NetSolutions GD 7 16 2014

CMTS
Network Solutions Guide
For Releases 5.4 to 6.4.3
DOC-3007-01
Document Revision 06.04.03
July 2014
© 2014 Casa Systems, Inc.
All rights reserved. Licensed software products are owned by Casa Systems or its suppliers and are protected
by United States copyright laws and international treaty provisions.
The information regarding the product in this manual is subject to change without notice. All statements,
information, and recommendations in this manual are believed to be accurate but are presented without
warranty of any kind, express of implied. Users must take full responsibility for their application of the product.
In no event shall Casa or its suppliers be liable for any indirect, special, consequential, or incidental damages,
including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this
manual, even if Casa or its suppliers have been advised of the possibility of such damages.
iii
Contents
Preface
About this guide ................................................................................................... vii
Revision history.............................................................................................. vii
Contacting Casa ..................................................................................................viii
Corporate facility ............................................................................................viii
Technical Support ..........................................................................................viii
Technical documentation ...............................................................................viii
Conventions used in Casa documentation ........................................................... ix
Typographical conventions ............................................................................. ix
Acronyms ......................................................................................................... x
Chapter 1. Load balancing CMTS traffic

About this chapter ............................................................................................. 1-1 .
CMTS load balancing overview ........................................................................ 1-2 .
Static and dynamic load balancing .............................................................. 1-2 .
Load balancing restrictions and limitations ................................................. 1-3 .
Load balance configuration prerequisites ................................................... 1-3 .
Enabling load balancing .................................................................................... 1-4 .
Enabling static load balancing across MAC domains ................................. 1-4 .
Load balancing configuration steps .................................................................. 1-5 .
Creating load balancing groups ........................................................................ 1-5 .
General load balancing groups ................................................................... 1-6 .
Restricted load balancing groups ................................................................ 1-8 .
Adding cable modems to the restricted load balancing group .................. 1-12 .
Configuring policies and rules ......................................................................... 1-13 .
Defining basic load balance rules ............................................................. 1-14 .
Casa Systems CMTS

iv Network Solutions Guide
Contents
Defining execution rules ............................................................................ 1-15 .
Load balancing over suspicious channels ................................................ 1-21 .
Using exclusion lists ........................................................................................ 1-22 .
Load balancing solutions ................................................................................ 1-23 .
Solution 1 — Configure general load balancing (static) ............................ 1-23 .
Solution 2 — Create execution rule to enable dynamic load balancing .... 1-24 .
Solution 3 — Display and assess load balance statistics ......................... 1-25 .
Solution 4 — Create special load balancing configurations ...................... 1-26 .
Chapter 2. Configuring router redundancy

Routing redundancy overview ........................................................................... 2-2 .
Figure 2-1.Sample C10G router redundancy network ........................... 2-2

C10G router redundancy solutions ................................................................... 2-3 .
Figure 2-2.CMTS router redundancy interface ..................................... 2-3

Solution 1 — Create a minimal CMTS redundancy configuration ............... 2-4 .
Solution 2 — Create static routes to upstream routers ............................... 2-5 .
Solution 3 — Configure Routing Information Protocol (RIP) instances ....... 2-5 .
Solution 4 — Configure Open Shortest Path First (OSPF) instances ......... 2-6 .
Solution 5 — Configure Border Gateway Protocol 4 (BGP-4) instances .... 2-7 .
Solution 6 — Configure Intermediate system-to-Intermediate system (IS-IS)

instances ..................................................................................................... 2-8
.
Chapter 3. Setting up the CMTS/CCAP for IPTV services

IPTV overview ................................................................................................... 3-2.
Figure 3-1.Basic IPTV network components ......................................... 3-2

Configuration solutions for IPTV ....................................................................... 3-3 .
Solution 1 — Configure DOCSIS MAC interfaces ...................................... 3-3 .
Solution 2 — Enable IGMP on the GigE interfaces .................................... 3-4 .
Solution 3 — Configure the IGMP static group ........................................... 3-4 .
Solution 4 — Create multicast groups ......................................................... 3-5 .
Solution 5 — Configure the multicast group QOS and encryption profiles . 3-6 .
Casa Systems CMTS

Network Solutions Guide v
Contents
Solution 6 — Configure the cable QOS service-class for IPTV ...................3-6 .
Solution 7 — Limit multicast replication and IPTV channels .......................3-7 .
Solution 8 — Enable multicast authorization and other settings .................3-8 .
Recommended show commands ......................................................................3-9 .
Chapter 4. Monitoring traffic with Lawful Intercept applications

About this chapter .............................................................................................4-1
.
Lawful Intercept at the CMTS ............................................................................4-2 .
Figure 4-1.Sample Lawful Intercept application topology...................... 4-3

Configuring the CMTS LI source interface ........................................................4-3 .
Configuring or editing the source interface using SNMP .............................4-4 .
Enabling the target identifier ..............................................................................4-4 .
Configuring SNMP LI users at the CMTS ..........................................................4-5 .
Intercepting Layer 2 streams .............................................................................4-5 .
casa802tapStreamEntry ..............................................................................4-6 .
casa802tapStreamIndex ........................................................................ 4-7

casa802tapStreamFields ....................................................................... 4-7
casa802tapStreamInterface ................................................................... 4-7
casa802tapStreamDestinationAddress .................................................. 4-8
casa802tapStreamSourceAddress ........................................................ 4-8
casa802tapStreamEthernetPid .............................................................. 4-9
casa802tapStreamDestinationLlcSap .................................................... 4-9
casa802tapStreamSourceLlcSap .......................................................... 4-9
casa802tapStreamInterceptEnable ........................................................ 4-9
casa802tapStreamStatus ..................................................................... 4-10
Intercepting Layer 3 streams ...........................................................................4-10 .
pktcESTapStreamEntry ..............................................................................4-10 .
pktcESTapStreamInterface .................................................................. 4-11

pktcESTapStreamAddrType ................................................................. 4-12
pktcESTapStreamDestinationAddress ................................................. 4-12
pktcESTapStreamDestinationLength ................................................... 4-13
pktcESTapStreamSourceAddress ....................................................... 4-13
Casa Systems CMTS

vi Network Solutions Guide
Contents
pktcESTapStreamSourceLength ..........................................................4-13
pktcESTapStreamTosByte ....................................................................4-13
pktcESTapStreamTosByteMask ...........................................................4-14
pktcESTapStreamFlowId ......................................................................4-14
pktcESTapStreamProtocol ...................................................................4-14
pktcESTapStreamDestL4PortMin .........................................................4-14
pktcESTapStreamDestL4PortMax ........................................................4-15
pktcESTapStreamSourceL4PortMin .....................................................4-15
pktcESTapStreamSourceL4PortMax ....................................................4-15
pktcESTapStreamVRF .........................................................................4-16
pktcESTapStreamStatus .......................................................................4-16
Using the CableLabs generic stream table ..................................................... 4-17 .
pktcEScTapMediationEntry ....................................................................... 4-17 .
pktcEScTapMediationContentId ...........................................................4-18
pktcEScTapMediationDestAddressType ..............................................4-18
pktcEScTapMediationDestAddress ......................................................4-18
pktcEScTapMediationDestPort .............................................................4-18
pktcEScTapMediationSrcInterface .......................................................4-19
pktcEScTapMediationDscp ..................................................................4-19
pktcEScTapMediationTimeout ..............................................................4-19
pktcEScTapMediationTransport ...........................................................4-19
pktcEScTapMediationNotificationEnable ..............................................4-20
pktcEScTapMediationStatus .................................................................4-20
L2/L3 Lawful intercept configuration example ................................................. 4-20 .
Lawful intercept example solutions ................................................................. 4-23 .
Solution 1 — Configure lawful intercept on a CMTS with IP address

10.15.52.34: .............................................................................................. 4-23
.
Solution 2— Configuring lawful intercept on a CMTS with IP address

192.168.8.190: .......................................................................................... 4-24 .
Solution 3 — Configure lawful intercept with a timeout on a CMTS with

IP address 192.168.0.155 ......................................................................... 4-26 .

192.168.0.155 ........................................................................................... 4-29 .
Casa Systems CMTS

vii
Preface
About this guide

The Casa Systems – CMTS Network Solutions Guide provides users with useful
information on how to configure the CMTS for various networking applications. In
telecommunications networks today, configurations can become complex as they
require users to build working configurations from the many selected objects and
parameters that are available across the CMTS management software. Interoperability
with CMTS-connected devices such as routers, cable modems, eMTAs, gigabit
switches, and other gear in the cable plant add to this complexity.
Currently, the following topics are covered in this guide:
For information about See
Load balancing CMTS traffic Chapter 1.

Routing redundancy on C10G and C100G platforms Chapter 2.
Internet protocol television (IPTV) setup at the CMTS Chapter 3.
Using the CMTS as a Lawful Intercept access point Chapter 4.
Revision history
• 06.00.03 — Initial release of the Casa Systems – CMTS Network Solutions Guide.
• 06.01.02 — Revised for Casa Release 6.1.2.
• 06.01.02_A — August 2012. Revised Chapter 4, “Monitoring traffic with Lawful
Intercept applications”
• 06.01.03 — December 2012. Added Chapter 1, “CMTS operations overview”
Casa Systems CMTS

viii Network Solutions Guide
Preface
• 06.04.01 — March 2013. Added Chapter 6, “Setting up narrowcast video

services.”
• 06.04.02 — October 2013. Removed Chapter 6, “Setting up narrowcast video
services.” See the Casa Systems – CCAP Video Edge User Guide for information.
• 06.04.03 — July 2014. Removed Chapter 1 covering CMTS operations. See the
Casa Systems – CMTS Operations and Administration Guide for information.
Contacting Casa
Corporate facility
Casa Systems, Inc.
100 Old River Road
Andover, MA 01810
Tel.: 978-688-6706
World Wide Web: www.casa-systems.com
Technical Support
In the United States: Tel: 978-699-3045
E-mail: support@casa-systems.com
Technical documentation
Casa Systems provides the following documentation set in PDF format, viewable
using Adobe Reader 5.0 or later. These PDF files are available from the Casa FTP site
at ftp://support.casa-systems.com.
• Casa Systems – C1G CMTS Hardware Installation Guide
• Casa Systems – C1G CMTS Quick Installation
• Casa Systems – C1N CMTS Hardware Installation Guide
• Casa Systems – C2200 CMTS Hardware Guide
• Casa Systems – C2200 CMTS Quick Installation
• Casa Systems – C3200 CMTS Quick Installation
• Casa Systems – C3200 CMTS Hardware Guide
• Casa Systems – C10G/C10200 CMTS Quick Installation
Casa Systems CMTS

Network Solutions Guide ix
Preface

• Casa Systems – C10200 CMTS Hardware Installation Guide
• Casa Systems – C100G CMTS/CCAP Quick Installation
• Casa Systems – CCAP Video Edge User Guide
• Casa Systems – CMTS Operations and Administration Guide
• Casa Systems – CMTS Network Solutions Guide (this document)
• Casa Systems – SNMP MIBs and Traps Reference
• Casa Systems – CMTS Troubleshooting and Diagnostics
• Casa Systems – CMTS Release 6.4 Features Guide
• Casa Systems – CMTS Software Configuration Guide
• Casa Systems – C1G/C1N CMTS Release Notes
• Casa Systems – CMTS Release Notes
Note: Casa Systems provides updates to the manuals on a regular basis. Log
on to the Casa Systems Web site at www.casa-systems.com for the latest files
in PDF format. Select customer login and enter your username and
password. If you do not have a Casa-assigned username and password, send
e-mail to support@casa-systems.com.
Effective September 1, 2013, technical documentation CD-ROMs are no

longer shipped with Casa CMTS hardware.
Conventions used in Casa documentation

Typographical conventions
Key Convention Function Example
Boldface font Commands and keywords are in Type abc, then press [ENTER]
boldface.
Italic font Emphasized terminology is in italics. burst profile
Casa Systems CMTS

x Network Solutions Guide
Preface
Key Convention Function Example
brackets [ ] Elements in square brackets are [portNumber]

optional.
braces {x | y | z} Indicates a required argument with a {enabled | disabled}
choice of values; choose one.
brackets [x | y | z] Indicates an optional argument with a [abc | 123]
choice of values; choose one.
vertical bar | Separates parameter values. Same as {TCP | TLS}
“or.”
String A non-quoted set of characters. Do not abc
use quotation marks (“”)around the
string as the string will include the
quotation marks.
Screen font Terminal sessions and information the
system displays are in screen font.
Boldface screen font Information you must enter is in
boldface screen font.
Italic screen font Arguments for which you supply values number
are in italic screen font.
^ The symbol ^ represents the key
labeled CTRL (control). The key
combination ^D in a screen display
means hold down the CTRL key while
pressing the D-key.
<> Non-printing characters such as
passwords are in angle brackets in
contexts where italics are not available.
Angle brackets are also used for
variables.
!,# An exclamation point (!) or a pound # This is a comment.
sign (#) at the beginning of a line of
code indicates a comment line.
Acronyms
Casa Systems manuals contain the following industry-standard and product-specific
acronyms:
AAA Authentication, Authorization, Accounting
Casa Systems CMTS

Network Solutions Guide xi
Preface
ARP Address Resolution Protocol

BGP-4 Border Gateway Protocol, Version 4
CMTS Cable Modem Termination System
DBC Dynamic Bonding Change
DCC DOCSIS Channel Change
DDM DOCSIS Data Manager
DOCSIS Data Over Cable Service Interface Specification
DHCP Dynamic Host Configuration Protocol
GigE Gigabit Ethernet
HFC Hybrid fiber coaxial
ICMP Internet Control Message Protocol
IP Internet Protocol
IPTV Internet Protocol Television
IS-IS Intermediate System to Intermediate System
LI Lawful Intercept
MIB Management Information Base
NTP Network Time Protocol
OSPF Open Shortest Path First protocol
PCMM PacketCable Multimedia
PIM Protocol Independent Multicast
QAM Quadrature Amplitude Modulation
SMM Switch and management module (Casa Systems)
SNR Signal to Noise Ratio
STB Set Top Box
TCP Transmission Control Protocol
TOS Type of service
UCC Upstream Channel Change
UDP User Datagram Protocol
UPS Upstream
URL Uniform resource locator
VoIP Voice over IP
VLAN Virtual local area network
Casa Systems CMTS

1-1
Chapter 1. Load balancing CMTS

traffic
About this chapter

This chapter provides information on load balancing upstream and downstream cable
modem traffic over CMTS channels over one or more physical interfaces. Load
balancing distributes CM traffic to best utilize available bandwidth and CMTS
resources based on load balancing execution rules, groups, policies, and usage
thresholds. As a result, traffic between the CM and CMTS remains balanced during
peak traffic periods.
Topic Page
CMTS load balancing overview 1-2

Static and dynamic load balancing 1-2
Load balancing restrictions and limitations 1-2
Load balance configuration prerequisites 1-3
Enabling load balancing 1-4
Enabling static load balancing across MAC domains 1-4
Load balancing configuration steps 1-5
Creating load balancing groups 1-5
General load balancing groups 1-6
Restricted load balancing groups 1-8
Adding cable modems to the restricted load balancing group 1-12
Configuring policies and rules 1-13
Defining basic load balance rules 1-14
Defining execution rules 1-15
Load balancing over suspicious channels 1-21
Using exclusion lists 1-22
Casa Systems CMTS

1-2 Network Solutions Guide
CMTS load balancing overview
Topic Page
Load balancing solutions 1-23

Solution 1 — Configure general load balancing (static) 1-23
Solution 2 — Create execution rule to enable dynamic load balancing 1-24
Solution 3 — Display and assess load balance statistics 1-25
Solution 4 — Create special load balancing configurations 1-26

