TR-069 setup in OpenWrt

Hello openwrt , i still have some problems in setting up the IPTV into my OpenWRT Router . As i understood my ISP is getting me IPTV connections through some TR-069 settings that are these:

Hoe can i put these setups on my OpenWRT router? Throught PPPoE connection instead of WAN?

The short answer is, you can't.

cwmp is a TR-069 implementation developed for -but outside of- OpenWrt, should you opt to decide going that route, you'd be pretty much on your own to get that working - but, in general, if you manage to get cwmp working, you wouldn't have had many issues to get IPTV working without that either.

The long answer, why would you want to give anyone -including your ISP- root rights on your personal router, for them to do as they like - which is exactly what TR-069 does. I understand why ISPs might want that for their branded devices, but as a customer I'd go ballistic about that idea.

That isn't strictly true.

The only data the ISP can get from your router is what cwmp is programmed to send. And they can only alter data the cwmp accepts. They never get root rights to your router.

And TR-069 is the protocol used to send the data back and forth to the ACS server, not the whole package needed to make this work.

I've done a bunch of work with cwmp and, in it's basic form, has a real limit on the data it sends and the data it will receive. The biggest concern I have with it is can allow changing configuration remotely and flashing new firmware. But only if the router-side package allows it.

root or not is a bit of a semantics game, at the very least you lose the hard firewall between WAN and LAN networks, as the ISP can exfiltrate data after reconfiguring the network settings (which is the only real reason to enable TR-069 in the first place, the auto-configuration part, officially not the exfiltration possibilities) - and yes, with the ability to flash the firmware, anything goes (including a very high chance of a hard bricking).

I know I wouldn't want this on a router supplied by a large ISP as that is a recipe for disaster. Having them flash my router remotely is not on my list of things my ISP should do. Or have any ability to look at my data on the router.

The official reason that would be given, of course, is so they could roll out updates without the user doing anything. And for Tech Support to work on any problem you may have. Like I'd let those ham handed techs on my router.

But I don't see this a problem in the router world as very few ISP would want the extra hassle of maintaining a different database for all their customers just so they could upgrade the router. They don't seem to really care about updating much of anything.

TR069 is big in the world of industrial equipment for remote work but routers not so much. Mikrotik includes it in their firmware so you can set up an ACS for yourself. Other than that I don't know of a manufacturer adding it.

I deal with a lot of what we call Rural ISP who supply routers and modems to people in rural areas so they can use cellular Internet. You'd be surprised at how many there are in the USA alone. And only one has asked about a TR069 system for the routers.

Lack of interest is why cwmp is the only TR069 package for OpenWrt and it is broken as it stands. It is an easy fix but no one is interested enough to officially do it. Including me.

TR-069 is based on the client (customer endpoint) pulling configuration from a server, so the client has security over what is allowed to be controlled.

If you can go through the ISP router configurations and see how it has been configured, you can just duplicate those settings on OpenWrt. Or find out from the ISP the VLANs etc used for IPTV.