Cisco Systems MC-607 User Manual
Configuring Subscriber-End Broadband Access
Router Features
This chapter contains procedures for manually configuring basic functionality on the Cisco uBR900
series cable access routers. For detailed descriptions of the commands used, refer to the Cisco IOS
Multiservice Applications Command Reference publication.
This chapter includes the following sections:
• Subscriber-End Overview
• Cisco IOS Software Feature Sets
• Subscriber-End Broadband Access Router Data Operations
• Voice over IP Operations
• Subscriber-End Broadband Access Router Security Features
• Subscriber-End Broadband Access Router Configuration Options
• Subsriber-End Broadband Access Router Configuration Restrictions
• Subscriber-End Broadband Access Router Initial Power-Up Sequence
• Subscriber-End Broadband Access Router Basic Troubleshooting
• Subscriber-End Broadband Access Router Configuration Prerequisites
• Subscriber-End Broadband Access Router Configuration Tasks
• Configuring a Host Name and Password
• Configuring Ethernet and Cable Access Router Interfaces
• Configuring Routing
• Configuring Bridging
• Reestablishing DOCSIS-Compliant Bridging
• Customizing the Cable Access Router Interface
• Using Multiple PCs with the Cable Access Router
• Subscriber-End Broadband Access Router Configuration Examples
Cisco IOS Multiservice Applications Configuration Guide
MC-607
Subscriber-end Overview
Subscriber-end Overview
Cisco uBR900 series cable access routers are fully-functional Cisco IOS routers and standards-based
bidirectional cable modems that give a residential or small office/home office (SOHO) subscriber
high-speed Internet or intranet access and packet telephone services via a shared two-way cable system
and IP backbone network. Cisco uBR900 series cable access routers are based on the current
Data-over-Cable Service Interface Specifications (DOCSIS) standards, and interoperate with any
bidirectional, DOCSIS-qualified headend cable modem termination system (CMTS).
Cisco uBR900 series routers connect computers, telephone equipment, and other customer premises
(CPE) devices at a subscriber site to the service provider hybrid fiber-coaxial (HFC) and IP backbone
network. Functioning as cable modems, the Cisco uBR900 series routers transport data and voice traffic
on the same cable system that delivers broadcast TV signals.
Cisco uBR900 series cable access routers typically ship from the Cisco factory with a Cisco IOS
software image stored in NVRAM. The standard Cisco IOS software image supports DOCSIS-compliant
bridging operation for data as the default.
Based on the feature licenses purchased, other Cisco IOS images can be downloaded from Cisco
Connection Online (CCO). Each Cisco uBR900 series router in your network can then be configured to
support Voice over IP (VoIP) or other special operating modes based on your service offering and the
practices in place for your network. A Cisco uBR900 series device can function as an advanced router,
providing WAN data connectivity in a variety of configurations.
Configuring Subscriber-End Broadband Access Router Features
Cisco IOS Software Feature Sets
This section briefly describes the common feature sets supported by the Cisco uBR900 series cable
access routers. Each feature set contains a number of features that provide a specific functionality such
as VoIP or virtual private network (VPN) access.
The following feature set categories are currently available:
• Data operations
• Data and voice operations
The data and voice feature sets add VoIP support to the same base features contained in the data only
feature sets. Telephones that are connected to the Cisco uBR924 cable access router can make voice calls
over the Internet using either the H.323 (gateway/gatekeeper) voice control protocol or Simple Gateway
Control Protocol (SGCP). (For more information on these protocols, refer to the “H.323 Protocol Stack”
and “SGCP Protocol Stack” sections in this chapter.)
Because voice calls are real-time traffic, the Cisco uBR924 cable access router supports the DOCSIS
QoS enhancements to give higher priority to IP packets containing voice traffic.
Note Voice features are available only on the Cisco uBR924 cable access router.
Note Feature sets and software images vary depending on the cable access router model you are
using and the Cisco IOS software release that is running. For a list of the available software
images for your application, and the specific features contained in each image, refer to the
release notes for the Cisco uBR900 series cable access router and Cisco IOS software
release you are using.
MC-608
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
The following feature sets are available in data and voice versions as well as in data only versions:
• Base IP Bridging Feature Set provides full DOCSIS 1.0-compliant cable modem support for users
who want a basic high-speed connection to the Internet.
• Home Office (Easy IP) Feature Set provides a high-speed connection to the Internet, along with
server functions that simplify the administration of IP addresses, so that the Cisco uBR900 series
cable access router can connect a small number of computers to the Internet through the cable
interface.
• Small Office Feature Set provides a firewall feature set in addition to the high-speed Internet
connection and server functions provided by the Home Office feature set. You can protect your
office network from intrusion and interference while still having high-speed access to the Internet.
• Telecommuter Feature Set provides encryption and Layer 2 tunneling support in addition to the
high-speed Internet connection and server functions provided by the Home Office feature set.
