summaryrefslogtreecommitdiff
path: root/2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.adoc
blob: 97c6f489e6f43db4fd023577c5666be0d17ba538 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
TCP/IP is Boring: Tour of Cellular Protocol Stacks
==================================================
:author:	Harald Welte <laforge@gnumonks.org>
:copyright:	2017 by Harald Welte (License: CC-BY-SA)
:backend:	slidy
:max-width:	45em


== Overview / Intro

[role="incremental"]
* everyone (here) is familiar in-depth with TCP/IP
* almost nobody (here) has insight into telecom protocols
* let me take you on a tour
[role="incremental"]
** where protocol stacks are deep
** where acronyms are plentiful
* some people also call this _applied protocol archeology_
* a lot of this is still in use, every day, by millions if not billions of subscribers

== Personal Background

* involved in non-profit ISP of early 1990ies
** built a lot of technology ourselves
** contact with UUCP, TCP/IP, OSPF, PPP, ISDN PRI/BRI, ...
* involved with netfilter/iptables 1999-2007
* always looking for interesting non-TCP/IP protocols
** 2006: OpenPCD / librfid: ISO14443 / ISO15693 RFID protocols
** 2008-present: Cellular Protocol Stacks

== Personal Philosophy

* communications systems and protocols are a big fascination
* I admit I'm even interested more in them for themselves, rather than
  for their use
* Personal conviction
** Every protocol (stack) should be well understood
** There should be FOSS for experimentation
*** transmitter
*** receiver
*** dissector (e.g. wireshark)

== The Internet-Centric World

I assume this is where most audience members are coming from:

* We assume TCP/IP + Ethernet are everywhere
* Most obscure protocols people might know: SCTP, DCCP
* Open Source implementations lead the market (Linux, BSD)
* IETF is open to anyone, no formal membership required
** you still need to be able to afford to travel to meetings

== Classic Digital Circuit Switched Telephony

* Based on 8kHz / 8bit PCM audio channels
* E1/T1 bit-synchronous interfaces (1.5/2MBps) 
* TDMA structure with 24/31 timeslots
* one 64k slot used for signaling
** HDLC framing (with CRC)
** MTP (_Message Transfer Part_) L2 + L3
** TUP (_Telephony User Part_) or ISUP (_ISDN User Part_) for call signaling

== Telephony Specification Bodies

* ITU-T: Technical ITU Specs for international network interfacing
* ANSI: American National Standards Institute
* ETSI: European Telecommunications Standardization Institute
* TTC: Japanese Telecommunication Technology Committee
* 3GPP: 3rd Generation Partnership Project


== Telephony Signaling Oddities

* Many countries/regions have their own dialects
** Even inside ETSI region, there are e.g. French + German variants(!)
* Differences even at very basic level such as address field size:
** ANSI: 24bit Point Codes
** ITU-T: 14bit Point Codes
** Japan: 16bit Point Codes

=> Specific Translators required at boundaries between national/international networks

== Conceptual Differences

* Circuit vs. Packet
** In TCP/IP, we assume sender/receiver is identified in each packet
** In Cellular: Sender/Receiver are often implicitly identified based on circuit / time-slot!
* Signaling vs. User Plane
** In TCP/IP, we assume user payload is above normal protocol stack
** In Cellular: Different protocol stacks, or no protocol / header at all for user plane!

== GSM Um
image::images/Gsm_structures.svg[]
~image by Tsaitgaist~

== Cellular Protocols: GSM Um

* Um (_U mobile_) modelled after ISDN U (User) interface
* L2: LAPDm (_LAPD mobile_) modelled after ISDN LAPD (Q.921)
* L3: CC (_Call Control_) almost identical to ISDN L3 (Q.931)
* L3: New RR (_Radio Resource_) for radio-specific aspects
* L3: New MM (_Mobility Management_) for subscriber mobility

== GSM Abis
image::images/Gsm_structures.svg[]
~image by Tsaitgaist~

== Cellular Protocols: GSM Abis

* Uses E1/T1 Line/Circuit from ISDN
* Signaling Slot
** L2: ISDN L2 (LAPD, Q.921)
** L3: RSL (TS 48.058) + OML (TS 12.21)
** L4+ RR/CC/MM of Um interface
* Traffic Slots
** 64k Slots divided in 16k sub-slots
** one 16k sub-slot for GSM-encoded voice
** TRAU (_Transcoder / Rate Adaption Unit_) Frames

