CDRouter BBF.069 User Guide

Introduction

The CDRouter BBF.069 expansion contains the official test cases for the Broadband Forum’s BBF.069 certification program for TR-069 enabled devices.

Please see the following resources for more information on the BBF.069 certification program, requirements, and application process:

Test Methodology

The Broadband Forum’s TR-069 Abstract Test Plan (ATP-069) defines all of the test cases included in the BBF.069 certification program. Issue 2 Corrigendum 1 is the latest version and is available here:

CDRouter’s BBF.069 expansion includes individual test modules for each major functional area covered by ATP-069. CDRouter BBF.069 test case summaries are available here:

Mandatory Versus Conditional Tests

ATP-069 designates certain test cases as “Mandatory” or “Conditionally Mandatory” for the purposes of the BBF.069 certification program. These designations are provided within the description section of the test case, but they do not have any meaning within CDRouter and are not used by CDRouter when selecting or executing tests.

Automated Versus Manual Testing

Most of the CDRouter BBF.069 test cases are fully automated and can be run together in one package. However, some of the tests require some sort of manual intervention during the test execution in order for the test to complete successfully. This will be indicated in the “Test Execution Type:” section of test case description. Tests labeled as “Manual” will provide details of what actions the user must perform when running these tests.

Manual testing is assisted through the use of CDRouter’s built-in pause mode which will automatically pause a test at specific points and prompt the user for manual interaction. CDRouter will automatically skip “Manual” tests if pause mode has not been enabled.

CDRouter’s pause mode can be enabled by checking off the "Pause between each test case" option when creating or modifying a test package. Alternatively, pause mode can be enabled by adding the -pause option to the “Additional CLI arguments” field.

For more information on enabling pause mode, please see this Knowledge Base article.

The table below lists all BBF.069 “Manual” tests that require CDRouter’s “pause mode” in order to run.

Manual Tests

Test Name Description
5_001_DHCPv4_ACS_discovery ACS Discovery Using DHCPv4
5_002_DHCPv6_ACS_discovery ACS Discovery Using DHCPv4
5_003_DHCPv4_ACS_rediscovery ACS rediscovery Using DHCPv4
5_004_DHCPv6_ACS_rediscovery ACS Rediscovery Using DHCPv6
5_005_DHCPv4_Inform_retry DHCP Retry to the DHCPv4 Server
5_006_DHCPv6_Inform_retry DHCP Retry To The DHCPv6 Server
5_011_Same_mechanism_after_factoryReset Connection To ACS Uses Same Mechanism After Factory Reset
5_012_DHCPv4_null_term_URL Handling Null Terminated ACS URL Obtained From DHCPv4 Server
5_013_DHCPv6_null_term_URL Handling Null Terminated ACS URL Obtained From DHCPv6 Server
5_016_ACS_URL_mod_3rd_party ACS URL Change On The DUT By Third Party Means
5_018_event_discard_after_bootstrap Event Discard After Bootstrap Inform
5_066_SPA_Active_notif SetParameterAttributes - Active Notifications
5_069_SPA_complete_path_passive_notif SetParameterAttributes - Passive Notification - Complete Path
5_070_SPA_partial_path_passive_notif SetParameterAttributes - Passive Notification - Partial Path
5_071_SPA_complete_partial_path_passive_notif SetParameterAttributes Passive Notification Complete and Partial Path
5_072_SPA_disable_notif SetParameterAttributes Disable Notification
5_089_factoryReset FactoryReset
5_099_no_inform_ip_address_change No Inform On Reconnect With No IP Address Change
5_100_enable_cwmp_to_false EnableCWMP Set To False
5_105_default_active_notification_throttle DefaultActiveNotificationThrottle Throttles Active Notifications

Reboot Test

Test 5_079_Manual_Reboot requires that the DUT be rebooted by a mechanism other than TR-069. Use RestartDut and cpeRebootMode to configure the DUT to be rebooted automatically or manually with a prompt. See the CDRouter User Guide for more information.

Requirements and License

CDRouter BBF.069 is an expansion for CDRouter that is purchased separately. It requires a base license of CDRouter along with the CDRouter TR-069 expansion. Please contact sales@qacafe.com for pricing and purchase information.

Configuration

In previous versions of the BBF.069 expansion, these testvars were contained in a separate file and had to be manually added to the CDRouter config file.

New config files created by CDRouter will always contain the latest testvars available. However, if you are upgrading from a previous version of the BBF.069 expansion, you will need to upgrade your existing config file using the Upgrade button in CDRouter’s config editor to automatically add the BBF.069 testvars, as well as any other newly-added testvars that may be missing from your config.