Businesses can establish secure high-speed Internet connections between employees’ homes and the
office local network.
These feature sets are described in the following sections.
Cisco IOS Software Feature Sets
Base IP Bridging Feature Set
Base IP Bridging includes full and DOCSIS-compliant bridging and DOCSIS Baseline Privacy. The
Base IP Bridging feature set allows the Cisco uBR900 series cable access router to function as a DOCSIS
1.0 cable modem and to interoperate with any DOCSIS 1.0-qualified CMTS. It provides basic
high-speed Internet connectivity for users wanting to connect only one computer to the cable network.
DOCSIS-compliant bridging (also referred to as “plug-and-play” bridging) is the default configuration
for Cisco uBR900 series cable access routers. While in plug-and-play bridging mode, the router locates
a downstream and upstream channel; finds ToD, TFTP, and DHCP servers; obtains an IP address;
downloads a DOCSIS configuration file; and obtains DHCP parameters to work in bridging mode.
Note This feature set does not include Easy IP and Routing.
In DOCSIS-compliant bridging mode, the Cisco uBR900 series cable access router acts as a transparent
bridge for up to 254 CPE devices.
Note The ability of the Cisco uBR900 series cable access router to grant access to CPE devices
is controlled by the MAX CPE field in the DOCSIS configuration file. The MAX CPE field
defaults to one CPE device unless otherwise set to a higher number.
Home Office (Easy IP) Feature Set
The Home Office feature set provides high-speed Internet connectivity for customers having a small
home network (typically two to four computers). In addition to full DOCSIS 1.0 support and all of the
functionality of the Base IP Bridging Feature Set feature set, the Home Office feature set (also known
as Easy IP) supports intelligent DHCP server functions, including DHCP Relay Agent and DHCP Client
functionality. It also supports Easy IP (NAT/PAT).
Cisco IOS Multiservice Applications Configuration Guide
MC-609
Subscriber-End Broadband Access Router Data Operations
This feature set allows the Cisco uBR900 series cable access router great flexibility in administering IP
addresses for the PCs and other CPE devices it is connecting to the cable network. The DHCP
functionality allows intelligent use of the IP addresses that allow customer premises computers and other
equipment to connect to the Internet. The NAT/PAT functionality allows you to use private IP addresses
on the local network, while still maintaining connectivity to the Internet.
Small Office Feature Set
In addition to full DOCSIS 1.0 support and all of the functionality of the Easy IP feature set, the Small
Office feature set supports the Cisco IOS firewall feature set which provides a wide range of security
features for Cisco uBR900 series cable access routers. Using the firewall feature set, Cisco uBR900
series cable access routers act as buffers between private enterprise networks and the Internet and other
connected public networks.
In firewall mode, the Cisco uBR900 series cable access router provides a high-speed Internet connection
for an office local network while protecting the computers on the office network from common attacks
such as denial of service attacks and destructive Java applets. Real-time alerts of attempted attacks are
also given.
The Small Office feature set can be extended with support for IPSec encryption to ensure that the traffic
passed over the Internet cannot be intercepted. You can select either standard 56-bit IPSec Network
Security encryption or high-security 168-bit Triple Data Encryption Standard (DES) encryption.
Configuring Subscriber-End Broadband Access Router Features
Telecommuter Feature Set
In addition to full DOCSIS 1.0 support and all of the functionality of the Easy IP feature set, the
Telecommuter feature set supports IPSec encryption and the Layer 2 Tunneling Protocol (L2TP), which
can establish secure high-speed Internet connections between employee homes and the office local
network.
IPSec is an IP security feature that provides robust authentications and encryption of IP packets for the
secure transmission of sensitive information over unprotected networks such as the Internet. You can
select either standard 56-bit IPSec Network Security encryption or high-security 168-bit Triple DES
encryption.
L2TP is an extension of PPP that allows computers on different physical networks to interoperate as if
they were on the same LAN. These features are important components for VPNs.
Note The Telecommuter feature set does not require the firewall feature set because the
individual telecommuter has a secure connection to the office network. The office network,
however, should implement a firewall for its own connection to the Internet.
Subscriber-End Broadband Access Router Data Operations
Figure 110 illustrates a typical broadband data cable system. Data transmitted to a Cisco uBR900 series
cable access router from the service provider CMTS shares a 27 or 26 Mbps, 6 MHz data channel in the
88 to 860 MHz range. The Cisco uBR900 series cable access router shares an upstream data rate of up
to 10 Mbps on a 200 kHz-wide to 3.2 MHz-wide channel in the 5 to 42 MHz range.
