Comtrend TR-069 AutoConfiguration Server

Comtrend 2007

TR-069 Specifications

What is TR-069

CPE WAN Management Protocol: A protocol for communication between a CPE and Auto-Configuration Server (ACS) that encompasses secure auto-configuration as well as other CPE management functions within a common framework. TR-069 Amendment 1

http://www.dslforum.org/techwork/tr/TR069%20Amendment%201.pdf

Diagram from DSL Forum specifications

Diagram from DSL Forum specifications

CPE Assumptions

All CPE regardless of type must obtain an IP address in order to communicate with an ACS. A CPE can interact with a single ACS at a time. At any time, a CPE is aware of exactly one ACS with which it can connect. A collection of ACS behind a load balancer is considered a single ACS.

What is ACS

Auto-Configuration Server: This is a component in the broadband network responsible for auto-configuration of the CPE for advanced services.

ACS Capabilities

1. Auto-configuration provisioning: ACS can set CPEs parameter values. For example: WAN, LAN, DHCP, NAT, Virtual Servers, IP Filtering, MAC Filtering, Parental Control, Routing, Static Routes (Layer 3 forwarding), DNS, Print Server, Port Mapping (Layer 2 Bridging), Wireless, VoIP, System Log, NTP, Access Control, etc.

ACS Capabilities

2. Firmware image management: ACS asks CPE to download firmware image file and configuration file. CPE will inform the ACS of the completion either successful or unsuccessful of the file transfer.

ACS Capabilities

3. Status and performance monitoring: ACS collects CPEs information by getting CPEs parameter values. ISP or ITSP can use the collected information to monitor the CPEs status and performance statistics.

ACS Capabilities

4. Diagnostics: ACS asks CPE to execute IP Ping test, WAN DSL Diagnostics, and WAN ATM F5 Loopback Diagnostics. CPE will report the diagnostic results to the ACS.

Security Mechanisms

1. HTTPS and Certificate Authentication: TR-069 supports the use of SSL/TLS for communications transport between CPE and ACS. This provides transaction confidentiality, data integrity, and allows certificate-based authentication between the CPE and ACS.

Security Mechanisms

2. Digest Authentication: The HTTP layer provides an alternative means of CPE and ACS authentication based on shared secrets. CPE must pass the digest authentication before establishing a connection to the ACS.

CPE Initiated Sessions

CPE establishes communication upon initial CPE installation in order to bootstrap initial customized parameter values into the CPE. CPE establishes periodic communication with the ACS on an ongoing basis. CPE also connects to ACS when events occur that must be reported to the ACS (such as when the broadband IP address of the CPE changes and certain parameters are modified by a non-ACS management entity). The values of the CPE parameters, whose attributes are set to Active/Passive Notifications by ACS, are changed.

Asynchronous ACS Initiated Sessions

Connection Request: ACS can issue a Connection Request to the CPE at any time, instructing the CPE to immediately establish a communication session with the ACS.

Diagram from DSL Forum specifications

DSL Forum Home Networking Standards

TR-064, TR-064, UPnP UPnP IGD IGD TR-98: TR-98: Service Service Differentiation Differentiation Extensions Extensions CPE TR-069: TR-069: WAN-side WAN-side CPE CPE Mgmt Mgmt

IP STB

WT-135: WT-135: STB STB Object Object model model

VoIP

TR-104: TR-104: VoIP VoIP Object Object Model Model

WT-131: WT-131: ACS ACS NBI NBI Requirements Requirements

TR-111: TR-111: Remote Remote Mgmt Mgmt of home of home devices devices (TR-069 (TR-069 pass-through) pass-through) TR-68 TR-68 v2: v2: DSL DSL Modem Modem with with Routing Routing specs specs

OSS/BSS

Gaming Console

ACS

WT-121: WT-121: TR-069 TR-069 Implementation Implementation & & Interoperability Interoperability WT-142: WT-142: TR-069 TR-069 for for PON PON and and fiber fiber access access

TR-106: TR-106: Common Common Data Data Model Model Template Template
PDA

Call Center

Digital Home Player / Server

WT-140: WT-140: network network storage storage Object Object model model

TR-069 Companion Parameter Specifications

TR-098: Internet Gateway Device Data Model for TR-069 TR-106: Data Model Template for TR-069-Enabled LAN Devices TR-104: Provisioning Parameters for VoIP CPE WT-135: Data Model for a TR-069-Enabled Set-Top-Box WT-140: TR-069 Data Model for Storage Service Enabled Devices

Comtrend ACS Introduction

CPE RPC Methods supported by Comtrend ACS

Comtrend ACS supports the following CPE RPC Methods: GetRPCMethods, SetParameterValues, GetParameterValues, GetParameterNames, SetParameterAttributes, GetParameterAttributes, AddObject, DeleteObject, Reboot, Download, Upload, FactoryReset, GetQueuedTransfers, ScheduleInform, and GetOptions.

