From 5c6260b1394dcf756c58e63545912a264e21d5e4 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Mon, 3 Jul 2017 09:44:14 +0100 Subject: add 'TCP/IP is boring' slide deck --- .../images/Gsm_structures.svg | 1531 +++++++ .../images/gprs_control_stack.svg | 1341 ++++++ .../images/gprs_user_stack.svg | 1357 ++++++ .../images/sigtran_stackings.gnumeric | Bin 0 -> 2344 bytes .../images/sigtran_stackings.svg | 2635 +++++++++++ .../images/umts_ps_control.svg | 1519 ++++++ .../images/umts_ps_user.svg | 1497 ++++++ .../tcp_ip_is_boring.adoc | 254 + .../tcp_ip_is_boring.html | 4838 ++++++++++++++++++++ 9 files changed, 14972 insertions(+) create mode 100644 2017/tcp_ip_is_boring-nfws2017/images/Gsm_structures.svg create mode 100644 2017/tcp_ip_is_boring-nfws2017/images/gprs_control_stack.svg create mode 100644 2017/tcp_ip_is_boring-nfws2017/images/gprs_user_stack.svg create mode 100644 2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.gnumeric create mode 100644 2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.svg create mode 100644 2017/tcp_ip_is_boring-nfws2017/images/umts_ps_control.svg create mode 100644 2017/tcp_ip_is_boring-nfws2017/images/umts_ps_user.svg create mode 100644 2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.adoc create mode 100644 2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.html diff --git a/2017/tcp_ip_is_boring-nfws2017/images/Gsm_structures.svg b/2017/tcp_ip_is_boring-nfws2017/images/Gsm_structures.svg new file mode 100644 index 0000000..331298c --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/images/Gsm_structures.svg @@ -0,0 +1,1531 @@ + + + + GSM structure + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + GSM structure + 2009-12-09 + + + Kevin (tsaitgaist) Redon + + + key elements of the structure of a GSM network + + + + - terminal icons gnome (devices) the gnome icon package +- servers from http://openclipart.org/media/files/Anonymous/7274 + + + + + + + + Base Station Subsystem (BSS) + + Structure of a GSM network (key elements) + Network SubSystem (NSS) + + GPRS Core Network + + Mobile Station (MS) + + + + + + + + + + + + + + + R + Air + (Um) + A-bis + A + Gb + H/E etc + Gr/Gs + Gn + Gi + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + PSTN + + + SS7 network + + + + GPRS backboneIP netwok + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Internet + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8 + 9 + # + 0 + * + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + BTS + BTS + BSC + PCU + MSC/VLR + SGSN + GGSN + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + HLR/AUC(EIR) + + MT/TE + TE + SIM(UICC) + + \ No newline at end of file diff --git a/2017/tcp_ip_is_boring-nfws2017/images/gprs_control_stack.svg b/2017/tcp_ip_is_boring-nfws2017/images/gprs_control_stack.svg new file mode 100644 index 0000000..8622512 --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/images/gprs_control_stack.svg @@ -0,0 +1,1341 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + + MAC + RLC + LLC + + LLC + + E1 + + + + + PhysicalLayer + + + + + + + Um + A-bis + Gb + Gc + MS + BTS+CCU + BSC+PCU + SGSN + GPRS Control Plane + + + FrameRelay + NS + + BSSGP + + + E1 + + PhysicalLayer + TRAUFraming + + + MAC + RLC + + + E1 + + + + E1 + FrameRelay + NS + + BSSGP + TRAUFraming + + + + GMM + SM + + + GMM + SM + + E1 + + SCCP + + TCAP + + MAP + + MTP3 + + MTP2 + HLR + + E1 + + SCCP + + TCAP + + MAP + + MTP3 + + MTP2 + + + + + diff --git a/2017/tcp_ip_is_boring-nfws2017/images/gprs_user_stack.svg b/2017/tcp_ip_is_boring-nfws2017/images/gprs_user_stack.svg new file mode 100644 index 0000000..6b702a2 --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/images/gprs_user_stack.svg @@ -0,0 +1,1357 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + + MAC + RLC + LLC + + LLC + + E1 + + + IP + Ethernet + + GTP-U + + + IP + Ethernet + + GTP-U + + + + + + PhysicalLayer + + + + + + + Um + A-bis + Gb + Gn + MS + BTS+CCU + BSC+PCU + SGSN + GGSN + GPRS User Plane + + + FrameRelay + NS + + BSSGP + + + E1 + + PhysicalLayer + TRAUFraming + + + MAC + RLC + + + E1 + + + + E1 + FrameRelay + NS + + BSSGP + TRAUFraming + + + UDP + + UDP + SNDCP + + SNDCP + + + + IP + + + + IP + + + + + TCP + + + + TCP + + + + HTTP + + + + HTTP + + + + + + + diff --git a/2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.gnumeric b/2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.gnumeric new file mode 100644 index 0000000..57deb94 Binary files /dev/null and b/2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.gnumeric differ diff --git a/2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.svg b/2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.svg new file mode 100644 index 0000000..b936941 --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/images/sigtran_stackings.svg @@ -0,0 +1,2635 @@ + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/2017/tcp_ip_is_boring-nfws2017/images/umts_ps_control.svg b/2017/tcp_ip_is_boring-nfws2017/images/umts_ps_control.svg new file mode 100644 index 0000000..0e24f88 --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/images/umts_ps_control.svg @@ -0,0 +1,1519 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + Iub-FP + + + + + + + MAC + RLC + RRC + GMM + SM + + + + + MAC + RLC + RRC + + + + GMM + SM + + + + RANAP + + + + RANAP + + + + + + + + ATM + SAR + CPCS + SSCOP + SSCF/UNI + + Iub-FP + + + + + + ATM + SAR + CPCS + SSCOP + SSCF NNI + + + + + + SCCP + MTP3b + M3UA + SCTP + IP + + + + + + + + ATM + SAR + CPCS + SSCOP + SSCF NNI + + + + + + SCCP + MTP3b + M3UA + SCTP + IP + + + + UDP + IP + Ethernet + + + GTP-C + + + + UDP + IP + Ethernet + + GTP-C + + + + + + + PhysicalLayer + + + + + + + ATM + SAR + CPCS + SSCOP + SSCF/UNI + + PhysicalLayer + + TransportChannels + + TransportChannels + + + + + + + Uu + Iub + Iu-ps + Gn + MT + NodeB + RNC + SGSN + GGSN + UMTS Packet Switched Control Plane + + diff --git a/2017/tcp_ip_is_boring-nfws2017/images/umts_ps_user.svg b/2017/tcp_ip_is_boring-nfws2017/images/umts_ps_user.svg new file mode 100644 index 0000000..eb8eacf --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/images/umts_ps_user.svg @@ -0,0 +1,1497 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + Iub-FP + + + + MAC + RLC + PDCP + + + + MAC + RLC + PDCP + + Iu-FP + + Iu-FP + + ATM + + Iub-FP + + + + ATM + SAR + CPCS + + + + ATM + SAR + CPCS + + + IP + Ethernet + + + IP + Ethernet + + + + + + PhysicalLayer + + + + ATM + CPS + SSSAR + + PhysicalLayer + TransportChannels + + TransportChannels + + + + + + + Uu + Iub + Iu-ps + Gn + MT + NodeB + RNC + SGSN + GGSN + UMTS Packet Switched User Plane + + + IP + + + + GTP-U + + GTP-U + + + GTP-U + + GTP-U + + + + CPS + SSSAR + + + UDP + UDP + + IP + + UDP + + IP + + UDP + + + IP + + + + + TCP + + + + TCP + + + + HTTP + + + + HTTP + + + + + diff --git a/2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.adoc b/2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.adoc new file mode 100644 index 0000000..97c6f48 --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.adoc @@ -0,0 +1,254 @@ +TCP/IP is Boring: Tour of Cellular Protocol Stacks +================================================== +:author: Harald Welte +:copyright: 2017 by Harald Welte (License: CC-BY-SA) +:backend: slidy +:max-width: 45em + + +== Overview / Intro + +[role="incremental"] +* everyone (here) is familiar in-depth with TCP/IP +* almost nobody (here) has insight into telecom protocols +* let me take you on a tour +[role="incremental"] +** where protocol stacks are deep +** where acronyms are plentiful +* some people also call this _applied protocol archeology_ +* a lot of this is still in use, every day, by millions if not billions of subscribers + +== Personal Background + +* involved in non-profit ISP of early 1990ies +** built a lot of technology ourselves +** contact with UUCP, TCP/IP, OSPF, PPP, ISDN PRI/BRI, ... +* involved with netfilter/iptables 1999-2007 +* always looking for interesting non-TCP/IP protocols +** 2006: OpenPCD / librfid: ISO14443 / ISO15693 RFID protocols +** 2008-present: Cellular Protocol Stacks + +== Personal Philosophy + +* communications systems and protocols are a big fascination +* I admit I'm even interested more in them for themselves, rather than + for their use +* Personal conviction +** Every protocol (stack) should be well understood +** There should be FOSS for experimentation +*** transmitter +*** receiver +*** dissector (e.g. wireshark) + +== The Internet-Centric World + +I assume this is where most audience members are coming from: + +* We assume TCP/IP + Ethernet are everywhere +* Most obscure protocols people might know: SCTP, DCCP +* Open Source implementations lead the market (Linux, BSD) +* IETF is open to anyone, no formal membership required +** you still need to be able to afford to travel to meetings + +== Classic Digital Circuit Switched Telephony + +* Based on 8kHz / 8bit PCM audio channels +* E1/T1 bit-synchronous interfaces (1.5/2MBps) +* TDMA structure with 24/31 timeslots +* one 64k slot used for signaling +** HDLC framing (with CRC) +** MTP (_Message Transfer Part_) L2 + L3 +** TUP (_Telephony User Part_) or ISUP (_ISDN User Part_) for call signaling + +== Telephony Specification Bodies + +* ITU-T: Technical ITU Specs for international network interfacing +* ANSI: American National Standards Institute +* ETSI: European Telecommunications Standardization Institute +* TTC: Japanese Telecommunication Technology Committee +* 3GPP: 3rd Generation Partnership Project + + +== Telephony Signaling Oddities + +* Many countries/regions have their own dialects +** Even inside ETSI region, there are e.g. French + German variants(!) +* Differences even at very basic level such as address field size: +** ANSI: 24bit Point Codes +** ITU-T: 14bit Point Codes +** Japan: 16bit Point Codes + +=> Specific Translators required at boundaries between national/international networks + +== Conceptual Differences + +* Circuit vs. Packet +** In TCP/IP, we assume sender/receiver is identified in each packet +** In Cellular: Sender/Receiver are often implicitly identified based on circuit / time-slot! +* Signaling vs. User Plane +** In TCP/IP, we assume user payload is above normal protocol stack +** In Cellular: Different protocol stacks, or no protocol / header at all for user plane! + +== GSM Um +image::images/Gsm_structures.svg[] +~image by Tsaitgaist~ + +== Cellular Protocols: GSM Um + +* Um (_U mobile_) modelled after ISDN U (User) interface +* L2: LAPDm (_LAPD mobile_) modelled after ISDN LAPD (Q.921) +* L3: CC (_Call Control_) almost identical to ISDN L3 (Q.931) +* L3: New RR (_Radio Resource_) for radio-specific aspects +* L3: New MM (_Mobility Management_) for subscriber mobility + +== GSM Abis +image::images/Gsm_structures.svg[] +~image by Tsaitgaist~ + +== Cellular Protocols: GSM Abis + +* Uses E1/T1 Line/Circuit from ISDN +* Signaling Slot +** L2: ISDN L2 (LAPD, Q.921) +** L3: RSL (TS 48.058) + OML (TS 12.21) +** L4+ RR/CC/MM of Um interface +* Traffic Slots +** 64k Slots divided in 16k sub-slots +** one 16k sub-slot for GSM-encoded voice +** TRAU (_Transcoder / Rate Adaption Unit_) Frames + +== GSM A +image::images/Gsm_structures.svg[] +~image by Tsaitgaist~ + +== Cellular Protocols: GSM A + +* Uses E1/T1 Line/Circuit from ISDN +* Signaling Slot +** SS7 MTP2 + MTP3 +** SS7 SCCP (_Signaling Connection Control Part_) in Connection-Oriented Mode +** BSSAP/BSSMAP for BSC-MSC signaling (TS 48.008) +* Traffic Slots +** Uncompressed 64k PCM Audio like in ISDN + +== GSM Core (H/E etc.) +image::images/Gsm_structures.svg[] +~image