Thursday, May 27, 2010
Thursday, April 1, 2010
Wednesday, March 24, 2010
GTP message Types.
Here I am going deeper inside the 3GPP TS 29.060
GTP Message Types:
Tunnel management messages:
-Create PDP Context Request
-Create PDP Context Response
-Update PDP Context Request
-Update PDP Context Response
-Delete PDP Context Request
-Delete PDP Context Response
-Error Indication
-PDU Notification Request
-PDU Notification Response
-PDU Notification Reject Request
-PDU Notification Reject Response
-Initiate PDP Context Activation Request
-Initiate PDP Context Activation Response
Path Management Messages:
-Echo Request
-Echo Response
-Version Not Supported
-Supported Extension Headers Notification
Location Management Messages:
-Send Routeing Information for GPRS Request
-Send Routeing Information for GPRS Response
-Failure Report Request
-Failure Report Response
-Note MS GPRS Present Request
-Note MS GPRS Present Response
Mobility Management Messages:
-Identification Request
-Identification Response
-SGSN Context Request
-SGSN Context Response
-SGSN Context Acknowledge
-Forward Relocation Request
-Forward Relocation Response
-Forward Relocation Complete
-Relocation Cancel Request
-Relocation Cancel Response
-Forward Relocation Complete Acknowledge
-Forward SRNS Context
-Forward SRNS Context Acknowledge
-RAN Information Management Messages
-RAN Information Relay
Multimedia Broadcast Multicast Service (MBMS ) messages:
2. Service SpecificMBMS Messages:
Explanation for each of the messages started from next post!
GTP Message Types:
Tunnel management messages:
-Create PDP Context Request
-Create PDP Context Response
-Update PDP Context Request
-Update PDP Context Response
-Delete PDP Context Request
-Delete PDP Context Response
-Error Indication
-PDU Notification Request
-PDU Notification Response
-PDU Notification Reject Request
-PDU Notification Reject Response
-Initiate PDP Context Activation Request
-Initiate PDP Context Activation Response
Path Management Messages:
-Echo Request
-Echo Response
-Version Not Supported
-Supported Extension Headers Notification
Location Management Messages:
-Send Routeing Information for GPRS Request
-Send Routeing Information for GPRS Response
-Failure Report Request
-Failure Report Response
-Note MS GPRS Present Request
-Note MS GPRS Present Response
Mobility Management Messages:
-Identification Request
-Identification Response
-SGSN Context Request
-SGSN Context Response
-SGSN Context Acknowledge
-Forward Relocation Request
-Forward Relocation Response
-Forward Relocation Complete
-Relocation Cancel Request
-Relocation Cancel Response
-Forward Relocation Complete Acknowledge
-Forward SRNS Context
-Forward SRNS Context Acknowledge
-RAN Information Management Messages
-RAN Information Relay
Multimedia Broadcast Multicast Service (
1. UE Specific MBMS Messages:
-MBMS Notification Request
-MBMS Notification Response
-MBMS Notification Reject Request
-MBMS Notification Reject Response
-CreateMBMS Context Request
-CreateMBMS Context Response
-UpdateMBMS Context Request
-UpdateMBMS Context Response
-DeleteMBMS Context Request
-DeleteMBMS Context Response
-
-
-
-Create
-Create
-Update
-Update
-Delete
-Delete
2. Service Specific
-MBMS Registration Request
-MBMS Registration Response
-MBMS De-registration Request
-MBMS De-Registration Response
-MBMS Session Start Request
-MBMS Session Start Response
-MBMS Session Stop Request
-MBMS Session Stop Response
-MBMS Session Update Request
-MBMS Session Update Response
-
-
-
-
-
-
-
-
Explanation for each of the messages started from next post!
Monday, March 8, 2010
Direct Tunneling Vs Gateway offloading
The Next Generation Mobile Equipment will be very Bandwidth intensive and always hungry due to high demand of Video/voice and triple play services on the move. According to one report a single smart-phone traffic uses requirement is apporx 25-30 times higher than the simple GSM phones!
Due to this increased traffic demands, the Mobile networks and Gateways are being flooded and customers are getting unsatisfactory services.
So whats the solution there,
1. Keep increasing the Gateway hardwares to build up the network infrastructure to the next level.
2. Using the optimization methods, such as Direct tunneling and Gateway offloading.
Purchasing the huge number of network hardwares (GWs) to reach the hardware level infrastructure is really not the solution at all, It will eat up millions of dollars for Network service providers and even not complete, on increasing the number of subscriber it will need the same amount of maintains cost continiously!
So whats next!
Direct Tunneling and Offloading.
Direct Tunneling: The direct tunnel feature enables an SGSN to establish a direct user plane tunnel between the radio network controller (RNC) and a GGSN.
The SGSN functions as the gateway between the RNC and the core network. It handles both
signaling traffic (to keep track of the location of mobile devices), and the actual data packets being
exchanged between a mobile device and the Internet.
Snapshot from 3GPP TR 23.919 version 7
So what actually we are doing with the Direct tunnel, we are bypassing the SGSN to reduce the latency and freeing the SGSN from heavy traffic loads.
Now again here is one question? Does this really solve our problem?, I think a bit but not completely, because when the packtes are reaching directly to the GGSN from lots of RNC simultaneously, its again creating the chaos on the GGSN interfaces.
Then network optimization reached to another level where the SGSN and GGSN are thought to be only for the GTP signaling and PCRF and no data traffic will come up from the GGSN.
This New advancement is the SGSN and GGSN offloading.
In this technique a Offload gateway is been placed in the middle of the RNC and SGSN.
Once the PDP context is activated fromt he GGSN, all the Data traffic will follow from the Offload Gateway!
So both the RNC and Offload Gateway will talk using the Iu-PS interface and SGSN and GGSN will never be loaded due to data traffic.
I really dont have idea about the security vulnerability in this condition and I suspect its really a security issue in this case because we are just allowing the IP packets without the GTP header to the Internet Core from the radio interface.
Waiting for your comments and suggestions!
Due to this increased traffic demands, the Mobile networks and Gateways are being flooded and customers are getting unsatisfactory services.
So whats the solution there,
1. Keep increasing the Gateway hardwares to build up the network infrastructure to the next level.
2. Using the optimization methods, such as Direct tunneling and Gateway offloading.
Purchasing the huge number of network hardwares (GWs) to reach the hardware level infrastructure is really not the solution at all, It will eat up millions of dollars for Network service providers and even not complete, on increasing the number of subscriber it will need the same amount of maintains cost continiously!
So whats next!
Direct Tunneling and Offloading.
Direct Tunneling: The direct tunnel feature enables an SGSN to establish a direct user plane tunnel between the radio network controller (RNC) and a GGSN.
The SGSN functions as the gateway between the RNC and the core network. It handles both
signaling traffic (to keep track of the location of mobile devices), and the actual data packets being
exchanged between a mobile device and the Internet.
Snapshot from 3GPP TR 23.919 version 7
So what actually we are doing with the Direct tunnel, we are bypassing the SGSN to reduce the latency and freeing the SGSN from heavy traffic loads.
Now again here is one question? Does this really solve our problem?, I think a bit but not completely, because when the packtes are reaching directly to the GGSN from lots of RNC simultaneously, its again creating the chaos on the GGSN interfaces.
Then network optimization reached to another level where the SGSN and GGSN are thought to be only for the GTP signaling and PCRF and no data traffic will come up from the GGSN.
This New advancement is the SGSN and GGSN offloading.
In this technique a Offload gateway is been placed in the middle of the RNC and SGSN.
Once the PDP context is activated fromt he GGSN, all the Data traffic will follow from the Offload Gateway!
So both the RNC and Offload Gateway will talk using the Iu-PS interface and SGSN and GGSN will never be loaded due to data traffic.
I really dont have idea about the security vulnerability in this condition and I suspect its really a security issue in this case because we are just allowing the IP packets without the GTP header to the Internet Core from the radio interface.
Waiting for your comments and suggestions!
Thursday, February 25, 2010
Why PMIP is being used in S5/S8 interface
I know this is not the right time to write about the LTE stuff here, because we are still in the UMTS phase, but I found it really interesting!
Proxy Mobile IP is being used for the CDMA and Wimax stuff for the communication to UE, where a Mobility Access Gateway (MAG) communicates with a Home Agent termed as Local Mobility Anchor (LMA) for the UE database update and Routing area update and Location area update!
So why we are giving this space in LTE as well?
That's the question that was in my mind!
Now suppose a CDMA or Wimax device is entering into a LTE space, or you can say a handover is taking place.
How the handover will take place if no entity in the LTE even understand the PMIP for transfering the traffic.
Now this is what I got from the 3GPP TS 23.401
section: 4.3.8.2 Serving GW selection function
"If a subscriber of a GTP only network roams into a PMIP network, the PDN GWs selected for local breakout support
the PMIP protocol, while PDN GWs for home routed traffic use GTP. This means the Serving GW selected for such
subscribers may need to support both GTP and PMIP, so that it is possible to set up both local breakout and home
routed sessions for these subscribers. For a Serving GW supporting both GTP and PMIP, the MME/SGSN should
indicate the Serving GW which protocol should be used over S5/S8 interface."
This clearly means that the PMIP is providing a clear support for CDMA and Wimax UE during handovers. Later point of time I will try to uncover the complete high level message exchange during this handover.
Hope to get some comments!
in reference to: 3GPP n LTE (view on Google Sidewiki)
Proxy Mobile IP is being used for the CDMA and Wimax stuff for the communication to UE, where a Mobility Access Gateway (MAG) communicates with a Home Agent termed as Local Mobility Anchor (LMA) for the UE database update and Routing area update and Location area update!
So why we are giving this space in LTE as well?
That's the question that was in my mind!
Now suppose a CDMA or Wimax device is entering into a LTE space, or you can say a handover is taking place.
How the handover will take place if no entity in the LTE even understand the PMIP for transfering the traffic.
Now this is what I got from the 3GPP TS 23.401
section: 4.3.8.2 Serving GW selection function
"If a subscriber of a GTP only network roams into a PMIP network, the PDN GWs selected for local breakout support
the PMIP protocol, while PDN GWs for home routed traffic use GTP. This means the Serving GW selected for such
subscribers may need to support both GTP and PMIP, so that it is possible to set up both local breakout and home
routed sessions for these subscribers. For a Serving GW supporting both GTP and PMIP, the MME/SGSN should
indicate the Serving GW which protocol should be used over S5/S8 interface."
This clearly means that the PMIP is providing a clear support for CDMA and Wimax UE during handovers. Later point of time I will try to uncover the complete high level message exchange during this handover.
Hope to get some comments!
in reference to: 3GPP n LTE (view on Google Sidewiki)
Monday, February 22, 2010
Trace any valid phone number in India!
Trace Any Mobile/Landline Number
The beauty of this tracer is that it not only trace the location of the mobile phone or Landline number but also shows the operator and Technique used by the provider!
Wednesday, February 10, 2010
GTPv1 7200 router config and detailed logs!
Ok Lets start where we left the topic.
Lets walk through the DUT configuration on Cisco 7200 router as a GGSN.
My interaction here is with Gn and Gi interface only.
We will see the other interfaces later on.
Enabled the GPRS services on the Router
service gprs ggsn
Created a Loop Back interface which is nothing but our GGSN.
Assign an IP address to this loopback interface, which would be the IP address of the GGSN.
interface Loopback7
ip address x1.y1.z1.w1
ip address x1.y1.z1.w1
Make a virtual template which will dynamically creates virtual access interface with the loopbacked interface.
interface Virtual-Template7
ip unnumbered Loopback7
encapsulation gtp
gprs access-point-list gprs
!
ip unnumbered Loopback7
encapsulation gtp
gprs access-point-list gprs
!
Then created a GPRS access point list (APN list) which would guide through the IP address pool to be choosen for the UE. This actually links between the virtual access interface.
gprs access-point-list gprs
access-point 1
access-point-name a.b.com
aaa-group authentication radgroup
ip-address-pool local mypool
network-request-activation
access-point 1
access-point-name a.b.com
aaa-group authentication radgroup
ip-address-pool local mypool
network-request-activation
Create the IP pool, this will be the range of the ip addresses which will be provided to the UE using GTP.
specify a gateway address for the SGSN, thats actually the gateway for the SGSN.
interface GigabitEthernet0/2
description Gn interface to SGSN
ip address x.y.z.w
no ip route-cache cef
no ip route-cache
duplex auto
speed auto
media-type rj45
no negotiation auto
no cdp enable
description Gn interface to SGSN
ip address x.y.z.w
no ip route-cache cef
no ip route-cache
duplex auto
speed auto
media-type rj45
no negotiation auto
no cdp enable
Now here comes the detailed gtp session setup logs from cisco 7200. This is really very interesting to see step by step gprs gtp events.
This can be get from the router using following commands.
debug gprs gtp events
debug gprs gtp messages*Nov 8 15:22:25.956: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/2, changed state to up
*Nov 8 15:22:25.964: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/3, changed state to up
*Nov 8 15:23:20.396: GPRS:proc_udp_input: signalling packet from 10.10.1.2(2123)
*Nov 8 15:23:20.396: GPRS:sequence num 0x2
*Nov 8 15:23:20.396: GPRS:PDP not found
*Nov 8 15:23:20.396: GPRS:apn_lookup:apn a.b.com
*Nov 8 15:23:20.396: GPRS: found apn a.b.com
*Nov 8 15:23:20.396: GPRS:pdpmcb_create_by_teid:teid 0x0000057D, pdpmcb 65323A34
*Nov 8 15:23:20.396: GPRS:pdp_create_by_tid:tid 2216110010000051, pdp 653102C4
*Nov 8 15:23:20.396: GPRS:sequence num 0x2
*Nov 8 15:23:20.396: GPRS:apn_lookup:apn a.b.com
*Nov 8 15:23:20.396: GPRS: found apn a.b.com
*Nov 8 15:23:20.396: GPRS:2216110010000051:roamership 0, use RAI 0
*Nov 8 15:23:20.396: GPRS:2216110010000051:gprs_mcc_mnc_match_pdp_tid: PLMN Ids not configured
*Nov 8 15:23:20.396: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2123)
*Nov 8 15:23:20.396: GPRS:path_create: create path (192.1.1.1:2123) --> (10.10.1.2:2123)
*Nov 8 15:23:20.396: GPRS:insert_sock_to_socklis:insert gtpsock 6641BDB0, id 0
*Nov 8 15:23:20.396: GPRS:start_echotimer:path 6603ED94, len 60000, timer 6603EDA4
*Nov 8 15:23:20.396: GPRS:Recovery_IE_timer START: path 6603ED94, duration 60000, timer 6603EE04
*Nov 8 15:23:20.396: GPRS:2216110010000051:old_path_entry=0, sig_path=0, data_path=0
*Nov 8 15:23:20.396: GPRS:2216110010000051:insert_pdp_to_path: add new PDP 653102C4 into path 6603ED94 list
*Nov 8 15:23:20.400: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2152)
*Nov 8 15:23:20.400: GPRS:path_create: create path (192.1.1.1:2152) --> (10.10.1.2:2152)
*Nov 8 15:23:20.400: GPRS:insert_sock_to_socklis:insert gtpsock 655DA974, id 0
*Nov 8 15:23:20.400: GPRS:start_echotimer:path 65AD921C, len 60000, timer 65AD922C
*Nov 8 15:23:20.400: GPRS:2216110010000051:old_path_entry=0, sig_path=6603ED94, data_path=0
*Nov 8 15:23:20.400: GPRS:2216110010000051:insert_pdp_to_path: add new PDP 653102C4 into path 65AD921C list
*Nov 8 15:23:20.400: GPRS:2216110010000051:insert_pdpmcb_to_apn: add new PDPMCB 65323A34 into apn 65E25430 list
*Nov 8 15:23:20.400: GPRS:2216110010000051:CHECK DHCP RADIUS configuration
*Nov 8 15:23:20.400: GPRS:2216110010000051:GTP: APN is in TRANSPARENT MODE
*Nov 8 15:23:20.400: GPRS:2216110010000051:setup user addr: pdpmcb 65323A34, addr AA039
*Nov 8 15:23:20.400: GPRS:GTP: Insert PDPMCB into GTP's IP list
using index AA 0 3 9 0 0 0 0
*Nov 8 15:23:20.400: GPRS:insert_rtentry: ipaddr 170.0.3.9/32 (0)
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_is_ok_to_open_cdr: charging_roamer_cdr_only=0
*Nov 8 15:23:20.400: GPRS:sequence num 0x2
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_msg_send_res: pdp_entry 0x653102C4, replymsg 0x11, cause 0x80
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_is_ok_to_open_cdr: charging_roamer_cdr_only=0
*Nov 8 15:23:20.400: GPRS:2216110010000051:increase_per_qos_pdp_number: invalid QOS type 0
*Nov 8 15:23:20.400: GPRS:2216110010000051:start idle timer with 259200 sec
*Nov 8 15:23:20.400: GPRS:sequence num 0x2
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 1
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_CAUSE_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 8
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_REORDER_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 14
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_RECOVERY_IE added now: (16)
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 16
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_TEID_DATA1_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 17
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_TEID_CNTL_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 127
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_CHARGING_ID_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 128
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_END_USER_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 132
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_PROTO_CONFIG_IE adding now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 135
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_GTPv1_QOS_IE adding now
*Nov 8 15:23:20.400: GPRS:GTP enqueues pak of size 72 (refcount 1)
*Nov 8 15:23:20.400: GPRS:gprs_output:idb 0x6622D790, pkt 0x652DCE9C, path 0x6603ED94, pdp 0x0
*Nov 8 15:23:20.400: GPRS::src 192.1.1.1,dst 10.10.1.2,srcport 2123,dstport 2123
*Nov 8 15:23:20.400: GPRS:: Calling ip_udp_send()
*Nov 8 15:23:20.400: GPRS:gtp_mgmt_process_qinput: msg(17) processed
*Nov 8 15:23:23.396: GPRS:proc_udp_input: signalling packet from 10.10.1.2(2123)
*Nov 8 15:23:23.396: GPRS:sequence num 0x2
*Nov 8 15:23:23.396: GPRS:2216110010000051:pdp_lookup_by_tid: Modify last_access_time and update idle timer
*Nov 8 15:23:23.396: GPRS:2216110010000051:Duplicate Pri Create Req seq num 0x2
*Nov 8 15:23:23.396: GPRS:apn_lookup:apn a.b.com
*Nov 8 15:23:23.396: GPRS: found apn a.b.com
*Nov 8 15:23:23.396: GPRS:2216110010000051:GTP: Duplicate create PDP req received, seq num 0x2
*Nov 8 15:23:23.396: GPRS:sequence num 0x2
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_msg_send_res: pdp_entry 0x653102C4, replymsg 0x11, cause 0x80
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_is_ok_to_open_cdr: charging_roamer_cdr_only=0
*Nov 8 15:23:23.396: GPRS:sequence num 0x2
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 1
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_CAUSE_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 8
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_REORDER_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 14
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_RECOVERY_IE added now: (16)
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 16
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_TEID_DATA1_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 17
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_TEID_CNTL_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 127
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_CHARGING_ID_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 128
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_END_USER_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 132
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_PROTO_CONFIG_IE adding now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 135
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_GTPv1_QOS_IE adding now
*Nov 8 15:23:23.396: GPRS:GTP enqueues pak of size 72 (refcount 1)
*Nov 8 15:23:23.396: GPRS:gprs_output:idb 0x6622D790, pkt 0x652DCAF0, path 0x6603ED94, pdp 0x0
*Nov 8 15:23:23.396: GPRS::src 192.1.1.1,dst 10.10.1.2,srcport 2123,dstport 2123
*Nov 8 15:23:23.396: GPRS:: Calling ip_udp_send()
*Nov 8 15:23:23.396: GPRS:gtp_mgmt_process_qinput: msg(17) processed
*Nov 8 15:24:20.376: GPRS:proc_udp_input: signalling packet from 10.10.1.2(2123)
*Nov 8 15:24:20.376: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2123)
*Nov 8 15:24:20.376: GPRS:path_lookup: found path 6603ED94
*Nov 8 15:24:20.376: GPRS:sequence num 0x0
*Nov 8 15:24:20.376: GPRS:sequence num 0x0
*Nov 8 15:24:20.376: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2123)
*Nov 8 15:24:20.376: GPRS:path_lookup: found path 6603ED94
*Nov 8 15:24:20.376: GPRS:sequence num 0x0
*Nov 8 15:24:20.376: GPRS:GTP enqueues pak of size 14 (refcount 1)
*Nov 8 15:24:20.376: GPRS:gprs_output:idb 0x6622D790, pkt 0x64B200BC, path 0x0, pdp 0x0
*Nov 8 15:24:20.376: GPRS::src 192.1.1.1,dst 10.10.1.2,srcport 2123,dstport 2123
*Nov 8 15:24:20.376: GPRS:: Calling ip_udp_send()
*Nov 8 15:24:20.376: GPRS:gtp_mgmt_process_qinput: msg(2) processed
*Nov 8 15:22:25.964: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/3, changed state to up
*Nov 8 15:23:20.396: GPRS:proc_udp_input: signalling packet from 10.10.1.2(2123)
*Nov 8 15:23:20.396: GPRS:sequence num 0x2
*Nov 8 15:23:20.396: GPRS:PDP not found
*Nov 8 15:23:20.396: GPRS:apn_lookup:apn a.b.com
*Nov 8 15:23:20.396: GPRS: found apn a.b.com
*Nov 8 15:23:20.396: GPRS:pdpmcb_create_by_teid:teid 0x0000057D, pdpmcb 65323A34
*Nov 8 15:23:20.396: GPRS:pdp_create_by_tid:tid 2216110010000051, pdp 653102C4
*Nov 8 15:23:20.396: GPRS:sequence num 0x2
*Nov 8 15:23:20.396: GPRS:apn_lookup:apn a.b.com
*Nov 8 15:23:20.396: GPRS: found apn a.b.com
*Nov 8 15:23:20.396: GPRS:2216110010000051:roamership 0, use RAI 0
*Nov 8 15:23:20.396: GPRS:2216110010000051:gprs_mcc_mnc_match_pdp_tid: PLMN Ids not configured
*Nov 8 15:23:20.396: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2123)
*Nov 8 15:23:20.396: GPRS:path_create: create path (192.1.1.1:2123) --> (10.10.1.2:2123)
*Nov 8 15:23:20.396: GPRS:insert_sock_to_socklis:insert gtpsock 6641BDB0, id 0
*Nov 8 15:23:20.396: GPRS:start_echotimer:path 6603ED94, len 60000, timer 6603EDA4
*Nov 8 15:23:20.396: GPRS:Recovery_IE_timer START: path 6603ED94, duration 60000, timer 6603EE04
*Nov 8 15:23:20.396: GPRS:2216110010000051:old_path_entry=0, sig_path=0, data_path=0
*Nov 8 15:23:20.396: GPRS:2216110010000051:insert_pdp_to_path: add new PDP 653102C4 into path 6603ED94 list
*Nov 8 15:23:20.400: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2152)
*Nov 8 15:23:20.400: GPRS:path_create: create path (192.1.1.1:2152) --> (10.10.1.2:2152)
*Nov 8 15:23:20.400: GPRS:insert_sock_to_socklis:insert gtpsock 655DA974, id 0
*Nov 8 15:23:20.400: GPRS:start_echotimer:path 65AD921C, len 60000, timer 65AD922C
*Nov 8 15:23:20.400: GPRS:2216110010000051:old_path_entry=0, sig_path=6603ED94, data_path=0
*Nov 8 15:23:20.400: GPRS:2216110010000051:insert_pdp_to_path: add new PDP 653102C4 into path 65AD921C list
*Nov 8 15:23:20.400: GPRS:2216110010000051:insert_pdpmcb_to_apn: add new PDPMCB 65323A34 into apn 65E25430 list
*Nov 8 15:23:20.400: GPRS:2216110010000051:CHECK DHCP RADIUS configuration
*Nov 8 15:23:20.400: GPRS:2216110010000051:GTP: APN is in TRANSPARENT MODE
*Nov 8 15:23:20.400: GPRS:2216110010000051:setup user addr: pdpmcb 65323A34, addr AA039
*Nov 8 15:23:20.400: GPRS:GTP: Insert PDPMCB into GTP's IP list
using index AA 0 3 9 0 0 0 0
*Nov 8 15:23:20.400: GPRS:insert_rtentry: ipaddr 170.0.3.9/32 (0)
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_is_ok_to_open_cdr: charging_roamer_cdr_only=0
*Nov 8 15:23:20.400: GPRS:sequence num 0x2
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_msg_send_res: pdp_entry 0x653102C4, replymsg 0x11, cause 0x80
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_is_ok_to_open_cdr: charging_roamer_cdr_only=0
*Nov 8 15:23:20.400: GPRS:2216110010000051:increase_per_qos_pdp_number: invalid QOS type 0
*Nov 8 15:23:20.400: GPRS:2216110010000051:start idle timer with 259200 sec
*Nov 8 15:23:20.400: GPRS:sequence num 0x2
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 1
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_CAUSE_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 8
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_REORDER_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 14
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_RECOVERY_IE added now: (16)
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 16
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_TEID_DATA1_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 17
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_TEID_CNTL_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 127
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_CHARGING_ID_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 128
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_END_USER_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 132
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_PROTO_CONFIG_IE adding now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:20.400: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 135
*Nov 8 15:23:20.400: GPRS:2216110010000051:- GTP_GTPv1_QOS_IE adding now
*Nov 8 15:23:20.400: GPRS:GTP enqueues pak of size 72 (refcount 1)
*Nov 8 15:23:20.400: GPRS:gprs_output:idb 0x6622D790, pkt 0x652DCE9C, path 0x6603ED94, pdp 0x0
*Nov 8 15:23:20.400: GPRS::src 192.1.1.1,dst 10.10.1.2,srcport 2123,dstport 2123
*Nov 8 15:23:20.400: GPRS:: Calling ip_udp_send()
*Nov 8 15:23:20.400: GPRS:gtp_mgmt_process_qinput: msg(17) processed
*Nov 8 15:23:23.396: GPRS:proc_udp_input: signalling packet from 10.10.1.2(2123)
*Nov 8 15:23:23.396: GPRS:sequence num 0x2
*Nov 8 15:23:23.396: GPRS:2216110010000051:pdp_lookup_by_tid: Modify last_access_time and update idle timer
*Nov 8 15:23:23.396: GPRS:2216110010000051:Duplicate Pri Create Req seq num 0x2
*Nov 8 15:23:23.396: GPRS:apn_lookup:apn a.b.com
*Nov 8 15:23:23.396: GPRS: found apn a.b.com
*Nov 8 15:23:23.396: GPRS:2216110010000051:GTP: Duplicate create PDP req received, seq num 0x2
*Nov 8 15:23:23.396: GPRS:sequence num 0x2
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_msg_send_res: pdp_entry 0x653102C4, replymsg 0x11, cause 0x80
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_is_ok_to_open_cdr: charging_roamer_cdr_only=0
*Nov 8 15:23:23.396: GPRS:sequence num 0x2
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 1
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_CAUSE_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 8
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_REORDER_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 14
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_RECOVERY_IE added now: (16)
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 16
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_TEID_DATA1_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 17
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_TEID_CNTL_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 127
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_CHARGING_ID_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 128
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_END_USER_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 132
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_PROTO_CONFIG_IE adding now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 133
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_GSN_ADDR_IE added now
*Nov 8 15:23:23.396: GPRS:2216110010000051:gtp_pdp_build_ie: ie_type_want : 135
*Nov 8 15:23:23.396: GPRS:2216110010000051:- GTP_GTPv1_QOS_IE adding now
*Nov 8 15:23:23.396: GPRS:GTP enqueues pak of size 72 (refcount 1)
*Nov 8 15:23:23.396: GPRS:gprs_output:idb 0x6622D790, pkt 0x652DCAF0, path 0x6603ED94, pdp 0x0
*Nov 8 15:23:23.396: GPRS::src 192.1.1.1,dst 10.10.1.2,srcport 2123,dstport 2123
*Nov 8 15:23:23.396: GPRS:: Calling ip_udp_send()
*Nov 8 15:23:23.396: GPRS:gtp_mgmt_process_qinput: msg(17) processed
*Nov 8 15:24:20.376: GPRS:proc_udp_input: signalling packet from 10.10.1.2(2123)
*Nov 8 15:24:20.376: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2123)
*Nov 8 15:24:20.376: GPRS:path_lookup: found path 6603ED94
*Nov 8 15:24:20.376: GPRS:sequence num 0x0
*Nov 8 15:24:20.376: GPRS:sequence num 0x0
*Nov 8 15:24:20.376: GPRS:path_lookup: path to (dst:port) (10.10.1.2:2123)
*Nov 8 15:24:20.376: GPRS:path_lookup: found path 6603ED94
*Nov 8 15:24:20.376: GPRS:sequence num 0x0
*Nov 8 15:24:20.376: GPRS:GTP enqueues pak of size 14 (refcount 1)
*Nov 8 15:24:20.376: GPRS:gprs_output:idb 0x6622D790, pkt 0x64B200BC, path 0x0, pdp 0x0
*Nov 8 15:24:20.376: GPRS::src 192.1.1.1,dst 10.10.1.2,srcport 2123,dstport 2123
*Nov 8 15:24:20.376: GPRS:: Calling ip_udp_send()
*Nov 8 15:24:20.376: GPRS:gtp_mgmt_process_qinput: msg(2) processed
Thursday, January 21, 2010
LTE University
Very helpful site for the LTE aspirants!
in reference to:
in reference to:
"LTE University"
- Knowledge Center - LTE University (view on Google Sidewiki)
Wednesday, January 20, 2010
GTP session establishment.
In this post I will try to touch briefly in every aspects of GTPv1 session setup.
I am not going to alot deep in the Radio network side, But covering the MS attach.
When a MS or UE(mobile station or User equipment) first comes up/powered on it has to go through the GPRS initial attach.
In this procedure
1. The UE first send the GMM attach message to the nearest SGSN. This message contains the following stuffs
TMSI - Temporary Mobile subscriber Identity, MNC - Mobile Network Code , MCC - Mobile Country code, LAC - Location Area Code and RAC -Router area code.
2. The Nearest SGSN search for the Temporary Mobile subscriber ID in its database which may or may not be the old SGSN serving UE. If it was not found then the older SGSN ID is being used for the next message.
Here SGSN send the Identity request to the older SGSN with TMSI.
3. The Older SGSN resolve the TMSI and send back the GPRS IMSI (international mobile subscriber Id) to the nearest SGSN.
4. The SGSN send the Identity request to the UE.
5. The UE has to respond back with Identity response message.
6. SGSN then authenticate to UE with some random number.
7. UE uses this number and some GSM algorithm to generate a few other keys for the sesion and send back in Authentication response.
8. Till now the The mobile identity is not been checked so SGSN ask for mobile Identity to the UE,
9. UE reply back with the self IMEI number (International Mobile equipment Identity), One can see their IMEI in Nokia handsets by dialing *#06#
10. The SGSN then check for the supplied IMEI is valid and unique from the GSM EIR Database (Equipment Identity Register).
11. On successful IMEI check the SGSN get reply from the GSM database.
12. The SGSN then try to locate the UE and the same is done using Location update request and response, all the GSM data bases are updated with the newer location of the UE.
13. On successful update of UE location, SGSN sends the "UE attach accept" message to UE.
14. UE sends the "Attach complete" message. same is also updated with the visitor location register (VLR).
This completes the Radio side initial attah of the UE.
Now Lets begin with the Packet data Network communication!
PDP: Packet data protocol is designed for the Packet switched external networks in the GPRS core network.
Both of our Serving and Gateway nodes contain the PDP data structure for activation, updation and deactivation of the GPRS sessions!
PDP context is the message format for the understanding of GPRS support nodes for GTPv1 session establishment, updation, termination, quality of services and other specific requirements.
The Session activation goes on with the following set of messages.
1. Create PDP context request from the SGSN to GGSN
2. Create PDP context response from GGSN to SGSN.
The UDP port number 3386 mentioned here was used for all the GTP traffics in GTPv0, from GTPv1 this port is used only for charging (GTP').
1. Create PDP context request( Packet data protocol context).
Below here is detailed information elements of the GTPv1 header with the wireshark!
I will touch upon QoS separately when we deal with the topic Secondary PDP context! Rest all fields are clearly visible!
2. Create PDP context response.
I will show the modify and delete pdp context messages with elaborations of few of the mandatory IEs used here in the next post.
Then we will see GTPv1 configurations on Cisco 7200 router!
All your comments and suggestions are highly appreciated!
Monday, January 18, 2010
GTP Demystified!
K I decided to write here!
Actually I got so inspired from my frnd Santosh, that I thought to join him!
If you wish to go there please visit,
http://wired-n-wireless.blogspot.com/
This is extremely helpful for the LTE beginners, I congratulate him on the first anniversary his blog! keep up the good work!
He has started from the LTE, and GTPv2 and that is pretty new and modern technology, so I decided to go back few years ago.
As GTPv2 ie. EGTP (Evolved core) actually came from its earlier versions and understanding GGSN and SGSN is really important to reach the level of MME, SGW and PDN Gateway
Here I am starting from the GTPv0 and v1.
first of all Abbreviations!
GPRS General Packet Radio Service.
GTP GPRS Tunnelling Protocol
GTP-C GTP Control
GTP-U GTP User
IE Information Element
IGMP Internet Group Management Protocol
IP Internet Protocol
IPv4 Internet Protocol version 4
IPv6 Internet Protocol version 6
QoS Quality of Service
RANAP Radio Access Network Application Part
RNC Radio Network Controller
TEID Tunnel Endpoint IDentifier
UDP User Datagram Protocol
UTRAN UMTS Terrestrial Radio Access Network
GGSN Gateway GPRS Support Node
SGSN Serving GPRS support Node
PLMN Public Land Mobile Network
No need to worry I will try to use Long names, in the beginning, there are so many and really confusing for a new being.
Interfaces
Here I am highly concerned about the interfaces Gn and Gi marked bold.
oh I forgot to say about what is interface, In GPRS core network an interface is a logical point of connection which shares same connection.
According to my knowledge an interface is a point in the GPRS core network where two completely or partially different protocol layer merges.
Well we will see it later, I will show some nice diagram for that!
As shown here in the image, I got it from Wikipedia. I choose this image because this image contain lots of interface mentioned above for the understanding!
K lets check with a somewhat simpler image!
The GPRS Tunneling Protocol (GTP) allows multiprotocol packets to be tunneled through a GPRS backbone.
The GGSN acts as a Gateway to the external packets through Gi interface, while it provides the Tunnel end point to the Serving node through Gn interface.
Here the tunneled packet travel through the Gn interface while the Gi interface flows Plain text.
Later we will see the complete signaling for GTPv0 and GTPv1. with the Cisco DUT configuration, some more facts and then we will try to co-relate with the GTPv1 to the GTPv2(EGTP).
Your suggestions are extremely important, I am also a beginner for Long Term Evolution!
Actually I got so inspired from my frnd Santosh, that I thought to join him!
If you wish to go there please visit,
http://wired-n-wireless.blogspot.com/
This is extremely helpful for the LTE beginners, I congratulate him on the first anniversary his blog! keep up the good work!
He has started from the LTE, and GTPv2 and that is pretty new and modern technology, so I decided to go back few years ago.
As GTPv2 ie. EGTP (Evolved core) actually came from its earlier versions and understanding GGSN and SGSN is really important to reach the level of MME, SGW and PDN Gateway
Here I am starting from the GTPv0 and v1.
first of all Abbreviations!
GPRS General Packet Radio Service.
GTP GPRS Tunnelling Protocol
GTP-C GTP Control
GTP-U GTP User
IE Information Element
IGMP Internet Group Management Protocol
IP Internet Protocol
IPv4 Internet Protocol version 4
IPv6 Internet Protocol version 6
QoS Quality of Service
RANAP Radio Access Network Application Part
RNC Radio Network Controller
TEID Tunnel Endpoint IDentifier
UDP User Datagram Protocol
UTRAN UMTS Terrestrial Radio Access Network
GGSN Gateway GPRS Support Node
SGSN Serving GPRS support Node
PLMN Public Land Mobile Network
No need to worry I will try to use Long names, in the beginning, there are so many and really confusing for a new being.
Interfaces
Gb
- Interface between the base station subsystem and the SGSN the transmission protocol could be Frame Relay or IP.
- Gn
- IP Based interface between SGSN and other SGSNs and (internal) GGSNs. DNS also shares this interface. Uses the GTP Protocol.
- Gp
- IP based interface between internal SGSN and external GGSNs. Between the SGSN and the external GGSN, there is the border gateway (which is essentially a firewall). Also uses the GTP Protocol.
- Ga
- The interface servers the CDRs (accounting records) which are written in the GSN and sent to the charging gateway (CG). This interface uses a GTP-based protocol, with modifications that supports CDRs (Called GTP' or GTP prime).
- Gr
- Interface between the SGSN and the HLR. Messages going through this interface uses the MAP3 protocol.
- Gd
- Interface between the SGSN and the SMS Gateway. Can use MAP1, MAP2 or MAP3.
- Gs
- Interface between the SGSN and the MSC (VLR). Uses the BSSAP+ protocol. This interface allows paging and station availability when it performs data transfer. When the station is attached to the GPRS network, the SGSN keeps track of which routing area (RA) the station is attached to. An RA is a part of a larger location area (LA). When a station is paged this information is used to conserve network resources. When the station performs a PDP context, the SGSN has the exact BTS the station is using.
- Gi
- IP based interface between the GGSN and a public data network (PDN) either directly to the Internet or through a WAP gateway.
- Ge
- The interface between the SGSN and the service control point (SCP); uses the CAP protocol.
- Gx
- The on-line policy interface between the GGSN and the charging rules function (CRF). It is used for provisioning service data flow based charging rules. Uses the diameter protocol.
- Gy
- The on-line charging interface between the GGSN and the online charging system (OCS). Uses the diameter protocol (DCCA application).
- Gz
- The off-line (CDR-based) charging interface between the GSN and the CG. Uses GTP'.
- Gmb
- The interface between the GGSN and the broadcast-multicast service center (BM-SC), used for controlling MBMS bearers..
Here I am highly concerned about the interfaces Gn and Gi marked bold.
oh I forgot to say about what is interface, In GPRS core network an interface is a logical point of connection which shares same connection.
According to my knowledge an interface is a point in the GPRS core network where two completely or partially different protocol layer merges.
Well we will see it later, I will show some nice diagram for that!
As shown here in the image, I got it from Wikipedia. I choose this image because this image contain lots of interface mentioned above for the understanding!
K lets check with a somewhat simpler image!
The GPRS Tunneling Protocol (GTP) allows multiprotocol packets to be tunneled through a GPRS backbone.
The GGSN acts as a Gateway to the external packets through Gi interface, while it provides the Tunnel end point to the Serving node through Gn interface.
Here the tunneled packet travel through the Gn interface while the Gi interface flows Plain text.
Later we will see the complete signaling for GTPv0 and GTPv1. with the Cisco DUT configuration, some more facts and then we will try to co-relate with the GTPv1 to the GTPv2(EGTP).
Your suggestions are extremely important, I am also a beginner for Long Term Evolution!
Subscribe to:
Posts (Atom)