PDSN
Download
1 / 54

PDSN ???? - PowerPoint PPT Presentation


  • 281 Views
  • Uploaded on

PDSN 課程講議. 課程內容 : EV-DO overview PDSN/FA & HA overview Understanding Simple IP & Mobile IP Mobility Understanding the service operation of Starent System. SHAQ 2010/3/19. 1. EV-DO overview. 1. EV-DO overview. 1xEV-DO IOS Architecture Reference Model. 1. EV-DO overview.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'PDSN ????' - long


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Pdsn

PDSN 課程講議

  • 課程內容 :

  • EV-DO overview

  • PDSN/FA & HA overview

  • Understanding Simple IP & Mobile IP

  • Mobility

  • Understanding the service operation of Starent System

SHAQ

2010/3/19


Pdsn

1. EV-DO overview


Pdsn

1. EV-DO overview

1xEV-DO IOS Architecture Reference Model


Pdsn

1. EV-DO overview

EV-DO R0, RA, RB : Air-link is the bottle neck for wireless data transmission.


Pdsn

1. EV-DO overview

EV-DO R 0, R A, R B


Pdsn

2. PDSN/FA & HA overview

PCF


Pdsn

2. PDSN/FA & HA overview

PDSN


Pdsn

2. PDSN/FA & HA overview

AAA server


Pdsn

2. PDSN/FA & HA overview

Home Agent


Pdsn

2. PDSN/FA & HA overview

Standalone PDSN/FA and HA Deployments

Interface Description

R-P Interface – PCF <-> PDSN

Pi Interfaces – PDSN/FA <-> HA

PDN Interfaces – HA <-> PDN/internet

AAA Interfaces – PDSN/HA <-> AAA Server


Pdsn

2. PDSN/FA & HA overview

Co-Located Deployments


Pdsn

2. PDSN/FA & HA overview

PDSN-FA and HA functionality : Logical interface

R-P interface :

Functionality :

-R-P connection setup

- R-P connection tear-down

- Transport of PPP packets

- Transport of cdma2000 accounting information from PCF to PDSN

- R-P mobility

Types:

- Closed R-P interface : L2TP

- Open R-P interface : GRE (A10/A11)


Pdsn

2. PDSN/FA & HA overview

PDSN-FA and HA functionality : Protocols

PPP : Point-to-Point Protocol , MN <-> PDSN

1. LCP

2. Authentication

- PAP

- CHAP

3. NCP (IPCP)

RADIUS : PDSN/FA or HA <-> AAA Server

IP in IP : FA <-> HA

IP : MN <-> PDN(Internet, VPN, CN)


Pdsn

3. Understanding Simple IP and Mobile IP

-Access methods for packet data services :

- Local and public network access

- Private network access

-Access application for two access methods :

- Simple IP : Dynamically assigned IP addresses

Mobility in a defined geographical area

- Mobile IP : Static or Dynamically assigned IP addresses

Seamless mobility

- Proxy Mobile IP : PDSN supports MIP for MN which don’t support MIP.


Pdsn

3. Understanding Simple IP and Mobile IP

Simple IP

How Simple IP Works


Pdsn

3. Understanding Simple IP and Mobile IP

Simple IP

Simple IP protocol stacks


Pdsn

3. Understanding Simple IP and Mobile IP

Simple IP

Simple IP Call Flow

PPP :

LCP(3)

Authentication(4,5,6,7; attributes)

IPCP(8, IP assignment)


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

  • network-layer solution

  • maintain ongoing communications while changing links

  • Home address

  • Care of Address (collocated / FA)

  • IP Tunnels

Key of mobility


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

Mobile IP Tunneling Methods :

IP in IP tunnels : Outer IP header / Inner IP header

GRE tunnels : any transport protocol can be encapsulated in GRE

Three Tunneling of Mobile IP :

Forward Tunneling : PDN -> MN


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

Reverse Tunneling : MN -> PDN

- Direct Delivery Style : MN -> FA directly

- Encapsulating Delivery Style : MN -> FA encapsulates

(reference MIPv4_4)


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

Triangular Routing :

- advantage : reverse tunneling is not required

- disadvantage : - HA is unaware of all user traffic for billing purposes

- FA would have to be connected to each private network


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

Mobile IP protocol stacks—data plane


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

Mobile IP protocol stacks—control plane


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

How Mobile IP Works


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

How Mobile IP Works

MIP setup :

MIP Registration Request message(6, 11)

Access Request message(7,8,12)

Access Acept message(9,10,13)

MIP Registration Reply(14 (MN’s home address,16)

PPP

MIP close :

Registration Request with a request lifetime of 0.(17, 18)

Registration Reply (19, 20)


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile IP

Proxy Mobile IP

An Overview of Proxy Mobile IP :

- Provides mobility for subscribers with MNs that do not support the Mobile IP protocol stack.