See the “How do I upgrade a config file?” Knowledge Base article for more details on updating your config file.

It is important to note that the testvars required by previous versions of the BBF.069 expansion are now obsolete. In CDRouter 10.3.6 and newer versions, these tests have been updated to use testvars that already exist within CDRouter wherever possible. A smaller and completely different set of 'bbf069' testvars has been introduced to supersede the testvars used in previous versions of the expansion.

The new BBF.069 testvars can be found in the 'CDRouter BBF.069 Expansion' section of the config file.

SECTION "CDRouter BBF.069 Expansion" {

    # testvar supportsBBF069                   yes

    SECTION "General" {

        SECTION "ACS URL" {

            # testvar bbf069ACSURL                     http://acs1.broadband-forum.org
            # testvar bbf069AlternateACSURL            http://acs2.broadband-forum.org

        }

        SECTION "Security Certificates" {

            # testvar bbf069AlternateAcsCertPath       /usr/cdrouter/tests/bbf.069/Security_Certificate/acs2/CDRouter_acsCaCert.pem
            # testvar bbf069AlternateAcsCaCertPath     /usr/cdrouter/tests/bbf.069/Security_Certificate/acs2/CDRouter_acsCaCert.pem
            # testvar bbf069InvalidCertPath            /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1invalid/CDRouter_acsCert.pem
            # testvar bbf069InvalidCACertPath          /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1invalid/CDRouter_acsCaCert.pem
            # testvar bbf069AncientCertPath            /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1expired/CDRouter_acsCert.pem
            # testvar bbf069AncientCACertPath          /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1expired/CDRouter_acsCaCert.pem

        }

        SECTION "HTTP Verification" {

            # testvar bbf069HTTPVerification           no

        }

    }

    SECTION "Device Specific" {

        SECTION "General" {

            # testvar bbf069RootDataModel              InternetGatewayDevice
            # testvar bbf069SupportedRPCs              "GetRPCMethods SetParameterValues GetParameterValues GetParameterNames SetParameterAttributes GetParameterAttributes AddObject DeleteObject Reboot Download"
            # testvar bbf069UnsupportedRPC             ChangeDUState
            # testvar bbf069UploadType                 "1 Vendor Configuration File"
            # testvar bbf069ExpectedUpgradeTime        100

        }

        SECTION "Data Model" {

            # testvar bbf069AddDeleteObject            InternetGatewayDevice.WANDevice.1.WANConnectionDevice.1.WANIPConnection.1.PortMapping.

            # testvar bbf069ActiveParam                InternetGatewayDevice.ManagementServer.PeriodicInformInterval
            # testvar bbf069ActiveParamType            unsignedInt
            # testvar bbf069ActiveParamValue           60

            # testvar bbf069CompletePath1              InternetGatewayDevice.ManagementServer.PeriodicInformInterval
            # testvar bbf069CompletePath1Type          unsignedInt
            # testvar bbf069CompletePath1Value         73

            # testvar bbf069CompletePath2              InternetGatewayDevice.ManagementServer.PeriodicInformEnable
            # testvar bbf069CompletePath2Type          boolean
            # testvar bbf069CompletePath2Value         true

            # testvar bbf069PartialPath                InternetGatewayDevice.ManagementServer.
            # testvar bbf069PartialMultiPath           InternetGatewayDevice.LANDevice.
            # testvar bbf069PartialMultiPathEmpty      InternetGatewayDevice.WANDevice.1.WANConnectionDevice.1.WANIPConnection.1.PortMapping.
            # testvar bbf069PartialPathEmpty           InternetGatewayDevice.WANDevice.1.WANConnectionDevice.1.WANIPConnection.1.PortMapping.

            # testvar bbf069InvalidPath                InternetGatewayDevice.ManagementServer.PeriodicInformInterv
            # testvar bbf069InvalidPathType            unsignedInt

            # testvar bbf069UnwritablePath             InternetGatewayDevice.DeviceInfo.Manufacturer
            # testvar bbf069UnwritableType             string
            # testvar bbf069WritableString             InternetGatewayDevice.Time.NTPServer1

        }

    }

}

When upgrading your config file, any obsolete testvars will automatically be placed under the 'Miscellaneous Testvars' section of the config file since they are no longer recognized or used. Although these testvars can safely be deleted, you may wish to keep them in your config file in case you ever need to downgrade and return to an older version of the BBF.069 tests that requires them.

