Arris C3 tftp issue | docsis.org

You are here

Arris C3 tftp issue

10 posts / 0 new
Last post
emkowale
Arris C3 tftp issue

Hello All,

I'm setting up a C3 with a Debian linux server and its dhcp server. I have cable modems on the C3 that will not get past the init(o) state. I believe that means that the cm cannot get a config file from the tftp server. my syslog shows this:

Jul 20 11:33:47 benchmark dhcpd: DHCPDISCOVER from 00:0a:73:f6:d8:77 via 10.5.1.2
Jul 20 11:33:48 benchmark dhcpd: DHCPOFFER on 10.5.1.4 to 00:0a:73:f6:d8:77 via 10.5.1.2
Jul 20 11:33:50 benchmark dhcpd: DHCPREQUEST for 10.5.1.4 (10.1.1.1) from 00:0a:73:f6:d8:77 via 10.5.1.2
Jul 20 11:33:50 benchmark dhcpd: DHCPACK on 10.5.1.4 to 00:0a:73:f6:d8:77 via 10.5.1.2

Here is my dhcp.conf file. BTW, I'm using ip routing and no bridging.

next-server 10.1.1.1;
ddns-update-style interim;

option broadcast-address 10.255.255.255;
option time-offset -18000;
option domain-name "benchmark.idsno.net";
option routers 10.1.1.1;
allow booting;
allow bootp;
option time-servers 10.1.1.1;
option ntp-servers 10.1.1.1;
option domain-name-servers 10.1.1.1;
#option domain-name-servers 209.130.136.2;
# option domain-name-servers 209.130.139.2;
option log-servers 10.1.1.1;
authoritative;

# Define option 122
option space docsis-mta;
option docsis-mta.dhcp-server-1 code 1 = ip-address;
option docsis-mta.dhcp-server-2 code 2 = ip-address;
option docsis-mta.provision-server code 3 = { integer 8, string };
option docsis-mta.as-req-as-rep-1 code 4 = { integer 32, integer 32, integer 32 };
option docsis-mta.as-req-as-rep-2 code 5 = { integer 32, integer 32, integer 32 };
option docsis-mta.krb-realm-name code 6 = string;
option docsis-mta.tgs-util code 7 = integer 8;
option docsis-mta.timer code 8 = integer 8;
option docsis-mta.ticket-ctrl-mask code 9 = integer 16;
option docsis-mta-pkt code 122 = encapsulate docsis-mta;

# Globally set option 122 settings just in case
option docsis-mta.dhcp-server-1 10.1.1.1;
option docsis-mta.provision-server 0 "\003benchmark\006idsno\003net\000";
option docsis-mta.krb-realm-name "\005BASIC\0011\000";

default-lease-time 86400;
max-lease-time 86400;

# Define a class for cable modems
# looks at the vendor-class-identifier for the string "docsis"
# spawn with option agent.remote-id; is used because the cmts is acting as a proxy for the dhcp request and if we used the mac it would be the CMTS mac not customer mac.
# only option 122 setting needed is dhcp-server-1 dhcp-server-2 is optional
# the modem config files are defined further down.

class "cm"
{
match if substring(option vendor-class-identifier,0,6) = "docsis";
vendor-option-space docsis-mta;
default-lease-time 86400;
max-lease-time 86400;
option time-offset -18000;
next-server 10.1.1.1;
option tftp-server-name "benchmark.idsno.net";
option time-servers 10.1.1.1;
option log-servers 10.1.1.1;
option domain-name "benchmark.idsno.net";
ddns-updates off;
option routers 10.1.1.1;
option subnet-mask 255.255.255.0;
option docsis-mta.dhcp-server-1 10.1.1.1;
}

class "mta"
{
match if substring(option vendor-class-identifier,0,5) = "pktc1";
default-lease-time 86400;
max-lease-time 86400;
min-lease-time 86400;
option domain-name "benchmark.idsno.net";
ddns-updates off;
option subnet-mask 255.255.255.0;
option routers 10.1.1.1;
option log-servers 10.1.1.1;
option time-servers 10.1.1.1;
option tftp-server-name "10.1.1.1";
next-server 10.1.1.1;
option time-offset -18000;
option host-name = host-decl-name;
option docsis-mta.provision-server 0 "\003rh\006dbs\003cc\000";
option docsis-mta.krb-realm-name "\005BASIC\0011\000";
}

class "cpe"
{
match if(substring(option vendor-class-identifier,0,5) != "pktc1" and
substring(option vendor-class-identifier,0,6) != "docsis");
}

shared-network "dbs"
{
subnet 10.0.0.0 netmask 255.0.0.0
{
default-lease-time 86400;
option subnet-mask 255.255.255.0;
option routers 10.1.1.1;
option broadcast-address 10.255.255.255;

