Professional Documents
Culture Documents
Agenda
Speeds and Feeds
Competitive Outlook (FiOS)
Objectives
Current & New Speed Offerings
DOCSIS Security
Objectives
Use existing HFC network
Separation of tiers of service
Bandwidth usage monitoring/shaping
Security Issues - mitigate hackers
Number of subs per port
DOCSIS Security
DOCSIS Security
Usage Patterns
Changing cap at same price may not have linear affect
Average usage may be less than extrapolated
DOCSIS Security
Transport layer
TCP or UDP
US speeds & windowing affect TCP
DOCSIS Security
Solutions
1. Do nothing and watch the competition
erode your subscriber base
2. Segment the fiber nodes
3. FTTC, FTTH(P), FTTWAP
4. Bonding US & DS DOCSIS channels
DOCSIS Security
10
DOCSIS Security
11
12
Client Entries
PC X
MAC Address:
01:02:03:04:05:06
Cable Modem Y
MAC Address:
02:03:04:06:aa:06
Cable Modem X
ab:cd:ef:01:02:03
Modem Tag
Scopes
Scope
10.1.1.0
.2-.124
01:02:03:04:05:06
02:03:04:06:aa:06
CMTS
...
..
..
.
MAC Address:
ab:cd:ef:01:02:03
PC Class
PC Tag
scope
24.1.1.0
.125-.255
PC tag
Modem Tag
Scopes
Scope
10.2.2.0
.2-.124
Provisioning Server
DOCSIS Security
13
DS0
U0
U1
U2
U3
DS1
U0
U1
U2
U3
DOCSIS Security
14
15
DOCSIS Security
16
Option 1 - Pros
Provides simple "get up and run" approach
Only real modifications are:
Combining to map 2-4 USs to nodes
Ensure provisioning system steers them to proper
US ch
US and DS load balancing possible
Poor mans redundancy
Caution across cards - packet drops because no IM
alignment between cards
If using mixed mode, then 2.0 CMs could burst at 64QAM for ~ 13 Mbps
DOCSIS Security
17
18
Option 1 - Cons
Requires combining work
Requires DS and US spectrum availability
Moving to new DS requires new US
Outage could make CMs register on
incorrect DS & affect registration times
CMs will need to be client-class processed
with info in their DOCSIS config files
What if an US port dies?
DOCSIS Security
19
DOCSIS Security
20
Option 2 - Diagram
CMTS A
CMTS B
DS0
DS1
U0
U0
U1
U1
U2
U2
U3
U3
21
Option 2 - Pros
Hardware Isolation
More processing power
Future expansion and poor-mans HA
Separates high speed customers for
NOC clarity
Some systems use this for open access or
to segregate Data form VoIP
DOCSIS Security
22
Option 2 - Cons
Second CMTS
Will CPU max out if one chassis dies?
More power draw & rack space in HE/hub
Must integrate 2nd chassis to network
Need address space for additional CMTS
CMs could lock on wrong CMTS & IP bundle
IP address depletion
Packet drops (no IM alignment between chassis)
CM offline on one CMTS & online on another
DOCSIS Security
23
DOCSIS Security
24
DOCSIS Security
25
Option 3 - Diagram
DS0
U0
U1
U2
U3
DS1
U0
U1
U2
U3
DOCSIS Security
26
DOCSIS Security
27
DOCSIS Security
28
29
30
31
Amplitude Ripple/Tilt
DOCSIS Security
32
DOCSIS Security
33
Option 3 - Pros
34
Option 3 - Cons
Requires new high speed users to have 2.0 CMs
Requires provisioning work to "block" 2.0 CMs from
registering on Res freq
If Res subs buy their own 2.0 CMs, they could lock to
commercial US w/o provisioning interdiction
Use TLV 39=0 for res CMs
Forces 1.x mode even if they are 2.0 capable
Cant utilize load balancing
Configure mixed-mode with utilization-based LB
May require dynamic freq hopping or mod changes
DOCSIS Security
35
Cablevisions Choice
DOCSIS Security
36
DOCSIS Security
37
38
Questions to Answer
Back-office procedures & implementation,
what happens when:
Physical implementation
Is DS spectrum available for 256-QAM
Can US laser handle multiple carriers and
higher modulation schemes
DOCSIS Security
39
CMTS Configuration
DOCSIS Security
40
41
interface Cable8/1/4
cable downstream modulation 256qam
cable downstream frequency 609000000
cable downstream channel-id 4
cable downstream rf-power 58
cable upstream max-ports 8
cable upstream 0 connector 0 shared
cable upstream 0 frequency 28496000
cable upstream 0 channel-width 3200000
cable upstream 0 minislot-size 2
cable upstream 0 modulation-profile 23
no cable upstream 0 shutdown
cable upstream 1 connector 2 shared
cable upstream 1 frequency 28496000
cable upstream 1 docsis-mode atdma
cable upstream 1 channel-width 3200000
cable upstream 1 minislot-size 2
cable upstream 1 modulation-profile 221
no cable upstream 1 shutdown
42
Configuration (cont)
interface Cable8/1/1
interface Cable8/1/4
DOCSIS Security
43
Concerns
IP Address Implications
How to prevent IP address exhaust during
ranging onto incorrect DS freq
CM issues with multiple DS & US freqs?
