TCP/IP Level Features Setting IP Interface Addresses Configuring a Loopback Interface Adding a Permanent ARP Entry and Timeout Value...
  • Page 166: About Tcp/Ip Level Features

    BSR 2000 Configuration and Management Guide Release 1.0 Tracing a Route Managing the Router Gathering TCP/IP Related Information About TCP/IP Level Features IP provides basic packet delivery service for all TCP/IP networks. The connection-oriented TCP exchanges control information with a remote device to verify that the device is ready to receive data before it is sent.
  • Page 167 T1/E1 BITS Redundancy Port clock . The other, labeled RED, is a 10/100 Base-T Ethernet port for interconnectivity to another BSR 2000 for future redundancy implementation. cable DOCSIS 1:4 Ports CMTS that provides 1 downstream channel and 4 upstream channels.
  • Page 168 BSR 2000 Configuration and Management Guide Release 1.0 MOT(config)# interface [ethernet | gigaether | cable] {<X/Y>} where: ethernet is any 10/100 Ethernet interface. gigaether is the Gigabit Ethernet interface cable is any DOCSIS interface. X is 0. Y is the port number.
  • Page 169 Release 1.0 Configuring Interfaces and TCP/IP Features A.B.C.D is the IP address of the BSR interface designated for the loopback interface. A.B.C.D is the subnetwork mask of the IP network, on which the interface is associated. secondary optionally designates the IP address as a secondary IP address. Include the keyword secondary after the IP address and subnet mask to specify additional secondary IP addresses.
  • Page 170: Removing An Ip Address

    BSR 2000 Configuration and Management Guide Release 1.0 MOT(config-if)# show ip interface [ brief | ethernet<X/Y> | gigaether <X/ Y> | cable <X/Y>] where: brief displays summary information. ethernet is any 10 or 10/100 Ethernet interface. gigaether is the Gigabit Ethernet interface cable is any DOCSIS interface.
  • Page 171: Configuring Auto-Negotiation On The 10/100 Ethernet Module

    Release 1.0 Configuring Interfaces and TCP/IP Features MOT(config-if)# no ip address Note: The primary IP address can be removed only after all of the secondary subnet addresses associated with the interface have been removed. Configuring Auto-Negotiation on the 10/100 Ethernet Module The Ethernet interface on the 10/100 Ethernet module can be configured for the Ethernet port speed (10 or 100), duplex mode (full or half), and to enable/disable auto-negotiation:...
  • Page 172: Configuring A Loopback Interface

    BSR 2000 Configuration and Management Guide Release 1.0 Use the duplex half command in Interface Configuration mode to manually set the duplex mode for half-duplex so that the Ethernet interface can either send or receive signals, but cannot do both at the same time:...
  • Page 173 Release 1.0 Configuring Interfaces and TCP/IP Features Loopback interfaces are used for the following reasons: Collect accurate service-related information through an SNMP manager about active or down interfaces on the BSR. Indirectly access an outbound physical interface that cannot be directly accessed. When the designated router election process occurs in OSPF, the designated router choice can be forced by assigning a higher IP address for the loopback address.
  • Page 174: Adding A Permanent Arp Entry And Timeout Value

    BSR 2000 Configuration and Management Guide Release 1.0 A.B.C.D is the secondary IP address of the BSR interface. A.B.C.D is the subnetwork mask of the IP network, on which the interface is associated. secondary optionally designates the IP address as a secondary IP address.
  • Page 175: Reverse Arp

    Release 1.0 Configuring Interfaces and TCP/IP Features A.B.C.D is the IP address of the ARP entry, specified in dotted-decimal notation. H.H.H is a 48-bit hardware MAC address of the ARP entry. arpa is the Advanced Research Projects Agency (ARPA) packet encapsulation type.
  • Page 176: Address Resolution Using Proxy Arp

    BSR 2000 Configuration and Management Guide Release 1.0 Address Resolution Using Proxy ARP The router uses proxy ARP, as defined in RFC 1027, to help hosts with no knowledge of routing determine the hardware addresses of hosts on the same or other networks or subnets.
  • Page 177: Configuring The Mtu

    Release 1.0 Configuring Interfaces and TCP/IP Features where: A.B.C.D is the broadcast IP address. Configuring the MTU Fragmentation occurs when an IP datagram is too large for a network maximum transmission unit (MTU) size, and the large datagram is divided into several smaller pieces for transmission.
  • Page 178: Clearing Route Table Entries

    BSR 2000 Configuration and Management Guide Release 1.0 where: A.B.C.D is the static route destination IP address. A.B.C.D is the static route destination IP address mask. A.B.C.D is the forwarding router’s IP address. null 0-0 is null interface and port.
  • Page 179: Configuring The Internet Control Message Protocol

