owd090700(slide) ggsn9811 v900r007c02 product overview-20090928-b-v1.0

HUAWEI TECHNOLOGIES CO., LTD.

www.huawei.com

HUAWEI Confidential

Security Level:

GGSN9811 V900R007Product Overview

Huawei Technologies

www.huawei.com

HUAWEI TECHNOLOGIES CO., LTD. HUAWEI Confidential

Chapter 1 GGSN PerspectiveChapter 1 GGSN Perspective

Chapter 2 GGSN Flow

Chapter 3 GGSN Features

Chapter 4 GGSN Reliability

Chapter 5 GGSN Specification


GGSN Location


Interfaces on the GGSN


Protocol Stack of the Gn/Gp Interface

Protocol stack of the Gn/Gp interface in the signaling p

lane Protocol stack of the Gn/Gp interface i

n the user plane


Protocol Stack of the Gi Interface in the Case of IP Access

Protocol stack in transparent access mode

Protocol stack in the signaling plane for the non-transparent access mode


Protocol Stack of the Gi Interface in the Case of PPP Access

Gi interface protocol stack for the PPP termination mode

Gi interface protocol stack for the PPP relay mode


Protocol Stack of the Ga Interface

Ga interface protocol stack


Protocol Stack of the Gy Interface

Gy interface protocol stack


Protocol Stack of the Gmb Interface

Gmb interface protocol stack


Protocol Stack of the Gx Interface

Gx interface protocol stack


Physical Interface Types

Interface Type Maximum

Number of

Interfaces on

an LPU

Function

10/100M adaptive

Ethernet electrical

interface

24 Physical interfaces to the PDN or or devices such as th

e SGSN, AAA server, and CG on the external network

Physical interfaces to the PDN or or devices such as th

e MME, SGSN, AAA server, and CG on the external net

work

1000Base-X-SFP

optical interface

24 Physical interfaces to the PDN or or devices such as the

SGSN, AAA server, and CG on the external network

1000Base-X-SFP

electrical interface



10G Ethernet

optical interface




Chapter 1 GGSN Perspective

Chapter 2 GGSN FlowChapter 2 GGSN Flow





GPRS Backbone

UE SGSNGGSN

Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Bill for Traffic: XXXBill for content: XXX___________________________Detailed bill:**** **** **** **** **** ***

Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Bill for Traffic: XXXBill for content: XXX___________________________Detailed bill:**** **** **** **** **** ***

Billing CenterCG

AAA Server

AAA Server

Internet

ISP

Enterprise Network

(1)

(2)

(2)

(2)

(2)

(3)

(4) (4)(1): GPRS Attach, MM context creation

IP TCP/UDP ApplicationGTPUDPIP IP TCP/UDP Application

AAA Server

PPP IP PPP IPUDP L2TPIP

PPP

(2): PDP creation, GTP tunnel establishment, AAA authentication.

(3): User visit PDN, web browsing

(4): SGSN/GGSN report original CDR/interactive

with OCS.

Flow Looking on 3G System

(2)OCS Server

(4)


Flow Looking on Signaling


IPSec/GRE tunnel

SPU LPU

Uplink Data flow

GTP tunnel LPU

SPULPU

Downlink Data flow:

GTP tunnelLPU

SPU

Uplink Data flow with Gi IPSec/GRE tunnel:

GTP tunnel LPU

SPU

Downlink Data flow with Gi IPSec/GRE tunnel:

GTP tunnelLPU

Flow Looking on Boards

LPU

IPSec/GRE tunnelLPU



Chapter 2 GGSN Flow

Chapter 3 GGSN FeaturesChapter 3 GGSN Features




Access Service Charging Routing OAM

GTP IP Access

GTP PPP Access

PPP Regeneration (L

AC)

Diversity Address A

ssignment

Alias APN

Virtual APN

QoS Mapping

SPU Recommendati

on

MBMS Broadcast

Direct Tunnel

Policy based

Forwarding

Web Proxy

Captive Portal

Bandwidth Ma

nagement

Diffserv Marki

ng

Content Awar

eness

Firewall

Anti-spoofing

DDOS Prevent

ion

PCC

Online Charging

Offline Charging

RADIUS

Accounting

Dynamic Routing

BGP/RIP/OSPF/IS-IS

Static Routing

Eth-trunk

Diversity VPN

VLAN/GRE/L2TP/IPSE

C/MPLS

Access Control List

(ACL)

