Technical Report 111 (TR-111) allows the remote management of home networking devices through NAT traversal mechanisms, as defined in TR-069 Annex G. The TR-111 parameters defined in DGW allows the activation and configuration of a STUN server, so devices behind a NAT can be reached.
This document specifies two mechanisms that extend the CPE WAN Management Protocol defined in TR-069 to enhance the ability to remotely manage devices that are connected via a LAN through an Internet gateway.
The two mechanisms specified in TR-111 are “Device-Gateway Association” and “Connection Request via NAT Gateway“. These mechanisms are independent of each other, a device that supports “Device-Gateway Association” does not need to support “Connection Request via NAT Gateway“. These two mechanisms are summarized as follows:
- Device–Gateway Association – Allows an ACS (Auto-Configuration Server) managing a device to identify the associated gateway through which that device is connected.
- Connection Request via NAT Gateway – Allows an ACS to initiate a TR–069 Session with a device that is operating behind a NAT gateway.
When an ACS (Auto-Configuration Server) manages both a Device and the Gateway through which the Device is connected, it can be useful for the ACS to be able to determine the identity of that Gateway. TR–069 as currently defined does not specify a means by which the ACS could make this determination. Device–Gateway Association defines an extension to TR-069 that allows an ACS to determine the identity of the Gateway through which a given Device is connected.
When an ACS manages a Device connected via a NAT Gateway (the Device is allocated a private IP address), TR–069 can be used for management of the Device, but with the limitation that the Connection Request mechanism defined in TR–069 that allows the ACS to initiate a Session cannot be used. Connection Request via NAT Gateway defines an extension to TR-069 that allows an ACS to initiate a Session with a device that is operating behind a NAT Gateway. Connection Request via NAT Gateway does not assume that the Gateway through which the Device is
connected supports TR-069. This mechanism requires support only in the Device and the associated ACS.