by Tsaitgaist~ + +== Cellular Protocols: Core Network / Roaming Interface + +* Uses E1/T1 Line/Circuit from ISDN +* Cellular specific Signaling +** SS7 MTP2 + MTP3 +** SS7 SCCP (_Signaling Connection Control Part_) in Connection-Less Mode +** TCAP (_Transaction Capabilities Application Part_) +** MAP (_Mobile Application Part_) + CAP (_CAMEL Application Part_) +*** specified in ASN.1 with Information Object Classes; BER encoding +* Voice Call Signaling +** SS7 MTP2 + MTP3 +** SS7 ISUP (_ISDN User Part_) +* Traffic Slots +** Uncompressed 64k PCM Audio like in ISDN + +== Cellular Protocols: SIM-ME Interface + +* Pretty much like most other processor smart cards: +** ISO 7816-1 for physical interface +** ISO 7816-2 for electrical interface +** ISO 7816-3 for framing +** ISO 7816-4 _Inter-Industry Commands for Information Interchange_ +* GSM TS 11.11 for detailed file/directory/APDU specs +* ETSI TS 102221 + 3GPP TS 31.102 for USIM + +== Cellular Protocols: GPRS Um + +* re-use existing GSM Um PHY +** same TDMA, modulation, ... +** new coding schemes (different amount of FEC, TS 45.002) +* L2: New RLC/MAC instead of LAPDm (TS 44.060) +** unacknowledged + acknowledged mode +** specified in new syntax: CSN.1 (Concrete Syntax Notation) +*** seems it was create specifically for GPRS +*** specification full of non-trivial syntax errors (till today!) +*** no FOSS code generators (till today!) +* L3: GPRS LLC (_Logical Link Control_, TS 44.064) +** unacknowledged + acknowledged mode +* L3: GPRS SNDCP (_Sub-Network Dependent Convergence Protocol_, TS 44.065) +* User-IP (or PPP) inside SNDCP + +== GPRS Gb +image::images/Gsm_structures.svg[] +~image by Tsaitgaist~ + +== Cellular Protocols: GPRS Gb + +* Between PCU (Protocol Control Unit) and SGSN (Serving GPRS Support Node) +* Classic Transport +** E1/T1 physical layer +** L2: Frame Relay +* Modern Transport +** IP + UDP replace E1/T1 + FR, or +** FR over GRE over IP +* L3: NS (_Network Services_, TS 48.016) +* L3: BSSGP (_BSS Gateway Protocol_, TS 48.018) +* Above: GPRS LLC as on GPRS Um interface + +== GPRS Gp +image::images/Gsm_structures.svg[] +~image by Tsaitgaist~ + +== Cellular Protocols: GPRS Gp + +* Between SGSN (Serving GPRS Support Node) and GGSN (GPRS Gateway Support Node) +* IP as transport layer (yay!) +* GTP (_GPRS Tunneling Protocol_, TS 29.060) +* User-IP traffic inside GTP + +== GPRS Control Plane + +image::images/gprs_control_stack.svg[width="100%"] + +== GPRS User Plane + +image::images/gprs_user_stack.svg[width="100%"] + +== Cellular Protocols: UMTS (aka WCDMA aka 3G) + +* Uu interface on radio: Completely new +* Iub interface NodeB -> RNC: Completely new +** RRC protocol: ASN.1; UPER encoding +* Iu-CS interface RNC -> MSC +** SS7 E1/MTP2/MTP3 (or MTP3b via ATM) +** SS7 SCCP Connection-Oriented +** RANAP (RAN Application Part): ASN.1; APER encoding +* Iu-PS interface RNC -> SGSN +** like Iu-CS above + +== UMTS PS Control Plane + +image::images/umts_ps_control.svg[width="100%"] + +== UMTS PS User Plane + +image::images/umts_ps_user.svg[width="100%"] + +== Evolution towards IP Transport + +* 1999-2007: IETF SIGTRAN WG +** Transmission of Signalling over IP +** SCTP as reliable transport +** Not one, but many "competing" stacks on top +*** Result: Various incompatible products + +image::images/sigtran_stackings.svg[width="100%"] + +== Further Information + +* http://osmocom.org/ contains FOSS implementations of +** GSM Um, Abis, A +** GPRS Gb, Gp, Gi +** UMTS IuCS, IuPS, Iuh + +== EOF + +End of File diff --git a/2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.html b/2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.html new file mode 100644 index 0000000..105fc30 --- /dev/null +++ b/2017/tcp_ip_is_boring-nfws2017/tcp_ip_is_boring.html @@ -0,0 +1,4838 @@ + + + + +TCP/IP is Boring: Tour of Cellular Protocol Stacks + + + + + + + + +
+

