Understanding the Service Operation

The system provides wireless carriers with a flexible solution for providing Security Gateway (SeGW) and Home-NodeB Gateway (HNB-GW) functionality for 3G UMTS networks.

The system functioning as an HNB-GW is capable of supporting the following types of subscriber sessions:

  • CS Session over IuCS: The subscriber is provided voice, video, and CS data service on circuit switch session through MSC in CS network.
  • PS Session over IuPS: The subscriber is provided packet switch connection with different traffic class on PS session with GSN in PS.
  • Network-initiated Sessions: Network-initiated session procedures include Paging, RANAP-Reset, Service RNS Relocation etc. from CN side on HNB-GW for a specific subscriber session and in turn HNB-GW initiates the required procedures with HNBs and CNs.

Prior to connecting to the command line interface (CLI) and beginning the system's configuration, there are important things to understand about how the system supports these applications. This chapter provides terminology and background information that must be considered before attempting to configure the system.

Terminology

This section defines some of the terms used in the chapters that follow.

Contexts

A context is a logical grouping or mapping of configuration parameters that pertain to various physical ports, logical IP interfaces, and services. A context can be thought of as a virtual private network (VPN).

The system supports the configuration of multiple contexts. Each is configured and operates independently from the others. Once a context has been created, administrative users can then configure services, logical IP interfaces, subscribers, etc.for that context. Administrative users would then bind the logical interfaces to physical ports.

Contexts can also be assigned domain aliases, wherein if a subscriber’s domain name matches one of the configured alias names for that context, then that context is used.

Contexts on the system can be categorized as follows:
  • Source context: Also referred to as the “ingress” context, this context provides the subscriber’s point-of-entry in the system. It is also the context in which services are configured. For example, in a 3G UMTS network, the HNB access radio network containing the Home-NodeBs (HNBs) would communicate with the system via IuH interfaces configured within the source context as part of the HNB-GW service.
  • Destination context: Also referred to as the “egress” context, this context is where a subscriber is provided connectivity to core network (such as access to the MSC, SGSN, GGSN etc.) as configured on HNB-GW service and related services. For example, the system’s destination context would be configured with the IuCS, IuPS, Gn, Gi or IP offload interfaces facilitating subscriber data traffic to/from the core network (MSC, SGSN, GGSN) or other PDN (Mobile Data Service or Internet.
  • AAA context: This context provides AAA functionality for subscriber bearer contexts and/or administrative user sessions and contains the policies and logical interfaces for communication between Security Gateway (SeGW) and a 3GPP AAA Server or 3GPP AAA proxy (OCS/CGF/AAA/HSS) over AAA interface for authentication and authorization procedures for Femto user.In the roaming case, the 3GPP AAA Proxy can act as a stateful proxy between SeGW and 3GPP AAA Server.The AAA server is responsible for transfer of subscription and authentication data for authenticating/authorizing user access and UE authentication. The SeGW communicates with the AAA on the PLMN using AAA interface.

    IMPORTANT:

    To ensure scalability, authentication functionality for subscriber sessions should not be configured in the local context.

    For administrative users, authentication functionality can either be configured in the local context or be authenticated in the same context as subscribers.
  • Local context: This is the default context on the system used to provide out-of-band management functionality.

Logical Interfaces

This section describes the logical interface supported on HNB-GW.

Prior to allowing the flow of user data, the port must be associated with a virtual circuit or tunnel called a logical interface. A logical interface within the system is defined as the logical assignment of a virtual router instance that provides higher-layer protocol transport, such as Layer 3 IP addressing. Interfaces are configured as part of the VPN context and are independent from the physical port that will be used to bridge the virtual interfaces to the network.

Logical interfaces are assigned to IP addresses and are bound to a specific port during the configuration process. Logical interfaces are also associated with services through bindings. Services are bound to an IP address that is configured for a particular logical interface. When associated, the interface takes on the characteristics of the functions enabled by the service. For example, if an interface is bound to an HNB-GW service, it will function as an IuH interface between the SeGW (HNB-GW) service and the HNB. Services are defined later in this section.

