Working of Cable Modem Termination System(cmts)

A cable modem termination system (CMTS) is a component that exchanges digital signals with cable modems on a cable network. A cable modem termination system is located at the local office of a cable television company.

A data service is delivered to a subscriber through channels in a coaxial cable or optical fiber cable to a cable modem installed externally or internally to a subscriber’s computer or television set. One television channel is used for upstream signals from the cable modem to the CMTS, and another channel is used for downstream signals from the CMTS to the cable modem. When a CMTS receives signals from a cable modem, it converts these signals into Internet Protocol (IP) packets, which are then sent to an IP router for transmission across the Internet. When a CMTS sends signals to a cable modem, it modulates the downstream signals for tranmission across the cable to the cable modem. All cable modems can receive from and send signals to the CMTS but not to other cable modems on the line.

 

At the cable provider’s head-end, the CMTS provides many of the same functions provided by the DSLAM in a DSLsystem. The CMTS takes the traffic coming in from a group of customers on a single channel and routes it to an Internet service provider (ISP) for connection to the Internet. At the head-end, the cable providers will have, or lease space for a third-party ISP to have, servers for accounting and logging, Dynamic host configuration protocol (DHCP) for assigning and administering the IP addresses of all the cable system’s users, and control servers for a protocol called CableLabs Certified Cable Modems — formerly Data over cable service interface specifications(DOCSIS), the major standard used by U.S. cable systems in providing Internet access to users.

The downstream information flows to all connected users, just like in an Ethernet network — it’s up to the individual network connection to decide whether a particular block of data is intended for it or not. On the upstream side, information is sent from the user to the CMTS — other users don’t see that data at all. The narrower upstream bandwidth is divided into slices of time, measured in milliseconds, in which users can transmit one “burst” at a time to the Internet. The division by time works well for the very short commands, queries and addresses that form the bulk of most users’ traffic back to the Internet.

A CMTS will enable as many as 1,000 users to connect to the Internet through a single 6-MHz channel. Since a single channel is capable of 30 to 40 megabits per second (Mbps) of total throughput, this means that users may see far better performance than is available with standard dial-ups modems. The single channel aspect, though, can also lead to one of the issues some users experience with cable modems.

Advertisements

Configuring MRTG.. Linux Based

Follow these 9 steps to successfully configure your Mrtg with your settings……

Step # 1 : Make sure snmp server installed

Please note that snmpd configuration does not require using mrtg with remote network devices such as Routers and switches. If you just want mrtg graphs for router or switch then please refer to step # 4 (as all these devices comes preconfigured with snmpd software).

Run rpm commands query option to find out snmp server installed or not:

# rpm -qa | grep snmp

If snmp installed then please refer step # 2; otherwise snmp server and utils were not present and your need to install them using following steps (login as a root user):

(a) Visit rpmfind.net to get snmp server and utilities rpms. If you are fedora user then use yum command as follows to install it:

# yum install net-snmp-utils net-snmp

(b) If you are RHEL subscriber then use up2date command as follows to install:

#up2date -v -i net-snmp-utils net-snmp

Step # 2 : Determine if snmp server is running or not

Run ‘ps’ command to see if snmp server is running or not:

# ps -aux | grep snmp

Output:

root   5512  0.0  2.3  5872 3012 pts/0    S    22:04   0:00 /usr/sbin/snmpd

Alternatively, you can try any of the following two commands as well:

# lsof -i :199

Output:

COMMAND  PID USER   FD   TYPE DEVICE SIZE NODE NAME
snmpd 5512 root 4u IPv4 34432 TCP *:smux (LISTEN)

OR try out netstat command:

# netstat -natv | grep ':199'

Output:

tcp        0      0 0.0.0.0:199             0.0.0.0:*               LISTEN

If you found service is running or listing on port 199 then please see step #3; otherwise start service using following command:

# service snmpd start

Make sure snmpd service starts automatically, when linux comes us (add snmpd service):

# chkconfig --add snmpd

Step # 3 : Make sure snmp server configured properly

Run snmpwalk utility to request for tree of information about network entity. In simple words query snmp server for your IP address (assigned to eth0, eth1, lo etc):

# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1 = 1
ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.192.168.0.3 = 2

If you can see your IP address then please proceed to step 4; else it is a time to configure snmp server as follows (by default RHEL and RH 8/9 are not configured for snmp server for security reason):

Configure SNMP
(1) Edit file /etc/snmp/snmpd.conf using text editor:
# vi /etc/snmp/snmpd.conf

Change/Modify line(s) as follows:

