OWD090700(Slide) GGSN9811 V900R007C02 Product Overview-20090928-B-V1.0
-
Upload
elmanzaneda -
Category
Documents
-
view
74 -
download
2
Transcript of OWD090700(Slide) GGSN9811 V900R007C02 Product Overview-20090928-B-V1.0
HUAWEI TECHNOLOGIES CO., LTD.
www.huawei.com
HUAWEI Confidential
Security Level:
GGSN9811 V900R007Product Overview
Huawei Technologies
www.huawei.com
HUAWEI TECHNOLOGIES CO., LTD. Page 2HUAWEI Confidential
Chapter 1 GGSN PerspectiveChapter 1 GGSN Perspective
Chapter 2 GGSN Flow
Chapter 3 GGSN Features
Chapter 4 GGSN Reliability
Chapter 5 GGSN Specification
HUAWEI TECHNOLOGIES CO., LTD. Page 3HUAWEI Confidential
GGSN Location
HUAWEI TECHNOLOGIES CO., LTD. Page 4HUAWEI Confidential
Interfaces on the GGSN
HUAWEI TECHNOLOGIES CO., LTD. Page 5HUAWEI Confidential
Protocol Stack of the Gn/Gp Interface
Protocol stack of the Gn/Gp interface in the signaling p
lane Protocol stack of the Gn/Gp interface i
n the user plane
HUAWEI TECHNOLOGIES CO., LTD. Page 6HUAWEI Confidential
Protocol Stack of the Gi Interface in the Case of IP Access
Protocol stack in transparent access mode
Protocol stack in the signaling plane for the non-transparent access mode
HUAWEI TECHNOLOGIES CO., LTD. Page 7HUAWEI Confidential
Protocol Stack of the Gi Interface in the Case of PPP Access
Gi interface protocol stack for the PPP termination mode
Gi interface protocol stack for the PPP relay mode
HUAWEI TECHNOLOGIES CO., LTD. Page 8HUAWEI Confidential
Protocol Stack of the Ga Interface
Ga interface protocol stack
HUAWEI TECHNOLOGIES CO., LTD. Page 9HUAWEI Confidential
Protocol Stack of the Gy Interface
Gy interface protocol stack
HUAWEI TECHNOLOGIES CO., LTD. Page 10HUAWEI Confidential
Protocol Stack of the Gmb Interface
Gmb interface protocol stack
HUAWEI TECHNOLOGIES CO., LTD. Page 11HUAWEI Confidential
Protocol Stack of the Gx Interface
Gx interface protocol stack
HUAWEI TECHNOLOGIES CO., LTD. Page 12HUAWEI Confidential
Physical Interface Types
Interface Type Maximum
Number of
Interfaces on
an LPU
Function
10/100M adaptive
Ethernet electrical
interface
24 Physical interfaces to the PDN or or devices such as th
e SGSN, AAA server, and CG on the external network
Physical interfaces to the PDN or or devices such as th
e MME, SGSN, AAA server, and CG on the external net
work
1000Base-X-SFP
optical interface
24 Physical interfaces to the PDN or or devices such as the
SGSN, AAA server, and CG on the external network
1000Base-X-SFP
electrical interface
2 Physical interfaces to the PDN or or devices such as the
SGSN, AAA server, and CG on the external network
10G Ethernet
optical interface
2 Physical interfaces to the PDN or or devices such as the
SGSN, AAA server, and CG on the external network
HUAWEI TECHNOLOGIES CO., LTD. Page 13HUAWEI Confidential
Chapter 1 GGSN Perspective
Chapter 2 GGSN FlowChapter 2 GGSN Flow
Chapter 3 GGSN Features
Chapter 4 GGSN Reliability
Chapter 5 GGSN Specification
HUAWEI TECHNOLOGIES CO., LTD. Page 14HUAWEI Confidential
GPRS Backbone
UE SGSNGGSN
Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Bill for Traffic: XXXBill for content: XXX___________________________Detailed bill:**** **** **** **** **** ***
Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Bill for Traffic: XXXBill for content: XXX___________________________Detailed bill:**** **** **** **** **** ***
Billing CenterCG
AAA Server
AAA Server
Internet
ISP
Enterprise Network
(1)
(2)
(2)
(2)
(2)
(3)
(4) (4)(1): GPRS Attach, MM context creation
IP TCP/UDP ApplicationGTPUDPIP IP TCP/UDP Application
AAA Server
PPP IP PPP IPUDP L2TPIP
PPP
(2): PDP creation, GTP tunnel establishment, AAA authentication.