Long time to register (CMs cache DS freq)
Power level when 2nd US freq added?
CMTS performs pwr on per-US freq & CW
Analog front-end could overload & cause
harmonics
Per-CM speeds
DOCSIS Security
44
Concerns (cont)
Maybe laser clipping from adding additional
freqs and higher modulation schemes
How to scale 1x8 and 1x2 MAC domains as
utilization increases?
Take into account RF connections,
provisioning, etc.
45
1x2
DS0
U0/C0
DS4
U0/C0
U1/C2
U2/C4
U3/C16
U4/C8
U5/C10
U6/C12
U7/C18
All USs at
28.5 MHz
DOCSIS Security
U1/C2
DS Splitter
1x2 DS1
DS Combiner
U0/C4
US Splitter
U1/C16
Requires:
1x2 DS2
2 DS frequencies
U0/C8
U1/C10
1x2
DS3
U0/C12
U1/C18
46
1x3
DS0
U0&1/C0
DS4
U4/C2
U5/C6
U6/C10
U7/C14
U0/C16
U1/C17
U2/C18
U3/C19
All USs at
28.5 MHz
DOCSIS Security
U2/C2
DS Splitter
1x3 DS1
DS Combiner
U0&1/C4
US Splitter
U2/C6
Requires:
2 DS freqs
1x3 DS2
U0&1/C8
U2/C10
1x3 DS3
U0&1/C12
U2/C14
47
Cabling Ideas
DOCSIS Security
48
Maxnet II Picts
DOCSIS Security
49
Maxnet II Picts
DOCSIS Security
50
Maxnet II Cabling
DOCSIS Security
51
DOCSIS Security
8 7 6 5 4 3 2 1
52
DOCSIS Security
53
PRE2
Benchmark PPS
2.8 Mpps
6.2 Mpps
RP Memory Size
512 MB
1024 MB
FP Memory Size
1024 MB
1024 MB
Packet Buffer
128 MB
256 MB
CM / STB support *
Up to 45K
64K +
Toaster Processors
32
64
RP Clock
267 MHz
500 MHz
Toaster Clock
100 MHz
150 MHz
1.6 Gb/s
3.2 Gb/s
54
M-CMTS
New Architecture for better economics
Lower cost DS PHY
De-couple DS and US ports
DOCSIS 2.0b
DOCSIS Security
55
4x HH-GE
ROUTING ENGINE
2x PRE2 @6 Mpps
RP Redundancy
DOCSIS CARDS
8x MC5X20
40 DS / 160 US ports per Chassis
DOCSIS Security
WIDEBAND SPA
56
RF Characteristics
DS frequency range: 108 MHz 850 MHz
US frequency range: 5 MHz 65 or 88 MHz
DS capture range = 48 MHz
8 channels: Annex B, 6 channels Annex A
Channels do not need to be contiguous
Compatibility
Supports Packet Bonding
Interoperable in a DOCSIS 3.0 environment
Full DOCSIS 2.0 capable
DOCSIS Security
57
uBR10012
Today
DOCSIS Security
Wideband
Architecture
M-CMTS &
DOCSIS 3.0
58
Future-Proofing
HHGE cards
12.3(9)
MCX cards
M-CMTS architecture
DOCSIS Security
59
DOCSIS Security
61
DOCSIS Security
Wideband Configuration
US: Up to 27 Mbps per node shared w/ Boost
DS: ~150 Mbps per 8 nodes at 64-QAM
DS: ~210 Mbps per 8 nodes at 256-QAM
2002, Cisco Systems, Inc. All rights reserved.
62
63
DOCSIS Security
65
66
Console
Port
AUX
Port
Optional Upgrade:
67
Cable Modem
LAN
10/100 WAN Backup
802.1Q VLAN
Advanced Routing,
QoS
Security
uBR905
Cisco 815
DOCSIS 1.1
DOCSIS 2.0
4-Port 10/100
Managed Switch
No
No
4-5 Mbps
8 Mbps (target)
IPSec VPN
DOCSIS Security
68
Multiservice Capabilities
3700/3800 w/
Cable HWIC
IAD243x w/
Cable HWIC
2691/2800 w/
Cable HWIC
1841 w/
Cable HWIC
815 Fixed Config
SMB/Small Branch
SOHO
Primary WAN
DOCSIS Security
Enterprise Branch
Summary
Separation of tiers of service
Math & new designs are beginning steps
Monitor actual traffic load and manage fair
use of network
Bandwidth usage monitoring/shaping
Determine when additional capacity is
necessary
DOCSIS Security
70
DOCSIS Security
71