#cm pool
pool
{
dynamic-bootp-lease-length 86400;
range dynamic-bootp 10.5.1.3 10.5.1.254;
next-server 10.1.1.1;
allow members of "cm";
deny members of "mta";
deny members of "cpe";
}
#mta pool
pool
{
dynamic-bootp-lease-length 86400;
range dynamic-bootp 10.55.1.3 10.55.1.254;
next-server 10.1.1.1;
allow members of "mta";
deny members of "cm";
deny members of "cpe";
}
#cpe pool
pool
{
dynamic-bootp-lease-length 86400;
range dynamic-bootp 10.105.1.3 10.105.1.254;
next-server 10.1.1.1;
allow members of "cpe";
deny members of "cm";
deny members of "mta";
}

}

#The hosts start here in this file.
include "/etc/dhcpd.include";
}

Any ideas??

Thanks,
emkowale

kwesibrunee
For the CM class you list

For the CM class you list the TFTP server(s) as follows

option tftp-server-name "benchmark.idsno.net";
next-server 10.1.1.1;

first question what does benchmark.idsno.net resolve to? Ideally you would want both next-server (bootp) and tftp-server (dhcp) set the same, some older modems use next server most however use tftp-server-name. Keep in mind also your modems are being given non-routeable IPs they will not be able to route to routeable TFTP servers unless they are on the same physical network, or you use some kind of NAT.

second how is the modem supposed to determine what benchmark.idsno.net resolves to, there are no name-servers defined for CM class? Why is the router listed as the global DNS server does it do dns too??? or is this just a sanitized version?

Thanks,
Jason

emkowale
still trying

benchmark.idso.net resolves to 10.1.1.1 But, I've also tried setting the field to "10.1.1.1" with no luck. do use masquerading with Linux iptables. I have an Arris CMTS 1500 set up with this config and it works fine. The C3 is the only difference.

Thanks,
emkowale

kwesibrunee
if your using iptables make

if your using iptables make sure to load the tftp-conntrack module or it won't work.

emkowale
I can't find it

Hi,

I can't find that on my system. Does in come in a package? How is it loaded? "modprobe tftp-conntrack"?

emkowale

kwesibrunee
I apologize the name of the

I apologize the name of the module is ip_conntrack_tftp

and yes you load it by doing modprobe ip_conntrack_tftp

we use Centos (RHEL5) and it is built in on this os not sure on other Flavors of linux

emkowale
Nope

Nope, that didn't do it. I'd me willing to pay a little to get this to work if you are interested.

emkowale
989-239-0446

kwesibrunee
I think I found the issue

I think I found the issue

You have the right broadcast address setup but you Can't have a 255.255.255.0 mask on a 10.5.x.x network and have it be able to communicate with a 10.1.1.1 gateway, that gateway is not in that subnet. change it to match the subnet declaration i.e.

subnet-mask 255.0.0.0;

which is why DHCP (broadcast) works but TFTP (unicast) does not.

just curious, why are you using bootp??? Why not just regular dhcp????

here is the changes in a new dhcp.conf file that is streamlined

ddns-update-style interim;
allow booting;
allow bootp;

authoritative;

# Define option 122
option space docsis-mta;
option docsis-mta.dhcp-server-1 code 1 = ip-address;
option docsis-mta.dhcp-server-2 code 2 = ip-address;
option docsis-mta.provision-server code 3 = { integer 8, string };
option docsis-mta.as-req-as-rep-1 code 4 = { integer 32, integer 32, integer 32 };
option docsis-mta.as-req-as-rep-2 code 5 = { integer 32, integer 32, integer 32 };
option docsis-mta.krb-realm-name code 6 = string;
option docsis-mta.tgs-util code 7 = integer 8;
option docsis-mta.timer code 8 = integer 8;
option docsis-mta.ticket-ctrl-mask code 9 = integer 16;
option docsis-mta-pkt code 122 = encapsulate docsis-mta;

# Globally set option 122 settings just in case
option docsis-mta.dhcp-server-1 10.1.1.1;
option docsis-mta.provision-server 0 "\003benchmark\006idsno\003net\000";
option docsis-mta.krb-realm-name "\005BASIC\0011\000";

default-lease-time 86400;
max-lease-time 86400;