In support of both mobile and network originated subscriber UE contexts, the HNB-GW provides the following network interface support:
  • IuH Interface: This interface is the reference point for the control plane protocol between Home NodeB and HNB-GW. IuH uses SCTP over IPSec IKEv2 tunnel as the transport layer protocol for guaranteed delivery of signaling messages between HNB-GW and Home NodeB.This is the interface used by the HNB-GW to communicate with HNB on the same Femtocell Access Network. This interface serves as path for establishing and maintaining subscriber UE contexts.One or more IuH interfaces can be configured per system context.
  • IuCS: This interface is the reference point in UMTS which links the HNB-GW, which acts as an RNC (Radio Network Controller), with a Mobile Switching Centre (3G MSC) in the 3G UMTS Femtocell Access Network. This interface provides an IuCS over IP or IuCS over ATM (IP over AAL5 over ATM) interface between the MSC and the RNC (HNB-GW) in the 3G UMTS Femtocell Access Network. RAN Application Part (RANAP) is the control protocol that sets up the data plane (GTP-U) between these nodes. SIGTRAN (M3UA/SCTP) or QSAAL (MTP3B/QSAAL) handle IuCS (control) for the HNB-GW.This is the interface used by the HNB-GW to communicate with 3G MSC on the same Public Land Mobile Network (PLMN). This interface serves as path for establishing and maintaining the CS access for Femtocell UE to circuit switched UMTS core networksOne or more IuCS interfaces can be configured per system context.
  • IuPS: This interface is the reference point between HNB-GW and SGSN. This interface provides an IuPS over IP or IuPS over ATM (IP over AAL5 over ATM) interface between the SGSN and the RNC (HNB-GW) in the 3G UMTS Femtocell Access Network. RAN Application Part (RANAP) is the control protocol that sets up the data plane (GTP-U) between these nodes. SIGTRAN (M3UA/SCTP) or QSAAL (MTP3B/QSAAL) handle IuPS-C (control) for the HNB-GW.This is the interface used by the HNB-GW to communicate with SGSN on the same Public Land Mobile Network (PLMN). This interface serves as path for establishing and maintaining the PS access for Femtocell UE to packet switched UMTS core networks.One or more IuPS interfaces can be configured per system context.
  • Gi: This interface is the reference point between HNB-GW and IP Offload Gateway. It is used by the HNB-GW to communicate with Packet Data Networks (PDNs) through IP Offload Gateway in the H-PLMN/V-PLMN. Examples of PDNs are the Internet or corporate intranets.One or more Gi interfaces can be configured per system context.
  • Gn: This interface is the reference point between HNB-GW and GGSN. It is used by the HNB-GW to communicate with GGSNs on the same GPRS/UMTS Public Land Mobile Network (PLMN).One or more Gn interfaces can be configured per system context.
  • RADIUS: This interface is the reference point between a Security Gateway (SeGW) and a 3GPP AAA Server or 3GPP AAA proxy (OCS/CGF/AAA/HSS) over RADIUS protocol for AAA procedures for Femto user.In the roaming case, the 3GPP AAA Proxy can act as a stateful proxy between the SeGW and 3GPP AAA Server.The AAA server is responsible for transfer of subscription and authentication data for authenticating/authorizing user access and UE authentication. The SeGW communicates with the AAA on the PLMN using RADIUS protocol.One or more RADIUS interfaces can be configured per system context.
  • TR-069: This interface is an application layer protocol which is used for remote configuration of terminal devices, such as DSL modems, HNBs and STBs. TR-069 provides an auto configuration mechanism between the HNB and a remote node in the service provider network termed the Auto Configuration Server. The standard also uses a combination of security measures including IKEv2 (Internet Key Exchange v2) and IPsec (IP Security) protocols to authenticate the operator and subscriber and then guarantee the privacy of the data exchanged.One TR-069 interface can be configured per HNB node.
  • DHCP: This is the interface used by the HNB-GW to communicate with a Dynamic Host Control Protocol (DHCP) Server. The system can be configured to dynamically provide IP addresses for HNBs from the DHCP server in HMS.One or more DHCP interface can be configured per system context.