    Release 1.0 Configuring Interfaces and TCP/IP Features MOT (config-if)#clear ip route {* | <A.B.C.D> | <A.B.C.D> <A.B.C.D>} where: * is the asterisk character that clears all routes in the routing table. A.B.C.D is the IP address of the route. A.B.C.D is the subnet mask of the IP address. Configuring the Internet Control Message Protocol The Internet Control Message Protocol (ICMP) allows a router or destination host to report errors in data traffic processing to the original packet source.
  • Page 180: Enabling Irdp

    BSR 2000 Configuration and Management Guide Release 1.0 Enabling IRDP Use the following procedure to configure IRDP.: Note: IRDP is not available on a CMTS interface. 1. Use the ip irdp command in Interface Configuration mode to enable IRDP: MOT (config-if)#ip irdp 2.
  • Page 181: Enabling Icmp

    Release 1.0 Configuring Interfaces and TCP/IP Features The default duration for an IRDP advertisement is 1800 seconds. Use the ip irdp holdtime command in Interface Configuration mode to change the duration of IRDP advertisement ages: MOT (config-if)#ip irdp holdtime {<1-9000>} where: 1-9000 is the hold-time in seconds that advertisements are kept valid.
  • Page 182: Tracing A Route

    BSR 2000 Configuration and Management Guide Release 1.0 3. You can send ICMP echo request packets to a specified address. You can set an optional packet count for a destination. Use the ping command from Privileged EXEC mode to do this: MOT #ping [<hostname>...
  • Page 183: Managing The Router

    Release 1.0 Configuring Interfaces and TCP/IP Features Managing the Router Follow these sections to manage routing operations on the BSR: Enabling IP Source Routing Clearing Interface Counters Clearing IP Routes Clearing the ARP Cache Clearing IP Traffic Clearing DNS Entries Enabling IP Source Routing The BSR examines IP header options on every packet.
  • Page 184: Clearing Ip Routes

    BSR 2000 Configuration and Management Guide Release 1.0 loopback clears the loopback interface counters. 1-64 is the loopback interface number. gigaether clears the Gigabit Ethernet interface counters. X is 0. Y identifies the port number. Clearing IP Routes Use the clear ip route command in Privileged EXEC mode to clear one or more IP routes from the IP routing table: MOT #clear ip route {* | <A.B.C.D>...
  • Page 185: Gathering Tcp/Ip Related Information

    Release 1.0 Configuring Interfaces and TCP/IP Features where: Hostname deletes a specific DNS host entry. * deletes all DNS host entries. Gathering TCP/IP Related Information Follow these steps to view IP information: 1. Use the show ip arp command to display ARP table information: MOT #show ip arp [<A.B.C.D>] [<Hostname>] [<H.H.H>] [cable <X/Y>...
  • Page 186 BSR 2000 Configuration and Management Guide Release 1.0 3. Use the show ip route command to display the routing table status. You can specify an optional IP mask that filters specific routes. You can enter this command from any mode.
  • Page 187: Configuring The Cmts

    The following sections contain the tasks used to configure and manage your cable network: Initial Cable Interface Configuration Tasks Configuring a DOCSIS 2.0 Upstream Logical Channel Using the RF Sentry on the BSR 2000 Post Equalization on the BSR 2000 Configuring a Downstream Channel Configuring an Upstream Channel...
  • Page 188: Initial Cable Interface Configuration Tasks

    BSR 2000 Configuration and Management Guide Release 1.0 Using Flap Lists Managing Multicast Maps Pinging a Cable Modem at the MAC Layer Resetting the Cable Modem Clearing Cable Modem Counters Clearing Cable Interface Counters Configuring Static Upstream Load Balancing Gathering DOCSIS Network Information...
  • Page 189 Release 1.0 Configuring the CMTS The ip dhcp relay information command enables the BSR's DHCP relay agent to insert the Spectrum Group Name that DHCP client belongs to and/or inserts the MAC address of the DHCP client and the DOCSIS Device Class Identifier into outbound requests to the DHCP server.
  • Page 190: Dhcp Rate Limiting

    BSR 2000 Configuration and Management Guide Release 1.0 3. Use the ip dhcp relay information option command in Interface Configuration mode to enable the DHCP relay agent to insert a MAC address (Agent Remote ID) only into a client’s DHCP packet: Note: The ip dhcp relay information option command must be entered to enable the DHCP relay information option function.
  • Page 191 Release 1.0 Configuring the CMTS 1. Use the dhcp throttle on command, in Cable Interface Configuration mode, to enable DHCP Rate Limiting for all CM or CPEs, as follows: MOT (config-if)#dhcp throttle {cm | cpe} on where: cm enables DHCP rate limiting for all CMs. cpe enables DHCP rate limiting for all CPEs.
  • Page 192: Configuring The Cable Helper And Ip Helper Addresses

