mikrotik –tr069 · tr069 vs snmp feature snmp tr-069 the concept protocol to communicate with...
Post on 19-Apr-2020
37 Views
Preview:
TRANSCRIPT
MikroTik– TR069
HannesWillemse
MikroTikCertifiedTrainerMTCNA– MTCWE– MTCRE– MTCTCE
WhatisTR069
TheCPEWANManagementProtocol(CWMP),publishedbyTheBroadbandForumas TR-069,specifiesastandard
communicationmechanismfortheremotemanagementofend-userdevices.Itdefinesaprotocolforthesecureauto-configurationofa TR-069 deviceandincorporatesothermanagementfunctionsintoacommonframework.
www.friendly-tech.com
WhatisTR069designedfor?
TR-069enablesremoteandsafeconfigurationofnetworkdevicescalledCPE.Configurationismanagedbyacentral
servercalledanACS.
https://www.avsystem.com
Whatisan ACS
AutoConfigurationServer- softwarethatmanagesdevicesremotely.
AVSystem UMPisanexampleoftheACS.
https://www.avsystem.com
Whatisan CPE
CustomerPremisesEquipment- anyequipmentusedbycustomerswhichcanbemanagedbytheACS.CPEis
commonlycalledadevice.
https://www.avsystem.com
HowtoconnectadevicetotheACS?
• ACSURL- anInternetaddressoftheACS,whichisaccessiblefromthis device.
• PeriodicInformInterval- definesafrequencyofcommunicationwiththeACS.
• Usernameandpassword- verificationdataisoptional.ItdependsontheACSrequirementsandanexpectedsecuritylevel.
https://www.avsystem.com
WhatdoesthecommunicationbetweenthedeviceandtheACSlooklike?
• TheconnectionbetweenthedeviceandtheACSisnotpermanent.
• ThedeviceestablishestheconnectionwiththeACSonlyatspecificpointsintime.Itusuallylastsseveralseconds,justenoughtoexchangeallnecessarymessagesbetweenCPEandtheACS.Thisshortexchangeofmessagesiscalledaprovisioningsession.
https://www.avsystem.com
Theprovisioningsession
• Sessioninitialization• Authentication• Deviceidentification• Tasksexecutiononthedevice• Sessionclosure
https://www.avsystem.com
WhendoesthedevicestartasessionwiththeACS?
• TheACSURLissavedorchangedonthedeviceorthedeviceisresettofactorysettings(thedevicecommunicatesitasBOOTSTRAP).
• AnewperiodicvisitistobeginaccordingtothevaluesetinPeriodicInformInterval(thedevicecommunicatesitasPERIODIC).
https://www.avsystem.com
WhendoesthedevicestartasessionwiththeACS?
• ThedevicerespondstotheACSrequestforimmediateconnection(thedevicecommunicatesitasCONNECTIONREQUEST).
• Avalueofaparameterforwhichactivenotificationisenabledchanges(thedevicecommunicatesitasVALUECHANGE).
• Thedeviceisresetorisreconnectedtothepowersupply(thedevicecommunicatesitasBOOT).
https://www.avsystem.com
WhendoesthedevicestartasessionwiththeACS?
• DuringoneoftheprevioussessionstheACSorderedthedevicetoinitiatethecontactwithScheduleInformcommand(thedevicecommunicatesitasSCHEDULED).
• Thedevicewantstoreportexecutionofpreviouslyordereddownloadoruploadmethods(thedevicecommunicatesitasTRANSFERCOMPLETE).
• Thedevicewantstoconfirmapreviouslyordereddiagnostic(thedevicecommunicatesitasDIAGNOSTICCOMPLETE).
WhendoesthedevicestartasessionwiththeACS?
• ThemanufacturerofthedevicecanaddcustomeventsthatwillalsomakethedeviceconnecttotheACS.
https://www.avsystem.com
WhyshouldIbeawareofreasonsforsessioninitialization?
• Youcanorderthedevicetoperformvarioustasksdependingonaparticularcontext,forexample,whenthedeviceconnectsforthefirsttime.
• Youcananalyzereasonsforlastvisitsandfindoutabnormalitiesregardingdevice’sactivities.
https://www.avsystem.com
CantheACSinitializeasessionwiththedevice?
No,itcannot.Thesessioncanbestartedonlybythedevice.However,theACScansendarequesttoestablishconnection,thatisConnectionRequest,whichmakesthedevicecontacttheACSifitisproperlyimplemented.
https://www.avsystem.com
IsTR-069secure?
Yes,itis.TR-069providesseveralmechanismsthatguaranteerobustsecurity.AuthenticationUsernameandpassword,SSL/TLScertificatesCommunicationHTTPSOtherFirewall- IPaddresseslimitedtoasafepool
WhatarethebenefitsofmanagingdevicesviaTR-069?
• Itoffersagreatercontroloverdevices’settingsincomparisontomanagingthemusingconfigurationfiles.
• Itshortenstimeneededforinstallingthedevicesatthecustomers’premisesthankstosendingtheinitialconfigurationautomatically.
• Itreducesanumberofengineers’visitsthankstoapossibilityofperformingcrucialoperationsremotely.
https://www.avsystem.com
WhatarethebenefitsofmanagingdevicesviaTR-069?
• Changingconfiguration,turningservicesoff/onandperformingdiagnosis.
• Itfacilitatesmaintenanceworksuchasupgradingdevice'sfirmwareandbackingupitsconfiguration.Whatismore,theselonglastingoperationscanbescheduledtotakeplaceoff-peakhours.
• Itreducesfailuresthankstonetworkoptimizationsettingsfordevices,forexamplebysettingthebestWi-Fichannels.
WhatarethebenefitsofmanagingdevicesviaTR-069?
• Itautomatesthecontrolofthenetworkstatethroughmonitoring.
• Itcollectsdatathatcanbeusedinbusinessanalysis,forexample,detectingactiveuserstowhomadditionalofferscanbemade.
https://www.avsystem.com
TR069vsSNMPFeature SNMP TR-069
The concept Protocol to communicate with specific CPE
The TR-069 is a standard to communicate with all CPEs. TR-069 is not only a protocol but includes business rules.
Supported commands from server side
SNMP includes only: Get/Set and traps.
TR-069 includes : Set /Get, traps, create object, Delete object, File download, File upload, Reboot, reset, diagnostics commands (Ping, loopback, etc) + support of additional RPCs
TR069vsSNMPFeature SNMP TR-069 Zero Touch provisioning Per CPE type (if available) Yes, part of the standard Diagnostics and monitoring Per CPE type (if available) Yes, part of the standard Data Monitoring No Yes Enforcing Carrier’s policy on CPE & Access Control No Yes
Firmware upgrade Not part of the protocol Yes Security Not part of the protocol Full security More adopted by the main carriers No Yes
Built-in ability to manage multiple types of CPEs
No. Each CPE type requires customizations
In-dependant of CPE vendor or CPE type.
WhatisaRPC
RemoteProcedureCall(RPC)isaprotocolthatoneprogramcanusetorequestaservicefromaprogramlocatedin
anothercomputeronanetworkwithouthavingtounderstandthenetwork'sdetails.Aprocedurecallisalsosometimes
knownasafunctioncallorasubroutinecall.
searchmicroservices.techtarget.com
WhatdoIneedtoimplementTR069onaMikroTik
WhatdoIneedtoimplementTR069onaMikroTik
WhatdoIneedtoimplementTR069onaMikroTik
WhatdoIneedtoimplementTR069onaMikroTik
https://wiki.mikrotik.com/wiki/Manual:Flashfig
top related