Overview / Intro

+
+
    +
  • + +everyone (here) is familiar in-depth with TCP/IP + +
  • +
  • + +almost nobody (here) has insight into telecom protocols + +
  • +
  • + +let me take you on a tour + +
      +
    • + +where protocol stacks are deep + +
    • +
    • + +where acronyms are plentiful + +
    • +
    +
  • +
  • + +some people also call this applied protocol archeology + +
  • +
  • + +a lot of this is still in use, every day, by millions if not billions of subscribers + +
  • +
+
+
+
+

Personal Background

+
+
    +
  • + +involved in non-profit ISP of early 1990ies + +
      +
    • + +built a lot of technology ourselves + +
    • +
    • + +contact with UUCP, TCP/IP, OSPF, PPP, ISDN PRI/BRI, … + +
    • +
    +
  • +
  • + +involved with netfilter/iptables 1999-2007 + +
  • +
  • + +always looking for interesting non-TCP/IP protocols + +
      +
    • + +2006: OpenPCD / librfid: ISO14443 / ISO15693 RFID protocols + +
    • +
    • + +2008-present: Cellular Protocol Stacks + +
    • +
    +
  • +
+
+
+
+

Personal Philosophy

+
+
    +
  • + +communications systems and protocols are a big fascination + +
  • +
  • + +I admit I’m even interested more in them for themselves, rather than + for their use + +
  • +
  • + +Personal conviction + +
      +
    • + +Every protocol (stack) should be well understood + +
    • +
    • + +There should be FOSS for experimentation + +
        +
      • + +transmitter + +
      • +
      • + +receiver + +
      • +
      • + +dissector (e.g. wireshark) + +
      • +
      +
    • +
    +
  • +
+
+
+
+

The Internet-Centric World

+
+

I assume this is where most audience members are coming from:

+
    +
  • + +We assume TCP/IP + Ethernet are everywhere + +
  • +
  • + +Most obscure protocols people might know: SCTP, DCCP + +
  • +
  • + +Open Source implementations lead the market (Linux, BSD) + +
  • +
  • + +IETF is open to anyone, no formal membership required + +
      +
    • + +you still need to be able to afford to travel to meetings + +
    • +
    +
  • +
+
+
+
+

Classic Digital Circuit Switched Telephony

+
+
    +
  • + +Based on 8kHz / 8bit PCM audio channels + +
  • +
  • + +E1/T1 bit-synchronous interfaces (1.5/2MBps) + +
  • +
  • + +TDMA structure with 24/31 timeslots + +
  • +
  • + +one 64k slot used for signaling + +
      +
    • + +HDLC framing (with CRC) + +
    • +
    • + +MTP (Message Transfer Part) L2 + L3 + +
    • +
    • + +TUP (Telephony User Part) or ISUP (ISDN User Part) for call signaling + +
    • +
    +
  • +
+
+
+
+

Telephony Specification Bodies

+
+
    +
  • + +ITU-T: Technical ITU Specs for international network interfacing + +
  • +
  • + +ANSI: American National Standards Institute + +
  • +
  • + +ETSI: European Telecommunications Standardization Institute + +
  • +
  • + +TTC: Japanese Telecommunication Technology Committee + +
  • +
  • + +3GPP: 3rd Generation Partnership Project + +
  • +
+
+
+
+

Telephony Signaling Oddities

+
+
    +
  • + +Many countries/regions have their own dialects + +
      +
    • + +Even inside ETSI region, there are e.g. French + German variants(!) + +
    • +
    +
  • +
  • + +Differences even at very basic level such as address field size: + +
      +
    • + +ANSI: 24bit Point Codes + +
    • +
    • + +ITU-T: 14bit Point Codes + +
    • +
    • + +Japan: 16bit Point Codes + +
    • +
    +
  • +
+

⇒ Specific Translators required at boundaries between national/international networks

+
+
+
+

Conceptual Differences

+
+
    +
  • + +Circuit vs. Packet + +
      +
    • + +In TCP/IP, we assume sender/receiver is identified in each packet + +
    • +
    • + +In Cellular: Sender/Receiver are often implicitly identified based on circuit / time-slot! + +
    • +
    +
  • +
  • + +Signaling vs. User Plane + +
      +
    • + +In TCP/IP, we assume user payload is above normal protocol stack + +
    • +
    • + +In Cellular: Different protocol stacks, or no protocol / header at all for user plane! + +
    • +
    +
  • +
+
+
+
+