Find following Line:

com2sec notConfigUser  default       public
Replace with (make sure you replace 192.168.0.0/24 replace with your network IPs) following lines:
com2sec local     localhost           public
com2sec mynetwork 192.168.0.0/24      public

Scroll down bit and change:

Find Lines:

group   notConfigGroup v1           notConfigUser
group   notConfigGroup v2c           notConfigUser

Replace with:

group MyRWGroup v1         local
group MyRWGroup v2c        local
group MyRWGroup usm        local
group MyROGroup v1         mynetwork
group MyROGroup v2c        mynetwork
group MyROGroup usm        mynetwork

Again scroll down bit and locate following line:

Find line:

view    systemview     included      system

Replace with:

view all    included  .1                               80

Again scroll down bit and change:

Find line:

access  notConfigGroup ""      any       noauth    exact  systemview none none

Replace with:

access MyROGroup ""      any       noauth    exact  all    none   none
access MyRWGroup "" any noauth exact all all none

Scroll down bit and change:

Find lines:

syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root  (configure /etc/snmp/snmp.local.conf)
Replace with (make sure you supply appropriate values):
syslocation Linux (RH3_UP2), Home Linux Router.
syscontact Vivek G Gite <vivek@nixcraft.com>

For your convenient, here is my /etc/snmp/snmpd.conf file. Feel free to use this file. Make sure you make backup of your existing file if you use this file as it is.

Start your snmp server and test it:

(a) Make sure when linux comes up snmpd always starts:

 # chkconfig snmpd on

(b) Make sure service start whenever Linux comes up (after reboot):

 # service snmpd start

(c) Finally test your snmp server:

 # snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

Step # 4 : Install mrtg if not installed

Mrtg software may install during initial installation; you can verify if MRTG installed or not with following RPM command:

rpm -qa | grep mrtg

If mrtg already installed please see step # 5; else use rpmfind.net to find MRTG rpm or up2date command to install MRTG software:

# up2date -v -i mrtg

Fedora Linux user can use yum command as follows to install MRTG:

# yum install mrtg

Step # 5 : Commands to Configure mrtg

(a) Create document root to store mrtg graphs/html pages:

# mkdir -p /var/www/html/mymrtg/

(b) Run any one of the following cfgmaker command to create mrtg configuration file:

#cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output /etc/mrtg/mymrtg.cfg public@localhost

OR (make sure your FQDN resolves, in following example i’m using rh9.test.com which is my router FQDN address)

# cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output /etc/mrtg/mymrtg1.cfg public@rh9.test.com

(c) Create default index page for your MRTG configuration:

# indexmaker --output=/var/www/html/mymrtg/index.html /etc/mrtg/mymrtg.cfg

(d) Copy all tiny png files to your mrtg path:

# cp -av /var/www/html/mrtg/*.png /var/www/html/mymrtg/

Step # 6 First test run of mrtg

(a) Run mrtg command from command line with your configuration file:

# mrtg /etc/mrtg/mymrtg.cfg

Note: You may get few warning message for first time; ignore them.

(b) Fire your favorite web browser (like FireFox 😀 ) and type url http://www.your.com/mymrtg/ or http://your-ip/mymrtg/

Step # 7 Create crontab entry so that mrtg graph / images get generated every 5 minutes

(a) Login as a root user or login as a mrtg user and type following command:

# crontab -e

(b) Add mrtg cron job entry to configuration file (append following line to it):

*/5 * * * * /usr/bin/mrtg /etc/mrtg/mymrtg.cfg --logging /var/log/mrtg.log

Save file and you are done with MRTG config issues 🙂

Step # 8 Block ports 161 & 162 at firewall

You do not want to give access to everyone to your snmp server for security reasons. SNMP server uses UDP 161, 162 ports for communication. Use Linux IPTABLES firewall to restrict access to SNMP server

(a) Allow outgoing SNMP server request from your Linux computer. This is useful when you query remote host/router (replace SERVER IO with your real IP):

SERVER="xxx.xxx.xxx.xxx"
iptables -A OUTPUT -p udp -s $SERVER --sport 1024:65535 -d 0/0 --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -s 0/0 --sport 161:162 -d $SERVER --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

(b )Allow incoming SNMP client request via iptables. This is useful when you wish to accept queries for rest of the world (replace SERVER IP with your real IP):

SERVER="xxx.xxx.xxx.xxx"
iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $SERVER --dport 161:162 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -s $SERVER --sport 161:162 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Pleae note that above two are just SNMP specific iptables rules. Please consult iptables(8) man page for complete information on iptables

Step # 9 Optional: Protect your MRTG graphs/html pages with password protected directory

Once again, you would like to restrict access to your MRTG reports. This can easily accomplished with Apache webserver’s .htaccess file. If you are on webhosting server with control panel (such as ensim or plesk) then you can use control panel itself to create password-protected directory.