# Define a class for cable modems
# looks at the vendor-class-identifier for the string "docsis"
# spawn with option agent.remote-id; is used because the cmts is acting as a proxy for the dhcp request and if we used the mac it would be the CMTS mac not customer mac.
# only option 122 setting needed is dhcp-server-1 dhcp-server-2 is optional
# the modem config files are defined further down.

class "cm"
{
match if substring(option vendor-class-identifier,0,6) = "docsis";

}

class "mta"
{
match if substring(option vendor-class-identifier,0,5) = "pktc1";

}

class "cpe"
{
match if(substring(option vendor-class-identifier,0,5) != "pktc1" and
substring(option vendor-class-identifier,0,6) != "docsis");
}

shared-network "dbs"
{
 subnet 10.0.0.0 netmask 255.0.0.0
 {
  default-lease-time 86400;
  option subnet-mask 255.0.0.0;
  option routers 10.1.1.1;
  option broadcast-address 10.255.255.255;

  #cm pool
  pool
  {
   vendor-option-space docsis-mta;
   dynamic-bootp-lease-length 86400;
   range dynamic-bootp 10.5.1.3 10.5.1.254;
   next-server 10.1.1.1;
   allow members of "cm";
   deny members of "mta";
   deny members of "cpe";
   ption time-offset -18000;
   next-server 10.1.1.1;
   option tftp-server-name "10.1.1.1";
   option time-servers 10.1.1.1;
   option log-servers 10.1.1.1;
   option domain-name "benchmark.idsno.net";
   ddns-updates off;
   option docsis-mta.dhcp-server-1 10.1.1.1;
  }
  #mta pool
  pool
  {
   dynamic-bootp-lease-length 86400;
   range dynamic-bootp 10.55.1.3 10.55.1.254;
   next-server 10.1.1.1;
   allow members of "mta";
   deny members of "cm";
   deny members of "cpe";
   default-lease-time 86400;
   max-lease-time 86400;
   min-lease-time 86400;
   option domain-name "benchmark.idsno.net";
   ddns-updates off;
   option log-servers 10.1.1.1;
   option time-servers 10.1.1.1;
   option tftp-server-name "10.1.1.1";
   next-server 10.1.1.1;
   option time-offset -18000;
   option host-name = host-decl-name;
   option docsis-mta.provision-server 0 "\003rh\006dbs\003cc\000";
   option docsis-mta.krb-realm-name "\005BASIC\0011\000";
  }
  #cpe pool
  pool
  {
   dynamic-bootp-lease-length 86400;
   range dynamic-bootp 10.105.1.3 10.105.1.254;
   next-server 10.1.1.1;
   option domain-name-servers 10.1.1.1;
   allow members of "cpe";
   deny members of "cm";
   deny members of "mta";
  }
 
 }
}
#The hosts start here in this file.
include "/etc/dhcpd.include";

emkowale
still not it

I used the dhcp.conf file you put in there with the exception on the "ption" typo and it gives the same result. Your idea makes sense to me though. Believe it or not, I'm really pretty good at this stuff. It's just that sometimes your eyes get crossed and you need a second set of eyes. I have my paypal account ready for when you find me a solution tough. :)

emkowale

kwesibrunee
I have no doubt, your very

I have no doubt, your very good at what you do, kind of have to be to tackle the ugly stepchild of the networking world, that is docsis :D

One thing I noticed is missing from the dhcp.conf file is,

filename "ModemConfig.bin";
option bootfile-name "ModemConfig.bin";

you state the modem configs are defined further down, are these lines what you mean? If not could you post what you have there please?

I assume you mean this info is attached to each host entry?

I would reccomend doing it like this

group ServiceLevel {
filename "ServiceLevel.bin";
option bootfile-name "ServiceLevel.bin";
}

then in your host Declaration you do
host something {
hardware-address xx:xx:xx:xx:xx:xx;
group ServiceLevel;
}

makes it easier to make changes in the future, cuz you only have to change it one place instead of multiple.

Anyways, assuming that is right lets try the simple stuff.....

1. Can you use a TFTP client from a PC to tftp the files in question, preferably with a 10.x.x.x IP

in linux
tftp
connect 10.1.1.1
GET ModemConfig.bin
In windows
tftp -i 10.1.1.1 GET ModemConfig.bin

2. When the modem is in init(o) can you ping it from the tftp server? From the CMTS? Should be able to ping it from both.

3. Are permissions, filepath etc correct on include "/etc/dhcpd.include"; ?

I have found that most TFTP problems are routing issues, so double, triple check your routing on this CMTS.....

let me know how we are doing....

Log in or register to post comments