When a cable modem (CM) registers with the CMTS, traffic between the CM and the
CMTS is carried over random upstream and downstream channels. In most cases,
while a CM has access to multiple upstream and downstream channels, a cable
modems will use the same upstream and downstream channel. To load balance traffic
on these channels, two methods are available:
1. Load balancing based on the number of cable modems on CMTS channels, or
2. Load balancing based on a configured percentage of current channel utilization.
Static and dynamic load balancing

The CMTS performs load balancing in one of two ways, or a combination of the two:
static load balancing or dynamic load balancing.
Static load balancing takes place when a cable modem sends its initial ranging request
message to the CMTS. For DOCSIS 1.0 1.1 and 2.0 modems, the CMTS responds
with a ranging response (RNG-RSP) message that includes either a Downstream
Frequency Override or an Upstream Channel ID Override field that instructs the cable
modem which channels it should use. For DOCSIS 3.0 modems, when a cable modem
sends its registration request (REG-REQ) messages, the CMTS responds with a
registration response (REG-RSP) message to instruct the cable modem to select the
channels.
Dynamic load balancing moves cable modems among upstream and downstream
channels within the same service group after their initial difference between two
interfaces exceeds a defined percentage. The CMTS will use downstream and
upstream dynamic channel change messages (DCC) to move CMs with single
Casa Systems CMTS

Load balancing CMTS traffic 1-3
upstream/downstream channels, and dynamic bonding change (DBC) messages to

move CMs with bonded upstream/downstream channels to different bonding groups.
Note: For DOCSIS and EuroDOCSIS 3.0 modems, the dynamic load
balancing software generates a downstream channel set with a minimum load
to fit the modem‘s receive channel profile (RCP). This prevents rejection of the
new channel set so that load balancing is not canceled when the assigned
modem is under load.
The CMTS does not move modems to disconnected (idle) downstream channels
where there are no registered online cable modems.
Load balancing restrictions and limitations

The follow restrictions and limitations apply to traffic load balancing between the
CMTS and registered online cable modems:
• Load balancing can only be performed over upstream and downstream interfaces
sharing the same physical connectivity. This means that load balancing can only
be done over upstream and downstream interfaces belonging to the same service
group.
• Load balancing is NOT restricted to upstream and downstream channels
belonging to the same DOCSIS MAC domain interface. Load balancing crossing
different MAC domains is supported.
• Upstream and downstream interfaces with mixed single upstream/downstream
channel CMs and bonded upstream/downstream channel CMs can be load
balanced. CMs with multiple upstream/downstream channels will count as one
CM on each of its upstream or downstream channels.
• Load balancing DOES NOT support a load balance group with mixed-annex
downstream channels. Downstream channels must be included in two different
service groups, each having its own annex.
Load balance configuration prerequisites

Before configuring the load balancing parameters, ensure that you have edited the
CMTS configuration file to include the following:
1. Network interfaces, such as interface gige 0, interface gige 1, etc.
Casa Systems CMTS

Enabling load balancing
2. All downstream interfaces that will participate in load balancing, such as

interface qam 0/0, interface qam 0/1, etc. on the same module. Each
downstream interface should have the channel and frequency settings configured
if different from the default settings.
3. All upstream interfaces that will participate in load balancing, such as interface
upstream 1/0, interface upstream 1/1, etc. Each upstream interface should have
the channel-width and frequency settings configured if different from the default
settings.
4. Any networking protocols that will enable cable modems to connect and register
with the CMTS.
5. DOCSIS MAC interfaces and service groups, as covered in the section “General
load balancing groups.”
Enabling load balancing

To enable load balancing at the CMTS, enter the following command:
CASA-CMTS(config)# load-balance enable
Enabling static load balancing across MAC domains

The CMTS supports static load balancing across MAC domains in networks where
upstream and downstream channels are on two MAC domains, such as "docsis-mac 1"
and "docsis-mac 2." Use the load-balance enable across-mac command to specify
upstream precedence (default), or specify the downstream option for downstream
precedence.
By default, the upstream channel has precedence in load balancing across MAC
domains, where the lowest loaded (least busy) upstream channel is selected within the
service group. Then, the lowest loaded downstream channel is selected within the
MAC domain of the selected upstream channel. If the downstream precedence is
configured, then the downstream channel is selected first.
The CMTS uses downstream frequency override and the upstream channel ID
override in the ranging response message to move a modem to a different MAC
domain if needed. This applies to all DOCSIS 1.0, 1.1, 2.0 and 3.0 modems. The SID
in the ranging response message is 0x3fff.
Casa Systems CMTS

Load balancing configuration steps
Additionally, use the load-balance enable across-mac downstream command to

specify downstream load balancing preference on channels within a MAC domain.
Example: Enable load balancing across MAC domains

CASA-CMTS(config)# load-balance enable across-mac [downstream]
Load balancing configuration steps

Configuring load balancing requires the following steps:
1. Define the MAC domains and the service groups
2. Define the basic rules and/or the execution rules.
3. Define the load balancing policy and assign the rules to the policy.
4. Apply the policy to a load balancing group, either the default group or a restricted
load balance group.
To apply a load balancing policy globally, apply it to the default group.
To apply different load balancing policies to different MAC domain/service groups,

first define the rules and the policies. Then create a restricted load balance group, and
assign it to the MAC domain/service group.
Creating load balancing groups

A load balancing group is a set of upstream and downstream channels over which a
CMTS performs load balancing for a set of CMs. Because load balancing only
operates on upstream and downstream interfaces sharing the same physical
connectivity, the upstream and downstream interfaces have to belong to the same
service group.
Both channel bonding and non-channel bonding modems can participate in load
balancing. Channel bonding modems count as one CM for each of its channels.
A load balancing group has the following attributes:

• A set of downstream and upstream channels in the same CM service group.
• A policy that governs if and when a CM can be moved.
• An initial technique for the CM during load balancing.
Casa Systems CMTS

There are two types of load balancing groups:

• General load balancing group — The CMTS creates a general load balancing
group for every MAC domain CM service group (MD-CM-SG).
• Restricted load balancing group — The CMTS selects specific upstream and
downstream channels within the MD-CM-SG for a restricted load balancing
group.
During CM registration, the CMTS attempts to assign each CM to a load balancing
group under the following conditions:
1. If the CM is assigned to a service type or restricted load balancing group ID using
the CMTS management objects, or if the registration request contains a service
type TLV or a load balancing group ID TLV, the CMTS assigns a restricted load
balancing group to the CM.
2. If the CMTS determines a general load balancing group for the CM, the CMTS
then assigns the general load balancing group to the CM.
3. If the CMTS cannot determine either a restricted load balancing group or a
general load balancing group for the CM, the CMTS does not load balance traffic
on that CM.
General load balancing groups

The CMTS automatically creates one general load balancing group for each MD-SG
after the service group and MAC domain interface configuration.
In the following example, the CMTS generate a general load balance group with
service group FN_A and MAC domain 1. It contains downstream channels qam 0/0/0,
qam 0/0/1, qam 0/0/2, qam 0/0/3 and upstream channels upstream 4/0.1, upstream 4/
1.1, upstream 4/2.1, and upstream 4/3.1. When a general load balance group is
created, it uses load balancing parameters from pre-defined general load balance
group default settings.
Example: Create the service-group and docsis-mac interfaces

CASA-CMTS(config)#service group FN_A
CASA-CMTS(conf-svc-grp FN_A)# qam 0/0/0
CASA-CMTS(conf-svc-grp FN_A)# upstream 4/0.1
Casa Systems CMTS

CASA-CMTS(config)# interface docsis-mac 1

CASA-CMTS(conf-if-mac 1)# downstream 1 interface qam 0/0/0
CASA-CMTS(conf-if-mac 1)# upstream 1 interface upstream 4/0.1
Example: Edit the general-group default-settings

To enter the general load balance group default, use the following command in the
config mode:
CASA-CMTS(config)# load-balance general-group default-settings

CASA-CMTS(load-bal-general-default)#
The following commands are available under the general load balancing group
default-settings:
• enable
• initial-tech
• policy-id
Example: Enable the general load balancing group

To enable or disable the load balancing function on general load balancing groups:
CASA-CMTS(load-bal-general-default)# enable (default)

CASA-CMTS(load-bal-general-default)# no enable
Example: Specify the initial load balancing technique

To specify the initial technique that the CMTS uses to load balance and move cable
modems:
CASA-CMTS(load-bal-general-default)#initial-tech direct (default)

CASA-CMTS(load-bal-general-default)#initial-tech broadcast-ranging
CASA-CMTS(load-bal-general-default)#initial-tech period-ranging
CASA-CMTS(load-bal-general-default)#initial-tech reinitialize-mac
CASA-CMTS(load-bal-general-default)#initial-tech unicast-ranging
Casa Systems CMTS

• direct — This is the initial technique default setting. The cable modem moves
directly to another channel without performing any type of ranging.
• broadcast-ranging — The cable modem broadcasts the full initial ranging
request without going offline and performing re-registration with the CMTS.
• period-ranging — The cable modem move to a new channel, but performs
periodic ranging requests for an improved channel opportunity.
• reinitialize-mac — The cable modem MAC address is reset causing the cable
model to go offline and then re-register with the CMTS on new channel.
• unicast-ranging — The cable modem performs an initial ranging request for a
dedicated channel from the CMTS where there is no other transmission activity.
Example: Create the policy identifier

Polices describe the rules to execute when load balancing traffic across CMTS
interfaces. To specify a previously-configured policy to apply during load balancing
execution:
CASA-CMTS(load-bal-general-default)# policy-id <number>
Refer to the section, “Configuring policies and rules” for further information.
Example: Specify the general-group mac-domain and service-group

To enter the general load balance group for a previously-configured MAC domain and
service-group, use the following command in config mode:
CASA-CMTS(config)# load-balance general-group mac-domain <num>

service-group <string>
CASA-CMTS(config)# load-balance general-group mac-domain 1

service-group FN_A
(load-bal-general-mac-1-sg-FN_A)#
Restricted load balancing groups

A restricted load balance group is similar to the general load balance group.
Restricted load balancing groups require that you specify unique upstream and
downstream channel set information that is not specified in the general group.
Casa Systems CMTS

Example: Create the restricted-group identifier

To enter the load balance restricted-group context in the CLI, use the following
command in config mode:
CASA-CMTS(config)# load-balance restricted-group <group-id>
Specify the group-id parameter in the number range 1 to 4294967296. This number
uniquely identifies the restricted load balancing group among other groups that you
create. The group-id must be unique within the CMTS.
CASA-CMTS(config)# load-balance restricted-group 1

CASA-CMTS(load-bal-restrict 1)#
The following commands are available under the restricted-group configuration:

• enable
• initial-tech
• policy-id
• docsis-mac
• service-type-id
• upstream
• qam
Example: Enable the restricted load balancing group

To enable or disable the load balancing function on restricted load balancing groups:
CASA-CMTS(load-bal-restrict 1)# enable (default)

CASA-CMTS(load-bal-restrict 1)# no enable
Example: Specify the initial load balance technique for the restricted-group
To specify the initial technique that the CMTS uses to load balance and move cable
modems:
CASA-CMTS(load-bal-restrict 1)# initial-tech direct (default)

CASA-CMTS(load-bal-restrict 1)# initial-tech broadcast-ranging
CASA-CMTS(load-bal-restrict 1)# initial-tech period-ranging
CASA-CMTS(load-bal-restrict 1)# initial-tech reinitialize-mac
CASA-CMTS(load-bal-restrict 1)# initial-tech unicast-ranging
Casa Systems CMTS

• direct — This is the initial technique default setting. The cable modem moves
directly to another channel without performing any type of ranging.
• broadcast-ranging — The cable modem broadcasts the full initial ranging
request without going offline and performing re-registration with the CMTS.
• period-ranging — The cable modem move to a new channel, but performs
periodic ranging requests for an improved channel opportunity.
• reinitialize-mac — The cable modem MAC address is reset causing the cable
model to go offline and then re-register with the CMTS on new channel.
• unicast-ranging — The cable modem performs an initial ranging request for a
dedicated channel from the CMTS where there is no other transmission activity.
Example: Create the policy identifier

Polices describe the rules to execute when load balancing traffic across CMTS
interfaces. To specify a previously-configured policy to apply during load balancing
execution:
CASA-CMTS(load-bal-restrict 1)# policy-id <number>
Refer to the section, “Configuring policies and rules” for information.
Example: Specify the docsis-mac interface to which load balancing applies

To enter the load balance restricted-group for a previously-configured MAC domain
in the range 1 to 32, use the following command in config mode:
CASA-CMTS(load-bal-restrict 1)# docsis-mac <number>
CASA-CMTS(load-bal-restrict 1)# docsis-mac 1
Example: Specify the service-type-id string

The service-type-id parameter specifies the unique string that selectively controls
load balancing to modems belonging to particular service type in this restricted-group,
such as modem device type, DOCSIS version, and service class. Only modems that
send a matching service-type-id string to the CMTS during registration will be load
balancing and moved to another channel.
Specify a string with up to 16 alphanumeric characters. If blank spaces are necessary

in the string, surround the string with quotation marks (for example, “string one”).
Casa Systems CMTS

CASA-CMTS(load-bal-restrict 1)# service-type-id <string>
CASA-CMTS(load-bal-restrict 1)# service-type-id “DOCSIS 3.0”
Example: Specify the upstream slot, port, and channel

The upstream parameter allows you to add upstream channels to restricted-group in
the current MAC domain, as configured with the docsis-mac parameter. Only the
specified upstream channels in the restricted-group will be load balanced.
Note: Make certain that you appropriately bind each upstream slot/
port.channel/logical channel under the interface docsis-mac configuration.
CASA-CMTS(load-bal-restrict 1)# upstream <slot/port.chan/log_chan>

CASA-CMTS(load-bal-restrict 1)# upstream 4/2.0/1
Note that the channel is optional. If omitted, the channel default to 0.