MC-610
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
Note End-to-end throughput varies based on the design and loading of network components, the
mix of traffic, the processing speed and interface of the host server(s), the processing speed
and local Ethernet performance of the subscriber computer, and other parameters. Because
the network can be configured to support multiple levels of service to meet differing market
price/performance requirements, the subscriber service-level agreement also affects
throughput. DOCSIS further contains some fundamental performance limitations because
standards are designed to give a larger number of customers good performance, rather than
permitting a few users to consume the entire capacity.
Figure 110 Typical Cisco Broadband Data Cable System
Subscriber-End Broadband Access Router Data Operations
WAN
Internal backbone
worldwide internet
Operating Modes
The broadband data cable system uses multiple types of access control to ensure efficient use of
bandwidth over a wide range of loading conditions. Advanced queueing techniques and service
algorithms are used to define the acquisition and release of channels.
Cisco uBR900 series cable access routers support 64 or 256 Quadrature Amplitude Modulation (QAM)
downstream, and Quadrature Phase Shift Keying (QPSK) or 16 QAM upstream transmission. The CMTS
system administrator can set the preferred modulation scheme based on the quality of the cable plant.
Switch/router
Servers
and
CMTS
rack equipment
Cable System Headend
Upstream and downstream data interfaces
Operation support system interface
Downstream RF interface
Upstream RF interface
Combiner
Tx
Rx
Cisco uBR900 series
cable access router
HFC
cable
plant
Fiber
18197
Residence or SOHO
subscriber site:
subscriber RF interface
Ethernet interface
Note In noisy plant environments, 16 QAM upstream and 256 QAM downstream modulation
may not be viable. In high-quality HFC networks capable of supporting 16 QAM formats
in the upstream direction, we recommend using QPSK for fixed-slot short packets like
maintenance or data requests, and 16 QAM for variable-length data packets. This results in
the most efficient use of the available upstream timeslots or minislots.
Cisco IOS Multiservice Applications Configuration Guide
MC-611
Subscriber-End Broadband Access Router Data Operations
The system uses TCP/IP to transmit data. TCP/IP transmits data in segments encased in IP datagrams,
along with checksums to detect data corruption and sequence numbers to ensure an ordered byte stream
on the TCP connection between the Cisco cable access router and the CMTS.
Cisco cable access routers also support multicast services—data streams sent to groups of subscribers.
These applications utilize the User Datagram Protocol (UDP) instead of TCP. Because UDP does not
mandate upstream acknowledgments, these applications can be very efficient in the network.
Additionally, restricting upstream throughput will have no effect on downstream UDP streaming
throughput.
Note Interactive games are the exception. Although low latency is required in gaming
applications, high upstream data throughput is not demanded because the volume of data
transmitted upstream is typically small.
Data Specifications
Table 37 provides a summary of the upstream and downstream transmission characteristics of the
Cisco uBR900 series cable access routers.
Configuring Subscriber-End Broadband Access Router Features
Table 38 Cisco uBR900 Series Cable Access Router Data Specifications
Description Downstream Values Upstream Values
Frequency Range 88 to 860 MHz 5 to 42 MHz
Modulation 64 QAM
256 QAM
Data Rate 30 Mbps/64 QAM
(27 Mbps after FEC overhead)
42.8 Mbps/256 QAM
(36 Mbps after FEC overhead)
Bandwidth 6 MHz 200 kHz, 400 kHz, 800 kHz,
FEC RS (122, 128) Trellis Reed Solomon
One Channel Receive level of digital signal
–15 to +15 dBmV
Note Most field measurements are of
nearby or adjacent analog signal
which is normally +6 to +10 dB
(system specific) above the
digital signal level.
QPSK
16 QAM
QPSK—320 kbps to 5 Mbps
16 QAM—640 kbps to 10 Mbps
1.6 MHz,
3.2 MHz
QPSK— +8 to +58 dBmV
16 QAM— +8 to +55 dBmV
MC-612
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
Table 38 Cisco uBR900 Series Cable Access Router Data Specifications (continued)
Description Downstream Values Upstream Values
Signal-to-Noise Ratio
(SNR)
64 QAM:
>23.5 dB @ BER<10^8
256 QAM*:
>30 dB @ BER <10^-8
(For input level from +15 to -8 dBmV,
SNR must be greater than 30 dB. For
input level from -8 to -15 dBmV, SNR
must be greater than 33 dB.)
Note These performance numbers are
Subscriber-End Broadband Access Router Data Operations
in laboratory-controlled
conditions against statistically
pure noise sources (AWGN).
Because such conditions do not
exist in practice, a 6 dB or more
SNR margin is required for
reliable operation. Check with
your local system guidelines.
QPSK:
>15 dB @ BER<10^-8
(QPSK will work at 98%
successful ping rate for SNR
>13 dB. A SNR of 15 dB will be
needed to get almost optimal
packets per minute transition.)
16 QAM:
>22 dB @ BER <10^-8
(For 16 QAM, a SNR >22 dB
makes the grade for 98% ping
efficiency. To get good packet rate,
you need SNR >25 dB).
