Configuring Subscriber Session Tracing

This chapter provides information on subscriber session trace functionality to allow an operator to trace subscriber activity at various points in the network and at various level of details in EPS network. The product Administration Guides provide examples and procedures for configuration of basic services on the system. It is recommended that you select the configuration example that best meets your service model, and configure the required elements for that model, as described in the respective product Administration Guide, before using the procedures in this chapter.

This chapter discusses following topics for feature support of Subscriber Session Tracing in LTE service:

Introduction

The Subscriber Level Trace provides a 3GPP standards-based session-level trace function for call debugging and testing new functions and access terminals in an LTE environment.

In general, the Session Trace capability records and forwards all control activity for the monitored subscriber on the monitored interfaces. This is typically all the signaling and authentication/subscriber services messages that flow when a UE connects to the access network.

The EPC network entities like MME, S-GW, P-GW support 3GPP standards based session level trace capabilities to monitor all call control events on the respective monitored interfaces including S6a, S1-MME and S11 on MME, S5, S8, S11 at S-GW and S5 and S8 on P-GW. The trace can be initiated using multiple methods:
  • Management initiation via direct CLI configuration
  • Management initiation at HSS with trace activation via authentication response messages over S6a reference interface
  • Signaling based activation through signaling from subscriber access terminal

IMPORTANT:

Once the trace is provisioned it can be provisioned through the access cloud via various signaling interfaces.

The session level trace function consists of trace activation followed by triggers. The time between the two events is where the EPC network element buffers the trace activation instructions for the provisioned subscriber in memory using camp-on monitoring. Trace files for active calls are buffered as XML files using non-volatile memory on the local dual redundant hard drives on the chassis. The Trace Depth defines the granularity of data to be traced. Six levels are defined including Maximum, Minimum and Medium with ability to configure additional levels based on vendor extensions.

IMPORTANT:

Only Maximum Trace Depth is supported in the current release.

The following figure shows a high-level overview of the session-trace functionality and deployment scenario:


Figure 1. Session Trace Function and Interfaces

All call control activity for active and recorded sessions is sent to an off-line Trace Collection Entity (TCE) using a standards-based XML format over a FTP or secure FTP (SFTP) connection.

Note: In the current release the IPv4 interfaces are used to provide connectivity to the TCE. Trace activation is based on IMSI or IMEI.

Supported Functions

This section provides the list of supported functionality of this feature support:

  • Support to trace the control flow through the access network. Trace of specific subscriber identified by IMSI Trace of UE identified by IMEI(SV)
  • Ability to specify specific functional entities and interfaces where tracing should occur.
  • Scalability and capacity Support up to 32 simultaneous session traces per NE Capacity to activate/deactivate TBD trace sessions per second Each NE can buffer TBD bytes of trace data locally
  • Statistics and State Support
  • Session Trace Details
  • Management and Signaling-based activation models
  • Trace Parameter Propagation
  • Trace Scope (EPS Only) MME: S1, S3, S6a, S10, S11 S-GW: S4, S5, S8, S11, Gxc PDN-GW: S2a, S2b, S2c, S5, S6b, Gx, S8, SGi
  • Trace Depth: Maximum, Minimum, Medium (with or without vendor extension)
  • XML Encoding of Data as per 3GPP standard 3GPP TS 32.422 V8.6.0 (2009-09)
  • Trace Collection Entity (TCE) Support Active pushing of files to the TCE Passive pulling of files by the TCE
  • 1 TCE support per context
  • Trace Session Recovery after Failure of Session Manager

Supported Standards

Support for the following standards and requests for comments (RFCs) have been added with this interface support:

  • 3GPP TS 32.421 V8.5.0 (2009-06): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication management; Subscriber and equipment trace: Trace concepts and requirements (Release 8)
  • 3GPP TS 32.422 V8.6.0 (2009-09): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication management; Subscriber and equipment trace; Trace control and configuration management (Release 8)
  • 3GPP TS 32.423 V8.2.0 (2009-09): 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication management; Subscriber and equipment trace: Trace data definition and management (Release 8)

Subscriber Session Trace Functional Description

This section describes the various functionality involved in tracing of subscriber session on EPC nodes:

Operation

The session trace functionality is separated into two steps - activation and trigger.

Before tracing can begin, it must be activated. Activation is done either via management request or when a UE initiates a signaled connection. After activation, tracing actually begins when it is triggered (defined by a set of trigger events).

Trace Session

A trace session is the time between trace activation and trace de-activation. It defines the state of a trace session, including all user profile configuration, monitoring points, and start/stop triggers. It is uniquely identified by a Trace Reference.