CASA-CMTS(load-bal-restrict 1)# upstream <slot/port/log_chan>
CASA-CMTS(load-bal-restrict 1)# upstream 4/2/1
Example: Specify the QAM slot, port, and channel

The qam parameter allows you to add downstream channels to the restricted-group in
the current MAC domain, as configured with the docsis-mac parameter. Only the
specified downstream channels in the restricted-group will be load balanced.
Note: Make certain that you appropriately bind each upstream slot/port/
channel under the interface docsis-mac configuration.
CASA-CMTS(load-bal-restrict 1)# downstream <slot/port/chan>

CASA-CMTS(load-bal-restrict 1)# downstream 0/1/1
Casa Systems CMTS

Adding cable modems to the restricted load balancing group

Add cable modems to the restricted load balancing group for known cable modems
that will participate in CMTS upstream and downstream load balancing. Modems are
specified by cable modem MAC address and an optional network mask. Specify one
cable modem MAC address per restricted-cm identifier, then specify the referenced
restricted-load-balance-group ID to which this cable modem will be associated for
load balancing.
Example: Specify the restricted-cm identifier

To enter the load balance restricted-cm context in the CLI, use the following
command in config mode:
CASA-CMTS(config)# load-balance restricted-cm <number>
Specify the number parameter in the number range 1 to 4294967296. The number
uniquely identifies the configuration of this modem among other unique modems.
CASA-CMTS(config)# load-balance restricted-cm 1

CASA-CMTS(load-bal-restrict-cm 1)#
The following commands are available under the restricted-cm configuration:

• mac
• service-type-id
• restricted-load-balance-group
Example: Specify the cable modem MAC address

Specify the MAC address of the known CM that will belong to a restricted load
balancing group. Use the show cable modem command to display active cable
modems and their MAC addresses. The default mask, if not specified, is ffff.ffff.ffff.
CASA-CMTS(load-bal-restrict-cm 1)# mac addr <mac-address> [mask

<netmask>]
CASA-CMTS(load-bal-restrict-cm 1)# mac addr 0008.ffff.fefe
Example: Specify the service-type-id string

The service-type-id parameter specifies the unique string that selectively controls
load balancing to modems belonging to particular service type in this restricted group,
such as modem device type, DOCSIS version, and service class.
Casa Systems CMTS

Configuring policies and rules
Use this parameter the same way as specified in the restricted load-balance group
where only modems that send a matching service-type-id string to the CMTS during
registration will be load balanced and moved to another channel. Specifying the
service-type-id for known cable modems (by MAC address) allows you to add the
service type to modems that have already registered with the CMTS (with no service-
type-id string) and are to be made available for load balancing to other channels (using
a referenced load-balance restricted-group, covered in the next section).
Use the show cable modem command to display the active cable modems and their
MAC addresses.
Specify a string with up to 16 alphanumeric characters. If blank spaces are necessary

in the string, surround the string with quotation marks (for example, “string one”).
CASA-CMTS(load-bal-restrict-cm 1)# service-type-id <string>
CASA-CMTS(load-bal-restrict-cm 1)# service-type-id “DOCSIS 3.0”

CASA-CMTS(load-bal-restrict-cm 1)#
Example: Create restricted-load-balance-group

The restricted-load-balance-group parameter allow you to specify the
previously-configured restricted groups to be associated with the cable modems that
you added with the load-balance restricted-cm command. Cable modems will be
load balanced and moved to the upstream and downstream channels as specified in the
referenced load-balance restricted-group.
CASA-CMTS(load-bal-restrict-cm 1)# restricted-load-balance-group 1

A load balancing policy comprises a set of rules that control load balancing operations
at the CMTS. A policy contains one or more load balancing rules in two categories:
• Basic rules — Control the period during the day when the load balancing
operates. The CMTS supports multiple basic rules per policy.
• Execution rules — Control the thresholds for moving cable modems to other
channels. The CMTS supports one execution rule per policy at any one time.
Casa Systems CMTS

Example: Create a load balancing policy

To create a load balancing policy, enter the following command and specify a number
in the range 1 to 4294967295.
CASA-CMTS(config)# load-balance policy <number>
CASA-CMTS(config)# load-balance policy 1

CASA-CMTS(load-bal-policy-1)#
Defining basic load balance rules

You can create as many basic rules as needed to load balance cable modems during
high traffic periods. You then apply these rules to the load-balance policy.
Example: Create a basic rule

To create a basic rule, enter the following command and specify a number in the range
1 to 4294967295.
CASA-CMTS(config)# load-balance basic-rule <number>
CASA-CMTS(config)# load-balance basic-rule 1

CASA-CMTS(load-bal-basic-rule 1)# ?
enable enable
suspend-load-balance suspend-load-balancing
There are two configuration options associated with a basic load balance rule:
• enable
• suspend-load-balance
Example: Enable the basic rule

To enable the basic rule for use in a load-balance policy, specify the following
command:
CASA-CMTS(load-bal-basic-rule 1)# enable
Example: Suspend load balancing during a specified period

To specify a period during the day to suspend load balancing over CMTS interfaces,
enter the following command and specify the start and end time (in HH:MM:SS
format) when load balancing will not take place.
Casa Systems CMTS

CASA-CMTS(load-bal-basic-rule 1)# suspend-load-balance from <HH:MM:SS>
CASA-CMTS(load-bal-basic-rule 1)# suspend-load-balance from 04:00:00

to 05:00:00
CASA-CMTS(load-bal-basic-rule 1)#
In the above example, load balancing is suspended from 4:00 a.m. to 5:00 a.m.
Example: Apply a basic rule to load-balance policy

To apply a basic rule to a named policy, enter the following command and specify a
number in range 1 to 4294967295.
CASA-CMTS(load-bal-policy-1)# rule basic <number>
CASA-CMTS(load-bal-policy-1)# rule basic 1
The load balance policy can have multiple basic rules.
Defining execution rules

You can create one execution rule to load balance cable modems during high traffic
periods. You then apply this rule to the load-balance policy.
Example: Create an execution rule

To create an execution rule, enter the following command and specify a number in the
range 1 to 4294967295.
CASA-CMTS(config)# load-balance execution-rule <number>
CASA-CMTS(config)# load-balance execution-rule 1

CASA-CMTS(load-bal-exe-rule 1)# ?
enable enable
interval minimum time between the load-balance can be load
balanced
method method to determine when to do load balanced
suspicious-channel channel without register modems
threshold threshold
upstream-interval minimum time between the load-balance can be
load balanced for upstream
upstream-method method to determine when to do load balance for
upstream
upstream-threshold upstream-threshold
Casa Systems CMTS

The following configuration options are available in the load-balance execution-rule

configuration:
• enable
• method, threshold
• interval
• upstream-method, upstream-threshold, upstream-interval
• suspicious-channel
Example: Enable the execution rule

To enable the execution rule for use in a load-balance policy, specify the following
command:
CASA-CMTS(load-bal-exe-rule 1)# enable
Example: Specify the load balance method and threshold (static)

The commands covered in this section allow to define the techniques that the CMTS
uses when making load balance decisions, either by the number of modems on a
channel, or by a configured percentage of current channel utilization.
The threshold load parameter specifies the actual number of cable modems, or the
utilization percentage in the range 0 to 100. Load value specifies the maximum load
difference that can exist between interfaces in a group before the CMTS performs
static load balancing. Setting the load value to 0 disables static load balancing.
CASA-CMTS(load-bal-exe-rule 1)# method {modem | utilization}

CASA-CMTS(load-bal-exe-rule 1)# threshold load <0-100>
To specify modem load balancing with a threshold of 50 modems, enter the following
commands:
CASA-CMTS(load-bal-exe-rule 1)# method modem

CASA-CMTS(load-bal-exe-rule 1)# threshold load 50
To specify channel utilization load balancing with a threshold of 50 percent usage,

enter the following commands:
Casa Systems CMTS

CASA-CMTS(load-bal-exe-rule 1)# method utilization

CASA-CMTS(load-bal-exe-rule 1)# threshold load 50
Example: Specify the load balance method and threshold (dynamic)

The method command applies to both dynamic and static load balancing, as well as to
both upstream channels and downstream channels if not otherwise specified. Dynamic
load balancing takes place when the load difference between interfaces exceeds a
minimum value.
To specify the dynamic load balancing method:
CASA-CMTS(load-bal-exe-rule 1)# method {modem | utilization} [dynamic]
CASA-CMTS(load-bal-exe-rule 1)# method modem dynamic

CASA-CMTS(load-bal-exe-rule 1)# method utilization dynamic
To specify the threshold for dynamic load balancing, enter the threshold load
command to specify the actual number of cable modems, or the utilization percentage
in the range 0 to 100.
CASA-CMTS(load-bal-exe-rule 1)# threshold load <0-100> {dynamic

minimum <2-100> | enforce <0-100> | minimum <2-100>}
• minimum and dynamic minimum <0-200> — The minimum parameter

specifies the minimum load over the channel before the CMTS begins static load
balancing. Similarly, the dynamic minimum specifies the minimum load over the
channel before the CMTS begins dynamic load balancing.
If you do not specify the dynamic-minimum, then the minimum value applies to
both static and dynamic load balancing. Otherwise, minimum parameter setting
applies to static load balancing only, while the dynamic-minimum value applies
to dynamic load balancing only. For example.
CASA-CMTS(load-bal-exe-rule 1)# threshold load 10 minimum 35
dynamic minimum 50
• enforce <0-100> — The enforce parameter enables dynamic load balancing. It

also specifies the maximum difference in utilization percentage that can exist
between interfaces in a group before the CMTS performs dynamic load balancing.
The enforce setting must be larger than the load value if the load is set to 0.
Casa Systems CMTS

In the following example, dynamic load balancing is enabled with the CMTS
applying a modem or utilization threshold of 30 before checking other load
balancing interfaces for availability.
CASA-CMTS(load-bal-exe-rule 1)# threshold load 10 enforce 30

dynamic minimum 50
Setting the enforce value to 0 disables dynamic load balancing.
Example: Specify the load balancing interval

The interval parameter specifies the minimum elapsed time (in seconds) before cable
modems can be moved to the load balancing interfaces. Only one cable modem can be
moved after each elapsed time interval.
To specify the dynamic load balance interval, specify a number in the range 10 to
3600 seconds.
CASA-CMTS(load-bal-exe-rule 1)# interval <10-3600>
The following example sets the dynamic load balancing interval to one modem every
60 seconds.
CASA-CMTS(load-bal-exe-rule 1)# interval 60
Example: Specify the upstream method and threshold (static)

To selectively control or customize load balancing on the upstream channels, use the
following execution rule parameters:
• upstream-method
• upstream-threshold
• upstream-interval
The upstream-method parameter controls load balancing based on the number of
modems on a channel, or by a configured percentage of current channel utilization.
The upstream-threshold load parameter specifies the actual number of cable

modems, or the utilization percentage in the range 0 to 100. Load value specifies the
maximum load difference that can exist between interfaces in a group before the
CMTS performs static load balancing. Setting the load value to 0 disables static load
balancing.
Casa Systems CMTS

CASA-CMTS(load-bal-exe-rule 1)# upstream-method {modem | utilization}

CASA-CMTS(load-bal-exe-rule 1)# upstream-threshold load <0-100>
To specify upstream modem load balancing with a threshold of 50 modems, enter the
following commands:
CASA-CMTS(load-bal-exe-rule 1)# upstream method modem

CASA-CMTS(load-bal-exe-rule 1)# upstream threshold load 50
To specify channel utilization load balancing with a threshold of 50 percent usage,

enter the following commands:
CASA-CMTS(load-bal-exe-rule 1)# upstream-method utilization

CASA-CMTS(load-bal-exe-rule 1)# upstream-threshold load 50
Note: If the upstream-method command is used, the original method

[modem | utilization] command only applies to downstream channel load
balancing.
Example: Specify the upstream method and threshold (dynamic)

When you set the upstream-method parameter, the original method [modem |
utilization] command does not apply to upstream channel dynamic load balancing.
Dynamic load balancing takes place when the load difference between the upstream
interfaces exceeds a minimum value.
To specify the upstream dynamic load balancing method:
CASA-CMTS(load-bal-exe-rule 1)# upstream-method {modem | utilization}

[dynamic}
CASA-CMTS(load-bal-exe-rule 1)# upstream-method modem dynamic

CASA-CMTS(load-bal-exe-rule 1)# upstream-method utilization dynamic
To specify the threshold for dynamic load balancing, enter the upstream-threshold
load command to specify the actual number of cable modems, or the utilization
percentage in the range 0 to 100.
If the upstream-threshold is not configured, the threshold configuration applies to

both downstream and upstream channels. Otherwise, the threshold configuration
Casa Systems CMTS

applies to the downstream channels only, while the upstream-threshold applies to

the upstream channels.
CASA-CMTS(load-bal-exe-rule 1)# upstream-threshold load <0-100>

{dynamic minimum <2-100> | enforce <0-100> | minimum <2-100>}
• minimum and dynamic minimum <0-200> — The minimum parameter

specifies the minimum load over the channel before the CMTS begins static load
balancing. Similarly, the dynamic minimum specifies the minimum load over the
channel before the CMTS begins dynamic load balancing.
If you do not specify the dynamic-minimum, then the minimum value applies to
both static and dynamic load balancing. Otherwise, minimum parameter setting
applies to static load balancing only, while the dynamic-minimum value applies
to dynamic load balancing only. For example.
CASA-CMTS(load-bal-exe-rule 1)# upstream-threshold load 50 minimum
50 dynamic minimum 50
• enforce <0-100> — The enforce parameter enables dynamic load balancing. It

also specifies the maximum difference in percentage that can exist between
interfaces in a group before the CMTS performs dynamic load balancing. The
enforce setting must be larger than the load value if the load is set to 0.
In the following example, dynamic load balancing is enabled with the CMTS
applying a modem or utilization threshold of 50 before checking other load
balancing interfaces for availability.
CASA-CMTS(load-bal-exe-rule 1)# upstream-threshold load 50 enforce

50 dynamic minimum 50
Setting the enforce value to 0 disables dynamic load balancing.
Example: Specify the upstream load balancing interval

The upstream-interval command allows a custom interval value for upstream load
balancing by specifying the minimum elapsed time (in seconds) before cable modems
can be moved to the load balancing interfaces. Only one cable modem can be moved
during each time interval. When the upstream-interval is configured, the interval
setting applies to downstream load balancing only.
To specify the dynamic load balance upstream-interval, specify a number in the

range 10 to 3600 seconds.
Casa Systems CMTS

CASA-CMTS(load-bal-exe-rule 1)# upstream-interval <10-3600>
The following example sets the dynamic load balancing upstream-interval to one
modem every 60 seconds.
CASA-CMTS(load-bal-exe-rule 1)# upstream-interval 60
Example: Apply an execution rule to the load-balance policy

To apply an execution rule to a named policy, enter the following command and
specify a number in range 1 to 4294967295.
CASA-CMTS(load-bal-policy-1)# rule execution <number>
CASA-CMTS(load-bal-policy-1)# rule execution 1
The load balance policy can have ONLY ONE execution rule.
Load balancing over suspicious channels

Under the execution-rule configuration, you can specify whether to load balance
CMTS traffic over channels that currently have no registered cable modems. These
channels over which there are no registered cable modems are known as suspicious
channels. A suspicious channel may result from a line card redundancy failover, a line
card reset, a redundancy revert, or other reason that creates a condition where a load
balancing interface is available and currently unused.
The suspicious-channel command allows to specify whether to attempt load

balancing on empty channels at configured time intervals.
Example: Specify suspicious channel retry interval

To specify if the CMTS should retry load balancing to channels where there are no
registered cable modems, enter the retry interval in the range 0 to 86400 seconds. The
default setting is 3600 seconds. Enter 0 to disable any load balancing to suspicious
channels.
CASA-CMTS(load-bal-exe-rule 1)# suspicious-channel retry interval

<8-86400>
CASA-CMTS(load-bal-exe-rule 1)# suspicious-channel retry interval 1800
Casa Systems CMTS

Using exclusion lists
Using exclusion lists

An exclusion list disables one or more modems from load balancing across CMTS
interfaces. Use the exclusion list in situations where it is not feasible to load balance
particular customer modems. For example, there may be cases where an older
DOCSIS 1.0 or 2.0 modem from a specific vendor may not be a good candidate for
load balancing. You may also want to exclude modems that process particular types of
traffic where moving those modems to other channels introduces risks.
Cable modems in the exclusion list are specified by MAC address, as displayed with
the show cable modem command.
Example: Create an exclusion list

To create an exclusion list, enter the following command:
CASA-CMTS(config)# load-balance exclusion list

CASA-CMTS(load-bal-exclusion-list)#
Example: Add modems to the exclusion list

Modem with a MAC address matching the MAC address/mask criteria specified in the
exclusion list are excluded from load balancing. By default, these modems are
disabled from dynamic load balancing using he following rules:
• If the static parameter is specified, the modems are disabled from static load
balancing only.
• If the dynamic parameter is specified, the modems are disabled from dynamic
load balancing only.
• If the both parameter is specified, the listed modems are disabled from both static
and dynamic load balancing.
CASA-CMTS(load-bal-exclusion-list)# mac addr xxxx.xxxx.xxxx mask

xxxx.xxxx.xxxx [both | dynamic | static]
CASA-CMTS(load-bal-exclusion-list)# mac addr 0001.56ff.fefe mask

0000.0000.0000 both
Casa Systems CMTS

Load balancing solutions

After the CMTS load balances modems upon modem registration and initial channel
selection, you will need to create one or more policies with execution rules to define
how the CMTS will balance traffic dynamically based on utilization. In some cases,
you will need to create one or more additional configurations to address special
conditions, such as declaring modems to be excluded from load balancing at the
CMTS.
Casa recommends that you use the show load balance static and the show load
balance dynamic commands at times when CMTS traffic loads tend to be higher. The
displayed information from the show load balance command will allow you to
further tune the load balancing configuration for better channel utilization so that
moving modems to other channels in the service group occurs less frequently.
Solution 1 — Configure general load balancing (static)

1. Create service group and docsis-mac interfaces to which load balancing will
be applied.
In the following CLI session, the CMTS load-balances traffic on the QAM in
system slot 0, port 0, and across channels 0 to 3. On the upstream, the CMTS
load-balances traffic on system slot 4, interfaces 0 to 4, and on channel 1.
CASA-CMTS(config)#service group FN_A

Casa Systems CMTS

2. Enable load balancing at the CMTS.

CASA-CMTS(config)# load-balance enable
3. Enable the load-balance general-group default.