(3): User visit PDN, web browsing
(4): SGSN/GGSN report original CDR/interactive
with OCS.
Flow Looking on 3G System
(2)OCS Server
(4)
HUAWEI TECHNOLOGIES CO., LTD. Page 15HUAWEI Confidential
Flow Looking on Signaling
HUAWEI TECHNOLOGIES CO., LTD. Page 16HUAWEI Confidential
IPSec/GRE tunnel
SPU LPU
Uplink Data flow
GTP tunnel LPU
SPULPU
Downlink Data flow:
GTP tunnelLPU
SPU
Uplink Data flow with Gi IPSec/GRE tunnel:
GTP tunnel LPU
SPU
Downlink Data flow with Gi IPSec/GRE tunnel:
GTP tunnelLPU
Flow Looking on Boards
LPU
IPSec/GRE tunnelLPU
HUAWEI TECHNOLOGIES CO., LTD. Page 17HUAWEI Confidential
Chapter 1 GGSN Perspective
Chapter 2 GGSN Flow
Chapter 3 GGSN FeaturesChapter 3 GGSN Features
Chapter 4 GGSN Reliability
Chapter 5 GGSN Specification
HUAWEI TECHNOLOGIES CO., LTD. Page 18HUAWEI Confidential
Access Service Charging Routing OAM
GTP IP Access
GTP PPP Access
PPP Regeneration (L
AC)
Diversity Address A
ssignment
Alias APN
Virtual APN
QoS Mapping
SPU Recommendati
on
MBMS Broadcast
Direct Tunnel
Policy based
Forwarding
Web Proxy
Captive Portal
Bandwidth Ma
nagement
Diffserv Marki
ng
Content Awar
eness
Firewall
Anti-spoofing
DDOS Prevent
ion
PCC
Online Charging
Offline Charging
RADIUS
Accounting
Dynamic Routing
BGP/RIP/OSPF/IS-IS
Static Routing
Eth-trunk
Diversity VPN
VLAN/GRE/L2TP/IPSE
C/MPLS
Access Control List
(ACL)
Event Logs
Alarms
Software
Management
Performance
Management
Trace
Management
Operator
Management
GGSN Features Overview
HUAWEI TECHNOLOGIES CO., LTD. Page 19HUAWEI Confidential
Online Offline
Volume based charging
Time based charging
Content based billing
Dual Coupon with Tariff switch
QoS/SGSN/RAT switch
G-CDR enable
CTP Charging
Failover / Failback
Redirection
Volume based charging
Time based charging
Content based billing
Tariff switch
QoS/SGSN/RAT switch
CTP Charging
Multiple G-CDR formats
G-CDR Storage
CDR Audit
GGSN9811 Charging Features
HUAWEI TECHNOLOGIES CO., LTD. Page 20HUAWEI Confidential
Charging Data Collection
CDR Processing
DCCA ClientRadius ClientPDP Context
Management
User Profile
Charging Gateway
OCS AAA Server
Hard Disk
CDR Storage
SPU SRU
GGSN
Charging
Packets Forwarding and Service Control
User Management
Charging Processing and Control
Offline Charging Online Charging
Data Flow
GGSN9811 Charging Logic Architecture
HUAWEI TECHNOLOGIES CO., LTD. Page 21HUAWEI Confidential
IP over GTP - IP
IP over GTP - L2TP
GTP Functions
PPP over GTP - IP
PPP over GTP - L2TP
HUAWEI TECHNOLOGIES CO., LTD. Page 22HUAWEI Confidential
Direct Tunnel
RNC
SGSN
GGSN
RANAP GTP-C
GTP-U GTP-U
Iu Gn
信令面消息
用户面消息
RNC
SGSN
GGSN
RANAP GTP-C
Iu Gn
信令面消息
用户面消息GTP-U
Two Tunnel
Direct Tunnel
In the direct tunnel solution, one GTP tunnel between the RNC and the GGSN is used i
nstead of the two user-plane tunnels between the RNC and the SGSN, and the SGSN
and the GGSN. The SGSN does not process user-plane data, thus alleviating the data
forwarding load on the SGSN.