Below is process outlined to protect graphs using apache’s .htaccess file and htpasswd command:

Step # 1: Create .htaccess file in /var/www/html/mymrtg/ directory (add text as follows):

vi /var/www/html/mymrtg/.htaccess

Add following text to file:

AuthName "MRTG Graphs/Html restricted access"
AuthType Basic
AuthUserFile /var/members/.htpasswd
require user mrtgadmin

Step # 2: Create a user and password name (-c assumes first time you are using .htpasswd file):

# htpasswd -c /var/members/.htpasswd mrtgadmin

For more information please see Apache Webserver Authentication and access control mini-howto.

COURTESY:  http://www.cyberciti.biz/nixcraft/linux/docs/uniqlinuxfeatures/mrtg/mrtgconifg.php

Booting Process Of Router

 

      Rom contains the necessary firmware to boot up your router and typically has the following four components:

      Post (power-on self-test) performs tests on the router’s hardware components.

      Bootstrap program brings the router up and determines how the ios image and configuration files will be found and loaded.

      Rom monitor (rommon mode) a mini–operating system that allows you to perform low-level testing and troubleshooting, the password recovery procedure.

      Mini-ios a stripped-down version of the ios that contains only ip code. This should be used in emergency situations where the ios image in flash can’t be found and you want to boot up your router and load in another ios image. This stripped-down ios is referred to as rxboot mode.

      RAM

      RAM is like the memory in your PC. On a router, it (in most cases) contains the running IOS image; the active configuration file; any tables (including routing, ARP, CDP neighbor, and other tables); and internal buffers for temporarily storing information, such as interface input and output buffers. The IOS is responsible for managing memory. When you turn off your router, everything in RAM is erased.

      Flash

      Flash is a form of nonvolatile memory in that when you turn the router off, the information stored in flash is not lost. Routers store their IOS image in flash, but other information can also be stored here. Note that some lower-end Cisco routers actually run the IOS directly from flash (not RAM). Flash is slower than RAM, a fact that can create performance issues.

      NVRAM

      NVRAM is like flash in that its contents are not erased when you turn off your router. It is slightly different, though, in that it uses a battery to maintain the information when the Cisco device is turned off. Routers use NVRAM to store their configuration files. In newer versions of the IOS, you can store more than one configuration file here.

      Router Boot up Process

      A router typically goes through five steps when booting up:

      The router loads and runs POST (located in ROM), testing its hardware components, including memory and interfaces.

      The bootstrap program is loaded and executed.

      The bootstrap program finds and loads an IOS image: Possible locations: – flash, a TFTP server, or the Mini-IOS in ROM.

      Once the IOS is loaded, the IOS attempts to find and load a configuration file, stored in NVRAM

      After the configuration is loaded, you are presented with the CLI interface. you are placed into is User EXEC mode.

      Setup Mode

      Cisco devices include a feature called Setup mode to help you make a basic initial configuration. Setup mode will run only if there is no configuration file in NVRAM—either because the router is brand-new, or because it has been erased. Setup mode will ask you a series of questions and apply the configuration to the device based on your answers. You can abort Setup mode by typing CTRL+C or by saying “no” either when asked if you want to enter the initial configuration dialog or when asked if you want to save the configuration at the end of the question.

      Configuration register

      The configuration register is a special register in the router that determines many of its boot up and running options, including how the router finds the IOS image and its configuration file. The configuration register is a four-character hexadecimal value that can be changed to manipulate how the router behaves at bootup. The default value is 0×2102.

      The characters “0x” indicate that the characters that follow are in hexadecimal. This makes it clear whether the value is “two thousand one hundred and two” or, as in this case, “two one zero two hexadecimal”.

      The fourth character in the configuration register is known as the boot field. Changing the value for this character will have the following effects:

      • 0×2100 = Always boot to ROMMON.
      • 0×2101 = Always boot to RXBOOT.
      • 0×2102 through 0x210F = Load the first valid IOS in flash; values of 2 through F for the fourth character specify other IOS image files in flash.

      The third character in the configuration register can modify how the router loads the configuration file. The setting of 0×2142 causes the router to ignore the startup-config file in NVRAM (which is where the password is stored) and proceed without a configuration—as if the router were brand new or had its configuration erased.