CASA-CMTS(config)# load-balance general-group default-settings
CASA-CMTS(load-bal-general-default)# enable
4. Specify the initial technique that the CMTS uses to load balance and move
cable modems without performing any type of ranging.
CASA-CMTS(load-bal-general-default)# initial-tech direct
Solution 2 — Create execution rule to enable dynamic load balancing

1. Create service group and docsis-mac interfaces, then enable load balancing
at the CMTS, as covered in Solution 1.
2. Create and enable an execution rule.
CASA-CMTS(config)# load-balance execution-rule 1
CASA-CMTS(load-bal-exe-rule 1)# enable
3. Specify the dynamic load balancing method.

CASA-CMTS(load-bal-exe-rule 1)# method utilization dynamic
4. Enable dynamic load balancing.

Use the threshold load command (for static) and the enforce parameter to enable
dynamic load balancing based on channel utilization.
An enforce value of 30 indicates the 30% maximum percentage of utilization
difference between interfaces listed in the service group before the CMTS
performs dynamic load balancing. The dynamic minimum specifies the
minimum load over the channel before the CMTS begins dynamic load balancing.
CASA-CMTS(load-bal-exe-rule 1)# threshold load 10 enforce 30

dynamic minimum 80
5. Specify the dynamic load balance time interval.
Casa Systems CMTS

The interval is the minimum elapsed time (in seconds) before cable modems can
be moved to the load balancing interfaces. Only one cable modem can be moved
after each elapsed time interval.
CASA-CMTS(load-bal-exe-rule 1)# interval 60
6. Apply the execution-rule to a named policy.

CASA-CMTS(config)# load-balance policy 1
CASA-CMTS(load-bal-policy-1)# rule execution 1
Solution 3 — Display and assess load balance statistics

1. Display load balance statistics.
Run the show load-balance dynamic command to display current statistics (if
available), or over an optionally specified period using a beginning and end time.
For example:
CASA-CMTS# show load-balance dynamic
Mac address: 0015.f2fe.c643

Mac_id: 0
upstream-channel 3
downstream-channel 1
initial_tech
cmd dcc
status WaitToSendMsg
type RGLB
time 2008-04-06 23:28:41
--------------------------------------
total: 1; success:1; other:0
CASA-CMTS#
(Note that the command output is shown in “list” format and not in the format
displayed by the CLI on a computer screen.)
The output shows the MAC address of the modem and the new upstream and
downstream channels to which the modem was moved. The type field shows one
of the following states:
• BAL — Balancing done by the system.
• MLT — DCC by limit replication multicast.
Casa Systems CMTS

• CLI — Load balancing done manually from the CLI.

• MIB — Load balancing done manually from SNMP.
• CSM — DCC done by CSM per cable modem.
• DSA — DCC done by voice.
• RSLB — DCC moved a cable modem into a restricted load-balance group.
• RGLB — General load balancing done until registration.
• SG — Channel is not in the channel set of the configured service group.
2. Assess the load balance statistics over higher traffic periods.
If you find that the CMTS is performing load balancing on a frequent basis, with
the show load-balance dynamic command showing increased statistics, you may
need to fine tune the execution-rule with a new threshold, enforce and dynamic
minimum settings for improved utilization of channels. You can also add
docsis-mac interfaces to the service-group to increase the number of interfaces for
wider load balancing distribution.
Solution 4 — Create special load balancing configurations

There may be special cases where you may need to restrict load balancing to upstream
and downstream channels over certain docsis-mac interfaces (using the
restricted-group configuration) and or to even exclude some modems from load
balancing operations all together (using an exclusion list).
For older DOCSIS 1.0 modems where load balancing is not supported, run the CMTS
show cable modem command to display the D1.0 modems, and them add them to the
load balance exclusion list.
1. Execute show cable modem verbose command. Note the MAC Version field.
CASA-CMTS# show cable modem verbose
MAC Address :0013.f79e.0d6a
IP Address :10.213.1.246
CM-ID :5
Prim Sid :10
MAC Domain :3
Upstream :4/0.0/0
Downstream :0/1/0
Unusable channel list :
Timing Offset :2404
Initial Timing Offset :2404
Casa Systems CMTS

Received Power :0 dBmV

MAC Version :DOC1.0
Qos Provisioned Mode :DOC1.1
Enable DOCSIS2.0 Mode :N
Initial Ranging Message :INIT-RNG-REQ
Registration Request Message :REG-REQ
Phy Operating Mode :atdma
Capabilities :{Frag=Y, Concat=Y, PHS=Y, Priv=BPI+}
Optional Filtering Support :{802.1P=N, 802.1Q=N}
Number of CPE IPs :1
CFG Max-CPE :16
Errors :0 CRCs,0 HCSes
Stn Mtn Failures :0 aborts,0 exhausted
Total US Flows :1
Total DS Flows :1
Total US Data :523 packets,103897 bytes
Total US Throughput :0 kbits/sec,0 packets/sec
Total DS Data :83 packets,14236 bytes
Total DS Throughput :0 kbits/sec,0 packets/sec
Upstream Dropped Packets :0
Active Classifiers :0
DSA/DSX messages :permit all
Total Time Online :0 d, 0 h, 30 m, 35 s
Configuration file name :c213.bin
sysDescr :DOCSIS1.1/DOCSIS2.0 Cable Commercial
Router<<HW_REV: 1.B; VENDOR: SMC
Networks; BOOTR: 1.1.1-RG; SW_REV:
4.02.19-BIZ; MODEL: SMC8014WG-BIZ>>
2. Create the exclusion list.

CASA-CMTS(config)# load-balance exclusion list
3. Add the cable modem MAC addresses to the exclusion list; specify “both” to
prevent the modems from attempting static and dynamic load balancing.
CASA-CMTS(load-bal-exclusion-list)# mac addr 0013.f79e.0d6a mask
0000.0000.0000 both
Casa Systems CMTS

2-1
Chapter 2. Configuring router

redundancy
About this chapter

This chapter provides information for Casa CMTS users who are configuring IP
routing protocols on a redundant C10G or C100G platform. A redundant platform
uses two Switch and Management Modules (SMMs) that participate in routing
redundancy as active and standby devices for non-stop forwarding of traffic over
SMM GigE and 10GigE network interfaces.
Topic Page
Routing redundancy overview 2-2

C10G router redundancy solutions 2-3
Solution 1 — Create a minimal CMTS redundancy configuration 2-4
Solution 2 — Create static routes to upstream routers 2-5
Solution 3 — Configure Routing Information Protocol (RIP) instances 2-5
Solution 4 — Configure Open Shortest Path First (OSPF) instances 2-6
Solution 5 — Configure Border Gateway Protocol 4 (BGP-4) instances 2-7
Solution 6 — Configure Intermediate system-to-Intermediate system (IS-IS) 2-8
instances
Note: Redundancy support for the IS-IS protocol will be available in an

upcoming release. See the Casa Systems – CMTS Release Notes for
information.
Casa Systems CMTS

Routing redundancy overview
Routing redundancy overview

Routing redundancy provides reliable network service availability whenever one or
more system resources are unavailable. Redundant resources will keep the CMTS
operating normally during scheduled down periods when replacing an upstream or
downstream module, as well as during periods when service is interrupted due to an
unexpected failure.
For routing redundancy to operate properly, you must configure the CMTS so that the
service provider network is reachable from both SMMs. This means that both SMMs
must be configured with identical subnet routes to the upstream routers, and identical
routes to all IP bundle and loopback interfaces.
Figure 2-1 illustrates a sample C10G network with redundant network interfaces.
Figure 2-1. Sample C10G router redundancy network

Home network
CPE “A1”
Cable headend network
Content/service Upstream edge Casa C10G CMTS Cable modem “A”

provider network routers to Internet CASA SYSTEMS
SMM 6/0 CCASA
0
ASA
1
C10G
2 3 4 5 6 7 8 9 10 11 12 13
CPE “A2”
US 16X4 US 16X4
SMM SMM
US 16X4 US 16X4 DS 8X8 DS 8X8 DS 8X8 DS 8X8 DS 8X8
10/100MI
10/100MI
Internet SMM 7/0 G0 G0
G1 G1
G2 G2
SMM 6/2 G3
G4
G3
G4
G5 G5
G6 G6
SMM 7/2 STATUS

ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
G7
XG2
G7
XG2
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
CPE “B1”
- Data
XG1 XG1
IOIOI
IOIOI
STATUS STATUS
- Voice
ACTIVE ACTIVE
ALARM ALARM
- Streaming video/
video-on demand Cable modem “B”
servers
1 FAN TRAY HS HS OK
1 FAN TRAY HS HS OK
1 FAN TRAY HS HS OK
CPE “B2”
Distribution over
C10g redundant configuration:
- SMM slot 6, GigE port 0 cable access network to
- SMM slot 7, GigE port 0 home subscribers
- SMM slot 6, GigE port 2
- SMM slot 7, GigE port 2
- Identical static routes to routers
and IP bundle interfaces
- RIP, OSPF, RIP, BGP-4
protocols
- Unique router IDs
Casa Systems CMTS

Configuring router redundancy 2-3
C10G router redundancy solutions

Perform the following tasks to enable Casa C10G/C100G CMTS routing redundancy:
1. Create a minimal CMTS redundancy configuration.
2. Define static routes to directly-attached router gateways; ensure that upstream
routers have static routes to IP bundle interfaces
3. Configure RIP, OSPF, IS-IS, and BGP routing protocol instances to IP bundle and
network interfaces.
Figure 2-2. CMTS router redundancy interface
Upstream routers Casa C10G CMTS

SMM 6/0
192.168.6.11
CASA SYSTEMS
192.168.6.16 CCASA
0
ASA
1
C10G
2 3 4 5 6 7 8 9 10 11 12 13
US 16X4 US 16X4
SMM SMM
US 16X4 US 16X4 DS 8X8 DS 8X8 DS 8X8 DS 8X8 DS 8X8
10/100MI
10/100MI
Service provider AS 11200
G0
G1
G0
G1
SMM 7/0
G2 G2
networks G3 G3
192.168.7.11 G4
G5
G6
G4
G5
G6
10.10.10.0 192.168.7.16
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
G7
XG2
G7
XG2
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
STATUS
ALARM
ACTIVE
192.168.3.0 XG1 XG1
AS 11200
IOIOI
IOIOI
STATUS STATUS
ACTIVE ACTIVE
ALARM ALARM
1 FAN TRAY HS HS OK
1 FAN TRAY HS HS OK
1 FAN TRAY HS HS OK
CMTS interface configuration Routing protocols

SMM interface: RIP ip-bundle 1
- interface gige 6/0 OSPF ip-bundle 2
SMM slot 6, GigE port 0; 192.168.6.11 BGP-4 loopback 0
- interface gige 7/0 loopback 1
SMM slot 7, GigE port 0; 192.168.7.11
IP bundles:
- interface ip-bundle 1; primary and secondary IP, helper address
- interface ip-bundle 2; primary and secondary IP, helper address
Internal loopback interfaces to support static and dynamic routing

- interface loopback 0; IP address and mask
- interface loopback 1; IP address and mask
Casa Systems CMTS

Solution 1 — Create a minimal CMTS redundancy configuration

A minimal CMTS router redundancy configuration consists of the following:
• At least one redundant CMTS GigE interface connected to an upstream router.
• IP bundle interfaces to include primary and secondary IP addresses to allow
multiple cable interfaces to be logically grouped under the same IP subnet. Each
IP bundle interface uses a cable helper address to a destination DHCP server to
which DHCP requests are forwarded. IP bundle interfaces are applied to one or
more DOCSIS MAC domains.
• At least one logical loopback interface for the static route configuration; two
loopback interfaces for the dynamic routing protocols (those that exchange path
and routing information).
Example: Create interfaces to upstream routers

CASA-CMTS(config)# interface gige 6/0
CASA-CMTS(conf-if-gige 6/0)# ip address 192.168.6.11 255.255.255.0
CASA-CMTS(conf-if-gige 6/0)#

CASA-CMTS(conf-if-gige 7/0)# ip address 192.168.7.11 255.255.255.0
CASA-CMTS(conf-if-gige 7/0)#
Example: Create IP bundles and apply to DOCSIS MAC interfaces

CASA-CMTS(config)# interface ip-bundle 1
CASA-CMTS(ip-bundle 1)# ip address 10.168.1.1 255.255.255.0
CASA-CMTS(ip-bundle 1)# ip address 10.168.2.1 255.255.255.0 secondary
CASA-CMTS(ip-bundle 1)# ipv6 address 2001:0:168::1/64
CASA-CMTS(ip-bundle 1)# cable helper-address 192.168.3.131

CASA-CMTS(ip-bundle 1)# ip address 10.237.1.1 255.255.255.0
CASA-CMTS(ip-bundle 1)# ip address 10.237.2.1 255.255.255.0 secondary
CASA-CMTS(ip-bundle 1)# cable helper-address 192.168.3.5

CASA-CMTS(config)# ip bundle 1

Casa Systems CMTS

Example: Create logical loopback interfaces for static and dynamic route
CASA-CMTS(config)# interface loopback 0
CASA-CMTS(conf-if-lo 0)# ip address 192.168.168.1 255.255.255.252
CASA-CMTS(config)# interface loopback 1

CASA-CMTS(conf-if-lo 1)# ip address 192.168.168.2 255.255.255.252
Solution 2 — Create static routes to upstream routers

The same subnet routes must be reachable from the network interfaces on both SMMs.
Configure the static routes to the service provider network with gateways which are
directly connected to network interfaces on both SMMs, as shown in Figure 2-2.
Example: Create static routes to service provider networks

CASA-CMTS(config)# route net 10.10.10.0 24 gw 192.168.6.16
Make sure that the upstream router has configured static routes back to the ip-bundle
and loopback interfaces.
Example: Static routes from upstream routers

ip route 10.168.2.0 255.255.255.0 192.168.6.11
ip route 10.168.2.0 255.255.255.0 192.168.7.11
ip route 10.237.2.0 255.255.255.0 192.168.6.11
ip route 10.237.2.0 255.255.255.0 192.168.7.11
ip route 192.168.168.1 255.255.255.255 192.168.6.11
ip route 192.168.168.1 255.255.255.255 192.168.7.11
Solution 3 — Configure Routing Information Protocol (RIP) instances

Redundant RIP instances must include the same networks to the IP bundle and
network interfaces. Configure slots 6 and 7 indentically.
Example: Configure RIP instances to IP bundles and interfaces on both

SMM slots
CASA-CMTS(config)# router rip slot 6
CASA-CMTS(config-router-rip)# network 10.168.1.0/24
CASA-CMTS(config-router-rip)# network gige6/0
Casa Systems CMTS

Example
CASA-CMTS(config)# router rip slot 7
CASA-CMTS(config-router-rip)# network gige7/0
Solution 4 — Configure Open Shortest Path First (OSPF) instances