    BSR 2000 Configuration and Management Guide Release 1.0 cm disables DHCP rate limiting for all CMs. cpe disables DHCP rate limiting for all CPEs. Configuring the Cable Helper and IP Helper Addresses The cable helper IP address function disassembles a CM DHCP broadcast packet, and reassembles it into a unicast packet so that the packet can traverse the router and communicate with the DHCP server.
  • Page 193: Configuring Multiple Isps

    Release 1.0 Configuring the CMTS 3. Optionally use the cable helper-address mta command in Interface Configuration mode to configure a secondary helper IP address for the Multimedia Terminal Adapter (MTA) device to forward only UDP broadcasts: MOT(config-if)# cable helper-address <A.B.C.D> mta where: A.B.C.D is the destination DHCP server IP address.
  • Page 194: Enabling A Vci On A Cable Interface

    BSR 2000 Configuration and Management Guide Release 1.0 The host and mta VCI options are used to configure a CPE host or MTA gateway IP address (giaddr) for the cable interface. During the DHCP process, the DHCP relay agent requests an IP address in a particular subnet by inserting the cable interface giaddr into the DHCP requests from CMs, hosts, and MTAs.
  • Page 195: Selecting A Specific Isp

    Release 1.0 Configuring the CMTS mta optionally defines this secondary IP MTA address as the giaddr to be inserted into MTA DHCP requests. Note: The BSR supports 128 secondary IP subnets per cable bundle. The maximum number of IP subnets that can be configured on the BSR chassis is 1024.
  • Page 196 BSR 2000 Configuration and Management Guide Release 1.0 11. The CPE sends a DHCP request to the cable helper-address that has been defined for all CPEs that are connected to a CM with IP address assignment in the isp-bind sub network. The giaddr is set to the giaddr of the secondary IP address that has been defined for all CPEs that are connected to a CM with an IP address in the isp-bind network.
  • Page 197 Release 1.0 Configuring the CMTS A.B.C.D is the IP address. A.B.C.D is the subnetwork IP address mask. secondary specifies that the secondary IP address is a secondary IP address for CM DHCP requests. isp-bind A.B.C.D specifies the secondary IP subnet that this secondary IP address is bound to.
  • Page 198: Enabling Host Authorization For All Cms

    BSR 2000 Configuration and Management Guide Release 1.0 Enabling Host Authorization for All CMs The host authorization feature is used for security purposes on the cable network. When enabled, host authorization denies access to any hacker who tries to take or “spoof”...
  • Page 199: Deleting A Static Host Authorization Entry For A Specific Cm

    Release 1.0 Configuring the CMTS 2. Use the host authorization cpe command in Interface Configuration mode to create a static entry for a specific CM and CPE in Privileged EXEC mode: MOT(config-if)# host authorization {<mac> cpe <mac> <prefix>} where: mac is the MAC address of the cable modem. mac is the MAC address of the CPE.
  • Page 200: Enabling Host Authorization For An Ip Range Of Cpes

    BSR 2000 Configuration and Management Guide Release 1.0 Enabling Host Authorization for an IP Range of CPEs Instead of adding individual static CPEs on a specific cable interface using the cable host authorization cpe command, CPEs can be added automatically to the network by specifying a start and end range of IP addresses.
  • Page 201: Displaying Host Authorization Information

    Release 1.0 Configuring the CMTS Displaying Host Authorization Information Use the following show command options to view host authorization information in all modes except UserEXEC mode: If you want to view a summary of ARP authorization table information, issue the show host authorization cpe leased command: MOT# show host authorization summary Figure 6-1...
  • Page 202: Using Dhcp Lease Query Function To Secure The Cable Network

    BSR 2000 Configuration and Management Guide Release 1.0 Figure 6-2 displays typical show host authorization command output: Device Type State Seconds Modem MAC Addr Host IP Addr Modem Ack-TD-TF 600 0090.833d.bbcf 7.1.1.17 Modem Ack-TD-TF 600 000b.0696.4730 7.1.1.18 Modem Ack-TD-TF 600 000b.0626.3bf0...
  • Page 203 Release 1.0 Configuring the CMTS If the DHCP Lease Query attempt fails, packets associated with the CM and its CPE are discarded. The BSR sends DHCPLEASEQUERY messages to the specified DHCP server and accepts DHCPACTIVE, DHCPKNOWN and DHCPUNKNOWN replies from the DHCP server. The DHCP lease query function requires that the DHCP Server is configured with the following values for the different DHCP message types: DHCP Lease Query (13)
  • Page 204: Setting Arp Parameters