SECTION "Miscellaneous Testvars" {

    # - Obsolete testvars from previous versions of BBF.069 expansion
    testvar _unh_dhcp_inform_timeout 300
    testvar acs_pm_accessList {}
    testvar acs_pm_accessListChange 0
    testvar acs_pm_active_notify 2
    testvar acs_pm_notifyChange 1
    testvar acs_pm_path Device.ManagementServer.PeriodicInformInterval
        :
        :

}

Testvar Default Values

Certain BBF.069 specific testvars are data model specific and must be properly configured based on the root object and data model supported by the DUT.

By default all BBF.069 data model specific testvars have been defined for the InternetGatewayDevice:1 root object model. These testvars can be easily updated to support the Device:2 root object model instead by setting the testvar bbf069RootDataModel to a value of Device and then clicking on the “Upgrade Config” button.

Reasonable default values have been chosen for both InternetGatewayDevice:1 and Device:2 implementations. Some DUTs may not support all default values. In these cases the configuration should be modified to reference objects and parameters that are supported by the DUT.

Please contact support@qacafe.com for assistance in selecting the appropriate testvar values for older Device:1 DUTs.

Required testvar Settings and DUT Configuration

In order for the CDRouter BBF.069 tests to run properly, you must configure the DUT with the correct TR-069 parameters so that it can successfully connect to CDRouter’s ACS.

For most setups, the DUT should be configured with the following settings:

DUT TR-069 (CWMP) Setting Value
ACS URL http://acs1.broadband-forum.org/
ACS Username qacafe
ACS Password qacafe123

Your CDRouter config file should also contain the following testvar settings to allow the DUT to connect and establish CWMP sessions:

testvar supportsCWMP                     yes
testvar acsDomain                        acs1.broadband-forum.org
testvar acsIp                            6.0.0.1
testvar acsTransport                     http
testvar acsPort                          80
testvar acsDiscoveryUrl                  none
testvar tr69InformTimeout                300
testvar tr69MinPeriodicInform            120

testvar bbf069ACSURL                     http://acs1.broadband-forum.org   (must match dnsHostname1)
testvar bbf069AlternateACSURL            http://acs2.broadband-forum.org   (must match dnsHostname2)

testvar dnsHostname1                     acs1.broadband-forum.org
testvar dnsIp1                           6.0.0.1                           (must be same as acsIp)
testvar dnsHostname2                     acs2.broadband-forum.org
testvar dnsIp2                           6.0.0.2                           (must be different from acsIp)

These settings represent the minimum required configuration needed to start running the Mandatory-Automated test module.

SSL/TLS Testing Configuration

Some additional settings are necessary to enable the use of secure SSL/TLS connections between the DUT and ACS. Secure connections are required in order to run the optional Secure_CWMP.tcl test module.

DUT TR-069 (CWMP) Setting Value
ACS URL https://acs1.broadband-forum.org/ 
testvar supportsCWMP                     yes
testvar acsDomain                        acs1.broadband-forum.org
testvar acsIp                            6.0.0.1
testvar acsTransport                     https
testvar acsPort                          443
testvar acsDiscoveryUrl                  none
testvar tr69InformTimeout                300
testvar tr69MinPeriodicInform            120
testvar acsSslVersion                    tls
testvar acsCertPath                      /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1/CDRouter_acsCert.pem
testvar acsCaCertPath                    /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1/CDRouter_acsCaCert.pem
testvar acsDownloadCertPath              /usr/cdrouter/tests/acs-download.cdroutertest.com.pem
testvar acsDownloadCaCertPath            /usr/cdrouter/tests/acs.cdroutertest.com-ca.pem

testvar bbf069AlternateAcsCertPath       /usr/cdrouter/tests/bbf.069/Security_Certificate/acs2/CDRouter_acsCert.pem
testvar bbf069AlternateAcsCaCertPath     /usr/cdrouter/tests/bbf.069/Security_Certificate/acs2/CDRouter_acsCaCert.pem
testvar bbf069InvalidCertPath            /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1invalid/CDRouter_acsCert.pem
testvar bbf069InvalidCACertPath          /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1invalid/CDRouter_acsCaCert.pem
testvar bbf069AncientCertPath            /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1expired/CDRouter_acsCert.pem
testvar bbf069AncientCACertPath          /usr/cdrouter/tests/bbf.069/Security_Certificate/acs1expired/CDRouter_acsCaCert.pem

testvar bbf069ACSURL                     http://acs1.broadband-forum.org   (must match dnsHostname1)
testvar bbf069AlternateACSURL            http://acs2.broadband-forum.org   (must match dnsHostname2)

testvar dnsHostname1                     acs1.broadband-forum.org
testvar dnsIp1                           6.0.0.1                           (must be same as acsIp)
testvar dnsHostname2                     acs2.broadband-forum.org
testvar dnsIp2                           6.0.0.2                           (must be different from acsIp)