Redundant OSPF instances must include the same networks to the IP bundle and
network interfaces. Configure slots 6 and 7 so that OSPF instances have unique router
IDs. These instances would use the logical loopback interface addresses, as
configured in “Solution 1 — Create a minimal CMTS redundancy configuration.”
Example: Configure OSPF instances to IP bundles and interfaces on

SMM slot 6
CASA-CMTS(config)# router ospf slot 6
CASA-CMTS(config-router-ospf)# router-id 192.168.168.1
CASA-CMTS(config-router-ospf)# network 10.168.1.0/24
CASA-CMTS(config-router-ospf)# network gige6/0
Example: Configure OSPF instances to IP bundles and interfaces on

SMM slot 7
CASA-CMTS(config)# router ospf slot 7
CASA-CMTS(config-router-ospf)# router-id 192.168.168.2
CASA-CMTS(config-router-ospf)# network gige7/0
Casa Systems CMTS

Solution 5 — Configure Border Gateway Protocol 4 (BGP-4) instances

Redundant BGP-4instances must include the same networks to the IP bundle and
network interfaces. Configure slots 6 and 7 so that BGP-4 instances have unique
router IDs to BGP neighbors for redistribution of BGP routes. These instances would
use the logical loopback interface addresses, as configured in “Solution 1 — Create a
minimal CMTS redundancy configuration.”
Example: Configure BGP instances to IP bundles and interfaces on SMM

slot 6
CASA-CMTS(config)# router bgp slot 6
CASA-CMTS(config-router-bgp)# bgp router-id 192.168.168.1
CASA-CMTS(config-router-bgp)# redistribute connected
CASA-CMTS(config-router-bgp)# neighbor 192.168.6.16 remote-as 11200
CASA-CMTS(config-router-bgp)# network 10.168.1.0/24

Example: Configure BGP instances to IP bundles and interfaces on SMM

slot 7
CASA-CMTS(config)# router bgp slot 7
CASA-CMTS(config-router-bgp)# router-id 192.168.168.2
CASA-CMTS(config-router-bgp)# redistribute connected
CASA-CMTS(config-router-bgp)# neighbor 192.168.6.16

Casa Systems CMTS

Solution 6 — Configure Intermediate system-to-Intermediate system

(IS-IS) instances
Redundant IS-IS instances must include the same networks to the IP bundle and
network interfaces. IP bundle interfaces must be configured as passive IS-IS
interfaces.
Configure slots 6 and 7 so that IS-IS instances have unique network entity titles
(NETs). The NET is a special network address that defines the router system ID and
area ID as a hexadecimal address in the range 8 to 20 octets. The NET address consists
of a format identifier (AFI), an area ID, a system ID, and a selector.
Example: Configure IS-IS instances to IP bundles and interfaces on SMM

slots 6 and 7
CASA-CMTS(config-if-gige 6/0)# ip router isis casa
CASA-CMTS(config-if-gige 6/0)# end

CASA-CMTS(config-if-gige 7/0)# ip router isis casa
CASA-CMTS(config-if-gige 6/0)# end

CASA-CMTS(ip-bundle 1)#

CASA-CMTS(ip-bundle 2)#
Note: The IP bundle must be applied to a docsis-mac interface.

Example: Configure IS-IS unique NET instances and passive interfaces

CASA-CMTS(config)# router isis casa slot 6
CASA-CMTS(config-router-isis)# net 49.0000.2220.2222.00
CASA-CMTS(config-router-isis)# passive-interface ip-bundle 1
CASA-CMTS(config)# router isis casa slot 7

CASA-CMTS(config-router-isis)# net 49.0001.3320.2222.00
CASA-CMTS(config-router-isis)# passive-interface ip-bundle 2
% IP Bundle 2 is not applied to any Docsis Mac interface
CASA-C10G(config-router-isis)#
Casa Systems CMTS

3-1
Chapter 3. Setting up the CMTS/

CCAP for IPTV services
About this chapter

This chapter provides information for Casa customers who are enabling their CMTS
or CCAP systems to support television services that are distributed over the Internet.
Internet Protocol Television (IPTV) uses IP multicast to deliver television content in
MPEG-2, MPEG-4 and other formats to many subscribers simultaneously, or IP
unicast to deliver content to individual video-on-demand users. Subscribers receive
IPTV broadcasts at set-top boxes where incoming transmissions are reassembled and
decoded before being sent to a television or media PC for viewing.
Topic Page
IPTV overview 3-2

Configuration solutions for IPTV 3-3
Solution 1 — Configure DOCSIS MAC interfaces 3-3
Solution 2 — Enable IGMP on the GigE interfaces 3-4
Solution 3 — Configure the IGMP static group 3-4
Solution 4 — Create multicast groups 3-5
Solution 5 — Configure the multicast group QOS and encryption profiles 3-5
Solution 6 — Configure the cable QOS service-class for IPTV 3-5
Solution 7 — Limit multicast replication and IPTV channels 3-7
Solution 8 — Enable multicast authorization and other settings 3-7
Recommended show commands 3-9
Casa Systems CMTS

IPTV overview
IPTV overview
Figure 3-1 illustrates a sample IPTV network showing the traffic flow from video
content sources to the end user IP television. The CMTS or CCAP in the headend
network receives television content from one or more origins, such as video servers
and connections to news and other programming sources over direct connections and
over the Internet. The IGMP multicast and QOS configurations distribute the video
streams to end subscribers based on channel selection and video-on-demand requests.
Channel selection requests from a subscriber are processed by the Internet Group
Management protocol (IGMP). When the cable headend receives a request to change
channels, it checks to ensure that the subscriber is authorized to view the requested
channel. If authorized, the subscriber is then added to the distribution list for that
channel. This limits the number of routes (multicast replication) and preserves
bandwidth for the cable network.
Figure 3-1. Basic IPTV network components

Cable headend network Home network
Receiving and decoding
Content networks Encoding and modulation
Media switching
Internet IP set-top box
Network edge router/ CH 851
gateway to Internet IP television and
- Streaming video/ channel selection
video-on demand Casa CMTS
servers CASA SYSTEMS
C3000 CCASA
ASA
SYS 3 4 5
ALM 0 1 2 Cable modem

- News and sports feeds
- Network and satelite TV
Media PC
- Local TV
Distribution over
IPTV configuration:
- DOCSIS MAC interface
cable access network to
- IGMP static and multicast groups home subscribers
- QOS and cable service-class
- Multicast replication policy
- Multicast authorization and
operational setttings
Casa Systems CMTS

Setting up the CMTS/CCAP for IPTV services 3-3
Configuration solutions for IPTV
In an IPTV network, QOS must be maintained for reliable video streaming that is free
of delays and packet fragmentation. QOS tags that assign a high priority to streaming
video will maximize the video traffic over the available bandwidth for reliability and
best performance to the IP television. Other traffic over the connection, such as traffic
associated with computer Internet browsing should have lower priority QOS tags
assigned to the traffic as momentary delays are generally acceptable.

There are several tasks that you need to perform to prepare the CMTS or CCAP for
delivering IPTV streaming video to registered cable modems and IPTV subscribers.
1. Configure one or more DOCSIS MAC interfaces for multicast forwarding.
2. Enable IGMP on GigE interfaces.
3. Enable the IGMP static group IP address and downstream binding.
4. Create a multicast group configuration.
5. Configure the QOS profiles.
6. Configure QOS cable service-class.
7. Create an application policy to limit multicast replication.
8. Enable multicast authorization and profiles.
Solution 1 — Configure DOCSIS MAC interfaces

Create one or more docsis-mac interfaces and set the IGMP multicast parameters.
Example
CASA-CMTS(config)#interface docsis-mac 1
CASA-CMTS(conf-if-mac 1)#no shutdown

CASA-CMTS(conf-if-mac 1)#multicast-dsid-forward
CASA-CMTS(conf-if-mac 1)#mgmd ipv4 version 3
CASA-CMTS(conf-if-mac 1)#mgmd ipv4 query-interval 125
CASA-CMTS(conf-if-mac 1)#no mgmd ipv4 shutdown
CASA-CMTS(conf-if-mac 1)#
• no shutdown — Enables the docsis-mac interface.
Casa Systems CMTS

• multicast-dsid-forward — Enables downstream identifiers (DSIDs) to be sent

over D3.0 modems that support filtering and forwarding of multicast streams to
end devices over multiple channels. If disabled, multicast streams are transmitted
on the primary channel. The default setting is disabled.
• mgmd ipv4 version 3 — Specifies the multicast group member discovery
(MGMD) version. The V3 setting enables IGMP V1, V2, and V3 messaging over
the docsis-mac domain. Using a lower setting such as V1 only allows IGMP V1
messaging.
• mgmd ipv4 query-interval 125 — Specifies how often the CMTS or CCAP
sends IGMP host query packets over the docsis-mac interface. The default setting
is 125 seconds.
• no mgmd ipv4 shutdown — Enables the CMTS or CCAP to receive IGMP
messages. The default setting is shutdown (disabled); no mgmd ipv4 shutdown
must be specified.
Solution 2 — Enable IGMP on the GigE interfaces

At each GigE interface over which IPTV traffic will be running, enable IGMP.
Example
CASA-CMTS(config)#interface gige 1
CASA-CMTS(config-if-gige 1)#ip igmp
CASA-CMTS(config-if-gige 1)#
• ip igmp— Enables IGMP on the current GigE interface.
Solution 3 — Configure the IGMP static group

Specify the IP address of the IGMP static group and QAM downstream binding to
which multicast group streams are forwarded. Note that the static group traffic can be
forwarded to multiple channels and that multicast replication establishment is not
limited by the limit replication settings. See “Solution 7 — Limit multicast replication
and IPTV channels.”
Example
CASA-CMTS(config)# cable igmp static-group 224.0.100.1
CASA-CMTS(conf-igmp-static-group 224.0.100.1)#qam 0/0/0
Casa Systems CMTS

• igmp static-group — Specify the multicast IP address associated with the IGMP
static group. Optionally, specify the source IP address and dsid packet label to
apply to multicast packets in this group.
• qam 0/0/0 — The slot, port, and downstream channel associated with the IGMP
static group.
Solution 4 — Create multicast groups

Create one or more named groups for multicast group membership. A multicast group
consists of a range of IPs to which the CMTS or CCAP forwards multicast sessions.
Example
CASA-CMTS(config)# multicast group config 1
CASA-CMTS(conf-grp-config 1)# source-address 0.0.0.0/0
CASA-CMTS(conf-grp-config 1)# group-address 224.0.100.1/24
CASA-CMTS(conf-grp-config 1)# qos-id 1
CASA-CMTS(conf-grp-config 1)# encryption-id 1
CASA-CMTS(conf-grp-config 1)# priority 100
CASA-CMTS(conf-grp-config 1)#
• source-address — Specifies the IP filtering address and mask associated with a
range of source IPs from which traffic is received by the multicast group. This
parameter operates with IGMP V3 only. Source address filtering is not supported
in the earlier IGMP versions.
• group-address — Specifies the IP address and mask associated with a range of
IPs to which multicast sessions are forwarded. When the CMTS or CCAP
receives traffic from a source IP, the sytem replicates the session so that all
members of multicast group receive the transmission. IPv4 multicast addresses
are in the range 224.0.0.0 to 239.255.255.255.
• qos-id — Specifies the quality of service identifier associated with sessions
forwarded to members of this multicast group. See the next section, “Solution 5
— Configure the multicast group QOS and encryption profiles.”
• encryption-id — Specifies the unique identifier associated with securing
multicast sessions to ensure that traffic is only delivered to members of the
multicast group. See the next section, “Solution 5 — Configure the multicast
group QOS and encryption profiles.”
• priority — Specifies the priority (0 to 255) of a newly-replicated multicast
session that matches multiple sessions to members of the multicast group. A
higher number indicates a higher priority.
Casa Systems CMTS

Solution 5 — Configure the multicast group QOS and encryption

profiles
1. Create the QOS profile to be applied to this multicast group, including the QOS
service class name, service flow control as either single session or aggregate
sessions, and the vendor-specific application identifier that enables special QOS
policies, as covered in “Solution 6 — Configure the cable QOS service-class for
IPTV.”
Example
CASA-CMTS(config)# multicast group qos 1 iptv single app-id 1
2. Set the encryption identifier and algorithm to be applied to sessions forwarded to

this multicast group. Supported algorithms include aes128, des40, and des56.
Example
CASA-CMTS(config)# multicast group encryption 1 algorithm des56
Solution 6 — Configure the cable QOS service-class for IPTV

Open the cable service-class configuration to specify special QOS settings to be
applied to the multicast sessions associated with the IPTV multicast group. The
following CLI session sets some sample QOS parameters. Note the name and app-id
settings point to the multicast group settings covered in Solution 4.
Example
CASA-CMTS(config)# cable service-class 1
CASA-CMTS(conf-service-class 1)# name iptv
CASA-CMTS(conf-service-class 1)# app-id 1
CASA-CMTS(conf-service-class 1)# upstream
CASA-CMTS(conf-service-class 1)# max-traffic-burst 3044
CASA-CMTS(conf-service-class 1)# min-reserved-rate 4000000
CASA-CMTS(conf-service-class 1)# sched-type bestEffort
• name — Indicates the QOS service-class name associated with a multicast group.
• app-id — Specifies the vendor-specified application identifier that associates the
QOS settings in this service-class association with a multicast group.
• upstream — Applies the QOS settings in this service-class to upstream traffic.
• max-traffic-burst — Specifies the maximum number of bytes transmitted on the
upstream interface in the range 0 to 4294967295.
Casa Systems CMTS

• min-reserved-rate — Specifies the minimum number of bits per second (BPS)

transmitted on the upstream interface in the range 0 to 4294967295.
• sched-type — Set the QOS schedule type for upstream traffic in this
service-class; bestEffort, nonRealTimePollingService,
realTimePollingService, undefined, unsolicitedGrantService,
unsolicitedGrantServiceWithAD.
Solution 7 — Limit multicast replication and IPTV channels

Create the QOS application policy to specify the multicast replication limits on a
service flow and maximum number of IPTV channels allowed to join the multicast
group.
Example
CASA-CMTS(config)# application policy 1
CASA-CMTS(conf-app-policy 1)# limit replication
CASA-CMTS(conf-app-policy 1)# max iptv channel 0
CASA-CMTS(conf-app-policy 1)#
• limit replication — To conserve bandwidth, one multicast group in the same load
balance general-group is permitted to establish only one replication. For another
modem to join the multicast group, DCC or DBC must take place to move the
modem to this channel (if permitted).
If a multicast group in the general load-balance group has not yet established
multicast replication, and if the bandwidth channel utilization of the current
channel exceeds the value of the maximum channel utilization setting, a DCC or
DBC onto a low bandwidth channel is needed before establishing replication.
Modems that are no longer members of a multicast group will perform DCC or
DBC to an available channel.
• no limit replication — If a modem makes a join request to a multicast group,
then replication is established on the modem’s current channel. The default is no
limit replication.
• limit replication override — If DCC or DBC is not permitted, replication takes
place on the original primary channel, or under the following conditions:
— Replication is established on a secondary channel in the MAC domain. Note
that since D2.0 modems do support DCC or DBC, then replication is
established on the primary channel.
Casa Systems CMTS

— If the secondary channel available bandwidth is the lowest in a load

balancing general group, then replication is established on a primary channel
where the current utilization is low with available bandwidth to handle the
replication.
• max iptv channel 0— Limits the number of modems that can join the multicast
group based on a multicast replication limit. The default setting is 0 (no limit).
Solution 8 — Enable multicast authorization and other settings

1. Create a named multicast authorization profile and build one or more session
rules that will accept or deny requests from source IPs to join the multicast group.
Example
CASA-CMTS(config)# multicast authorization profile 1
CASA-CMTS(conf-auth-file 1)# session-rule 1 deny 0.0.0.0/0
239.255.255.255/24 priority 100
• profile 1 — Specifies the unique name of the multicast authorization profile.

