Technical Specs
Table Of Contents
- Cisco Connected Grid WPAN Module for CGR 1000 Series Installation and Cisco Resilient Mesh Configuration Guide (Cisco IOS)
- Cisco Connected Grid WPAN Module for CGR 1000 Series Installation and Cisco Resilient Mesh Configuration Guide (Cisco IOS)
- Hardware Overview
- WPAN Antennas, Connectors, and Cables
- Installing and Removing the Module
- Technical Specifications
- Information About Cisco Resilient Mesh and WPAN
- Configuring Cisco Resilient Mesh and the WPAN Module
- Configuring the WPAN Interface
- Configuring the CGM WPAN OFDM Module
- Configuring Adaptive Modulation
- Configuring Group Multicast
- Configuring RPL
- Configuring IPv6
- Configuring PON RPL
- Configuring the Power Outage Server
- Configuring QoS
- Configuring Cisco Resilient Mesh Security
- Configuring IPv6 Multicast Agent
- Configuring Dual-PHY WPAN
- Configuring DTLS Relay for EST
- Configuring Wi-SUN Mode
- Verifying Connectivity to the CGR
- show Command Examples
- Debugging the WPAN Module
- Sample Router Configuration
- Sample CGR and ASR Configuration
- Checking and Upgrading the WPAN Firmware Version
- Related Documentation
- Obtaining Documentation and Submitting a Service Request
Compromised Node Eviction
A compromised node is one where the device can no longer be trusted by the network and/or operators. Nodes within an IEEE
802.15.4 PAN must possess the currently valid Group Temporal Key (GTK) to send and receive link-layer messages. The GTK is
shared among all devices within the PAN and is refreshed periodically or on-demand. By only communicating new GTKs to trusted
devices, compromised nodes might be evicted from the network.
Cisco Resilient Mesh Security Warm Boot vs. Cold Boot
Authentication for Cisco Resilient Mesh security behaves differently between a warm-boot versus a cold-boot:
• A warm boot is when the meter has a working key, in which case authentication has already been established and the meter joins
the mesh quickly.
• A cold boot is when the meter has not yet been authenticated because it is the first time the meter has been authenticated or the
meter key has expired.
Dual-PHY WPAN
In a CGR configured with dual-WPAN interfaces, the Dual-PHY WPAN feature enables a WPAN to operate as a slave of a master
WPAN. A master WPAN is the same as a regular independent WPAN. Only one slave WPAN can be attached to a master WPAN.
The Dual-PHY WPAN feature applies to the CGR IOS release only.
Note
Only the master WPAN has an RPL tree; the slave WPAN has an RPL tree with zero entries. All mesh nodes obtain the IPv6/RPL
prefix of the master WPAN. The IPv6/RPL prefix, as well as RPL configurations on the slave WPAN, are ignored. A slave WPAN
does not send RPL DODAG Information Object (DIO) messages. Conceptually, the slave WPAN acts only as a NIC at the MAC
and PHY layer.
From the point of view of the CGR and IoT FND, all IPv6 and 802.1x/mesh-security traffic flows only through the master WPAN;
however, it is correctly routed at the lower layer to the actual master or slave interface. The CGR sees all power outage notification
(PON) and power restoration notification (PRN) traffic as flowing only through the master WPAN, even though it may have come
from different master or slave interfaces. All traffic statistics are reported under the master WPAN. All non-WPAN commands (ping,
traceroute, show interface, etc.) work through the master IPv6 prefix.
The master WPAN shows the link neighbor table for nodes sensed by the master WPAN, and the slave WPAN shows the link neighbor
table for nodes sensed by the slave WPAN.
The two WPANs can be mix of RF and PLC. SSIDs do not need to be identical on both WPANs. However, different PANIDs should
be configured on each WPAN.
See Configuring the Dual-PHY Master-Slave Relationship, on page 42 for configuration information.
Configuring Cisco Resilient Mesh and the WPAN Module
IoT FND provides the user interface for all Cisco Resilient Mesh configuration and management.
Cisco Resilient Mesh has no CLI and no graphical user interface for configuration or management.
All configuration and management occur only by using IoT FND through the CGR Series WPAN module by using Cisco IOS software
commands (Release 15.4(2)CG and greater).
26
REVIEW DRAFT - CISCO CONFIDENTIAL