From fca59bea770346cf1c1f9b0e00cb48a61b44a8f3 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sun, 25 Oct 2015 21:00:20 +0100 Subject: import of old now defunct presentation slides svn repo --- 2012/core_net-odc2012/section-core_network.tex | 282 +++++++++++++++++++++++++ 1 file changed, 282 insertions(+) create mode 100644 2012/core_net-odc2012/section-core_network.tex (limited to '2012/core_net-odc2012/section-core_network.tex') diff --git a/2012/core_net-odc2012/section-core_network.tex b/2012/core_net-odc2012/section-core_network.tex new file mode 100644 index 0000000..629cac1 --- /dev/null +++ b/2012/core_net-odc2012/section-core_network.tex @@ -0,0 +1,282 @@ +\section{The GSM core network} + +\subsection{GSM core network components} + +\begin{frame}{GSM core network components} + \begin{description}[MSC] + \item[MSC] (Mobile Switching Center): The central switch + \item[HLR] (Home Location Register): Database of subscribers + \item[AUC] (Authentication Center): Database of authentication keys + \item[VLR] (Visitor Location Register): For roaming users + \item[EIR] (Equipment Identity Register): To block stolen phones + \end{description} +\end{frame} + +\begin{frame}{GSM network structure} +\begin{description}[BTS] +\item[MSC] Actual call switching and top-level mobility functions. May serve dozens of location areas +\item[VLR] Temporary cache of subscriber data from HLR + TMSI +\item[HLR] Subscriber databases + subscriber location information +\item[AUC] Generation of authentication tuples +\item[SMSC] SMS Service Centre, store+forward for SMS +\end{description} +\end{frame} + +\begin{frame}{GSM core network integration} +\begin{itemize} + \item VLR often integrated into MSC + \item AUC often integrated with AUC + \item integration so common, many graphs/diagrams are actually +not 100\% correct +\end{itemize} +\end{frame} + +%\begin{frame}{GSM Network Structure} +%\includegraphics[width=100mm]{GSMNetwork.pdf} +%\end{frame} + +\begin{frame}{GSM network interfaces} + \begin{description}[A-bis] + \item[C] Interface between GMSC and HLR + \item[D] Interface between MSC and HLR + \item[E] Interface between MSC and MSC + \end{description} +All of them based on MAP, so C/D/E not commonly distinguished +\end{frame} + +\subsection{GSM core network protocols} + +\begin{frame}{core network protocol stack} +Traditional telephony based on SS7 / CS7, GSM too +\begin{itemize} + \item Lower layers (MTP2/MTP3) re-used + \item ISUP used for actual call control signalling + \item SCCP for routing / GTT + \item TCAP for transaction supprt + \item MAP for actual GSM related signalling +\end{itemize} +\end{frame} + +\begin{frame}{SS7 networks} +\begin{itemize} + \item STP - Signalling Transfer Point + \begin{itemize} + \item {\em Router} for SCCP + \item performs GTT (see below) + \end{itemize} + \item SCP - Signalling Control Point + \begin{itemize} + \item {\em End-node} like MSC/HLR + \item SCP has GT, PC, .. + \end{itemize} +\end{itemize} +\end{frame} + +\begin{frame}{SS7 addresses} +\begin{itemize} + \item Point Code (PC) + \begin{itemize} + \item typically unique within PLMN / country + \end{itemize} + \item Global Title (GT) + \begin{itemize} + \item world-wide unique address + \item translated into PC by GTT at STP + \end{itemize} + \item Subsystem Number (SSN) + \begin{itemize} + \item logical function address inside network (MSC, VLR, HLR, ...) + \item not used on international links + \end{itemize} +\end{itemize} +\end{frame} + +\begin{frame}{SS7 GTT (Global Title Translation)} +Global Title Translation +\begin{itemize} + \item can happen at any STP + \item translates a Destination GT into new destination address + \item new dest address can be any address, such as + \begin{itemize} + \item new global title (GT) + \item point code (PC) + \item sub-system number (SSN) + \end{itemize} + \item GTT rules explicitly configured by operator, e.g. + \begin{itemize} + \item prefix or range based match + \item (inter)nationalize numbering plan + \item add digits at beginning or end + \end{itemize} +\end{itemize} +\end{frame} + +\begin{frame}{SS7 physical layer} +\begin{itemize} + \item{classic SS7 signalling over TDM circuits} + \begin{itemize} + \item E1 timeslot (64kbps) + \item multiple E1 timeslots (N*64kbps) + \item MTP Level 2 / MTP Level 3 + \end{itemize} + \item modern networks use SIGTRAN + \begin{itemize} + \item IP as network layer replaces E1 lines + \item SCTP on top(no TCP/UDP!) + \item many different SIGTRAN stacking options + \end{itemize} + \item some vendor-proprietary protocols like SCCPlite +\end{itemize} +\end{frame} + +\begin{frame}{SIGTRAN stacking options} +SIGTRAN != SIGTRAN +\begin{itemize} + \item