Event Logs

Alarms

Software

Management

Performance

Management

Trace

Management

Operator

Management

GGSN Features Overview


Online Offline

Volume based charging

Time based charging

Content based billing

Dual Coupon with Tariff switch

QoS/SGSN/RAT switch

G-CDR enable

CTP Charging

Failover / Failback

Redirection

Volume based charging

Time based charging

Content based billing

Tariff switch

QoS/SGSN/RAT switch

CTP Charging

Multiple G-CDR formats

G-CDR Storage

CDR Audit

GGSN9811 Charging Features


Charging Data Collection

CDR Processing

DCCA ClientRadius ClientPDP Context

Management

User Profile

Charging Gateway

OCS AAA Server

Hard Disk

CDR Storage

SPU SRU

GGSN

Charging

Packets Forwarding and Service Control

User Management

Charging Processing and Control

Offline Charging Online Charging

Data Flow

GGSN9811 Charging Logic Architecture


IP over GTP - IP

IP over GTP - L2TP

GTP Functions

PPP over GTP - IP

PPP over GTP - L2TP


Direct Tunnel

RNC

SGSN

GGSN

RANAP GTP-C

GTP-U GTP-U

Iu Gn

信令面消息

用户面消息

RNC

SGSN

GGSN

RANAP GTP-C

Iu Gn

信令面消息

用户面消息GTP-U

Two Tunnel

Direct Tunnel

In the direct tunnel solution, one GTP tunnel between the RNC and the GGSN is used i

nstead of the two user-plane tunnels between the RNC and the SGSN, and the SGSN

and the GGSN. The SGSN does not process user-plane data, thus alleviating the data

forwarding load on the SGSN.


User Access Mode & Address Allocation

GGSNSGSN

Fire Wall

Internet/ Intranet

AAA Server

Auth.

No Auth.


GPRS Backbone

UE SGSN GGSN

Prepaid System

StreamingServer

Mail Server

download Server

Destination Service

Port URL Statistics

10.127.0.2 http 80 www.sina.com/music1

Uplink: 1kbytesDownlink: 1Mbytes

172.19.10.102

ftp 1003 file1 Downlink: 10Mbytes

Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Rent charge:: $XXBill for Traffic: XXXBill for content: XXX___________________________Detailed bill: **** **** **** **** **** ***

Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Rent charge:: $XXBill for Traffic: XXXBill for content: XXX___________________________Detailed bill: **** **** **** **** **** ***

Billing Center

Content Based Billing - Overview


IP DPI

Application DPI

Layer 2Data Link

Layer 3Network

Layer 6Presentation

Layer 4Transport

Layer 5Session

Layer 7Application

Se

rvic

e P

roc

es

sin

g L

ay

er

•URL– HTTP://WAP.MONTERNET.COM/*– RTSP://*.VOD.COM/*.3GP

•Application Protocol & Service– WAP/HTTP/MMS/FTP/DNS– RTSP/RTP/RTCP

•IP Address

•Port

•Protocol– TCP– UDP– ICMP/GRE/IPSec/...

Deep Packet Inspection for CBB


Hard Disk

LPU

FTP Serverfor

CDR Auditing

Charging Gateway

SPU

SRU

GGSN

CDR Process

CDR AuditingFTP

Client

CDR Auditing

CDR Auditing Buffer

Charging Processing

FTP Clientfor

GCDR File Transfer

GCDR file Download and upload

FTP Server

CDR Audit and GCDR File Transfer


Tunnel MarkingAPN based

Inbound ACL

PDP based Diffserv Marking

PDP based Policing


Outbound ACL

IP Service Chain

APN Level

PDP Level

Service Level


Inbound ACL

PDP based Policing


Outbound ACL

IP Service Chain

APN Level

PDP Level

Service Level

PDP based Diffserv Marking

Up-Link

Down-Link

Service Chain

IP Service Chain

Gating DiffServ Remark QoS Update Web Proxy Captive Portal RedirectionPolicy Based Forwarding

ShapingCAR Charging Point


Interface-based ACL

LPU

SPU

Interface Level

APN Level

PDP Level

Service Level

Uplink & Downlink

APN-based Inbound ACL

Flow Based IP Service

GatingSubscriber

Profile

Firewall

Personal Firewall


Web Client GGSN Proxy Server Web Server

TCP Syn

1 TCP Syn

TCP Ack

2TCP Ack

HTTP Request

HTTP Request

HTTP Reply

HTTP Reply

1

2

Web Client GGSN Portal Server Web Server

TCP Syn & Ack

1

HTTP Request

HTTP Redirection

2TCP Fin & Ac

k TCP RST

TCP Syn, Ack

HTTP Request

HTTP Reply

Web Proxy Captive Portal

Drop the HTTP Request message and send the HTTP redirection message (status 302) to Web Client.

Terminate the TCP connection

1

2

Match the L3/L4 policy and change the destination IP address of service packets to IP address of Proxy Server.

change the source IP address of service packets back to IP address of Web Server.