- R-P and PPP sessions get established as they would for a Simple IP session

- Mobile Binding Record (MBR) is created on HA

How Proxy Mobile IP Works :

- Scenario 1: The AAA server specifies an IP address that the PDSN allocates to the MN from one of its locally configured static pools.

- Scenario 2: The HA assigns an IP address to the MN from one of its locally configured dynamic pools.


Pdsn

3. Understanding Simple IP and Mobile IP

IPCP (8,10,12)

Proxy MIP (8,9,11)


Pdsn

3. Understanding Simple IP and Mobile IP

Mobile Packet data service states

NULL :There are not any connections between the MS and Network.

MS

BSS

PCF

PDSN

TCH

A8

A10

ACTIVE:In this state, Traffic channel exists between MS and PDSN, and both sides may transmit data.

MS

BSS

PCF

PDSN

TCH

A8

A10

Dormant:No traffic channel exists between MS and PCF. But PPP connection and traffic channel on A10 are maintained.

MS

BSS

PCF

PDSN

TCH

A8

A10


Pdsn

4. Mobility

  • Micro-mobility : intra-PCF mobility

  • R-P mobility : intra-PDSN mobility

  • - Macro-mobility : inter-PDSN mobility


Pdsn

4. Mobility

  • R-P mobility :

  • - R-P interface is moved from the source PCF to the target PCF

  • - PPP session remains on the same PDSN-FA

  • Macro-mobility :

  • - PDSN-FA/HA

  • - a new PPP session must be initiated

  • - New PDSN-FA issues an Agent Advertisement on that session

  • - MM’s Home IP address(assigned when Mobile IP service was initiated) is still using => Layer 3 mobility

  • - The session is anchored at the HA


Pdsn

4. Mobility

Dormant mobility :

- “stale” PPP session

- PANID / CANID

- the PPP session will be restarted / the MIP renegotiation



Pdsn

5. Understanding the service operation of Starent System

Contexts :

- a logical grouping or mapping of configuration parameters that pertain to

various physical ports, logical IP interfaces, and services.

- The system supports the configuration of multiple contexts.

- Each contexts is configured and operates independently from the others.

- Contexts can also be assigned domain aliases.

- Categorization : Source/Destination/AAA context

- Source context:

-“ingress” context

- subscriber’s point-of-entry in the system

-R-P interfaces


Pdsn

5. Understanding the service operation of Starent System

- Categorization :

- Destination context:

- “egress” context

- where a subscriber is provided services

- configured with the interfaces facilitating subscriber data traffic to/from the Internet, a VPN, or other PDN

- AAA context :

- provides authorization, authentication, and accounting (AAA) functionality for subscriber and/or administrative user sessions

- the logical interfaces for communicating with AAA servers

- records for locally configured subscribers and/or administrative users

Note : AAA context 可與 source 或 destination context configured 一起.

一般規則為 AAA server 為 carrier 管控, 則可與 source context configure 在一起, 反之則可與 destination source configured 在一起.


Pdsn

nova.com

bigco.com

ingress

Source context/

AAA configuration

5. Understanding the service operation of Starent System

- AAA context

- AAA Realms :

- provides AAA attributes (when access-accept message from RADIUS failed to contain certain attributes)

-subscriber-specific templates < subscriber’s RADIUS user profile

- A AAA realm is considered part of the AAA context(or configuration)

- the AAA context itself is also considered to be a realm

- There may be many different AAA realms defined within a single AAA context

AAA interface

RADIUS AAA

AAA realms

access-accept message from RADIUS failed to contain certain attributes


Pdsn

5. Understanding the service operation of Starent System

Logical interface :

- assigned to IP addresses and are bound to a specific port

- associated with services through bindings

- takes on the characteristics of the functions enabled by the service

Logical interface category :

- Management interface :

-provides the system’s point of attachment to the management network

- defined in the local context

- R-P interface :

-A10/A11 -> communications path between the PCF and the PDSN

- Piinterface :

- communications path between the PDSN/FA and HA for Mobile IP applications


Pdsn

5. Understanding the service operation of Starent System

Logical interface category :

- PDN interface:

- The interface to the packet data network (PDN)

- AAA interface :

-the connection between the PDSN and/or HA and the network servers that perform AAA functions

- Remote Authentication Dial-In User Service(RADIUS)

- ICC interface : (inter-context communication)

- only required when multiple services are configured in the same context

Xxx context

FA

HA

ICC

ICC


Pdsn

5. Understanding the service operation of Starent System

Binding :

- an association between “elements” within the system

- static and dynamic

- static :

- dynamic :

- associates a subscriber to a specific egress context based on the

configuration of their profile or system parameters.