HUAWEI TECHNOLOGIES CO., LTD. Page 23HUAWEI Confidential
User Access Mode & Address Allocation
GGSNSGSN
Fire Wall
Internet/ Intranet
AAA Server
Auth.
No Auth.
HUAWEI TECHNOLOGIES CO., LTD. Page 24HUAWEI Confidential
GPRS Backbone
UE SGSN GGSN
Prepaid System
StreamingServer
Mail Server
download Server
Destination Service
Port URL Statistics
10.127.0.2 http 80 www.sina.com/music1
Uplink: 1kbytesDownlink: 1Mbytes
172.19.10.102
ftp 1003 file1 Downlink: 10Mbytes
Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Rent charge:: $XXBill for Traffic: XXXBill for content: XXX___________________________Detailed bill: **** **** **** **** **** ***
Charging BillUser: XX Number: 133XXXXDate: 2003/X Charge: $XXX___________________________Rent charge:: $XXBill for Traffic: XXXBill for content: XXX___________________________Detailed bill: **** **** **** **** **** ***
Billing Center
Content Based Billing - Overview
HUAWEI TECHNOLOGIES CO., LTD. Page 25HUAWEI Confidential
IP DPI
Application DPI
Layer 2Data Link
Layer 3Network
Layer 6Presentation
Layer 4Transport
Layer 5Session
Layer 7Application
Se
rvic
e P
roc
es
sin
g L
ay
er
•URL– HTTP://WAP.MONTERNET.COM/*– RTSP://*.VOD.COM/*.3GP
•Application Protocol & Service– WAP/HTTP/MMS/FTP/DNS– RTSP/RTP/RTCP
•IP Address
•Port
•Protocol– TCP– UDP– ICMP/GRE/IPSec/...
Deep Packet Inspection for CBB
HUAWEI TECHNOLOGIES CO., LTD. Page 26HUAWEI Confidential
Hard Disk
LPU
FTP Serverfor
CDR Auditing
Charging Gateway
SPU
SRU
GGSN
CDR Process
CDR AuditingFTP
Client
CDR Auditing
CDR Auditing Buffer
Charging Processing
FTP Clientfor
GCDR File Transfer
GCDR file Download and upload
FTP Server
CDR Audit and GCDR File Transfer
HUAWEI TECHNOLOGIES CO., LTD. Page 27HUAWEI Confidential
Tunnel MarkingAPN based
Inbound ACL
PDP based Diffserv Marking
PDP based Policing
Tunnel MarkingAPN based
Outbound ACL
IP Service Chain
APN Level
PDP Level
Service Level
Tunnel MarkingAPN based
Inbound ACL
PDP based Policing
Tunnel MarkingAPN based
Outbound ACL
IP Service Chain
APN Level
PDP Level
Service Level
PDP based Diffserv Marking
Up-Link
Down-Link
Service Chain
IP Service Chain
Gating DiffServ Remark QoS Update Web Proxy Captive Portal RedirectionPolicy Based Forwarding
ShapingCAR Charging Point
HUAWEI TECHNOLOGIES CO., LTD. Page 28HUAWEI Confidential
Interface-based ACL
LPU
SPU
Interface Level
APN Level
PDP Level
Service Level
Uplink & Downlink
APN-based Inbound ACL
Flow Based IP Service
GatingSubscriber
Profile
Firewall
Personal Firewall
HUAWEI TECHNOLOGIES CO., LTD. Page 29HUAWEI Confidential
Web Client GGSN Proxy Server Web Server
TCP Syn
1 TCP Syn
TCP Ack
2TCP Ack
HTTP Request
HTTP Request
HTTP Reply
HTTP Reply
1
2
Web Client GGSN Portal Server Web Server
TCP Syn & Ack
1
HTTP Request
HTTP Redirection
2TCP Fin & Ac
k TCP RST
TCP Syn, Ack
HTTP Request
HTTP Reply
Web Proxy Captive Portal
Drop the HTTP Request message and send the HTTP redirection message (status 302) to Web Client.