ACS RPC Methods supported by Comtrend ACS

Comtrend ACS supports the following ACS RPC Methods: GetRPCMethods, Inform, and TransferComplete.

Comtrend TR-069 CPE supported by Comtrend ACS

ADSL2+ Router: CT-5071S, CT-5071T, CT-5611T, CT5621, CT-5621T, CT-5624 Wireless ADSL2+ Router: CT-536B+, CT-5361, CT-5361T ADSL2+ / VDSL2 Router: CT-5372, CT-5372E ADSL2+ Wireless VoIP IAD: CT-6382, CT-6382T, CT6382D, CT-6383 ADSL2+ / VDSL2 Wireless VoIP IAD: CT-6373, CT6373E VoIP Gateway: CT-820C

Comtrend ACS Software Requirements

OS: Red Hat Enterprise Linux 5 DVD or Scientific Linux 5 DVD Required Linux RPMs: MySQL Database, Apache Web Server+mod_ssl, and PHP

Comtrend ACS Hardware Requirements

Basically, one single server machine can run the ACS application software. CPU: Intel Pentium Dual Core/Core 2 Duo/Core 2 Quad/Xeon or compatible Memory: 4 GB RAM or above HD: Minimum 120 Gbytes free space. RAID-5 Support or SCSI hard disks are recommended. Gigabit Ethernet Network Interface Card * 2 DVD-ROM * 1

Comtrend ACS Hardware Architecture

1. Single Server Architecture All-in-one mode. All required server services run on a single server machine. Limit to manage maximum 100,000 CPEs. Single ACS Server
ACS + Apache + MySQL + Firewall

Comtrend ACS Hardware Architecture

CPE

2. High Availability Architecture Active - Standby mode. Use the other ACS server machine to backup and provide service failover. Limit to manage maximum 100,000 CPEs.

Active ACS Server Network Power Switch (Fence Device)

Standby (Backup) ACS Server

SCSI/Fiber

SCSI/Fiber

Storage (Disk Array)

Comtrend ACS Hardware Architecture

CPE

3. Advanced Cluster Architecture Active - Active mode. Active Provide high availability and load ACS Server balancing. Require at least 3 server machines. Can flexibly add additional ACS server machines. Can support unlimited number of CPE.

Load Balancing Machine

Active ACS Server

Active ACS Server

More Active ACS Server(s)

Network Power Switch (Fence Device)

Fiber Channel

Storage (Disk Array)

Comtrend ACS Features

Comtrend ACS Features

Manage and control TR-069 enabled CPEs: Comtrend ACS complies 100% with the TR-069 specifications, and is able to manage any TR069-enabled CPEs. Comtrend ACS has perfect interoperability with the following famous DSL chip vendors and CPE manufacturers: Broadcom, Conexant, 2Wire, Linksys, Westell, Netopia, Infineon, TrendChip, Alpha Networks, RealTek, etc.

Comtrend ACS Features

Supports ACS-initiated Provisioning: At any time Comtrend ACS can request that the CPE initiates a connection to Comtrend ACS using the Connection Request notification mechanism. Also, by using the Connection Request, Comtrend ACS can ask the CPE to reboot or to restore its settings to the factory defaults at any time.

Comtrend ACS Features

Provides high degree of security: Comtrend ACS supports basic and digest authentication, SSL/TLS, and certificate authentication. For security reasons, Comtrend ACS can only allow HTTPS connections from the CPEs. Therefore, the CPEs that connect to Comtrend ACS must support HTTPS.

Comtrend ACS Features

Flexibly add new CPE Models of different manufacturers: Comtrend ACS not only works perfectly with Comtrend CPE models, but also allows ACS administrators to flexibly add any new CPE Models of different manufacturers.

Comtrend ACS Features

Easily and quickly control any unknown TR-069 CPEs: Comtrend ACS can scan an untested CPE to discover which TR-069 parameters the CPE supports, and then can directly manage and control it.

Comtrend ACS Features

Flexibly select which CPE functions must be managed: By using the Model Profile, ACS administrators can flexibly select which CPE parameters must be managed and controlled by Comtrend ACS, and which CPE parameters are allowed to be changed by end users or third party tools.

Comtrend ACS Features

Allows the adding of vendor-specific parameters: If CPEs not only have TR-069 standard parameters, but also vendor-specific parameters, these parameters can be subsequently added to Comtrend ACS database to allow Comtrend ACS to control them. Most importantly, Comtrend ACS can manage and control all parameters shown on the Comtrend CPE web UI, even though these parameters are not defined in the TR-069 specifications.