Context

Physical port Logical interface IP address Service


Pdsn

5. Understanding the service operation of Starent System

Services :

- Services are configured within a context and enable certain functionality.

- PDSN services :

-The PDSN service must be bound to a logical interface within the same context.

- logical interface takes on the characteristics of an R-P interface

- a single physical port can facilitate multiple R-P interfaces.

- R-P sessions are identified using the PCF address, the PDSN interface address, and the R-P Session ID.

- FA/HA services :

- configured to support Mobile IP and define FA/HA functionality on the system.


Pdsn

5. Understanding the service operation of Starent System

- FA/HA services combination & individual configuring :

1.

System

PDSN service

Source context

FA/HA service

Dest. context

PDN interface

2.

System

PDSN/FA service

Source context

System

HA service

Source context

Pi

Pi


Pdsn

5. Understanding the service operation of Starent System

AAA Servers :

- store profiles / perform authentication / maintain accounting records

- Mobile IP : there can be foreign AAA (FAAA) and home AAA (HAAA) servers

- The AAA servers communicate with the system over the AAA interface.

Subscribers: Three primary types of subscribers/users

- RADIUS-based Subscribers :

-The most common type of subscriber.

- identified by IMSI/ESN/Domain name/User name

- user profile configured on and authenticated by a RADIUS AAA server

Attributes : - parameter settings(protocol settings; IP assignment method, etc.)

- privileges (Simple IP, Mobile IP, etc.)

User profile


Pdsn

5. Understanding the service operation of Starent System

Subscribers: Three primary types of subscribers/users

- Local Subscribers :

- testing purposes

- configured and authenticated within a specific context where they are created.

- first created subscriber profiles are set to the system’s default setting.

- configuring profile attributes are made on a subscriber-by-subscriber basis.

- Management Subscribers :

- an authorized user who can monitor, control, and configure the system

- configured as a local subscriber within the local context

- management subscribers may also be authenticated remotely via RADIUS

(if a AAA configuration exists within the local context)


Pdsn

5. Understanding the service operation of Starent System

Default Subscribers and Realm-based Subscriber Templates :

- Used for RADIUS-based subscribers when needed.

- Default Subscriber :

- per context basis

- the system automatically creates a subscriber named default (When each context is created)

- Realm-based Subscriber Templates : (AAA realms)

- per realm basis

- a context can have numerous domain aliases

- each realm is used for a specific group of subscribers



Radius
RADIUS

  • Remote Authentication Dial-In User Service



Point to point tunneling protocol pptp

PPP

PPTP

Client

IP, IPX

NetBEUI

Internet

GRE

PPTP server

Point-to-Point Tunneling Protocol (PPTP)

  • PPTP was developed by Microsoft and the IETF.

  • Layer 2 tunnel supports IP, IPX, NetBEUI

  • Authentication is relied on PPP

    • PAP, SPAP, CHAP, MS-CHAP V1, V2, and EAP


Pptp packet

GRE Payload (encrypted)

IP Header GRE Header

PPP IP TCP Data

PPTP Packet

  • Generic Routing Encapsulation (GRE)

    • a mechanism for encapsulating any network layer protocol over any other network layer protocol.

  • Encryption protocol

    • Microsoft Point to Point Encryption (MPPE)


Layer 2 tunneling protocol l2tp

new IP header

IP

L2TP message header

L2TP

PPP header

PPP

original IP header

IP

IP

message payload

payload

payload

Internet

PC + LAC

LNS

L2TP Tunnel

L2TP

Network

Server

PC with

L2TP Client

Corporate

LAN

Layer 2 Tunneling Protocol (L2TP)

  • Based upon the best features of PPTP and L2F.

  • Layer 2 tunnel supports IP, IPX, NetBEUI.


L2tp packet

IP

Header

IPSec

ESP

Header

UDP

Header

L2TP

Header

PPP

Header

IP

Header

TCP

Header

DATA

L2TP Packet

  • Allows tunnels to support more than one connection.

  • Encryption is relied on IPsec.


Internet protocol security ipsec
Internet Protocol Security (IPSec)

  • Layer 3 protocol for remote access, intranet, and extranet VPN

    • Internet standard for IP layer VPN

    • Provides flexible encryption and message authentication/integrity

    • Includes key management

  • Two security protocols

    • Authentication Header (AH)

    • Encapsulating Security Payload (ESP)


Ipsec operating modes
IPSec Operating Modes

  • Transport mode

  • Tunnel mode


Ipsec authentication header ah
IPSec - Authentication Header (AH)

  • Authentication

  • Integrity

  • Anti-replay


Ipsec encapsulating security payload esp
IPSec - Encapsulating Security Payload (ESP)

  • Confidentiality

  • Authentication

  • Integrity

  • Anti-replay