GSM Um

+
+
+
+images/Gsm_structures.svg +
+
+

image by Tsaitgaist

+
+
+
+

Cellular Protocols: GSM Um

+
+
    +
  • + +Um (U mobile) modelled after ISDN U (User) interface + +
  • +
  • + +L2: LAPDm (LAPD mobile) modelled after ISDN LAPD (Q.921) + +
  • +
  • + +L3: CC (Call Control) almost identical to ISDN L3 (Q.931) + +
  • +
  • + +L3: New RR (Radio Resource) for radio-specific aspects + +
  • +
  • + +L3: New MM (Mobility Management) for subscriber mobility + +
  • +
+
+
+
+

GSM Abis

+
+
+
+images/Gsm_structures.svg +
+
+

image by Tsaitgaist

+
+
+
+

Cellular Protocols: GSM Abis

+
+
    +
  • + +Uses E1/T1 Line/Circuit from ISDN + +
  • +
  • + +Signaling Slot + +
      +
    • + +L2: ISDN L2 (LAPD, Q.921) + +
    • +
    • + +L3: RSL (TS 48.058) + OML (TS 12.21) + +
    • +
    • + +L4+ RR/CC/MM of Um interface + +
    • +
    +
  • +
  • + +Traffic Slots + +
      +
    • + +64k Slots divided in 16k sub-slots + +
    • +
    • + +one 16k sub-slot for GSM-encoded voice + +
    • +
    • + +TRAU (Transcoder / Rate Adaption Unit) Frames + +
    • +
    +
  • +
+
+
+
+

GSM A

+
+
+
+images/Gsm_structures.svg +
+
+

image by Tsaitgaist

+
+
+
+

Cellular Protocols: GSM A

+
+
    +
  • + +Uses E1/T1 Line/Circuit from ISDN + +
  • +
  • + +Signaling Slot + +
      +
    • + +SS7 MTP2 + MTP3 + +
    • +
    • + +SS7 SCCP (Signaling Connection Control Part) in Connection-Oriented Mode + +
    • +
    • + +BSSAP/BSSMAP for BSC-MSC signaling (TS 48.008) + +
    • +
    +
  • +
  • + +Traffic Slots + +
      +
    • + +Uncompressed 64k PCM Audio like in ISDN + +
    • +
    +
  • +
+
+
+
+

GSM Core (H/E etc.)

+
+
+
+images/Gsm_structures.svg +
+
+

image by Tsaitgaist

+
+
+
+

Cellular Protocols: Core Network / Roaming Interface

+
+
    +
  • + +Uses E1/T1 Line/Circuit from ISDN + +
  • +
  • + +Cellular specific Signaling + +
      +
    • + +SS7 MTP2 + MTP3 + +
    • +
    • + +SS7 SCCP (Signaling Connection Control Part) in Connection-Less Mode + +
    • +
    • + +TCAP (Transaction Capabilities Application Part) + +
    • +
    • + +MAP (Mobile Application Part) + CAP (CAMEL Application Part) + +
        +
      • + +specified in ASN.1 with Information Object Classes; BER encoding + +
      • +
      +
    • +
    +
  • +
  • + +Voice Call Signaling + +
      +
    • + +SS7 MTP2 + MTP3 + +
    • +
    • + +SS7 ISUP (ISDN User Part) + +
    • +
    +
  • +
  • + +Traffic Slots + +
      +
    • + +Uncompressed 64k PCM Audio like in ISDN + +
    • +
    +
  • +
+
+
+
+

Cellular Protocols: SIM-ME Interface

+
+
    +
  • + +Pretty much like most other processor smart cards: + +
      +
    • + +ISO 7816-1 for physical interface + +
    • +
    • + +ISO 7816-2 for electrical interface + +
    • +
    • + +ISO 7816-3 for framing + +
    • +
    • + +ISO 7816-4 Inter-Industry Commands for Information Interchange + +
    • +
    +
  • +
  • + +GSM TS 11.11 for detailed file/directory/APDU specs + +
  • +
  • + +ETSI TS 102221 + 3GPP TS 31.102 for USIM + +
  • +
+
+
+
+