Terminate the TCP connection
1
2
Match the L3/L4 policy and change the destination IP address of service packets to IP address of Proxy Server.
change the source IP address of service packets back to IP address of Web Server.
1
2
Web Proxy & Captive Portal
HUAWEI TECHNOLOGIES CO., LTD. Page 30HUAWEI Confidential
QoS2
QoS0QoS1
QoS0
Create PDP context Req(Req QoS)
Create PDP context Rsp(Neg QoS0)
Update PDP context Req(Req QoS1)
Update PDP context Rsp(Accept)
PDP
QoS0
SGSN QoS1
Update PDP context Req(Req QoS0)
Update PDP context Rsp(Accept)
Flow1
Flow2
Flow3
QoS0
Update PDP context Req(Req QoS2)
Update PDP context Rsp(Reject)
GGSN
QoS2
QoS1
QoS1
QoS0
PDP QoS
QoS2Flow4
QoS2 UpdateFail
QoS0Timer expire
T
QoS Update
HUAWEI TECHNOLOGIES CO., LTD. Page 31HUAWEI Confidential
Local Mapping => IMSI/MSISDN/RAT/Roaming/User name AAA Mapping
Virtual APN & Alias APN (1)
Corporate 3
Corporate 2
APN = "Corporate"username = "a@corporate1" Real APN = "Corporate1"
SGSN GGSN
MS1
PDP Context 3
Real APN = "Corporate2"
Real APN = "Corporate3"
PDP Context1 PDP Context1 PDP Context1
PDP Context2 PDP Context2 PDP Context2
PDP Context3PDP Context3
APN Name VPN IP Address Pool
Corporate
Corporate1 GRE VPN POOL1
Corporate2 IPSec VPN POOL2
Corporate3 L2TP VPN POOL3
APN = "Corporate"username = "a@corporate2"
APN = "Corporate"username = "a@corporate3"
Corporate 1
MS2
MS3
HUAWEI TECHNOLOGIES CO., LTD. Page 32HUAWEI Confidential
APN1
Walled Garden
Streaming Service
PTT
GGSN
APN2
APN3
APN4
system resource 1
system resource 2
Internet/ISP
Virtual APN & Alias APN (2)
Item Virtual APN Alias APN
Mapping More APN -> One APN One APN -> More APN
Scenario Ex. The operator has some
obsolete APN. Several APN want to
use same resource in GGSN.
Ex. If operator want to differentiate the
same APN name for several network. Or
It also can be used for classify for a
"BIG" APN.
HUAWEI TECHNOLOGIES CO., LTD. Page 33HUAWEI Confidential
InternetInternet Private Private networknetwork
IP/PPP
GGSN/LACSGSN
L2TPIP/PPP over GTP
LNS
PDP Type = IP/PPPGGSN regenerate PPP session when
PDP type = IP
GPRS Backbone
UE SGSN GGSN
Firewall
Internet
Mobile Tunnel Internet Tunnel
GTP Tunnel
End-to-End Tunnel (IPSec)
Corporation Network
GRE/IPSec/L2TP/MPLS/VLAN
AAA server
VRF
Flexible VPN
HUAWEI TECHNOLOGIES CO., LTD. Page 34HUAWEI Confidential
GGSN
Anti-spoofing
DDoS Prevention
Multiple authentication methods
Hierarchical management
Gi redirection
IPSec
Security Functions
HUAWEI TECHNOLOGIES CO., LTD. Page 35HUAWEI Confidential
PCC
PCC refers to policy and charging control. The PCRF NE is introduced. It delivers PCC rules, including policies and charging information, to the GGSN. Huawei PCRF is the RM9000. The following figure shows the position of the PCRF on the network.
HUAWEI TECHNOLOGIES CO., LTD. Page 36HUAWEI Confidential
Chapter 1 GGSN Perspective
Chapter 2 GGSN Flow
Chapter 3 GGSN Features
Chapter 4 GGSN ReliabilityChapter 4 GGSN Reliability
Chapter 5 GGSN Specification
HUAWEI TECHNOLOGIES CO., LTD. Page 37HUAWEI Confidential
Virtual Routing
GPRS backbone Internet/
PDN
Internet/
PDNGGSN
IP/Ethernet Trunk
Three Level assurance
SPU 1:1
SRU 1:1
SFU 3+1
Overload Control Recourse Monitor Traffic Control Self-fault Checking
Software assurance
Module Level
Equipment Level
Network level
Carrier-class Reliability
LPU SPUSRU SPUSRULPU
SFU
SFU
1
8765101294321
876510119432
SPU SPU SPU SPU
HUAWEI TECHNOLOGIES CO., LTD. Page 38HUAWEI Confidential
Hardware Reliability
Mature USR platform
Hot plugging and hot backup
3+1 Switch plane
Dual –48 V independent-power-supply
HUAWEI TECHNOLOGIES CO., LTD. Page 39HUAWEI Confidential
Software Reliability
System Overload Control
CPU Overload Control of the SPU/LPU
CPU Overload Control of the SRU
Resource Check Function
Periodical Check
Address Resource Check Performed by the SRU and the
SPU
Address Resource Check with PDP Contexts in the SDB
Performed by the SPU
Board lock and system shutdown
Hot patch
HUAWEI TECHNOLOGIES CO., LTD. Page 40HUAWEI Confidential
Link redundancy and IP routing redundancy
FirewallLanswitch
IP IP backbackbonebone
RNC
Lanswitch
Internet/Internet/serviceservice
IP Dynamic routingIP Dynamic routingSGSN
GGSNGGSN
FirewallL2 IP redundancy technology L2 IP redundancy technology
SDHSDH
SSSS
Network Redundancy
HUAWEI TECHNOLOGIES CO., LTD. Page 41HUAWEI Confidential
Hardware SFU 3+1 redundancy
SPU 1+1 redundancy
Primary/Secondary Radius Server
Multiple OCS
Primary/Secondary CG
Multiple DHCP
Primary/Secondary L2TP tunnel
Primary/Secondary FTP server
Software
Redundancy
HUAWEI TECHNOLOGIES CO., LTD. Page 42HUAWEI Confidential
Chapter 1 GGSN Perspective
Chapter 2 GGSN Flow
Chapter 3 GGSN Features
Chapter 4 GGSN Reliability
Chapter 5 GGSN SpecificationChapter 5 GGSN Specification
HUAWEI TECHNOLOGIES CO., LTD. Page 43HUAWEI Confidential
Capacity Specification
Parameter Specification
Simultaneously active PDP contexts 5000000
Packet forwarding capacity 1,000,000pps
Max throughput 30G bit/s (IPSec 3G bit/s)
Max APN 3000
Maximum number of GRE tunnels 4000
Maximum number of L2TP tunnels 20000
Maximum number of IPSec tunnels 4000
www.huawei.com
Thank you