== GSM A
image::images/Gsm_structures.svg[]
~image by Tsaitgaist~

== Cellular Protocols: GSM A

* Uses E1/T1 Line/Circuit from ISDN
* Signaling Slot
** SS7 MTP2 + MTP3
** SS7 SCCP (_Signaling Connection Control Part_) in Connection-Oriented Mode
** BSSAP/BSSMAP for BSC-MSC signaling (TS 48.008)
* Traffic Slots
** Uncompressed 64k PCM Audio like in ISDN

== GSM Core (H/E etc.)
image::images/Gsm_structures.svg[]
~image by Tsaitgaist~

== Cellular Protocols: Core Network / Roaming Interface

* Uses E1/T1 Line/Circuit from ISDN
* Cellular specific Signaling
** SS7 MTP2 + MTP3
** SS7 SCCP (_Signaling Connection Control Part_) in Connection-Less Mode
** TCAP (_Transaction Capabilities Application Part_)
** MAP (_Mobile Application Part_) + CAP (_CAMEL Application Part_)
*** specified in ASN.1 with Information Object Classes; BER encoding
* Voice Call Signaling
** SS7 MTP2 + MTP3
** SS7 ISUP (_ISDN User Part_)
* Traffic Slots
** Uncompressed 64k PCM Audio like in ISDN

== Cellular Protocols: SIM-ME Interface

* Pretty much like most other processor smart cards:
** ISO 7816-1 for physical interface
** ISO 7816-2 for electrical interface
** ISO 7816-3 for framing
** ISO 7816-4 _Inter-Industry Commands for Information Interchange_
* GSM TS 11.11 for detailed file/directory/APDU specs
* ETSI TS 102221 + 3GPP TS 31.102 for USIM

== Cellular Protocols: GPRS Um

* re-use existing GSM Um PHY
** same TDMA, modulation, ...
** new coding schemes (different amount of FEC, TS 45.002)
* L2: New RLC/MAC instead of LAPDm (TS 44.060)
** unacknowledged + acknowledged mode
** specified in new syntax: CSN.1 (Concrete Syntax Notation)
*** seems it was create specifically for GPRS
*** specification full of non-trivial syntax errors (till today!)
*** no FOSS code generators (till today!)
* L3: GPRS LLC (_Logical Link Control_, TS 44.064)
** unacknowledged + acknowledged mode
* L3: GPRS SNDCP (_Sub-Network Dependent Convergence Protocol_, TS 44.065)
* User-IP (or PPP) inside SNDCP

== GPRS Gb
image::images/Gsm_structures.svg[]
~image by Tsaitgaist~

== Cellular Protocols: GPRS Gb

* Between PCU (Protocol Control Unit) and SGSN (Serving GPRS Support Node)
* Classic Transport
** E1/T1 physical layer
** L2: Frame Relay
* Modern Transport
** IP + UDP replace E1/T1 + FR, or
** FR over GRE over IP
* L3: NS (_Network Services_, TS 48.016)
* L3: BSSGP (_BSS Gateway Protocol_, TS 48.018)
* Above: GPRS LLC as on GPRS Um interface

== GPRS Gp
image::images/Gsm_structures.svg[]
~image by Tsaitgaist~

== Cellular Protocols: GPRS Gp

* Between SGSN (Serving GPRS Support Node) and GGSN (GPRS Gateway Support Node)
* IP as transport layer (yay!)
* GTP (_GPRS Tunneling Protocol_, TS 29.060)
* User-IP traffic inside GTP

== GPRS Control Plane

image::images/gprs_control_stack.svg[width="100%"]

== GPRS User Plane

image::images/gprs_user_stack.svg[width="100%"]

== Cellular Protocols: UMTS (aka WCDMA aka 3G)

* Uu interface on radio: Completely new
* Iub interface NodeB -> RNC: Completely new
** RRC protocol: ASN.1; UPER encoding
* Iu-CS interface RNC -> MSC
** SS7 E1/MTP2/MTP3 (or MTP3b via ATM)
** SS7 SCCP Connection-Oriented
** RANAP (RAN Application Part): ASN.1; APER encoding
* Iu-PS interface RNC -> SGSN
** like Iu-CS above

== UMTS PS Control Plane

image::images/umts_ps_control.svg[width="100%"]

== UMTS PS User Plane

image::images/umts_ps_user.svg[width="100%"]

== Evolution towards IP Transport

* 1999-2007: IETF SIGTRAN WG
** Transmission of Signalling over IP
** SCTP as reliable transport
** Not one, but many "competing" stacks on top
*** Result: Various incompatible products

image::images/sigtran_stackings.svg[width="100%"]

== Further Information

* http://osmocom.org/ contains FOSS implementations of
** GSM Um, Abis, A
** GPRS Gb, Gp, Gi
** UMTS IuCS, IuPS, Iuh

== EOF

End of File
personal git repositories of Harald Welte. Your mileage may vary