From 2c4540218235ac1559165c072f71148b2a950d16 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Fri, 23 Jul 2021 17:15:18 +0200 Subject: add IMS slides --- 2021/osmodevcall-ims/osmodevcall-ims.adoc | 215 ++++++++++++++++++++++++++++++ 1 file changed, 215 insertions(+) create mode 100644 2021/osmodevcall-ims/osmodevcall-ims.adoc diff --git a/2021/osmodevcall-ims/osmodevcall-ims.adoc b/2021/osmodevcall-ims/osmodevcall-ims.adoc new file mode 100644 index 0000000..a66b900 --- /dev/null +++ b/2021/osmodevcall-ims/osmodevcall-ims.adoc @@ -0,0 +1,215 @@ +High-Level intro IMS, VoLTE, VoWFi +================================== +:author: Harald Welte +:copyright: 2021 by Harald Welte (License: CC-BY-SA) +:backend: slidy +:max-width: 45em + +== Overview + +What this talk is about + +* IMS basics +* How IMS is used in VoLTE +* How IMS is used in VoWiFi + +== Evolution of telephone signaling + +* circuit-switched +** PSTN +** ISDN Call Control (Q.931 + ISUP) +** GSM L3 CC Call Control (derived from Q.931) +** BICC in core networks +* packet-switched +** H.323 +** IETF SIP +** ITU SIP-I as ISUP replacement in telco networks +** 3GPP IMS (based on SIP) + +== IMS: IP Multimedia System + +* predates LTE +* specified at 2G + 3G time +* idea was to +** do voice over packet switched GPRS/UMTS services +** use one shared telephony system for both cellular and wired (DSL, Cable) access + +== IMS and VoLTE / VoWiFi + +* VoLTE is a marketing term for IMS over a LTE access network +* VoWiFi is a marketing term for IMS accesss over untrusted networks +** *untrusted* basically means not operated by a commercial telecom operator + +== Basic IMS Core Network + +* primarily a set of SIP proxies / switches (P-CSCF, I-CSCF, S-CSCF) +* subscriber configuratoin stored in HSS (like in LTE) +* optionally augmented by media gateways +** for interworking with PSTN / ISDN circuit switched interfaces +** for interworking with 2G/3G circuit switched domain + +.IMS Core Network +[graphviz] +---- +digraph G { + rankdir=LR; + Sub_A [label="Subscriber\nA"]; + Sub_B [label="Subscriber\nB"]; + Sub_C [label="Subscriber\nC"]; + Sub_D [label="Subscriber\nD"]; + subgraph cluster_A { + label = "IMS core"; + PCSCF [label="P-CSCF",shape="square"]; + ICSCF [label="I-CSCF",shape="square"]; + SCSCF [label="S-CSCF",shape="square"]; + } + HSS [label="HSS",shape="square"]; + Sub_A -> PCSCF [dir=none,label="SIP"]; + Sub_B -> PCSCF [dir=none,label="SIP"]; + Sub_C -> PCSCF [dir=none,label="SIP"]; + Sub_D -> PCSCF [dir=none,label="SIP"]; + PCSCF -> ICSCF [dir=none,label="SIP"]; + ICSCF -> SCSCF [dir=none,label="SIP"]; + ICSCF -> HSS [dir=none,label="DIAMETER"]; + SCSCF -> HSS [dir=none,label="DIAMETER"]; +} +---- + + +== P-CSCF: Proxy Call Session Control Function + +* IP address to which IMS clients sent SIP traffic +* also serves as IPsec endpoint in case of VoLTE +* forwards SIP to I-CSCF + +== I-CSCF: Interrogating Call Session Control Function + +* resolve which S-CSCF shall be used to serve the subscriber +** involves interrogation of HSS via DIAMETER +* forwards SIP to S-CSCF it has resolved + +== S-CSCF: Service Call Session Control Function + +* anchor to which the subscribers actually register +* confirms subscriber authorization with HSS (via DIAMETER) +* in charge of actual call control + + +== SIP dialect used in IMS + +* don't assume it is just plain old SIP like you know it from VoIP +* various 3GPP specific additions and extensions +* for example, introduction of EAP-AKA for authentication via ISIM card + +== IMS in VoWiFi + +* Introduction of the `ePDG` network element +* resembles a bit the P-GW/GGSN