Cellular Protocols: GPRS Um

+
+
    +
  • + +re-use existing GSM Um PHY + +
      +
    • + +same TDMA, modulation, … + +
    • +
    • + +new coding schemes (different amount of FEC, TS 45.002) + +
    • +
    +
  • +
  • + +L2: New RLC/MAC instead of LAPDm (TS 44.060) + +
      +
    • + +unacknowledged + acknowledged mode + +
    • +
    • + +specified in new syntax: CSN.1 (Concrete Syntax Notation) + +
        +
      • + +seems it was create specifically for GPRS + +
      • +
      • + +specification full of non-trivial syntax errors (till today!) + +
      • +
      • + +no FOSS code generators (till today!) + +
      • +
      +
    • +
    +
  • +
  • + +L3: GPRS LLC (Logical Link Control, TS 44.064) + +
      +
    • + +unacknowledged + acknowledged mode + +
    • +
    +
  • +
  • + +L3: GPRS SNDCP (Sub-Network Dependent Convergence Protocol, TS 44.065) + +
  • +
  • + +User-IP (or PPP) inside SNDCP + +
  • +
+
+
+
+

GPRS Gb

+
+
+
+images/Gsm_structures.svg +
+
+

image by Tsaitgaist

+
+
+
+

Cellular Protocols: GPRS Gb

+
+
    +
  • + +Between PCU (Protocol Control Unit) and SGSN (Serving GPRS Support Node) + +
  • +
  • + +Classic Transport + +
      +
    • + +E1/T1 physical layer + +
    • +
    • + +L2: Frame Relay + +
    • +
    +
  • +
  • + +Modern Transport + +
      +
    • + +IP + UDP replace E1/T1 + FR, or + +
    • +
    • + +FR over GRE over IP + +
    • +
    +
  • +
  • + +L3: NS (Network Services, TS 48.016) + +
  • +
  • + +L3: BSSGP (BSS Gateway Protocol, TS 48.018) + +
  • +
  • + +Above: GPRS LLC as on GPRS Um interface + +
  • +
+
+
+
+

GPRS Gp

+
+
+
+images/Gsm_structures.svg +
+
+

image by Tsaitgaist

+
+
+
+

Cellular Protocols: GPRS Gp

+
+
    +
  • + +Between SGSN (Serving GPRS Support Node) and GGSN (GPRS Gateway Support Node) + +
  • +
  • + +IP as transport layer (yay!) + +
  • +
  • + +GTP (GPRS Tunneling Protocol, TS 29.060) + +
  • +
  • + +User-IP traffic inside GTP + +
  • +
+
+
+
+

GPRS Control Plane

+
+
+
+images/gprs_control_stack.svg +
+
+
+
+
+

GPRS User Plane

+
+
+
+images/gprs_user_stack.svg +
+
+
+
+
+

Cellular Protocols: UMTS (aka WCDMA aka 3G)

+
+
    +
  • + +Uu interface on radio: Completely new + +
  • +
  • + +Iub interface NodeB → RNC: Completely new + +
      +
    • + +RRC protocol: ASN.1; UPER encoding + +
    • +
    +
  • +
  • + +Iu-CS interface RNC → MSC + +
      +
    • + +SS7 E1/MTP2/MTP3 (or MTP3b via ATM) + +
    • +
    • + +SS7 SCCP Connection-Oriented + +
    • +
    • + +RANAP (RAN Application Part): ASN.1; APER encoding + +
    • +
    +
  • +
  • + +Iu-PS interface RNC → SGSN + +
      +
    • + +like Iu-CS above + +
    • +
    +
  • +
+
+
+
+

UMTS PS Control Plane

+
+
+
+images/umts_ps_control.svg +
+
+
+
+
+

UMTS PS User Plane

+
+
+
+images/umts_ps_user.svg +
+
+
+
+
+

Evolution towards IP Transport

+
+
    +
  • + +1999-2007: IETF SIGTRAN WG + +
      +
    • + +Transmission of Signalling over IP + +
    • +
    • + +SCTP as reliable transport + +
    • +
    • + +Not one, but many "competing" stacks on top + +
        +
      • + +Result: Various incompatible products + +
      • +
      +
    • +
    +
  • +
+
+
+images/sigtran_stackings.svg +
+
+
+
+
+

Further Information

+
+
    +
  • + +http://osmocom.org/ contains FOSS implementations of + +
      +
    • + +GSM Um, Abis, A + +
    • +
    • + +GPRS Gb, Gp, Gi + +
    • +
    • + +UMTS IuCS, IuPS, Iuh + +
    • +
    +
  • +
+
+
+
+

EOF

+
+

End of File

+
+
+ + -- cgit v1.2.3