Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems uBR7200 manual Configuring KEK Privacy, MC-562, Command, Purpose

Models: uBR7200

1 88

Download 88 pages 44.59 Kb

Page 44

Configuring KEK Privacy

Configuring Headend Broadband Access Router Features

Configuring and Activating Baseline Privacy

A KEK is assigned to a cable modem based on the cable modem SID and permits the cable modem to connect to the Cisco uBR7200 series when baseline privacy is activated. The TEK is assigned to a cable modem when its KEK has been established. The TEK is used to encrypt data traffic between the cable modem and the Cisco uBR7200 series.

KEKs and TEKs can be set to expire based on a grace-time or a life-time value. A grace-time key is used to assign a temporary key to a cable modem to access the network. A life-time key is used to assign a more permanent key to a cable modem. Each cable modem that has a life-time key assigned will request a new life-time key from the Cisco uBR7200 series before the current one expires.

Note Baseline privacy is only supported in Cisco IOS software containing “-k1” in the filename. If you do not already have a baseline privacy software image, you must download the software from Cisco Connection Online (CCO).

Note Baseline privacy will not operate unless the cable modem configuration file specifies that privacy is on.

The configuration and activation of baseline privacy depends on each cable operator physical plant.

To configure and activate baseline privacy, perform the following tasks:

•Configuring KEK Privacy

•Configuring TEK Privacy

•Activating Baseline Privacy

Configuring KEK Privacy

A grace-time KEK can be set from 300 to 1800 seconds. A life-time KEK can be set from 86,400 to 6,048,000 seconds. If you do not set a KEK value, the default values are used.

To configure KEK data privacy on the HFC network, use the following commands in cable interface configuration mode:

Command	Purpose

CMTS01(config-if)#cable privacy kek grace-time	Sets the cable privacy KEK grace time in seconds. Valid
seconds	values are from 300 to 1800 seconds. Default = 600.
or	or
	or
CMTS01(config-if)#cable privacy kek life-time seconds	Sets the cable privacy KEK life time in seconds. Valid
	Sets the cable privacy KEK life time in seconds. Valid
	values are from 86400 to 6048000 seconds.
	Default = 604800.