1

2

Web Proxy & Captive Portal


QoS2

QoS0QoS1

QoS0

Create PDP context Req(Req QoS)

Create PDP context Rsp(Neg QoS0)

Update PDP context Req(Req QoS1)

Update PDP context Rsp(Accept)

PDP

QoS0

SGSN QoS1


Update PDP context Rsp(Accept)

Flow1

Flow2

Flow3

QoS0


Update PDP context Rsp(Reject)

GGSN

QoS2

QoS1

QoS1

QoS0

PDP QoS

QoS2Flow4

QoS2 UpdateFail

QoS0Timer expire

T

QoS Update


Local Mapping => IMSI/MSISDN/RAT/Roaming/User name AAA Mapping

Virtual APN & Alias APN (1)

Corporate 3

Corporate 2

APN = "Corporate"username = "a@corporate1" Real APN = "Corporate1"

SGSN GGSN

MS1

PDP Context 3

Real APN = "Corporate2"

Real APN = "Corporate3"

PDP Context1 PDP Context1 PDP Context1

PDP Context2 PDP Context2 PDP Context2

PDP Context3PDP Context3

APN Name VPN IP Address Pool

Corporate

Corporate1 GRE VPN POOL1

Corporate2 IPSec VPN POOL2

Corporate3 L2TP VPN POOL3

APN = "Corporate"username = "a@corporate2"

APN = "Corporate"username = "a@corporate3"

Corporate 1

MS2

MS3


APN1

Walled Garden

Streaming Service

PTT

GGSN

APN2

APN3

APN4

system resource 1

system resource 2

Internet/ISP

Virtual APN & Alias APN (2)

Item Virtual APN Alias APN

Mapping More APN -> One APN One APN -> More APN

Scenario Ex. The operator has some

obsolete APN. Several APN want to

use same resource in GGSN.

Ex. If operator want to differentiate the

same APN name for several network. Or

It also can be used for classify for a

"BIG" APN.


InternetInternet Private Private networknetwork

IP/PPP

GGSN/LACSGSN

L2TPIP/PPP over GTP

LNS

PDP Type = IP/PPPGGSN regenerate PPP session when

PDP type = IP

GPRS Backbone

UE SGSN GGSN

Firewall

Internet

Mobile Tunnel Internet Tunnel

GTP Tunnel

End-to-End Tunnel (IPSec)

Corporation Network

GRE/IPSec/L2TP/MPLS/VLAN

AAA server

VRF

Flexible VPN


GGSN

Anti-spoofing

DDoS Prevention

Multiple authentication methods

Hierarchical management

Gi redirection

IPSec

Security Functions


PCC

PCC refers to policy and charging control. The PCRF NE is introduced. It delivers PCC rules, including policies and charging information, to the GGSN. Huawei PCRF is the RM9000. The following figure shows the position of the PCRF on the network.



Chapter 2 GGSN Flow


Chapter 4 GGSN ReliabilityChapter 4 GGSN Reliability



Virtual Routing

GPRS backbone Internet/

PDN

Internet/

PDNGGSN

IP/Ethernet Trunk

Three Level assurance

SPU 1:1

SRU 1:1

SFU 3+1

Overload Control Recourse Monitor Traffic Control Self-fault Checking

Software assurance

Module Level

Equipment Level

Network level

Carrier-class Reliability

LPU SPUSRU SPUSRULPU

SFU

SFU

1

8765101294321

876510119432

SPU SPU SPU SPU


Hardware Reliability

Mature USR platform

Hot plugging and hot backup

3+1 Switch plane

Dual –48 V independent-power-supply


Software Reliability

System Overload Control

CPU Overload Control of the SPU/LPU

CPU Overload Control of the SRU

Resource Check Function

Periodical Check

Address Resource Check Performed by the SRU and the

SPU

Address Resource Check with PDP Contexts in the SDB

Performed by the SPU

Board lock and system shutdown

Hot patch


Link redundancy and IP routing redundancy

FirewallLanswitch

IP IP backbackbonebone

RNC

Lanswitch

Internet/Internet/serviceservice

IP Dynamic routingIP Dynamic routingSGSN

GGSNGGSN

FirewallL2 IP redundancy technology L2 IP redundancy technology

SDHSDH

SSSS

Network Redundancy


Hardware SFU 3+1 redundancy

SPU 1+1 redundancy

Primary/Secondary Radius Server

Multiple OCS

Primary/Secondary CG

Multiple DHCP

Primary/Secondary L2TP tunnel

Primary/Secondary FTP server

Software

Redundancy



Chapter 2 GGSN Flow



Chapter 5 GGSN SpecificationChapter 5 GGSN Specification


Capacity Specification

Parameter Specification

Simultaneously active PDP contexts 5000000

Packet forwarding capacity 1,000,000pps

Max throughput 30G bit/s (IPSec 3G bit/s)

Max APN 3000

Maximum number of GRE tunnels 4000

Maximum number of L2TP tunnels 20000

Maximum number of IPSec tunnels 4000

www.huawei.com

Thank you

owd090700(slide) ggsn9811 v900r007c02 product overview-20090928-b-v1.0

Documents