Enter the name as number or text string.
• session-rule 1— Specifies an accept or deny rule that filters cable modem
join requests to the multicast group. Requests are filtered by IPv4 or IPv6
source address to the multicast group address and network mask, and a rule
priority when multiple rules are configured. Higher numbers are associated
with rules having a higher processing order when matching authorization
requests.
2. Enable multicast authorization using the configured profile, then specify a default
action when processing join requests to the multicast group that do not match any
of the configured session rules.
Example
CASA-CMTS(config)# multicast authorization enable
CASA-CMTS(config)# multicast authorization match-profile 1
CASA-CMTS(config)# multicast authorization default-action permit
• enable — Enables authorization and processing of multicast join requests.

• match-profile — Specifies the name of the profile containing the session
rules to be processed when multicast join requests to this multicast group are
received at the CMTS or CCAP.
Casa Systems CMTS

Recommended show commands
• default-action — Specifies the default permit or deny action on a multicast

join request when a rule match does not exist.
3. Set multicast maximum channel utilization and DCC/DBC-related settings to be
applied when a modem attempts to join multicast group and is denied due to high
multicast channel utilization or other reason.
Example
CASA-CMTS(config)# multicast max channel-util 60
CASA-CMTS(config)# multicast switch over time 15
CASA-CMTS(config)# multicast load-balance initial-tech direct
• max channel-util — Specifies a percentage in the range 1 to 100 percent. The

specified percentage indicates the maximum utilization over a multicast
channel before the system refuses join requests to this multicast group
channel. The default setting is 60 percent.
• switch over time — Specifies the time to elapse in the range 1 to 100 (where
1 is a 0.1 second unit and 100 is 10 seconds) when allowing a modem to
submit a rejoin request to a multicast group after the modem was dropped.
After the specified time, the affected modem will perform DCC to a channel
where utilization in the general load balancing group is low. This setting
applies to DOCSIS 2.0 modem replication limits.
• load-balance initial-tech direct — Specifies the initial load balancing
method to be applied should DCC or DBC occur when the multicast group
cannot accept a multicast join request due to maximum channel utilization or
after the specified switch over time. The default setting is direct.
Recommended show commands

Use the following show commands to verify and check the multicast configuration
and network activity:
• show multicast running-config
• show multicast authorization
• show multicast client
• show multicast group and show multicast group-address
• show igmp client
Casa Systems CMTS

4-1
Chapter 4. Monitoring traffic with

Lawful Intercept applications
About this chapter

This chapter provides information for Casa customers who are enabling their CMTS
systems to serve as intercept access points (IAPs) for local law enforcement agencies
(LEAs) who are performing court-ordered surveillance and monitoring of content
over target cable modems under the Communications Assistance for Law
Enforcement Act (CALEA).
Law enforcement authorities who are conducting serveillance must be familiar with
the specific CALEA-compliant intercept application in use, as well as have
knowledge of SNMP and Management Information Base (MIB) operations to
successfully monitor CMTS traffic to target cable modems via IP or MAC address.
Topic Page
Lawful Intercept at the CMTS 4-2

Configuring the CMTS LI source interface 4-3
Configuring or editing the source interface using SNMP 4-4
Enabling the target identifier 4-4
Configuring SNMP LI users at the CMTS 4-5
Intercepting Layer 2 streams 4-5
casa802tapStreamEntry 4-6
Intercepting Layer 3 streams 4-10
pktcESTapStreamEntry 4-10
Using the CableLabs generic stream table 4-17
pktcEScTapMediationEntry 4-17
L2/L3 Lawful intercept configuration example 4-20
Lawful intercept example solutions 4-23
Casa Systems CMTS

Lawful Intercept at the CMTS
Topic Page
Solution 1 — Configure lawful intercept on a CMTS with IP address 4-23

10.15.52.34:
Solution 2— Configuring lawful intercept on a CMTS with IP address 4-24
192.168.8.190:
Solution 3 — Configure lawful intercept with a timeout on a CMTS with IP 4-26
address 192.168.0.155
Solution 4 — Configure lawful intercept on a CMTS with IP address 4-29
192.168.0.155
Lawful Intercept at the CMTS

Lawful Intercept (LI), as specified in RFC3924, allows LEAs to monitor
telecommunications traffic across cable modems that are registered with the Casa
CMTS. Using SNMP-based third-party LI management tools and MIBs from Casa
and CableLabs®, LEAs can identify and perform surveillance on target cable
modems. The intercepted traffic is typically captured and delivered to the LEA over a
mediation server or device that resides between the CMTS (the Intercept Access
Point) and the LEA.
There are three MIBs that manage and control LI at the CMTS:
• CASA-802-TAP-MIB — The Casa MIB that enables packet intercept filtering
over 802 (Layer 2) streams based on the target cable modem MAC address. The
CASA-802-TAP-MIB is used with the PKTC-EC-TAP-MIB.
• PKTC-ES-TAP-MIB — The CableLabs MIB that defines a generic stream table
that contains fields that are common to all intercept types.
• PKTC-ES-IPTAP-MIB — The CableLabs IP TAB MIB for packet intercept
filtering at routing Layer 3 based on the target cable modem IP address. The
PKTC-ES-IPTAP-MIB is used with the PKTC-ES-TAP-MIB.
In addition to the above MIBs, Casa supports an Ethernet loopback interface
configuration to handle communication with the mediation device. See the section in
this chapter, “Configuring the CMTS LI source interface.”
The PacketCable™ 2.0 Electronic Surveillance Intra-Network Specification

(PKT-SP-ES-INF-104-080425) provides complete information on LI requirements,
Casa Systems CMTS

Monitoring traffic with Lawful Intercept applications 4-3
Configuring the CMTS LI source interface
operations, and interoperability. A copy of this specification is available from

CableLabs at www.cablelabs.com.
Figure 4-1. Sample Lawful Intercept application topology

Law enforcement agency
mediation server
PC running
SNMP LI MIBs
from Casa
Internet
Target voice/data
filtering using
Casa CMTS MAC or IP address
Intercept access point Ethernet Cable
loopback interface access network
CASA SYSTEMS SYS 3 4 5
to splitter
C3000 CCASA
ASA
ALM 0 1 2
Phone
Cable modem
PC
Lawful Intercept configuration:

- Ethernet loopback interface
- SNMP MIBs restricted for LEA:
CASA-802-TAP-MIB ((for CM MAC address)
PKTC-ES-TAP-MIB
PKTC-ES-IPTAB-MIB (for CM IP address
Configuring the CMTS LI source interface

The CMTS connects to and communicates with the law enforcement mediation device
over a GigE loopback (source) interface at the CMTS. Depending on the specific
CMTS you are using, the specified source interface can be in the range 0 to 7 or 0 to
15. Ensure that you have configured an IP address on the interface before using the
lawful-intercept command.
Example
C10G-RC220(config)# interface loopback 0
C10G-RC220(config-if-lo 0)#ip address 6.7.8.9
CASA-CMTS(config)# lawful-intercept source-interface loopback 0
Casa Systems CMTS

Enabling the target identifier
Configuring or editing the source interface using SNMP

You can use SNMP to configure or edit the current the LI source-interface, as
described in the examples below.
If the device has been set for mediation 100 and stream 1, use the following command
in SNMP to change the source IP address.
Example
snmpset -v 3 -u tapuser -a MD5 -A casa3200 -l authNoPriv %cmtsip%
1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.100.1 i 2
1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.5.100.1 x %Saddr%
1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.100.1 i 1
If the device has been set for mediation 100, the following example walks the
loopback interface index 8000000 on loopback 0 and changes the LI packets source
interface IP (previously the LI UDP packets source IP).
Example
snmpwalk -m all -O bsq -v 2c -c private %cmtsip% 1.3.6.1.2.1.2.2.1.2
1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.100 i 2
1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.5.100 i 8000000
Use the CLI show running-config command with the include option to display the
source-interface.
Example
CASA-C10G(config)#show running-config | include law
lawful-intercept source-interface loopback 0
Enabling the target identifier

The CMTS allows you to optionally enable a target identifier (stream ID) to be
included in lawful intercept packets to support variations of LI software. By default,
the mediation table index is the TID value.
Example
CASA-CMTS(config)# lawful-intercept tid stream-id
Casa Systems CMTS

Configuring SNMP LI users at the CMTS
Configuring SNMP LI users at the CMTS

You will need to configure access and security those SNMP users at the LI mediation
device who are intercepting data and voice traffic over the Casa CMTS. At the CMTS,
use the snmp user command, as well as other settings to provide authentication and
encryption of SNMP sessions between the CMTS intercept point and the mediation
device. Use the snmp tree-family command to declare the MIB objects (identifiers)
to view over SNMP LI sessions.
Example
C3200(config)# snmp user - SIIUser md5 0 SIITest123 no-priv 0 -
non-volatile
C3200(config)# snmp tree-family SIIView 1.3.6.1.2.1.1.5 - include
non-volatile
C3200(config)# snmp tree-family SIIView 1.3.6.1.4.1.9.9.252 -
include non-volatile
C3200(config)# snmp tree-family SIIView 1.3.6.1.4.1.4491.1.2.2.9 -
C3200(config)# snmp tree-family SIIView 1.3.6 - exclude
non-volatile
C3200(config)# snmp security usm SIIUser SIIView non-volatile
C3200(config)# snmp access SIIView - usm auth-no-priv exact SIIView
SIIView SIIView non-volatile
Intercepting Layer 2 streams

The casa802tapStreamTable lists the IEEE 802 data streams to be intercepted. The
same data stream may be required by multiple taps. Often the intercepted stream is a
small subset of the possible intercepted traffic. This provides options for packet
selection, not all of which might be used.
For example, to intercept all traffic to or from a given interface, configure an entry
that lists the interface, and use a wild-card for the remaining interfaces.
To intercept all traffic to or from a given MAC address, configure two such entries
that list the MAC address as source and destination respectively, then use a wild-card
for the remainder. To intercept one of the voices on a teleconference, extract the
multicast (destination) IP address, the source IP address, the protocol (UDP), and the
source and destination ports from the call control exchange and list all necessary
information.
Casa Systems CMTS

The first index defines the mediation device to which the intercepted traffic will be
sent. The second index permits multiple classifiers to be used together, such as having
a MAC address as source or destination. The value of the second index is the same as
the stream's counter entry in the pktcEScTapStreamTable. Entries are added to this
table via pktc802tapStreamStatus in accordance with the RowStatus convention.
casa802tapStreamEntry
A stream entry indicates a single data stream to be intercepted to a mediation device.
Several selected data streams may go to the same application interface; many
application interfaces are supported.
Module: CASA-802-TAP-MIB
Parent: casa802tapStreamTable
First child: casa802tapStreamIndex
Numerical syntax: Null

Base syntax: Casa802tapStreamEntry
Composed syntax: Casa802tapStreamEntry
Status: current
Max access: not-accessible
Sequences: 1:casa802tapStreamIndex - Integer32(2 - int, int32)
2: casa802tapStreamFields - BITS(4 - octets)
3: casa802tapStreamInterface - Integer32(2 - int, int32)
4: casa802tapStreamDestinationAddress - MacAddress(4
- octets)
5: casa802tapStreamSourceAddress - MacAddress(4 -
octets)
6: casa802tapStreamEthernetPid - Unsigned32(66 -
gauge32)
7: casa802tapStreamSourceLlcSap - Unsigned32(66 -
gauge32)
8: casa802tapStreamDestinationLlcSap - Unsigned32(66
- gauge32)
9: casa802tapStreamInterceptEnable - INTEGER(2 - int,
int32)
10: casa802tapStreamStatus - RowStatus(2 - int, int32)
Indexes: 1: pktcEScTapMediationContentId
2: casa802tapStreamIndex
Casa Systems CMTS

casa802tapStreamIndex
The index of the stream itself.
Syntax: Integer32 (1..2147483647)

Max-access: accessible-for-notify
Status: current
casa802tapStreamFields
This object displays which attributes must be tested to identify the traffic to be
intercepted. If all flagged fields match, then the packet matches.
Interface intercept traffic on the stated interface

dstMacAddress: intercept traffic destined to a given address
srcMacAddress: intercept traffic sourced from a given address
ethernetPid: intercept traffic with a stated Ethernet Protocol Identifier
dstLlcSap: intercept traffic with an certain 802.2 LLC Destination SAP
srcLlcSap: intercept traffic with an certain 802.2 LLC Source SAP
To activate an entry at least one of the bits has to be set. The corresponding MIB
object value has no effect and need not be specified when creating the entry if the bit
is not set.
Syntax: BITS {
interface(0),
dstMacAddress(1),
srcMacAddress(2),
ethernetPid(3),
dstLlcSap(4),
srcLlcSap(5)
}
Max-access: read-create
Status: current
casa802tapStreamInterface
The ifIndex value indicates the interface over which traffic to be intercepted is
received or transmitted. The interface may be physical or virtual. All traffic on the
Casa Systems CMTS

selected interface will be selected if this is the only parameter specified, if the
specified value is other than -1 or 0.
If the value is zero, matching traffic may be received or transmitted on any interface.
To limit the scope of traffic intercepted, use additional selection parameters. This is
most useful on non-routing platforms or on intercepts placed on other than a
subscriber interface.
Specify one or both of casa802tapStreamDestinationAddress and

casa802tapStream-SourceAddress if the value is -1. Traffic that matches on the
interface pointed to by the dot1dTpFdbPort values associated with those values is
intercepted, whichever is specified. If either operator action or protocol events
changes dot1dTpFdbPor, the interface will change with it. This is used mostly on
subscriber interfaces and other places that guarantee routing symmetry.
It is possible in both of these cases to have the same packet selected for intersection on
both its ingress and egress interface. However, only one instance of the packet is sent
to the mediation device.
This value must be set when creating a stream entry, either to select an interface, to
select all interfaces, or to select the interface that bridging learns. Not all platforms
may implement the entire range of options. See RFC1493: Definition of Managed
Objects for Bridges.
Syntax: Integer32 (-1 | 0 | 1..2147483647)

Status: current
casa802tapStreamDestinationAddress
Indicates the destination address used in packet selection.
Syntax: MacAddress
Status: current
casa802tapStreamSourceAddress
Indicates the source adddress used in packet selection.
Casa Systems CMTS

Syntax: MacAddress
Status: current
casa802tapStreamEthernetPid
Indicates the value of the Ethernet protocol identifier (PID) found on Ethernet traffic
or IEEE 802.2 Subnetwork Access Protocol (SNAP) traffic.
Syntax: Unsigned32
Status: current
casa802tapStreamDestinationLlcSap
Indicates the value of the IEEE 802.2 destination SAP.
Syntax: Unsigned32
Status: current
casa802tapStreamSourceLlcSap
Indicates the value of the IEEE 802.2 source SAP.
Syntax: Unsigned32
Status: current
casa802tapStreamInterceptEnable
Indicates the up or down value of the table. The table is valid in the UP state.
Syntax: INTEGER {
up(1),
down(2)
}
Status: current
Casa Systems CMTS

casa802tapStreamStatus
Indicates the status of this conceptual row and manages the creation, modification,
and deletion of rows in the table. The casa802tapStreamStatus must be first set to
notInService when any rows require changing.
Syntax: RowStatus
Status: current

