Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The DOCSIS Shake
#1
So... Im comparing these 2 telnet logs in order to find discrepancies between a subbed (old-security) and a non-prov cm (new security).

I found NO differences whatsoever up to the DHCP Settings; in which the CMTS all of the sudden (each CMTS/log MAC differ cause they're in different nodes) decides that the TFTP server of the non-prov CM will be a 10.x.x.x IP (non-provisioned in my country).

Condition:
Same Sb5101 on both nodes
CVC/HFC MAC Original configuration

The subbed gets 55 TLVs (CPE Access control I guess) Vs. the non-prov gets 33TLVs, resulting in a eventual loop due to "unrecognized OID", in which at a point they are marked as "UNKNOWN, ignoring."

I've checked the DOCSIS Specification manual (an extract oftenly posted by Jr) as a guide on the interpretation of BPI+ authentication process.

At what point will the handshake end?

Thanks!
___________________________________________________
Off-topic note: There's also in another manual, a lot of emphasis on the synching of a certain element in order to get proper BPI auth., which seems to me very interesting.
Reply
#2
Depends on how the ISP set up the CMTS and how many security features are implemented/enforced.
Reply
#3
(30-03-2013, 09:39 PM)southernyankey1970 Wrote: Depends on how the ISP set up the CMTS and how many security features are implemented/enforced.

I mean, is there a specific string (or set of strings/echoes) that let me know when the process is over?

i.e.
CM> BPI initialization completed. Calling ConfigOperational().
Enabling network access for all CPE ports.

mot_scanList: Writing to Flash!
BcmCmDocsisStatusEventCodes::kCmIsOperational ??

Cheers
Reply
#4
I found a "space" which is granted for reauthorization... a time "period", (lets call it that way) which gives opportunity to deal again with the CMTS... ----- Silent..

wish there was like a private room to discuss (theorize) about this stuff... not that Im not interested in other ppl to learn it too, but might blow-away someone's else treasured secret
Reply
#5
Its called a re-submission rather than drop the handshake you can retry the credentials again
Knowledge=Power
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)