No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Network Management and Monitoring

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R009

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
CWMP Implementation

CWMP Implementation

CWMP Process

Figure 5-2 shows the CWMP working process when the ACS changes a parameter value on the CPE.
Figure 5-2  CWMP process

The CWMP process is as follows:

  1. A CPE initiates a session.

    If an ACS initiates a session, it sends a Connect request to the CPE (which functions as an HTTP server) to set up a session.

  2. The CPE and ACS use Security Socket Layer (SSL) protocol to set up a secure connection.
  3. The CPE invokes the Remote Procedure Call (RPC) method Inform to send an Inform request to the ACS, reporting device information and requesting a CWMP connection.
  4. After the CPE is authenticated, the ACS sends an Inform response. The Inform method is complete and the CWMP connection is set up.
  5. The CPE sends an empty HTTP post message to the ACS, indicating that the CPE does not invoke any more RPC methods supported by the ACS.
  6. The ACS invokes the GetParameterValues method to query CPE parameters.
  7. The CPE sends a GetParameterValues response containing the queried parameters to the ACS. The GetParameterValues method is complete.
  8. The ACS invokes the SetParameterValues method to set CPE parameters.
  9. The CPE sends a SetParameterValues response containing the parameter settings to the ACS. The SetParameterValues method is complete.
  10. The ACS sends an empty HTTP response to the CPE, indicating that the ACS does not invoke any more RPC methods supported by the CPE.
  11. The CPE terminates the connection.

As shown in Figure 5-2, the CWMP session goes through three phases.

Session initiation phase

A session can be initiated by a CPE or an ACS.
  • A CPE initiates a session in the following scenarios:

    • After startup, the CPE searches for an ACS based on the local configuration or the ACS URL allocated by the Dynamic Host Configuration Protocol (DHCP) server, and then initiates a session.

    • The CPE is configured to send Inform messages at intervals. The CPE will automatically send an Inform message to initiate a session when the interval arrives (1 hour for example).

    • The CPE is configured to send Inform messages at a specified time. The CPE will automatically send an Inform message at the time to initiate a session.

    • If session setup is interrupted unexpectedly and the number of CPE auto-connection retries has not reached the upper limit, the CPE automatically sets up a new connection.

  • An ACS initiates a session.

    An ACS can send a Connect request to a CPE at any time. After the CPE authenticates the request, a session between the CPE and the ACS is set up.

    The prerequisite for this method is that the CPE and the ACS have communicated with each other before. During the first communication between the CPE and the ACS, the ACS saves the CPE IP address in the address list. Then it can initiate a session in subsequent communication with the CPE.

CWMP uses security mechanisms to protect communication between a CPE and an ACS. The security mechanisms prevent the transactions between the CPE and the ACS from being tampered and ensure confidentiality of the transactions. CWMP supports the following security mechanisms:
  • CPE and ACS authentication:

    • CPE authentication on the ACS side: A CPE sends an Inform request based on the ACS URL configured locally to communicate with an ACS. After the CPE is authenticated (the ACS user name and password in the Inform request are the same as those configured on the ACS), a session is set up between the CPE and the ACS.

    • ACS authentication on the CPE side: An ACS sends an Inform reques containing a CPE IP address to communicate with a CPE. After the ACS is authenticated (the CPE user name and password in the HTTP request are the same as those configured on the CPE), a session is set up between the CPE and the ACS.

  • Security Socket Layer (SSL) authentication:

    It ensures transaction confidentiality and data integrity and enables the CPE and ACS to authenticate each other using certificates.

    SSL operates independently of application-layer protocols. Any types of application-layer protocols (including HTTP, FTP, and Telnet) can set up connections based on SSL. SSL finishes data encryption, key negotiation, and server authentication before the application-layer protocols set up connections. Therefore, all data transmitted by the application-layer protocols is encrypted.
    NOTE:
    Certificate contains personal or an enterprise's information and public key:
    • Public key: The two ends share a public key to encrypt data and verify signatures.
    • Private key: Each end has a private key to decrypt data and sign signature.
    • Signature: Information containing a signature cannot be modified by anyone except the creator. It ensures data security and integrity.

Communication phase

After a session is initiated, a CPE or an ACS can send requests to each other to perform operations. For example, the ACS can query and set CPE parameters, and the CPE can upload files to or download files from the file server specified by the ACS.

Session termination phase

Only a CPE can terminate a session.

If the ACS and CPE have sent all necessary requests and received all responses, the CPE terminates the session.

CWMP Operation Methods

An ACS manages and monitors a CPE by performing a series of operations. These operations are called RPC methods in CWMP.

CWMP supports the following standard RPC methods:

  • Generic method: Both the CPE and the ACS must support this method. Table 5-1 describes a generic method, which can be invoked by both the CPE and the ACS.

    Table 5-1  Generic method

    Method

    Description

    GetRPCMethods

    Used to obtain RPC methods supported by the CPE and the ACS.

  • CPE methods: The CPE must support these methods. Table 5-2 lists the CPE methods, which can be invoked only by the ACS.
    Table 5-2  CPE methods

    Method

    Description

    SetParameterValues Used by an ACS to set CPE parameters.
    GetParameterValues Used by an ACS to obtain CPE parameter values.
    GetParameterNames Used by an ACS to discover accessible parameters of a CPE.
    SetParameterAttributes Used by an ACS to set attributes of CPE parameters.
    GetParameterAttributes Used by an ACS to obtain CPE parameter attributes.
    AddObject Used by an ACS to create instances for a multi-instance object in the CPE data model.
    DeleteObject Used by an ACS to delete instances of a multi-instance object from the CPE data model.
    Download Used by an ACS to request a CPE to download a file from a specified URL and use the downloaded file to replace the local file on the CPE.
    Upload Used by an ACS to request a CPE to upload a file to a specified URL.
    Reboot Used by an ACS to remotely restart a CPE when the CPE is faulty or the CPE software is upgraded.
    FactoryReset Used by an ACS to restore the factory settings of a CPE.
    ScheduleInfrom Used by an ACS to set the delay after which the CPE sends an inform message.
  • ACS methods: The ACS must support these methods. Table 5-3 lists the ACS methods, which can be invoked only by the CPE.
    Table 5-3  ACS methods

    Method

    Description

    Inform Used by a CPE to send an Inform message to an ACS when the CPE needs to initiate a session with the ACS or periodically send local information to the ACS, or when the CPE bottom-layer configuration changes.
    TransferComplete Used by a CPE to notify an ACS that requested file download or upload is complete no matter whether the file is successfully downloaded or uploaded.
Translation
Download
Updated: 2019-05-17

Document ID: EDOC1000174072

Views: 102440

Downloads: 339

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next