Cisco IOS Multiservice Applications Configuration Guide

MC-562

Image 44

Cisco Systems uBR7200 manual Configuring KEK Privacy, MC-562, Command, Purpose

Contents

MC-519 Configuring Headend Broadband Access Router FeaturesHeadend Overview MC-520MAC sublayer and associated interfaces Voice over IP Services Telco Return MC-523MC-524 QoS Features Service Class ProfilesMultiple Service IDs MC-525MC-526 TAG/NetFlow SwitchingQoS Profile Enforcement MC-527 Tag SwitchingNetflow Switching Security Features Weighted Random Early DetectionWeighted Fair Queueing Committed Access Rate CARCable Modem and Multicast Authentication Using RADIUS DOCSIS Baseline PrivacyUpstream Address Verification MC-529Traffic Shaping Features Operations and Provisioning FeaturesDynamic Ranging MC-530Downstream Channel ID Configuration Burst Profile ConfigurationDownstream Frequency Override CPE LimitationPer-Modem and per-Host Access Lists Basic Wiretap SupportInter-Switch Link Bridging on Noncable Interfaces Spectrum ManagementMC-533 Headend Broadband Access Router Configuration PrerequisitesHeadend Broadband Access Router Configuration Tasks MC-534Configuring the Downstream Cable Interface CommandActivating the Downstream Carrier PurposeSetting the Downstream Center Frequency Troubleshooting TipsVerifying the Downstream Carrier MC-536Verifying the Downstream Center Frequency MC-537Troubleshooting Tips CommandSetting the Downstream Channel ID Setting the Downstream MPEG Framing Format Annex BVerifying the Downstream Channel ID MC-538Setting the Downstream Modulation Verifying the Downstream MPEG Framing FormatVerifying the Downstream Modulation MC-539Setting the Downstream Interleave Depth Verifying the Downstream Interleave DepthMC-540 Troubleshooting TipsSetting the Downstream Helper Address Verifying the Downstream Helper AddressMC-541 Troubleshooting TipsSetting Downstream Rate Limiting MC-542Command PurposeConfiguring the Upstream Cable Interface Verifying Downstream Rate LimitingMC-543 Troubleshooting TipsSetting the Upstream Frequency MC-544Verifying the Upstream Frequency MC-545Troubleshooting Tips CommandSetting the Upstream Channel Width Verifying Upstream Channel WidthMC-546 Troubleshooting TipsSetting the Upstream Input Power Level MC-547Command PurposeVerifying the Upstream Input Power Level Activating Upstream Admission ControlVerifying Upstream Admission Control MC-548Activating Upstream FEC MC-549Troubleshooting Tips CommandSpecifying Upstream Minislot Size Verifying Upstream FECMC-550 Troubleshooting TipsActivating the Upstream Scrambler Verifying Upstream Minislot SizeMC-551 Troubleshooting TipsVerifying the Upstream Scrambler MC-552Troubleshooting Tips CommandActivating Upstream Differential Encoding Activating Upstream Rate LimitingVerifying Upstream Differential Encoding MC-553Verifying Upstream Rate Limiting MC-554Command PurposeActivating Upstream Frequency Adjustment MC-555Troubleshooting Tips CommandActivating Upstream Power Adjustment Verifying Upstream Frequency AdjustmentMC-556 Troubleshooting TipsActivating Upstream Timing Adjustment Verifying Upstream Power AdjustmentMC-557 Troubleshooting TipsVerifying Upstream Timing Adjustment show running-config outputActivating the Upstream Ports MC-558Setting Upstream Backoff Values Verifying the Upstream PortsMC-559 Troubleshooting TipsMC-560 CommandCMTS01config-if# cable upstream usport range PurposeConfiguring and Activating Baseline Privacy Verifying Upstream Data Backoff AutomaticMC-561 Troubleshooting TipsConfiguring KEK Privacy MC-562Command PurposeConfiguring TEK Privacy Verifying KEK PrivacyVerifying TEK Privacy MC-563Configuring and Activating Frequency Agility Activating Baseline PrivacyVerifying Baseline Privacy MC-564Combiner Groups MC-565Sparse SegmentFrequency Management Policy MC-566Determining the Upstream Ports Assigned to a Combiner Group MC-567Configuring and Activating Spectrum Groups frequency and power level at the same time every dayfrequency and power level at a specified interval in Creating Spectrum GroupsMC-569 CommandPurpose MC-570 MC-571 Verifying Spectrum Group ConfigurationVerifying Frequency Hopping Troubleshooting Tips Configuring Spectrum Group CharacteristicsMC-572 Verifying Spectrum Group Characteristics Sets the percentage of all cable modems losingkeepalive messages going offline that will cause a frequency hopActivating IP Address Resolution Protocol Enters cable interface configuration mode for thePlaces the upstream port in the “admin up” state Exits configuration mode and forces the system toActivating Host-to-Host Communication Proxy ARP Verifying ARP RequestsMC-575 Troubleshooting TipsConfiguring DHCP Options Activating Cable Proxy ARP RequestsActivating Cable Relay Agent Verifying Cable Proxy ARP RequestsActivating DHCP giaddr Verifying DHCP giaddr ActivationMC-577 Troubleshooting TipsSetting Service Options Setting Optional IP ParametersConfiguring ToD Service Verifying ToD ServiceActivating IP Multicast Echo Activating IP Broadcast EchoVerifying IP Multicast Echo MC-579Configuring Cable Profiles Configuring Cable Modulation ProfilesVerifying IP Broadcast Echo MC-580Purpose MC-581Command Configuring QoS Profiles enter the show cable modulation-profile commandVerifying Cable Modulation Profiles MC-582Verifying QoS Profiles MC-583Troubleshooting Tips CommandSetting QoS Permission Enforcing a QoS Profile AssignmentVerifying QoS Permission MC-584MC-585 Managing Cable Modems on the HFC NetworkVerifying a QoS Profile Assignment Configuring Sync Message Interval Configuring Telco ReturnActivating Cable Modem Authentication Verifying Sync Message IntervalVerifying Cable Modem Authentication Activating Cable Modem Upstream Address VerificationMC-587 Troubleshooting TipsActivating Cable Modem Insertion Interval Verifying Cable Modem Upstream Address VerificationMC-588 Troubleshooting TipsVerifying Cable Modem Insertion Interval MC-589Command PurposeConfiguring Cable Modem Registration Timeout Verifying the Maximum Number of HostsMC-590 Configuring the Maximum Number of Hosts Attached to a Cable ModemClearing and Resetting Cable Modems Verifying Registration TimeoutMC-591 Troubleshooting TipsVerifying Cable Modem Clearing and Resetting Clearing Cable Modem CountersMC-592 Troubleshooting TipsUsing Ping DOCSIS Verifying that Cable Modem Counters are ClearedVerifying Ping DOCSIS MC-593Spectrum Management Configuration Example MC-594Configuring Headend Broadband Access Router Features Headend Broadband Access Router Configuration ExamplesVirtual Private Network Configuration Example MC-595MC-596 Configuring Headend Broadband Access Router FeaturesHeadend Broadband Access Router Configuration Examples Cisco IOS Multiservice Applications Configuration GuideMC-597 Configuring Headend Broadband Access Router FeaturesHeadend Broadband Access Router Configuration Examples Cisco IOS Multiservice Applications Configuration GuideVoIP Configuration Example MC-598MC-599 Configuring Headend Broadband Access Router FeaturesHeadend Broadband Access Router Configuration Examples Cisco IOS Multiservice Applications Configuration GuideTelco Return Configuration Example MC-600MC-601 Configuring Headend Broadband Access Router FeaturesHeadend Broadband Access Router Configuration Examples Cisco IOS Multiservice Applications Configuration GuideQoS Profile Enforcement Configuration Example MC-602Configuring Headend Broadband Access Router Features Headend Broadband Access Router Configuration ExamplesTroubleshooting Using Cable Flap Lists Setting Cable Flap List AgingSpecifies the number of days to record and retain flapping activity for the cable modems connected to this Cisco uBR7200Setting Cable Flap List Insertion Time Setting Cable Flap List Power Adjustment ThresholdVerifying Cable Flap List Aging Verifying Cable Flap List Insertion TimeSetting Cable Flap List Miss Threshold Verifying Cable Flap List Power Adjustment ThresholdSpecifies the minimum power adjustment that will Verifying Cable Flap List Miss ThresholdSetting Cable Flap List Size Clearing Cable Flap ListVerifying Cable Flap List Size Specifies the maximum size of the flap list