Bindings

A binding is an association between “elements” within the system. There are two types of bindings: static and dynamic.

Static binding is accomplished through the configuration of the system. Static bindings are used to associate:
  • A specific logical interface (configured within a particular context) to a physical port. Once the interface is bound to the physical port, traffic can flow through the context just as if it were any physically defined circuit. Static bindings support any encapsulation method over any interface and port type.
  • A service to an IP address assigned to a logical interface within the same context. This allows the interface to take on the characteristics (i.e., support the protocols) required by the service. For example, a GGSN service bound to a logical interface will cause the logical interface to take on the characteristics of a Gn interface within a GPRS/UMTS network.

Dynamic binding associates a subscriber to a specific egress context based on the configuration of their profile or system parameters. This provides a higher degree of deployment flexibility as it allows a wireless carrier to support multiple services and facilitates seamless connections to multiple networks.

Services and Networks

This section describes the services configured on HNB-GW to support various functionality.

Services are configured within a context and enable certain functionality. The following services can be configured on the system:
  • HNB-GW services: HNB-GW services are configured in Context configuration mode to support both mobile-initiated and network-requested user contexts. The HNB-GW service must be bound to a logical interface within the same context. Once bound, the interface takes on the characteristics of an IuH interface. Multiple services can be bound to the same logical interface. Therefore, a single physical port can facilitate multiple IuH interfaces.
  • Radio Network PLMN: The Radio Network PLMN is configured in HNB-GW service to associate PLMNs with HNB-GW.In StarOS 12.1 and earlier, the PLMN specific configuration e.g. RNC id and association of CS or PS network shall be configured under the HNB-Radio Network PLMN configuration mode.In StarOS Release 14.0 and later, the PLMN specific configuration e.g. RNC id and association of CS or PS network shall be configured under the HNB-CS and HNB-PS configuration mode respectively.
  • CS Network: CS Network is a context independent configuration to define circuit switched networks. This circuit switched network configuration provides parameters for one or more MSCs where CS-domain Iu-connections shall be routed. In a typical deployment HNB-GW is connected to only one MSC.In StarOS 12.1 and earlier, the CS network configured at the system level need to be associated with a Radio Network PLMN configured within HNB-GW service with desired granularity; PLMN level or location-area in that PLMN.In StarOS Release 14.0 and later, the CS network configured at the system level need to be associated with a SCCP Network configured at Gloal Configuration mode.
  • PS Network: PS Network is a context independent configuration to define packet switched networks. This packet switched network configuration provides parameters for one or more SGSN where PS-domain Iu-connections shall be routed. In a typical deployment HNB-GW is connected to only one SGSN.In StarOS Release 12.1 and earlier, the PS network configured at the system level need to be associated with a Radio Network PLMN configured within HNB-GW service with desired granularity.In StarOS Release 14.0 and later, the PS network configured at the system level need to be associated with a SCCP Network configured at Gloal Configuration mode.
  • GTP-U services: GTP-U services are configured in Context configuration mode in pair of two services; one for GTP-U tunnel support towards HNB on IuH interface and another for GTP-U tunnel support towards the core network on IuPS interface to communicate with SGSN respectively.The system supports multiple GTP-U interface connections over this service. Although this service can be configured in any independent context, but for IuH interface it must be configured in the same context as HNB-GW; i.e. source context.
Following figure illustrates the relationship between services, interfaces, and contexts within the HNB-GW system for HNB access 3G UMTS networks.
Figure 1. Service, Interface, and Context Relationship Within the System

The source context used to service a subscriber session is the same as the context in which the HNB-GW service is configured. Each HNB-GW service is bound to an IP address in a source context. The HNBs select which IP address to use, typically by using DNS. Once a UE has established a bearer context with an HNB-GW, the HNBs continue to use the same context as the subscriber anchored to that HNB-GW.

The destination contexts used to service a subscriber session to connect with CN.

The system determines the configuration used in destination context based on the parameter contained within the information received from HNB and also the configuration in HNB-GW service. The AAA context or AAA configuration in source context uses that context for subscriber authentication.