    BSR 2000 Configuration and Management Guide Release 1.0 When the cable interface learns about the DHCP lease through a DHCPLEASEQUERY exchange. When the CM or CPE can continue passing data. Follow these steps to enable the DHCP lease query feature: 1.
  • Page 205: Configuring A Docsis 2.0 Upstream Logical Channel

    Release 1.0 Configuring the CMTS 2. Use the arp command in Interface configuration mode to specify the type of ARP packet that is used on the BSR 2000: MOT (config-if)# arp [arpa | snap] where: arpa is entered for the standard ARP protocol.
  • Page 206: Logical Channels

    Logical Channels For DOCSIS 1.0 and 1.1, a single channel was associated with each single physical port on a BSR 2000. DOCSIS 2.0 introduces the ability to have logical upstream channels on each single physical port. Logical channels allow accommodation of DOCSIS 1.0 and 1.1 (legacy) cable modems in a DOCSIS 2.0 environment.
  • Page 207: Docsis 2.0 Only Channel Types

    Release 1.0 Configuring the CMTS DOCSIS 2.0 Only Channel Types The DOCSIS 2.0 only channel types, A-TDMA and S-CDMA, greatly enhance upstream channel capacity, as shown in Table 6-2: Table 6-2 Features of DOCSIS 2.0 Logical Channel Types DOCSIS 2.0 Channel Type Features A-TDMA A-TDMA features include:...
  • Page 208: Obtaining Detailed Docsis 2.0 Information

    DOCSIS 2.0 and the BSR 2000 The ability to configure the BSR 2000 successfully for operation in a DOCSIS 2.0 environment is dependent upon the BSR 2000 hardware configuration, your awareness of limitations imposed by the DOCSIS 2.0 specification itself, and the software characteristics of the Motorola implementation of DOCSIS 2.0.
  • Page 209: Bsr 2000 Software Support For Docsis 2.0

    A-TDMA, MTDMA, TDMA BSR 2000 Software Support for DOCSIS 2.0 DOCSIS 2.0 is supported by BSR 2000 Release 1.0 and later as follows: The default channel type for all Primary (or Standby) DOCSIS 2.0 2:8 CMTS Module logical channels is TDMA.
  • Page 210: Docsis 2.0 Logical Channel Configuration Task Summary

    BSR 2000 Configuration and Management Guide Release 1.0 The Motorola implementation of DOCSIS 2.0 offers 128QAM and 256QAM in addition to those specified in the CableLabs DOCSIS 1.0, 1.1, and 2.0 specifications. Note: Only the Primary (and Standby) 2:8 DOCSIS 2.0 CMTS Module supports the configuration of logical channels.
  • Page 211 Release 1.0 Configuring the CMTS X is 0. Y is the MAC Domain. 2. Use the cable upstream channel-type command in Cable Interface Configuration mode to configure an upstream channel type, as shown below: MOT(config-if)#cable upstream {<NUM> | <X/Y>} channel-type {tdma | atdma | mtdma | scdma} where: NUM is the upstream port number and default channel number 0.
  • Page 212 BSR 2000 Configuration and Management Guide Release 1.0 The following is screen output from the show interfaces cable configuration command which displays the channel type configuration. In this example, four logical channels with an MTDMA channel type have been configured on upstream port 0.
  • Page 213: Configuring Spectrum Power Density Maintenance For A Logical Channel

    Release 1.0 Configuring the CMTS Configuring Spectrum Power Density Maintenance for a Logical Channel The Maintain Power Spectral Density feature can be enabled for each logical channel. If Maintain Power Spectral Density is enabled and the modulation rate is different from the previous UCD, the cable modem must change its transmit power level to keep the power spectral density as close as possible to what it was prior to the modulation rate change.
  • Page 214: Configuring S-Cdma Active Codes

    BSR 2000 Configuration and Management Guide Release 1.0 The existing time stamp mechanism is not sufficient for synchronizing these new frames so an additional level of synchronization is added called a timestamp snapshot. This information contains the frame number, mini-slot number, and time stamp.
  • Page 215: Configuring The S-Cdma Hopping Seed

    Release 1.0 Configuring the CMTS X/Y is the upstream port and logical channel number (0-3). 2-32 is the number of codes allowed per minislot. Configuring the S-CDMA Hopping Seed Use the cable upstream hopping-seed command, in Cable Interface Configuration mode, to specify the 15 bit S-CDMA hopping seed value used for the code hopping sequence initialization, as shown below: MOT(config-if)#cable upstream <X/Y>...
  • Page 216 BSR 2000 Config