2018-12-14

### TR-069 Connection Request

[TOC]

#### 1. Connection Request

TR-069中定义的HTTP连接,均由CPE端主动发起。而有时ACS需要下发命令给CPE,就需要通过特定流程触发CPE主动向ACS发起连接。接受ACS下发的相关RPC调用。该流程即为**Connection Request**。

Connection Request定义了TCP Connection Request 和 UDP Connection Reqeust两种方式。这里将主要讲述UDP Connection Request 方式。

##### 1.1 UDP Connection Request报文格式(TR-111)

其报文结构为:

- It MUST be a valid HTTP 1.1 GET message

- It MUST contain no Message Body.

- If a Content-Length header is present, its value MUST be zero.

- The Method given in the Request Line MUST be “GET”.

- The Request-URI given in the Request Line MUST be an Absolute-URI according to the rules defined in RFC 3986 Uniform Resource Identifier. The URI MUST be formed as follows:

  - The Scheme portion of the URI MUST be “http” or “HTTP”.

  - The Authority portion of the URI MUST be as specified in [2-7]. The ACS MAY set this to the value of Device.ManagementServer.UDPConnectionRequestAddress, if it is known. Otherwise, the ACS MUST derive this string from the actual destination IP address and port to which the UDP Connection Request message will be sent. The “port” portion of this string MUST be present unless the destination port umber is “80”.

  - The Path portion of the URI MUST be empty.

  - The Query portion of the URI MUST contain a query string encoded as defined by the “application/x-www-form-urlencoded” content type defined in [2-8]. The query string

    MUST contain the following name-value pairs:

    | name | Value                                    |

    | :--- | :--------------------------------------- |

    | ts  | Timestamp. The number of seconds since the Unix epoch until the time the message is created (the standard Unix timestamp). |

    | id  | Message ID. An unsigned integer value that MUST be set to the same value for all retransmitted copies of the same UDP Connection Request. The value MUST change between successive distinct UDP Connection Requests. |

    | un  | Username. The value of the parameter Device.ManagementServer.Connection-RequestUsername as read from the CPE. |

    | cn  | Cnonce. A random string chosen by the ACS. |

    | sig  | Signature. Formed from the 40-character hexadecimal representation (case insensitive) of HMAC-SHA1 (Key, Text) |

**Eg:**

http://10.1.1.1:8080?ts=1120673700&id=1234&un=CPE57689

&cn=XTGRWIPC6D3IPXS3&sig=3545F7B5820D76A3DF45A3A509DA8D8C38F13512

##### 1.2 UDP Connection Request Process

TR-069定义的基本流程为:

![Connection Reqeust](/api/file/getImage?fileId=5bc54bb209eb7d0aa3000138)

- 其中Getparameter Value获取参数为:

  - .ManagementServer.ConnectionRequestUsername

  - .ManagementServer.ConnectionRequestPassword

  - .ManagementServer.UDPConnectionRequestAddress

若CPE处于NAT后,则需要借助STUN完成相关流程(TR-111 Connection Request via NAT Gateway):

![Connection_request_NAT.png](https://192.168.120.100:9001/api/file/getAttach?fileId=5bc54b3d09eb7d0aa3000137)

- 上图省略了ACS-CPE设置STUN服务器,及CPE上报UDPConnectionRequestAddress的步骤。

示例报文分析:

[UDP_Connection_Request.pcapng](https://192.168.120.100:9001/api/file/getAttach?fileId=5bc54b3d09eb7d0aa3000136)

如附件中抓包:

- GVC3210(CMCC OEM)IP:192.168.131.90

- ACS URL:http://103.20.113.32:6581/ACS-server/ACS

- STUN Server:103.20.113.32:6478  ( Filter Set as : tcp.stream eq 0)

抓包中相关流程:

- Filter Set As: tcp.stream eq 0,设备上电连接ACS平台。ACS下发STUN Server:port

- Frame 2~59,  CPE与ACS间连接交互,同时保活STUN通道。

- Frame 60 & 61,ACS通过STUN通道下发“UDP Connection Request”请求

- Filter Set as :tcp.stream eq 3,  设备验证“UDP Connection Request”消息后主动向ACS发起连接。携带“Event 6 Connection Request”

你可能感兴趣的:(2018-12-14)