in 3GPP use case, but with the public internet as "RAN" +* acts as IPsec tunnel endpoint from/to clients +* IPsec IKE has been extended by 3GPP +** to use USIM/ISIM (UMTS AKA) based authentication +** to derive IPsec encryption keys from UMTS AKA + +[graphviz] +---- +digraph G { + rankdir=LR; + Sub_A [label="Subscriber\nA"]; + ePDG [label="ePDG",shape="square"]; + subgraph cluster_A { + label = "IMS core"; + PCSCF [label="P-CSCF",shape="square"]; + ICSCF [label="I-CSCF",shape="square"]; + SCSCF [label="S-CSCF",shape="square"]; + } + HSS [label="HSS",shape="square"]; + Sub_A -> ePDG [dir=none,label="SIP/TCP/IP/IPSEC"]; + ePDG -> PCSCF [dir=none,label="SIP/TCP/IP"]; + ePDG -> HSS [dir=none,label="DIAMETER"]; + PCSCF -> ICSCF [dir=none,label="SIP"]; + ICSCF -> SCSCF [dir=none,label="SIP"]; + ICSCF -> HSS [dir=none,label="DIAMETER"]; + SCSCF -> HSS [dir=none,label="DIAMETER"]; +} +---- + +== IMS in VoWiFi + +* ePDG IP address discovery +** hardcoded in UE, or +** configurable in UE, or +** DNS based resolution via epdg.epc.mncXXX.mccYYY.pub.3gppnetwork.org + +Once ePDG is discovered, IKE Phase 1 is started to set up IPsec SA +* typically NAT-T (UDP encapsulated ESP) is used +* typically both encryption and integrity protection used + + +== IMS in VoLTE + +* you would assume it's simply accessing the IMS core via E-UTRAN + EPC +** but...you underestimate the mind-boggling complexity that is required for 3GPP specs +* EPC supports QoS, so we must make use of that +** dedicated bearers wit different QoS for +*** default bearer (background IP, QCI=8/9) +*** IMS signaling (high reliability, QCI=5) +*** IMS user plane (low latency, QCI=1) +* IMS registration establishes QCI=5 bearer +* call setup establishes QCI=1 bearer + + +== dedicated bearers in LTE + +* in 2G/3G, we know PDP contexts +** PDP context resembles IP tunnel between MS/UE and GGSN +** you can establish multiple concurrent PDP contexts to different GGSNs, each with its own IP +* LTE extends this with the notion of EPS bearers and TFTs +** think of those like sub-flows within a PDP context +** you connect to one APN but have multiple concurrent EPS bearers to that APN +** each EPS bearer comes with a set of packet filter rules that determie to which bearer a given packet gets mapped. Those packet filter rules are called TFTs. + +== IMS in VoLTE + +[graphviz] +---- +digraph G { + rankdir=LR; + Sub_A [label="Subscriber\nA"]; + EUTRAN [shape="square"]; + PGW [label="P-GW for IMS APN",shape="square"]; + PCRF [label="PCRF",shape="square"]; + subgraph cluster_A { + label = "IMS core"; + PCSCF [label="P-CSCF",shape="square"]; + ICSCF [label="I-CSCF",shape="square"]; + SCSCF [label="S-CSCF",shape="square"]; + } + HSS [label="HSS",shape="square"]; + Sub_A -> PGW [dir=none,label="EPS bearers for QCI=1/QCI=5"]; + PGW -> PCSCF [dir=none,label="SIP/TCP/IP (opt. IPsec)"]; + PGW -> HSS [dir=none,label="DIAMETER"]; + PCRF -> HSS [dir=none,label="DIAMETER"]; + PGW -> PCRF [dir=none,label="DIAMETER"]; + PCSCF-> PCRF [dir=none,label="DIAMETER"]; + PCSCF -> ICSCF [dir=none,label="SIP"]; + ICSCF -> SCSCF [dir=none,label="SIP"]; + ICSCF -> HSS [dir=none,label="DIAMETER"]; + SCSCF -> HSS [dir=none,label="DIAMETER"]; +} +---- + + +== IMS Open Source Software + +In case you want to play with this: + +* https://github.com/fasferraz/SWu-IKEv2 +* FHoSS: Fraunhofer HSS with IMS related features (Java) +* Kamailio: SIP softswitch that can serve as P/I/S-CSCF +* doubango: IMS library / framework for client side +* imsdroid: Android stand-alone IMS client application using doubango framework + + +== EOF + +End of File -- cgit v1.2.3