IP/SCTP/M2PA/MTP2/MTP3/SCCP/TCAP/MAP + \item IP/SCTP/M2UA/MTP3/SCCP/TCAP/MAP + \item IP/SCTP/M3UA/SCCP/TCAP/MAP + \item IP/SCTP/SUA/TCAP/MAP +\end{itemize} +\end{frame} + +\begin{frame}{SCCP} +SCCP takes care of +\begin{itemize} + \item Global Title based addressing + \item Global Title Translation + \item connection-oriented or connectionless semantics + \item GSM core network interfaces with MAP/CAP only use +connection-less UDT service +\end{itemize} +\end{frame} + +\begin{frame}{TCAP} +\begin{itemize} + \item Idea: decouple transaction logic from actual application + \item transaction semantics can be used by multiple higher-layer protocols + \item state machines on both sides maintained outside of application + \item protocol specified in ASN.1, BER encoding +\end{itemize} +\end{frame} + +\begin{frame}{MAP - Mobile Application Part} +\begin{itemize} + \item used between all classic GSM core network components + \item application protocol on top of TCAP + \item protocol specified in ASN.1, BER encoding +\end{itemize} +\end{frame} + +\begin{frame}{CAP - Camel Application Part} +\begin{itemize} + \item used for CAMEL entities (gsmSCF, gsmSSF, gprsSSF, gsmSRF) + \item application protocol on top of TCAP + \item protocol specified in ASN.1, BER encoding +\end{itemize} +\end{frame} + +\section{Roaming interfaces} + +\subsection{Roaming introduction} + +\begin{frame}{Introduction to Roaming} +Roaming enables subscribers to use other operators' networks +\begin{itemize} + \item Home Network is called HPLMN + \item Visited Network is called VPLMN + \item Roaming requres between HPLMN and VPLMN + \begin{itemize} + \item Roaming agreement (contract) + \item SS7 connectivity (ISUP/MAP/CAP) + \item IP connectivity (for packet data) + \end{itemize} +\end{itemize} +\end{frame} + +\begin{frame}{Roaming principle} +\begin{itemize} + \item MS, MSC, VLR and SGSN are in VPLMN + \item HLR, AUC, GMSC and GGSN are in HPLMN + \item they talk to each other via MAP, just like in non-roaming case + \item selection of HPLMN based on IMSI of subscriber + \item non-roaming caes: HPLMN == VPLMN +\end{itemize} +\end{frame} + +\begin{frame}{MVNO - Mobile Virtual Network Operators} +A MVNO setup is a special case of roaming +\begin{itemize} + \item MNO operates PLMN with RAN and CN + \item MVNO operates HPLMN without RAN (BSC/BTS) + \item MVNO subscribers always roam into MNO network +\end{itemize} +\end{frame} + +%\subsection{Roaming transactions} +%FIXME + +\subsection{Traditional Billing} + +\begin{frame}{Traditional Billing} +Initially, GSM was designed for business users +\begin{itemize} + \item Billing was always post-paid + \item Each PLMN simply logs all call/sms + \item Logs called CDR (Call Data Record) + \item At the end of the month, invoices are generated + \item CDR records are exchanged between roaming partners +\end{itemize} +\end{frame} + +\begin{frame}{Billing for Roaming} +\begin{itemize} + \item CDR files often vendor-specific / custom + \item GSMA established a standard called TAP + \item TAP is the standard for exchange of billing records +between roaming partners + \item Summary: Intra-PLMN: CDR, Inter-PLMN: TAP + \item TAP has many versions/generations + \item Specified in ASN.1 +\end{itemize} +\end{frame} + +\begin{frame}{The advent of pre-paid} +\begin{itemize} + \item At some point, users wanted pre-paid services + \item Difficult to implement in traditional billing architecture + \item In HPLMN, every operator could come up with custom +solution + \item Thus, pre-paid initially not supported in roaming + \item In the early pre-paid days, there were lots of ways to exceed pre-paid balance +\end{itemize} +\end{frame} + +\begin{frame}{Pre-paid required fundamental changes} +\begin{itemize} + \item The pre-paid balance / account is maintained in HPLMN + \item HPLMN needs much more control over user while roaming + \item A new protocol (CAMEL) was introduced, as well as new +entities in the network + \item Lots of changes all over netowrk elements (MSC, SGSN, HLR) +\end{itemize} +\end{frame} + +\subsection{CAMEL} + +\begin{frame}{CAMEL - Customized Applications Mobile Enhanced Logic} +\begin{itemize} + \item gsmSCF - Service Control Function + \begin{itemize} + \item receives per-subscriber specific config from HLR +(CSI: CAMEL Subscription Information) + \item remotely controls call, SMS, etc. processing + \end{itemize} + \item gsmSSF - Service Switching Function + \begin{itemize} + \item built into MSC + \item hooks / triggers at key state changes + \item allows gsmSCF to alter/override/abort transactions + \end{itemize} + \item gprsSSF provides similar feature inside SGSN +\end{itemize} +\end{frame} -- cgit v1.2.3