The Trace Reference id is composed of the MCC (3 digits) + the MNC (3 digits) + the trace Id (3 byte octet string).

Trace Recording Session

A trace recording session is a time period in which activity is actually being recorded and traceable data is being forwarded to the TCE. A trace recording session is initiated when a start trigger event occurs and continues until the stop trigger event occurs and is uniquely identified by a Trace Recording Session Reference.

Network Element (NE)

Network elements are the functional component to facilitate subscriber session trace in mobile network.

The term network element refers to a functional component that has standard interfaces in and out of it. It is typically shown as a stand-alone AGW. Examples of NEs are the MME, S-GW, and P-GW.

Currently, subscriber session trace is not supported for co-located network elements in the EPC network.

Activation

Activation of a trace is similar whether it be via the management interface or via a signaling interface. In both cases, a trace session state block is allocated which stores all configuration and state information for the trace session. In addition, a (S)FTP connection to the TCE is established if one does not already exist (if this is the first trace session established, odds are there will not be a (S)FTP connection already established to the TCE).

If the session to be traced is already active, tracing may begin immediately. Otherwise, tracing activity concludes until the start trigger occurs (typically when the subscriber or UE under trace initiates a connection). A failure to activate a trace (due to max exceeded or some other failure reason) results in a notification being sent to the TCE indicating the failure.

Management Activation

With a management-initiated activation, the WEM sends an activation request directly to the NE where the trace is to be initiated. The NE establishes the trace session and waits for a triggering event to start actively tracing. Depending upon the configuration of the trace session, the trace activation may be propagated to other NEs.

Signaling Activation

With a signaling based activation, the trace session is indicated to the NE across a signaling interface via a trace invocation message. This message can either be piggybacked with an existing bearer setup message (in order to trace all control messages) or by sending a separate trace invocation message (if the user is already active).

Start Trigger

A trace recording session starts upon reception of one of the configured start triggers. Once the start trigger is received, the NE generates a Trace Recording Session Reference (unique to the NE) and begins to collect and forward trace information on the session to the TCE.

List of trigger events are listed in 3GPP standard 3GPP TS 32.422 V8.6.0 (2009-09).

Deactivation

Deactivation of a Trace Session is similar whether it was management or signaling activated. In either case, a deactivation request is received by the NE that contains a valid trace reference results in the de-allocation of the trace session state block and a flushing of any pending trace data. In addition, if this is the last trace session to a particular TCE, the (S)FTP connection to the TCE is released after the last trace file is successfully transferred to the TCE.

Stop Trigger

A trace recording session ends upon the reception of one of the configured stop triggers. Once the stop trigger is received, the NE will terminate the active recording session and attempt to send any pending trace data to the TCE. The list of triggering events can be found in 3GPP standard 3GPP TS 32.422 V8.6.0 (2009-09).

Data Collection and Reporting

Subscriber session trace functionality supprots data collection and reporting system to provide historical usage adn event analysis.

All data collected by the NE is formatted into standard XML file format and forwarded to the TCE via (S)FTP. The specific format of the data is defined in 3GPP standard 3GPP TS 32.423 V8.2.0 (2009-09)

Trace Depth

The Trace Depth defines what data is to be traced. There are six depths defined: Maximum, Minimum, and Medium all having with and without vendor extension flavors. The maximum level of detail results in the entire control message getting traced and forwarded to the TCE. The medium and minimum define varying subsets of the control messages (specific decoded IEs) to be traced and forwarded. The contents and definition of the medium and minimum trace can be found in 3GPP standard 3GPP TS 32.423 V8.2.0 (2009-09).

IMPORTANT:

Only Maximum Trace Depth is supported in the current release.

Trace Scope

The Trace Scope defines what NEs and what interfaces have the tracing capabilities enabled on them. This is actually a specific list of NE types and interfaces provided in the trace session configuration by the operator (either directly via a management interface or indirectly via a signaling interface).

Network Element Details

Trace functionality for each of the specific network elements supported by this functionality are described in this section.

This section includes the trace monitoring points applicable to them as well as the interfaces over which they can send and/or receive trace configuration.

MME

The MME support tracing of the following interfaces with the following trace capabilities:
Interface Name Remote Device Trace Signaling (De)Activation RX Trace Signaling (De)Activation TX

S1a

eNodeB

N

Y

S3

SGSN

Y

Y

S6a

HSS

Y

N

S10

MME

Y

Y

S11

S-GW

N

Y



S-GW

The S-GW support tracing of the following interfaces with the following trace capabilities:
Interface Name Remote Device Trace Signaling (De)Activation RX Trace Signaling (De)Activation TX

S1-U

eNodeB

Y

N

S4

SGSN

N

N

S5

P-GW (Intra-PLMN)

Y

N

S8

P-GW (Inter-PLMN)

N

N

S11

MME

Y

N

S12

RNC

Y

N

Gxc

Policy Server

Y

N



P-GW

The P-GW support tracing of the following interfaces with the following trace capabilities:
Interface Name Remote Device Trace Signaling (De)Activation RX Trace Signaling (De)Activation TX

S2abc

Various NEs

N

N

S5

S-GW (Intra-PLMN)

Y

N

S6b

AAA Server/Proxy

Y

N

S8

S-GW (Inter-PLMN)

N

N

Gx

Policy Server

Y

N

SGi

IMS

Y

N



Subscriber Session Trace Configuration

This section provides a high-level series of steps and the associated configuration examples for configuring the system to enable the Subscriber Session Trace collection and monitoring function on network elements s in LTE/EPC networks.

IMPORTANT:

This section provides the minimum instruction set to enable the Subscriber Session Trace functionality to collect session traces on network elements on EPC networks. Commands that configure additional function for this feature are provided in the Command Line Interface Reference.

These instructions assume that you have already configured the system level configuration as described in the System Administration Guide and specific product Administration Guide.

To configure the system to support subscriber session trace collection and trace file transport on a system:

  1. Enable the subscriber session trace functionality with NE interface and TCE address at the Exec Mode level on an EPC network element by applying the example configurations presented in the Enabling Subscriber Session Trace on EPC Network Element section.
  2. Configure the network and trace file transportation parameters by applying the example configurations presented in the Trace File Collection Configuration section.
  3. Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode command save configuration. For additional information on how to verify and save configuration files, refer to the System Administration Guide and the Command Line Interface Reference.
  4. Verify the configuration of Subscriber Session Trace related parameters by applying the commands provided in the Verifying Your Configuration section of this chapter.

Enabling Subscriber Session Trace on EPC Network Element

This section provides the configuration example to enable the subscriber session trace on a system at the Exec mode:

session trace subscriber
network-element { ggsn | mme | pgw | sgw } { imei
<imei_id> } { imsi <imsi_id> } { interface { all | <interface> } } trace-ref <trace_ref_id>
collection-entity <ip_address>
Notes:
  • <interface> is the name of the interfaces applicable for specific NE on which subscriber session traces have to be collected. For more information, refer to the session trace subscriber command in the Command Line Interface Reference.
  • <trace_ref_id> is the configured Trace Id to be used for this trace collection instance. It is composed of MCC (3 digit)+MNC (3 digit)+Trace Id (3 byte octet string).
  • <ip_address> is the IP address of Trace collection Entity in IPv4 notation.

Trace File Collection Configuration

This section provides the configuration example to configure the trace fil e collection parameters and protocols to be used to store trace files on TCE through FTP/S-FTP:

configure
   session
trace subscriber network-element { all | ggsn | mme | pgw | sgw } [ collection-timer
<dur> ] [ tce-mode { none | push
transport { ftp | sftp } path <string>
username <name> { encrypted
password <enc_pw> ] | password
<password> } } ]
   end
Notes:
  • <string> is the location/path on the trace collection entity (TCE) where trace files will be stored on TCE. For more information, refer to the session trace command in the Command Line Interface Reference.

Verifying Your Configuration

This section explains how to display and review the configurations after saving them in a .cfg file as described in the System Administration Guide and also to retrieve errors and warnings within an active configuration for a service.

IMPORTANT:

All commands listed here are under Exec mode. Not all commands are available on all platforms.

These instructions are used to verify the Subscriber Session Trace configuration.

  1. Verify that your subscriber session support is configured properly by entering the following command in Exec Mode:
    show session trace statistics
    
    The output of this command displays the statistics of the session trace instance.Num current trace sessions: 5Total trace sessions activated: 15Total Number of trace session activation failures: 2Total Number of trace recording sessions triggered: 15Total Number of messages traced: 123Number of current TCE connections: 2Total number of TCE connections: 3Total number of files uploaded to all TCEs: 34
  2. View the session trace references active for various network elements in an EPC network by entering the following command in Exec Mode:
    show session trace
    trace-summary
    
    The output of this command displays the summary of trace references for all network elements:MME  Trace Reference: 310012012345  Trace Reference: 310012012346SGW  Trace Reference: 310012012345  Trace Reference: 310012012346PGW  Trace Reference: 310012012347