The PKTC-ES-IPTAP-MIB is used with the PKTC-ES-TAP-MIB to filter Layer 3
IPv4 and IPv6 streams using the cable modem IP address.
Because multiple taps may require the same data stream, and often the intercepted
stream is a small subset of the traffic it is possible to intercept. This basically provides
options for packet selection, only some of which might be used. As an example, to
intercept all the traffic to or from a specific interface, configure an entry that lists the
interface, and use a wild-card for the rest.
To intercept all traffic to or from a specific IP Address, configure two entries listing
the IP Address as source and destination respectively, and use a wild-card for the rest.
To intercept one of the voices on a teleconference, extract the multicast (destination)
IP address, the source IP Address, the protocol (UDP), and the source and destination
ports from the CMTS and list all necessary information.
The first index indicates the mediation device to which the intercepted traffic will be
sent. The second index allows multiple classifiers to be used together, such as having
an IP address as source or destination. The value of the second index is the same as the
stream's counter entry in the pktcEScTapStreamTable. Entries are added to this table
via pktcESTapStreamStatus per the RowStatus convention.
pktcESTapStreamEntry
A stream entry defines a single data stream to be intercepted to a mediation device.
Many selected data streams may go to the same application interface, and many
application interfaces are supported.
Casa Systems CMTS

Module: PKTC-ES-IPTAP-MIB
Parent: pktcESTapStreamTable
First child: pktcESTapStreamInterface

Base syntax: PktcESTapStreamEntry
Composed syntax: PktcESTapStreamEntry
Status: current
Sequences: 1: pktcESTapStreamInterface - Integer32(2 - int, int32)
2: pktcESTapStreamAddrType - InetAddressType(2 - int, int32)
3: pktcESTapStreamDestinationAddress - InetAddress(4 - octets)
4: pktcESTapStreamDestinationLength - InetAddressPrefixLength(66 -
gauge32)
5: pktcESTapStreamSourceAddress - InetAddress(4 - octets)
6: pktcESTapStreamSourceLength - InetAddressPrefixLength(66 -
gauge32)
7: pktcESTapStreamTosByte - Integer32(2 - int, int32)
8: pktcESTapStreamTosByteMask - Integer32(2 - int, int32)
9: pktcESTapStreamFlowId - Integer32(2 - int, int32)
10: pktcESTapStreamProtocol - Integer32(2 - int, int32)
11: pktcESTapStreamDestL4PortMin - InetPortNumber(66 - gauge32)
12: pktcESTapStreamDestL4PortMax - InetPortNumber(66 - gauge32)
13: pktcESTapStreamSourceL4PortMin - InetPortNumber(66 - gauge32)
14: pktcESTapStreamSourceL4PortMax - InetPortNumber(66 - gauge32)
15: pktcESTapStreamVRF - SnmpAdminString(4 - octets)
16: pktcESTapStreamStatus - RowStatus(2 - int, int32)
Indices: 1: pktcEScTapMediationContentId
2: pktcEScTapStreamIndex
pktcESTapStreamInterface
Defines the ifIndex value of the interface over which traffic to be intercepted is
received or transmitted. The interface may be physical or virtual. If it is the only
parameter specified, and it is other than -2, -1 or 0, all traffic on the selected interface
will be selected. If the value is zero, matching traffic may be received or transmitted
on any interface. To limit the scope of the traffic intercepted, use additional selection
parameters.
Casa Systems CMTS

This is most useful on non-routing platforms or on intercepts placed on other than a

subscriber interface. One or both of pktcESTapStreamDestination-Address and
pktcESTapStreamSourceAddress must be specified with prefix length greater than
zero, if the value is -1.
Traffic that matches on the interface pointed to by the ipRouteIfIndex, or the

ipCidrRouteIfIndex values associated with those values, is intercepted (whichever is
more specific than a default route). If the operator or a routing protocol event causes
routing changes, the interface will change accordingly. This is primarily used on
subscriber interfaces and other places that guarantee routing symmetry.
In both of these cases, it is possible to select the same packet for intersection on both
its ingress and egress interface. However, only one instance of the packet is sent to the
mediation device. If the value is -2, packets belonging to a Voice over IP (VoIP)
session identified by pktcESTapStreamSourceAddress, pktcESTapStreamSourceLen
and pktcESTapStreamSourceL4PortMin may be intercepted (since a specific voice
session can be identified with source IP address and UDP port number).
Other selection parameters may be not acted on, even if they are set by the mediation
device. This value must be set when creating a stream entry, either to select an
interface, to select all interfaces, or to select the interface chosen by routing. The
entire range of options may not be implemented on all platforms.
Syntax: Integer32 (-2..2147483647)

Status: current
pktcESTapStreamAddrType
This is the address type used in packet selection.
Syntax: InetAddressType
Status: current
pktcESTapStreamDestinationAddress
This object is the destination address or prefix used in packet selection. This address
type is specified in pktcESTapStreamAddrType.
Casa Systems CMTS

Syntax: InetAddress
Status: current
pktcESTapStreamDestinationLength
This defines the length of the destination prefix. If the value is zero, all addresses will
match. This prefix length is consistent with the type specified in
pktcESTapStreamAddrType.
Syntax: InetAddressPrefixLength
Status: current
pktcESTapStreamSourceAddress
The source address used for packet selection. This address will be of the type specified
in pktcESTapStreamAddrType.
Syntax: InetAddress
Status: current
pktcESTapStreamSourceLength
Indicates the length of the source P\prefix. If the value is zero, all addresses will
match. This prefix length will be consistent with the type specified in
pktcESTapStreamAddrType.
Syntax: InetAddressPrefixLength
Status: current
pktcESTapStreamTosByte
Indicatest the value of the TOS byte, when masked with

pktcESTapStreamTosByteMask, of traffic to be intercepted. The configuration is
rejected if pktcESTapStreamTosByte and pktcESTapStreamTosByteMask equal zero.
Casa Systems CMTS

Syntax: Integer32 (0..255)

Status: current
pktcESTapStreamTosByteMask
Indicates the value of the TOS byte in an IPv4 or IPv6 header is ANDed with
pktcESTapStreamTosByteMask and compared with pktcESTapStreamTosByte. If the
values are equal, the comparison is equal. If the mask is zero and the TosByte value is
zero, the result will be to always accept.
Syntax: Integer32 (0..255)

Status: current
pktcESTapStreamFlowId
Indicates the flow identifier in an IPv6 header. Specifying -1 means that the flow
identifier is unused.
Syntax: Integer32 (-1 | 0..1048575)

Status: current
pktcESTapStreamProtocol
The IP protocol to match against the IPv4 protocol number or the IPv6 Next-Header
number in the packet. Specifying -1 means “any IP protocol.”.
Syntax: Integer32 (-1 | 0..255)

Status: current
pktcESTapStreamDestL4PortMin
Indicates the minimum value that the layer-4 destination port number in the packet
must have in order to match. This value must be equal to or less than the value
specified for this entry in pktcESTapStreamDestL4PortMax. The port number is
effectively unused if both pktcESTapStreamDestL4PortMin and
pktcESTapStreamDestL4PortMax are at their default values.
Casa Systems CMTS

Syntax: InetPortNumber
Status: current
pktcESTapStreamDestL4PortMax
Indicates the maximum value that the layer-4 destination port number in the packet
must have in order to match this classifier entry. This value must be equal to or greater
than the value specified for this entry in pktcESTapStreamDestL4PortMin. The port
number is effectively unused if both pktcESTapStreamDestL4PortMin and
pktcESTapStreamDestL4PortMax are at their default values.
Status: current
pktcESTapStreamSourceL4PortMin
Indicates the minimum value that the layer-4 destination port number in the packet
must have in order to match. This value must be equal to or less than the value
specified for this entry in pktcESTapStreamSourceL4PortMax. The port number is
effectively unused if both pktcESTapStreamSourceL4PortMin and
pktcESTapStreamSourceL4PortMax are at their default values.
Status: current
pktcESTapStreamSourceL4PortMax
Indicates the maximum value that the layer-4 destination port number in the packet
must have in order to match this classifier entry. This value must be equal to or greater
than the value specified for this entry in pktcESTapStreamSourceL4PortMin. The port
number is effectively unused if both pktcESTapStreamSourceL4PortMin and
pktcESTapStreamSourceL4PortMax are at their default values.
Status: current
Casa Systems CMTS

pktcESTapStreamVRF
Indicates the name of a Virtual Routing and Forwarding (VRF) table comprising the
routing context of a Virtual Private Network; it is an ASCII string. The interface or set
of interfaces on which the packet might be found should be selected from the set of
interfaces in the VRF table. A string length of zero implies that global routing table be
used for selection of interfaces on which the packet might be found.
Syntax: SnmpAdminString
Status: current
pktcESTapStreamStatus
Indicates the status of the conceptual row. It manages creation, modification, and
deletion of rows in this table. pktcESTapStreamStatus must be first set to
“notInService” before any rows can be changed.
Syntax: RowStatus
Status: current
Casa Systems CMTS

Using the CableLabs generic stream table

The PKTC-EC-TAP-MIB describes all fields that are common to all intercept types.
The pktcEScTapMediationTable lists the mediation devices with which the

intercepting device communicates. These may be on the same or different mediation
devices. This table is written by the mediation device and is always volatile. This is
because intercepts may disappear during a restart of the intercepting equipment.
Entries are added to this table via pktcEScTapMediationStatus in accordance with the
RowStatus convention.
pktcEScTapMediationEntry
Module: PKTC-ES-TAP-MIB
Parent: pktcEScTapMediationTable
First child: pktcEScTapMediationContentId
Base syntax: PktcEScTapMediationEntry
Composed syntax: PktcEScTapMediationEntry
Status: current
Sequences: 1: pktcEScTapMediationContentId - Integer32(2 - int, int32)
2: pktcEScTapMediationDestAddressType - InetAddressType(2 - int,
int32)
3: pktcEScTapMediationDestAddress - InetAddress(4 - octets)
4: pktcEScTapMediationDestPort - InetPortNumber(66 - gauge32)
5: pktcEScTapMediationSrcInterface - InterfaceIndexOrZero(2 - int,
int32)
6: pktcEScTapMediationDscp - PktcEScTapDscp(2 - int, int32)
7: pktcEScTapMediationTimeout - DateAndTime(4 - octets)
8: pktcEScTapMediationTransport - INTEGER(2 - int, int32)
9: pktcEScTapMediationNotificationEnable - TruthValue(2 - int, int32)
10: pktcEScTapMediationStatus - RowStatus(2 - int, int32)
Indices: 1: pktcEScTapMediationContentId
Casa Systems CMTS

pktcEScTapMediationContentId
This entry defines a single session with an application on a mediation device. From
the intercept application, pktcEScTapMediationContentId is a session identifier. From
the mediation device it is a content identifier. The mediation device ensures these are
unique. However, the SNMP RowStatus row creation process assists with this by not
allowing it to create conflicting entries. To decrease the probability of a value
collision before creating a new entry, a value for this variable may be obtained by
reading pktcEScTapMediationNewIndex.
Syntax: Integer32 (1..2147483647)

Max-access: not-accessible
Status: current
pktcEScTapMediationDestAddressType
Defines the type of pktcEScTapMediationDestAddress.
Syntax: InetAddressType
Status: current
pktcEScTapMediationDestAddress
Indicates the IP address of the network interface on the mediation device where the
intercepted traffic is sent.
Syntax: InetAddress
Status: current
pktcEScTapMediationDestPort
This is the port number of the network interface on the mediation device where the
intercepted traffic is sent.
Status: current
Casa Systems CMTS

pktcEScTapMediationSrcInterface
Defines the intercepting device interface where intercepted data is transmitted. Zero
means any interface may be used, per normal IP practice.
Syntax: InterfaceIndexOrZero
Status: current
pktcEScTapMediationDscp
Indicates the Differentiated Services Code Point (DSCP) applied by the intercepting
device to the IP packets encapsulating the intercepted traffic.
Syntax: PktcEScTapDscp
Status: current
pktcEScTapMediationTimeout
Indicates the time the intercept function should stop and where all related stream table
rows should be automatically deleted. This is a fail-safe method for the failure or
removal of the network manager, since the initiating network manager may be the
only device able to manage a specific intercept or be aware it exists. This object is
only effective when the value of pktcEScTapMediationStatus is “active.”
Syntax: DateAndTime
Status: current
pktcEScTapMediationTransport
Defines the protocol to be used in transferring intercepted data to the mediation

device. The supported protocol UDP in PacketCable UDP format.
Syntax: INTEGER {
udp(1)
}
Status: current
Casa Systems CMTS

L2/L3 Lawful intercept configuration example
pktcEScTapMediationNotificationEnable
Controls the generation of any notifications or information by the MIB agent for this
table entry.
Syntax: TruthValue
Status: current
Default: { true }
pktcEScTapMediationStatus
Defines the status of the conceptual row. It is used to manage creation, modification
and deletion of rows in this table. pktcEScTapMediationTimeout may be modified at
any time (even while the row is active). However, when the row is active, the other
writable objects may not be modified without setting its value to “notInService”.
If there is any associated entry in pktcEScTapStreamTabl, the entry may not be

deleted or deactivated by setting its value to “destroy” or “notInService.”
Syntax: RowStatus
Status: current

The following CLI and SNMP sessions provide examples of L2/L3 intercepts.
1. At the CMTS, configure SNMPv3 user/password and SNMP tree-family to
allow access to the CMTS by law enforcement:
C3200(config)# snmp user - SIIUser md5 0 SIITest123 no-priv 0 -
non-volatile
C3200(config)# snmp tree-family SIIView 1.3.6.1.2.1.1.5 - include
non-volatile
C3200(config)# snmp tree-family SIIView 1.3.6.1.4.1.9.9.252 -
C3200(config)# snmp tree-family SIIView 1.3.6.1.4.1.4491.1.2.2.9 -
C3200(config)# snmp tree-family SIIView 1.3.6 - exclude
non-volatile
C3200(config)# snmp security usm SIIUser SIIView non-volatile
Casa Systems CMTS

C3200(config)# snmp access SIIView - usm auth-no-priv exact SIIView

SIIView SIIView non-volatile
2. Configure the server to receive the lawful intercept packets (IP address is
192.168.3.6; receiving port is 5001):
1: pktcEScTapMediationDestAddressType.1 (integer) ipv4(1)
2: pktcEScTapMediationDestAddress.1 (octet string) C0.A8.03.06 (hex)
3: pktcEScTapMediationDestPort.1 (gauge) 5001
4: pktcEScTapMediationSrcInterface.1 (integer) 0 [0]
5: pktcEScTapMediationDscp.1 (integer) 34
6: pktcEScTapMediationTimeout.1 (octet string) 2099-1-1,0:0:0.0,+0:0
[08.33.01.01.00.00.00.00.2B.00.00 (hex)]
7: pktcEScTapMediationTransport.1 (integer) udp(1)
8: pktcEScTapMediationNotificationEnable.1 (integer) true(1)
9: pktcEScTapMediationStatus.1 (integer) active(1)
3. To intercept L3 traffic matching certain IP addresses or UDP/TCP ports,
configure pktcESTapStreamTable to intercept the cable modem
(10.230.1.101) downstream packets:
1: pktcESTapStreamInterface.1.1 (integer) 0
2: pktcESTapStreamAddrType.1.1 (integer) ipv4(1)
3: pktcESTapStreamDestinationAddress.1.1 (octet string) 0A.E6.01.65 (hex)
4: pktcESTapStreamDestinationLength.1.1 (gauge) 32
5: pktcESTapStreamSourceAddress.1.1 (octet string) 00.00.00.00 (hex)
6: pktcESTapStreamSourceLength.1.1 (gauge) 0
7: pktcESTapStreamTosByte.1.1 (integer) 0
8: pktcESTapStreamTosByteMask.1.1 (integer) 0
9: pktcESTapStreamFlowId.1.1 (integer) -1
10: pktcESTapStreamProtocol.1.1 (integer) -1
11: pktcESTapStreamDestL4PortMin.1.1 (gauge) 0
12: pktcESTapStreamDestL4PortMax.1.1 (gauge) 65535
Casa Systems CMTS