Comtrend ACS Features

Has CPE download firmware image file and vendor configuration file: Comtrend ACS supports multiple additional download URLs of the same firmware image file. The firmware image file or the vendor configuration files can be stored in extra different download servers to distribute network flow. In addition, the allowed firmware download time can also be configured and limited at offhour.

Comtrend ACS Features

Provides CPE Status and Performance Monitoring: Comtrend ACS collects CPE information and statistics generated by the TR-069 parameters to monitor the CPEs status and performance. Comtrend ACS web UI | Devices | Device List | Status page lists the read-only status parameter values that the CPE reports to Comtrend ACS during the most recent connection.

Comtrend ACS Features

Implement CPE Diagnostics: Comtrend ACS uses the collected CPE information generated by TR-069 parameters to diagnose connectivity or service issues. Comtrend ACS can ask the CPE to ping a certain IP address or hostname and to report the result of the ping test.

Comtrend ACS Features

Has conspicuous LED indicators: The Green / Red status LED indicator indicates whether or not the CPE keeps a normal connection to Comtrend ACS within the regulated periodic Inform interval. The Red / Gray firmware LED indicator indicates whether or not the CPE has upgraded its firmware to the version specified by Comtrend ACS.

Comtrend ACS Features

Provides detailed log tables of each connected CPE: Every CPE connection record is logged in the Session Log table. Moreover, Comtrend ACS also has: Notification Log table, Download Log table, Bootstrap Log table, and Error Log table.

Comtrend ACS Features

Allows use of different keywords to search a CPE data: Comtrend ACS administrators can use the desired key words (MAC address, CPE IP address, or SN) to search the configuration data of a specific CPE or the configuration data of multiple CPEs.

Comtrend ACS Features

Automatically and manually backup ACS database: Comtrend ACS database will be automatically backed-up at the time specified by the ACS administrator. Also, Comtrend ACS database can be manually backed-up to be saved locally. The restore source can be the backup file automatically stored in Comtrend ACS or the file manually stored in the administrators local computer.

Comtrend ACS Features

Has a build-in CWMP interoperability test system: Comtrend CWMP Interoperability Test System (ITS) is specifically designed for DSL Forum PD-128 CWMP interoperability tests. It provides convenience and accuracy for stepping through the interoperability tests between Comtrend ACS and multiple CPEs. It follows the test items suggested in the PD-128 document and also adds other useful and important test items. ITS can simulate any CWMP transaction session to flexibly reproduce any problems that may happen in the real world situation.

Comtrend ACS Features

Has high availability and scalability: According to the design of our load-balance model, multiple ACSes are able to support unlimited CPEs accounts, and can support unlimited upgrade and configuration tasks running simultaneously by adding additional ACSes if necessary. The administrative web server used to operate a collection of ACSes can be separate from the ACS groups. Multiple ACSes that share the same FQDN can be used to disperse network flows. Round-Robin DNS mechanism is able to evenly distribute all CPE connections among these ACSes.

Business Model Example

Business Model Example

1. A subscriber applies for the Internet service from the customer service portal of an ISP.

Business Model Example

2. The ISP adds a entry of data for the new subscriber in its own OSS database, including the subscriber name, address, telephone number, PPPoE username & password, SIP username & password, CPE Model, CPE MAC address, etc. According to the design of the Comtrend ACS, the ACS uses the base MAC address of the CPE to distinguish each unique CPE.

Business Model Example

3. After getting the subscriber information, the OSS adds an entry of the CPE configuration data in the ACS database for the new subscriber through calling the ACS API. The ACS API provides convenience and flexibility to let the OSS adds a collection of CPE accounts. The ACS administrators can also login to the ACS administrative web user interface to add the new CPE accounts.

Business Model Example

4. The CPE is shipped to the subscriber. Each CPE has the same factory default settings: pre-configured ACS URL and TR-069 related settings, PPPoE WAN connection, the same PPPoE username and password, etc.

Business Model Example

5. When the subscriber gets the CPE and powers it on, the CPE will automatically connect to the ACS on the Internet by using HTTPS connections. Whenever the CPE tries to connect to the ACS, the CPE will tell the ACS the CPEs base MAC address. The ACS will check if there is a MAC address entry for the CPE in the ACS database. The ACS will also ask the CPE to provide a set of username and password for the digest authentication. If CPE can pass the authentication, the ACS will allow the CPE to establish a successful connection to the ACS.

Business Model Example

6. The ACS will then reset the CPEs configuration. The ACS will replace the original factory default settings with the subscribers unique PPPoE username & password, unique SIP username and password, etc.

Business Model Example

7. The CPE will reboot automatically to make the new settings applied.

Thank you
Your Your Best Best Strategic Strategic Partner Partner