Note These measurements were
made for 0 and –10 dBmV
input to the CMTS,
1280 kilosymbols/second,
and 64 bytes packet size
with a Cisco uBR904 cable
access router and
laboratory-controlled
conditions.
Security DES decryption: DOCSIS Baseline
Service Assignments
Each Cisco uBR900 series cable access router on the network is configured to receive data on a particular
downstream channel. A downstream channel contains upstream segment(s). Each upstream segment
typically serves more than one fiber node.
DES encryption
Privacy (BPI), 40-bit, 56-bit, and 168-bit
DES encryption, as controlled by the
headend and configuration files.
Note Cisco IOS images must contain
encryption software at both the
CMTS and the Cisco uBR900
series. Both routers must be
enabled and properly configured
to support encryption.
Cisco IOS Multiservice Applications Configuration Guide
MC-613
Subscriber-End Broadband Access Router Data Operations
Partitioning the upstream plant into smaller segments significantly reduces the number of potential
ingress sources and failure points. The CMTS divides the cable plant into downstream channels and
upstream segments or clusters of nodes.
Downstream and Upstream Data Transfer
When operating normally, the Cisco uBR900 series cable access router receives data addressed to it from
the CMTS. The router reads the address in the header of the message, filters the message, and forwards
it to the appropriate device at the subscriber site.
Note Bandwidth at the subscriber site is shared by the active data users connected to the network
segment.
For upstream data transfer, the Cisco cable access router uses a request/grant mechanism to obtain
upstream bandwidth. The CMTS configures, via MAC messages, upstream parameters associated with
transmissions from all Cisco cable access routers on the system. Service class registration is granted
based on class assignment and load provisioning. Upstream channels are time-slotted and divided into
basic scheduling time units.
The CMTS informs the Cisco cable access router of minislot structures on the upstream channel. Some
minislots are marked as contention-based—shared by routers to make bandwidth (timeslot) requests
with the CMTS. Others are grouped into unicast grants for specific routers to send their data bursts. Yet
others are grouped into maintenance slots for keepalive messages from routers to the CMTS.
Configuring Subscriber-End Broadband Access Router Features
Bridging Applications
In bridging applications, the Cisco uBR900 series cable access router acts as a transparent bridge for up
to 254 devices, depending on the version of Cisco IOS software you are using. Older versions of software
allow a maximum of three CPE devices to be bridged. The cable access router is connected to the Internet
through the coaxial cable interface. All four 10BaseT Ethernet ports are treated as one Ethernet interface
by the Cisco IOS software. The IP addresses for the CPE devices and the coaxial cable interface are
typically in the same subnet, although this is not a requirement.
Figure 111 shows the Cisco uBR900 series cable access router in a typical bridging environment. The
Cisco uBR900 series complies with the DOCSIS standards for interoperable cable access routers; it
supports full transparent bridging and DOCSIS-compliant transparent bridging.
Note If the attached CPE devices and the coaxial cable interface are in different IP subnets, the
cable interface must have a secondary address.
MC-614
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
Figure 111 Cisco uBR900 Series Cable Access Router in a Bridging Configuration
Subscriber-End Broadband Access Router Data Operations
PC
PC
PC
PC or hub
13305
Cisco uBR7200 series
CMTS
HFC network
CATV
coaxial cable
Cisco uBR900 series
cable access router
Ethernet
Ethernet
Ethernet
Ethernet
DOCSIS-compliant transparent bridging is the factory default configuration of the Cisco uBR900 series
cable access router. If your cable service provider is using a DHCP server, all you need to do is connect
the cables and power on the cable access router; your service provider configuration program will
automatically configure both the coaxial cable interface and the bridging functionality. You need not set
up IP addresses for the attached PCs or enter any CLI configuration commands. This type of operation
is called “plug-and-play” bridging.
In DOCSIS-compliant bridging mode, the cable access router is able to locate a downstream and
upstream channel; find the ToD, TFTP, and DHCP server(s); obtain an IP address; download a DOCSIS
configuration file; and obtain DHCP parameters to work in a bridging mode.
You can configure a customized bridging application on the Cisco uBR900 series using a downloadable
configuration file or the CLI. For details, see the sections “Configuring Bridging” and “Customizing the
Cable Access Router Interface” later in this chapter.
Routing Applications
The Cisco uBR900 series cable access router can be configured to act as a router to preserve IP address
space and limit broadcasts that can impact the performance of the network. A typical use would be if you
are connecting the cable access router to an internal Ethernet hub that is connected to an existing PC
network. The Cisco uBR900 series supports Routing Information Protocol Version 2 (RIP V2) for this
application.
When configured in routing mode, the Cisco uBR900 series is automatically configured to use the
headend IP address as its IP default gateway. This allows the cable access router to send packets not
intended for the Ethernet interface to the headend when IP host-routing is configured.
RIP V2 routing is useful for small internetworks in that it enables optimization of Network Interface
Center (NIC)-assigned IP addresses by defining variable-length subnet masks (VLSMs) for network
addresses, and it allows classless interdomain routing (CIDR) addressing schema.
Cisco IOS Multiservice Applications Configuration Guide
MC-615
Subscriber-End Broadband Access Router Data Operations
Figure 112 Cisco uBR900 Series Cable Access Router in a Routing Configuration with a Hub
Cisco uBR7246
CMTS
HFC network
L2TP Protocol
L2TP is an emerging Internet Engineering Task Force (IETF) standard that combines the best features
of two existing tunneling protocols: Cisco Layer 2 Forwarding (L2F) and Microsoft Point-to-Point
Tunneling Protocol (PPTP). L2TP is an extension of PPP, which is an important component for access
VPNs.
Traditional dialup networking services only supported registered IP addresses, which limited the types
of applications that could be implemented over VPNs. L2TP supports multiple protocols and
unregistered and privately administered IP addresses over the Internet. This allows the existing access
infrastructure such as the Internet, modems, access servers, and ISDN terminal adapters (TAs) to be
used.
CATV
coaxial cable
Cable
Modem
Configuring Subscriber-End Broadband Access Router Features
Ethernet Ethernet
HUB
LAN
13306
Easy IP
L2TP can be initiated wherever PPTP or L2F is currently deployed, and can be operated as a client
initiated tunnel such as PPTP, or a network access server-initiated tunnel such as L2F.
The current implementation of L2TP in Cisco IOS software is dependent on a PPP connection supported
on one of the directly attached interfaces. A dialup PPP connection is required in order to initiate an
L2TP tunnel connection. This is a requirement of the L2TP Access Concentrator (LAC). Currently the
Cisco uBR900 series cable access router cannot function as the LAC; it can only function as the L2TP
Network Server (LNS), which terminates a tunnel created elsewhere in the network.
DHCP Server
Cisco uBR900 series cable access routers support Intelligent DHCP Relay and DHCP Client
functionality. A DHCP Relay Agent is any host that forwards DHCP packets between clients and servers.
A DHCP Relay Agent enables the client and server to reside on separate subnets. If the Cisco IOS DHCP
server cannot satisfy a DHCP request from its own database, it can forward the DHCP request to one or
more secondary DHCP servers defined by the network administrator using standard Cisco IOS IP
helper-address functionality.
Network Address Translation and Port Address Translation
Network address translation (NAT) reduces the need for globally unique IP addresses. NAT allows an
organization with addresses that are not globally unique to connect to the Internet by translating those
addresses into globally routable address space.
MC-616
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
Port address translation (PAT) is a similar mechanism that enables all internal hosts to share a single
registered IP address (many-to-one translation). When combined, NAT/PAT has the following
capabilities:
• Allows customers to maintain their own private networks while giving them full Internet access
through the use of one or more global IP addresses
• Allows several private IP addresses to use the same global IP address by using address overloading
• Facilitates configuration and permits a large network of users to reach the network by using one
Cisco uBR900 series cable access router and the same DOCSIS cable interface IP address
• Eliminates the need to readdress all hosts with existing private network addresses (one-to-one
translation) or by enabling all internal hosts to share a single registered IP address (many-to-one
translation, also known as PAT)
• Enables packets to be routed correctly to and from the outside world by using the Cisco uBR900
series cable access router
• Allows personal computers on the Ethernet interface to have IP addresses to be mapped to the cable
interface IP address
Routing protocols will run on the Ethernet interface instead of the cable interface, and all packets
received are translated to the correct private network IP address and routed out the Ethernet interface.
This eliminates the need to run RIP on the cable interface.
Voice over IP Operations
To implement NAT on the Cisco uBR900 series, the Ethernet interface is configured with an “inside”
address and the cable interface is configured with an “outside” address. The Cisco uBR900 series also
supports configuration of static connections, dynamic connections, and address pools.
Voice over IP Operations
Note Voice features are available only on the Cisco uBR924 cable access router.
The Cisco uBR924 cable access router uses packets to transmit and receive digitized voice over an IP
network. Voice signals are packetized and transported in compliance with H.323 or SGCP. H.323 is an
International Telecommunications Union (ITU) standard that specifies call signalling and control
protocols for a shared IP data network. SGCP is an alternative to the H.323 protocol that provides
signalling and feature negotiation using a remote call agent (CA).
SGCP eliminates the need for a dial plan mapper. It also eliminates the need for static configuration on
the router to map IP addresses to telephone numbers because this function is provided by the remote CA.
Figure 113 illustrates a broadband cable system that supports VoIP transmission. QoS and prioritization
schemes are used to enable real-time (voice) and nonreal-time traffic to coexist on the same channel. The
CMTS routes IP telephony calls intermixed with other data traffic.
Cisco IOS Multiservice Applications Configuration Guide
MC-617
Voice over IP Operations
Figure 113 Simplified VoIP over Cable Network
Service
provider
backbone
CMTS rack
equipment
Configuring Subscriber-End Broadband Access Router Features
Gateway/PSTN
CMTS rack
equipment
Policy
server
Cisco uBR924
Called party
Residence or SOHO
subscriber site 2
HFC
cable plant
18194
HFC
cable plant
Cisco uBR924
Calling party
Residence or SOHO
subscriber site 1
Gatekeeper or
calling agents
You can deploy IP telephony as a local-loop bypass service where voice packets are transferred from the
CMTS to one of the following, depending on the signalling protocol used:
• A telephony gatekeeper when using H.323; the Cisco uBR924 acts as an H.323 gateway.
• A call agent when using SGCP.
The gatekeeper or call agents manage voice calls; the gateway interconnects the IP network to the Public
Switched Telephone Network (PSTN). The gatekeeper must be running Cisco IOS Release 12.1 or later
in order to support registration of the full E.164 address for each Cisco uBR924 port.
Voice calls are digitized, encoded, compressed, and packetized in the originating gateway, then
decompressed, decoded, and reassembled in the destination gateway. A server maintains subscriber
profiles and policy information.
You can place and receive calls without using the local exchange carrier. Two simultaneous voice and
fax calls are supported to and from each subscriber site. Multiple telephones and fax devices can be
connected to each of the two VoIP telephone lines at a subscriber site, providing the 5 REN limit is
adhered to for each telephone line.
MC-618
Note the following requirements and characteristics of VoIP applications using the Cisco uBR924 cable
access router:
• The telephones at each subscriber site must support touch-tone dialing; rotary dialing is not
supported.
• Special telephone features such as call waiting, call forwarding, and conferencing are not supported.
• A two-line telephone can be connected to the V1+V2 port on the Cisco uBR924.
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
• Fax devices—standard Group III and computer-based Group III machines up to 14,400 baud—are
supported in Cisco IOS images that support VoIP.
• In general, fax/modem cards are not supported over VoIP links.
Contact your network management, provisioning, or operations team to determine what your network
supports.
Voice Compression and Decompression
The Cisco uBR924 cable access router supports the following compression and decompression
algorithms (codecs):
• G.711 A-law 64000 bps
• G.711 U-law 64000 bps
• G.723.1 5300 bps
• G.723.1 6300 bps
• G.726 16000 bps
Voice over IP Operations
• G.726 24000 bps
• G.726 32000 bps
• G.728 16000 bps
• G.729 Annex A 8000 bps
• G.729 8000 bps (default codec for telephone calls)
Note Because voice transmission is delay-sensitive, a well-engineered network is critical.
Fine-tuning your network to adequately support VoIP typically involves a series of
protocols and features geared to support QoS.
To achieve acceptable voice quality and reduce network bandwidth usage, several voice processing
techniques and services are employed, including echo cancellation, voice compression, voice activity
detection (VAD) or silence compression, and dual tone multifrequency (DTMF) tone detection and
generation.
The Cisco uBR924 cable access router supports multiple QoS service IDs (SIDs), enabling multiple
classes of service on the cable interface. This enables VoIP and data traffic to be treated separately, with
all data assigned to a default class of service, while VoIP traffic is assigned to a different class of service.
Thus, voice traffic from the Cisco uBR924 telephone ports can take precedence over the data traffic
coming from the Ethernet interfaces.
Note Separate class of service (CoS) streams are only available when the Cisco uBR924 is
connected to a CMTS that supports multiple classes of service per router. In addition, the
router configuration file must specify the use of multiple classes of service.
If the Cisco uBR924 interoperates with a DOCSIS 1.0 CMTS that does not support multiple
CoS per router, voice traffic will be transmitted on a best-effort basis along with data
traffic. This may cause poorer voice quality and lower data throughput when calls are being
made from the router telephone ports.
Cisco IOS Multiservice Applications Configuration Guide
MC-619
Voice over IP Operations
Configuring Subscriber-End Broadband Access Router Features
The Cisco uBR924 cable access router supports the following service classes:
• The first CoS in the router configuration file is configured as the “Tiered Best Effort Type Class”
used by the router as the primary QoS for all regular data traffic. The class has no minimum upstream
rate specified for the channel.
This service class results in the assignment of a primary SID for the router. The router uses this SID
for all MAC message exchanges with the CMTS, and as a data SID. Any SNMP management traffic
from the network to the Cisco uBR924 will also use this SID.
Although this class is strictly best effort, data traffic within this class can be prioritized into eight
different priority levels. The CMTS system administrator, however, must define the supported
upstream traffic priority levels and include the traffic priority fields in the configuration file
downloaded to the Cisco uBR924.
• When creating a configuration for the Cisco uBR924, the CMTS system administrator typically
configures extra classes of service. These secondary classes of service are expected to be higher QoS
classes and are used by higher priority traffic such as voice. These classes have a minimum upstream
rate specified for the channel.
The multiple SID-per-router feature enables the Cisco uBR924 to use multiple SID queues for
differentiated services. The Cisco uBR924 diverts voice call traffic to the higher QoS secondary SID,
while forwarding best-effort data from the Ethernet interface and MAC messages on the primary SID.
H.323 Protocol Stack
H.323 is an ITU standard that specifies call signalling and control protocols for a shared IP data network.
The Cisco uBR924 cable access router acts as an H.323 gateway. In architectures using the VoIP H.323
protocol stack, the session application manages two call legs for each call: a telephony leg managed by
the voice telephony service provider; the VoIP leg managed by the cable system operator—the VoIP
service provider. Use of the H.323 protocol typically requires a dial plan and mapper at the headend or
other server location to map IP addresses to telephone numbers.
When both legs of the call have been set up, the session application creates a conference between them.
The opposite leg transmit routine for voice packets is given to each provider. The CMTS router passes
data to the gateway and gatekeeper. The H.323 stack provides signalling via H.225 and feature
negotiation via H.245.
To make and receive H.323 calls, the Cisco uBR924 cable access router must know the following:
• The IP address of the gateway for the destination dialed. You can configure these IP addresses
statically using the voip dial peer group CLI commands, or you can obtain these addresses
dynamically from the gatekeeper using Registration, Admission, and Status (RAS).
• The telephone numbers of the attached devices. You can configure the telephone numbers attached
to the Cisco uBR924 by configuring the IP addresses statically using the pots port CLI commands.
When using Cisco Network Registrar (CNR) version 3.0 or later with the relay.tcl and setrouter.tcl
scripts, you can obtain these addresses dynamically from CNR. The telephone numbers of attached
devices are then sent in DHCP response messages. When the Cisco uBR924 processes the DHCP
response, it automatically creates the pots dial peer for each port, creates the voip dial peer for the
RAS target, and starts the H.323 RAS gateway support.
MC-620
Note To support voice configurations involving Cisco gatekeeper products using RAS, the
headend must have IP multicast enabled. The cable interface must be designated as the
default for RAS to discover the gatekeeper. The gatekeeper then resolves all dialed
destinations sent to the RAS protocol.
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
SGCP Protocol Stack
The Cisco uBR924 cable access router supports SGCP, an out-of-band signalling protocol that interacts
with an external call agent to provide call setup and teardown for VoIP calls made through the Internet
or a local intranet. Using the call control agent, SGCP communicates with the voice gateways, allowing
you to create a distributed system that enhances performance, reliability, and scalability while still
appearing as a single VoIP gateway to external clients. SGCP eliminates the need for a dial plan mapper
and static configuration on the router to map IP addresses to telephone numbers because this function is
provided by the external call agent.
In architectures using the SGCP protocol stack, the session application implements the gateway
functionality defined to support both trunk and residential gateways. The Cisco uBR924 functions in this
mode as a residential gateway with two endpoints.
SGCP can preserve signalling System 7 (SS7) style call control information and additional network
information such as routing information and authentication, authorization, and accounting (AAA)
security information. SGCP allows voice calls to originate and terminate on the Internet; it also allows
one end to terminate on the Internet and the other to terminate on a telephone or PBX on the PSTN.
Note The Cisco uBR924 cable access router supports both H.323 and SGCP call control, but only
one method can be active at a time.
Voice over IP Operations
Subscriber-End Broadband Access Router Voice Specifications
Table 39 Cisco uBR924 Cable Access Router Voice Specifications
Metric Value
Loss (between DCS and BTI gateway) Nominal: 4 dB ±0.5 dB (off hook)
Nominal: 9 dB ±0.5 dB (on hook)
Attenuation distortion:
DCS <> BTI (200 Hz to 3.5 kHz)
BTI<> DCS (304 Hz to 3004 Hz)
DCS -> BTI (204 Hz to 3004 Hz)
Idle channel noise <= 18 dBmC (noise shall not exceed)
Signal to C-notched noise >= 35 dB
Intermodulation distortion:
R2
R3
Single frequency interference:
0 to 12 kHz
0 to 4 kHz
Frequency shift (offset) <= ±0.2 Hz (max)
Nominal:
+1 dB/–3 dB
±0.5 dB
±0.5 dB0
>= 52 dB
>= 52 dB
<= –28 dBmO
<= –40 dBmO
<= ±0.1 Hz (99.5%)
Cisco IOS Multiservice Applications Configuration Guide
MC-621
Voice over IP Operations
Configuring Subscriber-End Broadband Access Router Features
Table 39 Cisco uBR924 Cable Access Router Voice Specifications (continued)
Metric Value
Amplitude tracking (input level, dBmO):
–37 to 0 (on-hook)
–37 to +3 (off hook)
–50 to –37 (off-hook)
–55 to –50 (off-hook)
Crosstalk <= -65 dBmO
Amplitude jitter
20 to 300 Hz
4 to 300 Hz
Phase jitter
20 to 300 Hz
4 to 300 Hz
Envelope delay distortion:
1704 Hz to 604 Hz
1704 Hz to 2804 Hz
1704 Hz to 204 Hz
1704 Hz to 3404 Hz
Hybrid balance:
Max Dev. Ave. Dev.
<= ±0.5 dB
<= ±0.5 dB <= ±0.25 dB
<= ±1.0dB <= ±0.5 dB
<= ±3.0 dB <= ±1.5 dB
<= 2.5% Peak
<= 2.9% Peak
<= 1.5 P-P
<= 1.8 P-P
<= 350 usec
<= 195 usec
<= 580 usec
<= 400 usec
Echo Return Loss (ERL)
SRL
Clipping:
Speech segments < 5 ms
Speech segments > 5ms
Impulse noise:
(>= 6 dB below receive signal) 0 in 93% of all 15 min intervals
Phase hits (>= 10 deg) 0 in 99.75% of all 15 min intervals
Gain hits (>= ± 3 dB) 0 in 99.9% of all 15 min intervals
Dropouts (>= 12) 0 in 99.9% of all 15 min intervals
Backup POTS Connection
The Cisco uBR924 cable access router provides an RJ-11 port (line) that connects to a standard analog
telephone wall jack. In the event of a building power failure or a Cisco uBR924 power problem, the
cutover port lets you dial out using the backup PSTN line. If the Cisco uBR924 loses power while VoIP
calls are in progress, you can reestablish one of the two connections—dialing out over the PSTN.
> 26 dB (standard test line)
> 14 dB (station off hook)
> 21 dB (standard test line)
> 11 dB (station off hook)
< 0.5%
0.0%
<= 1 count in all 30 min intervals
<= 1 count in all 30 min intervals
<= 1 count in all 30 min intervals
<= 1 count in all 60 min intervals
MC-622
Cisco IOS Multiservice Applications Configuration Guide
Configuring Subscriber-End Broadband Access Router Features
Subscriber-End Broadband Access Router Security Features
Note The backup POTS connection enables only one of the VoIP ports on the Cisco uBR924 to
function during a power outage. Calls in progress prior to the power outage will be
disconnected. If power is reestablished while a cutover call is in progress, the connection
will remain in place until the call is terminated. Once the cutover call is terminated, the
router automatically reboots.
Subscriber-End Broadband Access Router Security Features
Cisco uBR900 series cable access routers support the security features described in the following
sections.
DOCSIS Baseline Privacy
Support for DOCSIS Baseline Privacy in the Cisco uBR900 series is based on the DOCSIS Baseline
Privacy Interface Specification (SP-BPI-I01-970922). It provides data privacy across the HFC network
by encrypting traffic flows between the cable access router and the CMTS.
Baseline Privacy security services are defined as a set of extended services within the DOCSIS MAC
sublayer. Two new MAC management message types, BPKM-REQ and BPKM-RSP, are employed to
support the Baseline Privacy Key Management (BPKM) protocol.
The BPKM protocol does not use authentication mechanisms such as passwords or digital signatures; it
provides basic protection of service by ensuring that a cable modem, uniquely identified by its 48-bit
IEEE MAC address, can only obtain keying material for services it is authorized to access. The
Cisco uBR900 series cable access router is able to obtain two types of keys from the CMTS: the traffic
exchange key (TEK), which is used to encrypt and decrypt data packets, and the key exchange key
(KEK), which is used to decrypt the TEK.
To support encryption/decryption, Cisco IOS images must contain encryption/decryption software at
both the CMTS router and the Cisco uBR924 cable access router. Both the CMTS router and the
Cisco uBR924 cable access router must be enabled and configured per the software feature set.
IPSec Network Security
IPSec Network Security (IPSec) is an IP security feature that provides robust authentication and
encryption of IP packets. IPSec is a framework of open standards developed by the IETF providing
security for transmission of sensitive information over unprotected networks such as the Internet. IPSec
acts at the network layer (Layer 3), protecting and authenticating IP packets between participating IPSec
devices (peers) such as the Cisco uBR900 series cable access router.
IPSec provides the following network security services:
• Privacy—IPSec can encrypt packets before transmitting them across a network.
• Integrity—IPSec authenticates packets at the destination peer to ensure that the data has not been
altered during transmission.
• Authentication—Peers authenticate the source of all IPSec-protected packets.
• Anti-replay protection—Prevents capture and replay of packets; helps protect against
denial-of-service attacks.
Cisco IOS Multiservice Applications Configuration Guide
MC-623
Loading...