13: pktcESTapStreamSourceL4PortMin.1.1 (gauge) 0

14: pktcESTapStreamSourceL4PortMax.1.1 (gauge) 65535
15: pktcESTapStreamVRF.1.1 (octet string) (zero-length)
16: pktcESTapStreamStatus.1.1 (integer) active(1)
4. To intercept L2 traffic matching certain MAC address, configure the
casa802tapStreamEntry table. The following example intercepts all traffic
inbound and outbound traffic associated with cable modem MAC address
0015.e0a6.0001:
1: casa802tapStreamFields.1.2 (octet string) [srcMacAddress(2)]
2: casa802tapStreamInterface.1.2 (integer) 0
3: casa802tapStreamDestinationAddress.1.2 (octet string) 00:15:E0:A6:00:01
[00.15.E0.A6.00.01 (hex)]
4: casa802tapStreamSourceAddress.1.2 (octet string) 00:00:00:00:00:00
[00.00.00.00.00.00 (hex)]
5: casa802tapStreamEthernetPid.1.2 (gauge) 0
6: casa802tapStreamDestinationLlcSap.1.2 (gauge) 0
7: casa802tapStreamSourceLlcSap.1.2 (gauge) 0
8: casa802tapStreamInterceptEnable.1.2 (integer) up(1)
9: casa802tapStreamStatus.1.2 (integer) active(1)
Use send_udp_raw program to send a 1518-byte UDP packet that matches the
configured rule.
5. Configure the pktcEScTapStreamTable (using the same index as the
pktcESTapStreamTable) to observe the intercept statistics:
1: pktcEScTapStreamType.1.1 (integer) ip(1)
2: pktcEScTapStreamInterceptEnable.1.1 (integer) enable(1)
3: pktcEScTapStreamInterceptedPackets.1.1 (counter) 0
4: pktcEScTapStreamInterceptDrops.1.1 (counter) 0
5: pktcEScTapStreamStatus.1.1 (integer) active(1)
Casa Systems CMTS

Lawful intercept example solutions

10.15.52.34:
snmpget -v 3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv 10.15.52.34
sysDescr.0
1. Send LI packets to server 10.15.2.29, port 2008.
snmpset -v 3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv 10.15.52.34
1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 5 (create and go)
1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.4.1 u 2008
1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.3.1 x 0A0F021D
1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 1 (activate)
2. Intercept cable modem 10.15.109.4 (0x0A0F6D04) downstream packets.
snmpset -v 3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv -On
10.15.52.34 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 5 (create
and go)
10.15.52.34 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.3.1.1 x 0A0F6D04
10.15.52.34 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 1
(activate)
3. Remove the tap.
10.15.52.34 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 6 (destroy)
1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 6 (destroy)
4. Configure an snmpv3 user “SIIUser” with password “SIITest123”.
snmp user - SIIUser md5 0 SIITest123 no-priv 0 - non-volatile –
snmp tree-family SIIView 1.3.6.1.2.1.1.5 - include non-volatile
snmp tree-family SIIView 1.3.6.1.4.1.9.9.252 - include non-volatile
snmp tree-family SIIView 1.3.6.1.4.1.4491.1.2.2.9 - include
non-volatile
snmp tree-family SIIView 1.3.6 - exclude non-volatile
snmp access SIIView - usm auth-no-priv exact SIIView SIIView SIIView
non-volatile
snmp security usm SIIUser SIIView non-volatile
Casa Systems CMTS

Solution 2— Configuring lawful intercept on a CMTS with IP address

192.168.8.190:
LI packets sent to server 192.168.3.6 port 50001:
1. Set mediation entry.
snmpset -v 3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 5
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.3.1 x
c0a80306
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.4.1 u 50001
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.5.1 i 0
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.7.1 i 0
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 1
2. Set stream entry with destination and source address (in that order)
10.190.0.0/16. This is the IP address from which the packets are intercepted
and the IP address to which the packets are forwarded. Specify the source
and destination network mask.
Note: A source IP must be povided even if the mask is 0.

192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 5
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.3.1.1 x
0abe0000
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.4.1.1 u 16
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.5.1.1 x
0abe0000
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.6.1.1 u 16
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 1
Casa Systems CMTS

3. Walk the mediation (pktcEScTapMediationEntry) and stream

(pktcESTapStreamEntry) tables.
snmpwalk -v3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv -On
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1
4. Ping from the CMTS to the modem.

CASA-C10G(config)# ping 10.190.1.200
PING 10.190.1.200 (10.190.1.200) 56(84) bytes of data.
64 bytes from 10.190.1.200: icmp_seq=1 ttl=64 time=20.3 ms
--- 10.190.1.200 ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 13.054/15.840/20.313/3.197 ms
5. Capture on the server 192.168.3.6.

[root@Gimli-2 ~]# tcpdump -i eth1 udp port 50001
tcpdump: verbose output suppressed, use -v or -vv for full protoco
decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96
bytes
10:48:55.500025 IP 10.190.1.1.50001 > 192.168.3.6.50001: UDP,
length 88
10:48:56.499798 IP 10.190.1.1.50001 > 192.168.3.6.50001: UDP,
length 88
10:48:57.500481 IP 10.190.1.1.50001 > 192.168.3.6.50001: UDP,
length 88
10:48:58.501629 IP 10.190.1.1.50001 > 192.168.3.6.50001: UDP,
length 88
6. Set a timeout on a CMTS with ip address 192.168.8.190.

snmpset -v3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv -On
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.10.1 x
07db050a132b00002b0000
7. Remove the mediation and stream table entries:

192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 6
192.168.8.190 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 6
Casa Systems CMTS

Solution 3 — Configure lawful intercept with a timeout on a CMTS with

IP address 192.168.0.155
bash-3.2$ snmpset -v 3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 5
SNMPv2-SMI::enterprises.4491.2.2.9.1.1.1.1.2.1.13.1 = INTEGER: 5

192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.4.1 u 2008
SNMPv2-SMI::enterprises.4491.2.2.9.1.1.1.1.2.1.4.1 = Gauge32: 2008

192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.3.1 x c0a800aa
SNMPv2-SMI::enterprises.4491.2.2.9.1.1.1.1.2.1.3.1 = Hex-STRING: C0 A8
00 AA

192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 1
SNMPv2-SMI::enterprises.4491.2.2.9.1.1.1.1.2.1.13.1 = INTEGER: 1

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 5
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 = INTEGER: 5

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.3.1.1 x
0a9b0146
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.3.1.1 = Hex-STRING: 0A 9B 01 46

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 1
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 = INTEGER: 1
bash-3.2$ snmpset -v3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.10.1 x
07db050a132b00002b0000
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.10.1 = Hex-STRING: 07 DB 05 0A 13
2B 00 00 2B 00 00
The tap will be removed at:
07 DB = 2011 (year)
05 = 5 (month: may)
0A = 10 (day)
13 = 19 (hours)
2B = 43 (minutes)
00 = second
00 = deci-seconds
Casa Systems CMTS

2B = ASCII code for "+" (direction from UTC)

00 = hours from UTC
00 = minutes from UTC
!!!Filter configured:
bash-3.2$ snmpget -v2c -c public 192.168.0.155 hrSystemDate.0

HOST-RESOURCES-MIB::hrSystemDate.0 = STRING: 2011-5-10,19:41:0.0
C3200-155(diag)#show clock
Tue May 10 19:41:08 UTC 2011
C3200-155(diag)#show timezone
Timezone set to "UTC", offset from UTC is +0000
bash-3.2$ snmpwalk -v3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.2.1 = INTEGER: 1
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.3.1 = Hex-STRING: C0 A8 00 AA
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.4.1 = Gauge32: 2008
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.5.1 = INTEGER: 0
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.7.1 = INTEGER: 34
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.10.1 = Hex-STRING: 07 DB 05 0A 13
2B 00 00 2B 00 00
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.11.1 = INTEGER: 1
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.12.1 = INTEGER: 1
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 = INTEGER: 1
bash-3.2$ snmpwalk -v 3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.1.1.1 = INTEGER: 0
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.2.1.1 = INTEGER: 1
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.3.1.1 = Hex-STRING: 0A 9B 01 46
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.4.1.1 = Gauge32: 0
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.5.1.1 = Hex-STRING: 00 00 00 00
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.6.1.1 = Gauge32: 0
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.7.1.1 = INTEGER: 0
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.8.1.1 = INTEGER: 0
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.9.1.1 = INTEGER: -1
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.10.1.1 = INTEGER: -1
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.11.1.1 = Gauge32: 0
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.12.1.1 = Gauge32: 65535
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.13.1.1 = Gauge32: 0
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.14.1.1 = Gauge32: 65535
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.15.1.1 = ""
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 = INTEGER: 1
C3200-155(diag)# show qos ds cm qam 0 ip address 116

prt_ds_es_filter_list():
Casa Systems CMTS

ds_es_l3_filters:
nx=00000000 pkt=84
FA=00ca0698 id=1 Cid=1 p=1 Proto=-1 dscp=0 tp=2008 dp=0 65535 sp=0
65535
TargAddrlen=32 filterAddrLen=32 192.168.0.170 mask=00000000 mtu=1500
CmtsAddrlen=32 filterAddrLen=32 10.155.1.1 mask=00000000
DAPrefixlen=0 filterAddrLen=32 0.0.0.0 mask=00000000
SAPrefixlen=0 filterAddrLen=32 0.0.0.0 mask=00000000
mtu gige0 1500
mtu gige1 1500
mtu gige2 1500
mtu gige3 1500
mtu gige4 1500
mtu gige5 1500
mtu gige6 1500
mtu gige7 1500
mtu gige8 1500
mtu gige9 1500
mtu gige10 1500
mtu gige11 1500
!!!Filter is removed at 19:43:
C3200-155(diag)# show clock

Tue May 10 19:43:05 UTC 2011
bash-3.2$ snmpget -v2c -c public 192.168.0.155 hrSystemDate.0

HOST-RESOURCES-MIB::hrSystemDate.0 = STRING: 2011-5-10,19:43:10.0
bash-3.2$ snmpwalk -v3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1
.1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1 = No Such Object available on this
agent at this OID
bash-3.2$ snmpwalk -v 3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv

-On 192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1
.1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1 = No Such Object available on this
agent at this OID
C3200-155(diag)#show qos ds cm qam 0 ip address 116

prt_ds_es_filter_list():
mtu gige0 1500
mtu gige1 1500
mtu gige2 1500
mtu gige3 1500
mtu gige4 1500
mtu gige5 1500
mtu gige6 1500
mtu gige7 1500
mtu gige8 1500
Casa Systems CMTS

mtu gige9 1500

mtu gige10 1500
mtu gige11 1500

192.168.0.155
LI packets sent to server 192.168.0.170 port 2008:
1. Set the mediation entry.
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 5
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.4.1 u 2008
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.3.1 x
c0a800aa
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 1
2. Set stream entry with destination and source address (in that order)
10.155.1.70 (CM IP) and destination and source length 32.
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 5
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.3.1.1 x
0a9b0146
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.4.1.1 u 32
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.5.1.1 x
0a9b0146
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.6.1.1 u 32
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 1
3. Walk the mediation (pktcEScTapMediationEntry) and stream

(pktcESTapStreamEntry) tables.
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1
Casa Systems CMTS

4. Set a timeout on a CMTS with IP address 192.168.0.155.

snmpset -v3 -u SIIUser -a MD5 -A SIITest123 -l authNoPriv -On
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.10.1 x
07db050a132b00002b0000
5. Remove the mediation and stream table entries.

192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.2.1.1.2.1.16.1.1 i 6
192.168.0.155 1.3.6.1.4.1.4491.2.2.9.1.1.1.1.2.1.13.1 i 6
Casa Systems CMTS

100 Old River Road
Suite 100
Andover, MA 01810
USA
978-688-6706
CMTS
Network Solutions Guide
© 2014 Casa Systems, Inc.

All rights reserved.
DOC-3007-01
For Releases 5.4 to 6.4.3
Document Revision 06.04.03

July 2014
Printed in United States of America

NetSolutions GD 7 16 2014

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

NetSolutions GD 7 16 2014

Încărcat de

Drepturi de autor:

Formate disponibile

CMTS

Network Solutions Guide

For Releases 5.4 to 6.4.3

Chapter 1. Load balancing CMTS traffic

CMTS load balancing overview ........................................................................ 1-2 .

Static and dynamic load balancing .............................................................. 1-2 .

Load balancing restrictions and limitations ................................................. 1-3 .

Load balance configuration prerequisites ................................................... 1-3 .

Enabling load balancing .................................................................................... 1-4 .

Enabling static load balancing across MAC domains ................................. 1-4 .

Load balancing configuration steps .................................................................. 1-5 .

Creating load balancing groups ........................................................................ 1-5 .

General load balancing groups ................................................................... 1-6 .

Restricted load balancing groups ................................................................ 1-8 .

Configuring policies and rules ......................................................................... 1-13 .

Defining basic load balance rules ............................................................. 1-14 .

Casa Systems CMTS

Defining execution rules ............................................................................ 1-15 .

Load balancing over suspicious channels ................................................ 1-21 .

Using exclusion lists ........................................................................................ 1-22 .

Load balancing solutions ................................................................................ 1-23 .

Solution 1 — Configure general load balancing (static) ............................ 1-23 .

Solution 3 — Display and assess load balance statistics ......................... 1-25 .

Solution 4 — Create special load balancing configurations ...................... 1-26 .

Chapter 2. Configuring router redundancy

Routing redundancy overview ........................................................................... 2-2 .

Figure 2-1.Sample C10G router redundancy network ........................... 2-2

Figure 2-2.CMTS router redundancy interface ..................................... 2-3

Solution 2 — Create static routes to upstream routers ............................... 2-5 .

Solution 3 — Configure Routing Information Protocol (RIP) instances ....... 2-5 .

Solution 5 — Configure Border Gateway Protocol 4 (BGP-4) instances .... 2-7 .

Solution 6 — Configure Intermediate system-to-Intermediate system (IS-IS)

Chapter 3. Setting up the CMTS/CCAP for IPTV services

IPTV overview ................................................................................................... 3-2.

Figure 3-1.Basic IPTV network components ......................................... 3-2

Solution 1 — Configure DOCSIS MAC interfaces ...................................... 3-3 .

Solution 2 — Enable IGMP on the GigE interfaces .................................... 3-4 .

Solution 3 — Configure the IGMP static group ........................................... 3-4 .

Solution 4 — Create multicast groups ......................................................... 3-5 .

Casa Systems CMTS

Solution 6 — Configure the cable QOS service-class for IPTV ...................3-6 .

Solution 7 — Limit multicast replication and IPTV channels .......................3-7 .

Solution 8 — Enable multicast authorization and other settings .................3-8 .

Recommended show commands ......................................................................3-9 .

Chapter 4. Monitoring traffic with Lawful Intercept applications

Lawful Intercept at the CMTS ............................................................................4-2 .

Figure 4-1.Sample Lawful Intercept application topology...................... 4-3

Configuring or editing the source interface using SNMP .............................4-4 .

Enabling the target identifier ..............................................................................4-4 .

Configuring SNMP LI users at the CMTS ..........................................................4-5 .

Intercepting Layer 2 streams .............................................................................4-5 .

casa802tapStreamIndex ........................................................................ 4-7

pktcESTapStreamInterface .................................................................. 4-11

Casa Systems CMTS

pktcEScTapMediationEntry ....................................................................... 4-17 .

Lawful intercept example solutions ................................................................. 4-23 .

Solution 1 — Configure lawful intercept on a CMTS with IP address

Solution 2— Configuring lawful intercept on a CMTS with IP address

Solution 3 — Configure lawful intercept with a timeout on a CMTS with

Solution 4 — Configure lawful intercept on a CMTS with IP address

Casa Systems CMTS

About this guide

Currently, the following topics are covered in this guide: