XMPP Connection Request Mechanism

There’s one caveat to ConnectionRequests - they require that the CPE can be reached by the ACS over HTTP. For endpoints that may reside behind a Gateway, this is not the case, thanks to Network Address Translation or Firewall rules. To get around this, TR-069 Annex K defines a way to perform Connection Requests over XMPP.

To enable the XMPP Connection Request feature on the CPE, the ACS first configures a new XMPP.Connection object in CPE’s XMPP interface object. This connection is then set as a reference in the ConnReqXMPPConnection parameter in the ManagementServer object of the Device’s data model. The ACS can also set the list of allowed JabberIDs in the ConnReqAllowedJabberID parameter. The “from” ID that the ACS uses in its XMPP messages must match one of these JabberIDs in order to be accepted by the CPE.

If the CPE is already set up with a known XMPP server for Connection Requests, this step can be omitted.

The ACS establishes, or has established, a connection to an XMPP server and establishes a secure XML stream. The CPE establishes a connection with the XMPP server and establishes a secure XML stream, and gets its JabberID from the server.

The CPE lists its this Jabber ID in the ConReqJabberID parameter, and must ensure matches the JabberID parameter in the XMPP.Connection object. This parameter defaults to active notification, so the ACS can learn it in a different session or request it with GetParameterValues.

From this point forward, the ACS can use XMPP to “chat” with the CPE and send an XMPP Connection Request to the CPE.

This XMPP Connection Request consists of an XMPP IQ stanza containing elements for the Connection Request Username and Connection Request Password assigned to the CPE.

Once sent, the CPE confirms the request with an empty XMPP IQ stanza.

Once successful, the CPE then begins a CWMP session with the ACS currently assigned in the ManagementServer.URL parameter. CWMP then continues as normal.

If there’s a problem, or the CPE is handling excessive requests similar to those described in HTTP connection requests, the CPE can send an IQ stanza with the appropriate error type element.

If the XMPP Connection Request cannot be authenticated, the CPE uses the “not authorized” error code.


Building or deploying TR-069?

Develop your solution even faster with the industry standard in automated, expert testing.

Learn more