(Note: in previous versions of the BBF.069 expansion, ACS certificates were located in the “/usr/cdrouter/vendor/IOL/BBF.069/Security_Certificate” directory)

The SSL test module includes seven optional automated test cases. Although this test module is automated, different configurations are required for some of the test cases. As a result, multiple test packages must be created for each of the three required configurations and run sequentially.

Test Case Description
commonName_validation Common Name Certificate Validation
connection_SSL Connection Establishment using SSL 3.0
connection_TLS Connection Establishment using TLS
rejection_SSL Rejection of Invalid certificate
redirect_HTTPS_matching_certificate HTTP Redirection HTTPS with URL Matching Certificate
redirect_HTTPS_mismatched_certificate HTTP Redirection HTTPS with URL/Certificate Mismatch
certificates_used_no_ntp Use of Certificates In The Absence Of NTP

The UNH-IOL has provided a number of self signed certificates for BBF.069 SSL testing. These certificates are installed in the following directory:

/usr/cdrouter/tests/bbf.069/Security_Certificate/

Each ACS that is used during the BBF.069 test cases has it’s own sub-directory where the server, intermediate, and root CA certificates are located. The server certificate and private key for each ACS are contained in the CDRouter_acsCert.pem file within the appropriate sub-directory. Likewise, the intermediate and root CAs are located in the CDRouter_acsCaCert.pem file. During the SSL handshake process the ACS will provide both the server certificate and intermediate CA to the DUT.

If you have issues with SSL, please refer to this Knowledge Base article for some helpful tips.

XMPP Connection Requests

If the DUT supports XMPP connection requests (as described in Annex K of the TR-069 Amendment 6 specification), the following configuration changes must be made.

DUT TR-069 (CWMP) Setting Value
Connection Request Mode XMPP
Username qacafe
Resource cdrouter
Password qacafe123 
testvar acsDeviceDiscovery         yes
testvar acsSupportsXmppConnReq     yes
testvar acsXmppConnReqUsername     qacafe
testvar acsXmppConnReqResource     cdrouter
testvar acsXmppConnReqPassword     qacafe123
testvar acsXmppConnReqUseTls       yes

Download Testing

The tests in the BBF.069 Download.tcl module verify the the DUT can successfully handle Download RPC requests from the ACS to download and install new firmware. CDRouter provides these firmware images through a virtual download server that it creates at the start of each test.

Two firmware images are required for most tests. One image must be the same firmware version that the DUT is running at the start of the test (the “original” image), while the other image must be a different version that the DUT “upgrades” (or “downgrades”) to. The firmware version number for each image must be available in the Device.DeviceInfo.SoftwareVersion parameter reported by the DUT, as these tests will use this value to determine whether the DUT has successfully loaded the requested firmware image.

The following two testvars specify the path to the firmware images on the CDRouter system.

testvar tr69DownloadImage                /path/to/image
testvar tr69DownloadOriginalImage        /path/to/original_image

Note: These testvars are located in the CDRouter TR-069 Expansion section of the config file and are shared by other TR-069 tests.

Upload Testing

The optional Upload.tcl test module is designed to verify the DUT’s config file upload functionality using the Upload RPC. This is a fully automated test module covering a variety of Upload scenarios to a virtual server that CDRouter creates at the beginning of each test case.

In order to run any Upload tests, the following testvar must be set to “yes” to indicate that the DUT supports the Upload RPC:

testvar tr69UploadRPC                    yes

By default, the ACS will request the DUT to upload its config file, which will be placed in the /tmp directory of the CDRouter system. However, the following testvars can be used to change the upload location or request the DUT to upload its log file instead:

testvar tr69UploadPath                   /tmp
testvar bbf069UploadType                 "1 Vendor Configuration File"

Note: The tr69UploadPath testvar is located in the CDRouter TR-069 Expansion section of the config file and is shared by other TR-069 tests. However, the tr69ConfigUploadFilename and tr69LogUploadFilename testvars found in that section are not used by the BBF.069 Upload.tcl module.