Cable Forum - View Single Post

Ignitionnet · 21-04-2010, 10:20

The issue is actually with a broken BPI+ implementation on the CMTS side causing the modem and the CMTS respective BPI+ state machines to go out of sync. The KSN only goes across the wire during BPI+ TEK state machine updates. A modem would have to send multiple TEK refresh requests within a very short period, milliseconds, for this to be due to upstream impediments.

Modems aren't disconnected via T3s / T4s, if they aren't properly authenticated and authorised their primary service flow would be de-authorised, reflected in the modem by a BPI+ state of 'denied'.

There is a grace period, default an hour, to mitigate modems being disconnected due to their BPI+ state machine falling out of sync with the CMTS.

Control messages, ranging requests, etc, are not encrypted by BPI+.

21-04-2010, 10:20	#95
Ignitionnet Inactive Join Date: Jun 2008 Location: Leeds, West Yorkshire Age: 47 Posts: 13,995	Re: Why I regret joining virgin media The issue is actually with a broken BPI+ implementation on the CMTS side causing the modem and the CMTS respective BPI+ state machines to go out of sync. The KSN only goes across the wire during BPI+ TEK state machine updates. A modem would have to send multiple TEK refresh requests within a very short period, milliseconds, for this to be due to upstream impediments. Modems aren't disconnected via T3s / T4s, if they aren't properly authenticated and authorised their primary service flow would be de-authorised, reflected in the modem by a BPI+ state of 'denied'. There is a grace period, default an hour, to mitigate modems being disconnected due to their BPI+ state machine falling out of sync with the CMTS. Control messages, ranging requests, etc, are not encrypted by BPI+.