Term
| In case of a TR-069 session consisting of multiple HTTP request/response round trips, is it desirable that this be conducted over a single, or multiple TCP sessions? Why? |
|
Definition
| It is highly desirable that this be conducted over a single session. Otherwise, the load is increased and the risk of lost sessions is increased as well. Study the difference between HTTP 1.0 and HTTP 1.1 and session persistence to get a clearer view of the topic. |
|
|
Term
| In case of a TR-069 session consisting of multiple HTTP request/response round trips, how is the CPE supposed to behave after the round trip has been cleanly closed? |
|
Definition
| The CPE MUST create a new session to continue the previous TR-069 session. |
|
|
Term
| For Connection Request and the HTTP authentication challenge, how must the CPE behave? |
|
Definition
| The CPE MUST send the subsequent responses within one session, unless explicitly directed by the ACS to initiate a new one - this would be indicated by ACS using "connection: close" header in the HTTP challenge. |
|
|
Term
| What are the requirements for cookie handling by the CPE? |
|
Definition
| The CPE MUST support the use of multiple cookies by the ACS, and MUST make available at least 512 bytes for storage of cookies. |
|
|
Term
| When instructed to perform a Download from a URL outside the domain of the ACS, how may the cpe react? |
|
Definition
| It may either establish a parallel session and continue sending messages to ACS, or it may close the current session and move on to the download. |
|
|
Term
| What are the authentication requirements for CPE's from the ACS side? |
|
Definition
| If CPE's are not authenticated using TLS, the MUST be (hahaha) authorized using HTTP authentication. |
|
|
Term
| What HTTP authentication mechanism MUST be used if TLS is not used? |
|
Definition
|
|
Term
| How long must the CPE keep sending the authorization header after a successful authentication within the context of a TR-069 session? |
|
Definition
| Over the duration of the TCP connection. In theory, with HTTP 1.0 or otherwise non-persistent sessions being applied, this could entail multiple authentication round trip within the span of a single Tr-069 session, if it consists of multiple http request/response round trips. (Think of a multistep scenario - with non-persistent sessions, every request and response is a separate round trip, therefore theoretically new authentication would be needed for every step of the scenario!) |
|
|
Term
| "The ACS is sending numerous Authentication challenges within a single TCP session. What is happening?" |
|
Definition
| Nothing. That is perfectly okay, as the ACS may do that according to the standard. |
|
|
Term
| "Seeing the Connection Request and its authentication challenge, I first get a 401 Error, but then the return code is 200, so ok. What is happening?" |
|
Definition
| Nothing! This is the way how http authentication works - the first response is ALWAYS 401, that's how you tell the client they need to authenticate. |
|
|
Term
| When does the ACS play the role of a client and when of a server? |
|
Definition
| The ACS is the client when it is initiating session to the ACS - i.e. making connection requests. In CPE-initiated sessions, it acts as a server. |
|
|
Term
| What are the requirements regarding the use of Digest authentication? |
|
Definition
| Both ACS and CPE must support MD5 algorithm. Additionally, the CPE must support MD5-sess algorithm. The CPE and the ACS MUST support the RFC 2617 “qop” option containing the value “auth”. According to RFC 2617, this means that the HTTP client MUST use a new style digest mechanism when this option is provided to it by the HTTP server. |
|
|
Term
| What return code must ACS use when returning an empty post? |
|
Definition
|
|
Term
| What are the requirements regarding pipelining as defined in HTTP 1.1? |
|
Definition
|
|
Term
| What are the requirements regarding the use of HTTP Compression? |
|
Definition
| The ACS and CPE must be able to negotiate the compression mechanism.In order for the CPE and ACS to efficiently exchange compressed messages the CPE MUST send the compressed message with the Content-Encoding header defined by the ManagementServer.HTTPCompression Parameter, unless that Parameter is set to “Disabled”. If HTTP compression is not supported by the ACS, 415 Media not supported must be returned. The ACS can enable HTTP compression by setting the ManagementServer.HTTP-Compression Parameter to a value supported by the CPE and ACS. The ACS can disable HTTP compression by setting the ManagementServer.HTTPCompression Parameter to “Disabled”. The CPE lists the supported HTTP compression mechanisms in the ManagementServer.HTTPCompressionSupported Parameter. |
|
|
Term
| What is the problem with Instance Identifier Numbers? (i.e. the "2" in InternetGatewayDevice.LANDevice.2.) |
|
Definition
| The indices are arbitrary per TR-069 standard, hence they cannot be used for a meaningful object ordering. Additionally, it cannot be assumed that a newly created object will have a larger number than an already existing one, or that the number will be exactly larger by one than the highest already existing one. (i.e. addObject on I.LANDevice. can create a I.LANDevice.5. object as opposed to I.LANDevice.3., which you would perhaps expect) |
|
|
Term
| What is the policy to (re)using the Instance Identifier Numbers? |
|
Definition
| The numbers already used should not be reused, if the original objects were deleted. First, the entire numeric space (i.e. 256 objects) should be exhausted before recycling. In practice, this is not always the case. |
|
|
Term
| What is the purpose of instance wildcards? |
|
Definition
| You can, when instance wildcards are supported, query the parameters without specifying the index, so e.g.: you can run GPV on "Device.IP.Interface.*. IP4Address." NOTE: The wildcard must not be the last part of a path name. |
|
|
Term
| How must all TR-069 Session begin? Why? |
|
Definition
| With the CPE sending the POST Inform request. This is to negotiate the limitations on the part of cpe regarding message encoding. |
|
|
Term
| How many TR-069 Session can exist between a CWMP Endpoint and the associated ACS at a time? |
|
Definition
| One. Hence, in the case of multiple CWMP Endpoints on a cpe, this could be using multiple concurrent TR-069 Sessions. |
|
|
Term
| When and by whom is the TR-069 Session to be closed? |
|
Definition
| By the CPE, when there are no due messages to be exchanged (indicated by the exchange of empty http posts). |
|
|
Term
| Describe the concept of transactional integrity in CWMP. |
|
Definition
| From the start to the finish of a tcp session, the CPE must present itself as consistent and only modified by the ACS. Changes performed by other entities must not be reflected by corresponding changes in the data model. |
|
|
Term
| How does the CWMP Version negotiation work? |
|
Definition
| If the cpe supports CWMP 1.4 or higher, it will include the SupportedCWMPVersions header and in it, a comma-separated list of supported versions. If the 1.4 and higher version-supporting cpe receives UseCWMPVersion header, it must use one of the listed versions. (If a version not supported by the CPE is returned, the CPE must terminate the session.) If a CPE supporting any CWMP version does not receive a UseCWMPVersion, the CPE MUST infer the CWMP version from the CWMP namespace in the InformResponse returned from the ACS. |
|
|
Term
| What are the conditions for the CPE to hav e to close the Session? |
|
Definition
All of the conditions must be met:
- no pending requests by the ACS;
- no pending requests by the CPE;
- The CPE has RECEIVED all outstanding Response messages from the ACS;
- The CPE has sent all outstanding Response messages to the ACS;
The CPE MUST also consider a Session unsuccessfully terminated if it has received no HTTP response from an ACS for a locally determined time period of not less than 30 seconds. If the CPE fails to receive an HTTP response, the CPE MUST NOT attempt to retransmit the corresponding HTTP request as part of the same Session. |
|
|
Term
| What is the requirement on the Session handling for unexpectedly closed sessions? |
|
Definition
| The CPE must retry the session. |
|
|
Term
| What are the requirements for operations requiring reboot? |
|
Definition
| CPE must reboot only after the session has been cleanly terminated. |
|
|
