Chapter 2: Wireless IP
Network Architectures
This material is protected under all
Copyright Laws as they currently exist.
©2004 Jyh-Cheng Chen and Tao Zhang,
and John Wiley & Sons, Inc. All rights
reserved. Notwithstanding user’s ability to
use and modify the PowerPoint Slides, it is
understood that the original version of
these slides, as well as any and all
modifications thereof, and all
corresponding copyrights, shall at all times
remain the property of Jyh-Cheng Chen
and Tao Zhang, and John Wiley & Sons, Inc.
Jyh-Cheng Chen and Tao Zhang
IP-Based Next-Generation Wireless Networks
Published by John Wiley & Sons, Inc.
January 2004
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Outline
2.1 3GPP Packet Data Networks
2.1.1 Network Architecture
2.1.2 Protocol Reference Model
2.1.3 Packet Data Protocols, Bearers, and Connections for
Packet Services
2.1.4 Packet Data Protocol (PDP) Context
2.1.5 Steps for a Mobile to Access 3GPP Packet-Switched
Services
2.1.6 User Packet Routing and Transport
2.1.7 Configuring PDP Addresses on Mobile Stations
2.1.8 GPRS Attach Procedure
2.1.9 PDP Context Activation and Modification
2.1.10 Radio Access Bearer Assignment
2.1.11 Packet-Switched Domain Protocol Stacks
2.1.12 Accessing IP Networks through PS Domain
2.1 3GPP Packet Data Networks
2.2 3GPP2 Packet Data Networks
2.3 MWIF All-IP Mobile Networks
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
2
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
3
4
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.1 3GPP conceptual network architecture (Release 5)
PSTN
and
Circuit-Switched Wireless Network
2.1.1 Network Architecture
Public Land Mobile Network (PLMN): a public network
administrated by a single network operator for
providing land mobile services
Radio Access Networks (RANs)



GSM/EDGE RAN (GERAN)
UMTS Terrestrial RAN (UTRAN)
Broadband Radio Access Networks (BRANs)
External IP Networks
IP Multimedia Subsystem
(IMS)
GMSC
Circuit
Switched
Domain
MSC
+
VLR
GGSN
Information Servers
Shared by
PS and CS Domain
(HSS, EIR, AuC)
SGSN
Core
Network
Core Network (CN)




Circuit-Switched (CS) Domain
Packet-Switched (PS) Domain
IP Multimedia Subsystem (IMS)
Information Servers
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Packet
Switched
Domain
GSM RAN
(i.e., Base Station Subsystems)
UTRAN
(UMTS Terrestrial
Radio Access Network)
Radio Access Networks
5
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
6
1
2.1.1.1 Mobile Devices,
Subscribers, and Their Identifiers
GERAN and UTRAN
GERAN

Mobile Station (MS): in GSM
User Equipment (UE): in UMTS
Base Station Subsystem (BSS)
 Base Transceiver Station (BTS)

 Base Station Controller (BSC)
 Terminal Equipment (TE)
UTRAN

Mobile Equipment (ME)
 Mobile Termination (MT)
Radio Network Subsystem (RNS)

 Node B

Terminal Adapter (TA)
UMTS Subscriber Identity Module (USIM)
 Radio Network Controller (RNC)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
7
Fig. 2.2 Functional architecture of
an user equipment (UE)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
8
Identifiers
International Mobile Station Equipment
Identity (IMEI): identify MT
UE
ME

International Mobile Subscriber Identity
(IMSI): globally unique and
permanently assigned for each
subscriber
MT
USIM
TE
TA

Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
manufacturer, country, type
9
Fig. 2.3 Structure of International
Mobile Subscriber Identity (IMSI)
stored on USIM
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
10
Identifiers (Cont.)
Temporary Mobile Subscriber Identity (TMSI)

No more than 15 digits

3 digits
2 – 3 digits

4-octet number assigned to a mobile temporarily
by a MSC/VLR or by a SGSN
P-TMSI
mapping between TMSI and IMSI: only known by
mobile and network
IP address
Mobile Country Code
(MCC)
Mobile Network Code
(MNC)
Mobile Subscriber Identification Number
(MSIN)


Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
11
single or multiple
may acquire an IP address only when necessary
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
12
2
2.1.1.2 Circuit-Switched Domain
in Core Network
Switching vs. Call Control
Mobile-services Switching Center (MSC)
Gateway MSC (GMSC)
Visitor Location Register (VLR)
Home Subscriber Server (HSS),
Equipment Identity Register (EIR), and
Authentication Center (AuC)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
13
2.1.1.3 Packet-Switched Domain
in the Core Network
14
Access control
Location management: track the locations of
mobiles; may report the location information
to the HLR
Route management: maintain and relay user
traffic between the mobile and the GGSN
Paging: initiating paging to idle mobiles
Interface with service control platforms:
contact point with CAMEL (Customized
Applications for Mobile Enhanced Logic)
15
Gateway GPRS Support Node (GGSN)
Packet routing and forwarding center: all user
packets to and from a mobile in a PLMN will
be sent first to a GGSN (refer to as the
mobile’s serving GGSN)
Route and mobility management: maintain a
route to the SGSN that is currently serving a
mobile and uses the route to exchange the
user traffic with the SGSN
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Serving GPRS Support Node (SGSN)
Network access control: registration,
authentication and authorization, admission
control, message filtering, usage data
collection
Packet routing and transport: route user
packets toward their destinations
Mobility management: tracking the locations
of mobile terminals, initiating paging,
maintaining up-to-date routes
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
MSC Server: call control and mobility
management
CS Media Gateway (CS-MGW): circuit
switching, media conversion, payload
processing (e.g., echo canceller, codec),
payload transport
17
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
16
Identifiers of SGSN and GGSN
IP address

may be private IP address
SGSN Number and GGSN Number

used primarily with non-IP protocols, e.g.,
MAP or other SS7-based protocols
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
18
3
2.1.1.5 Information Servers
2.1.1.4 IP Multimedia Subsystem
Shared by CS and PS domains
Home Subscriber Server (HSS)
Release 5 introduced the IP Multimedia
Subsystem (IMS)
Support real-time voice and multimedia
IP services
Use the Session Initiation Protocol (SIP)
for signaling and session control for all
real-time multimedia services
Will be discussed in Chapter 3



Authentication Center (AuC)


maintain information to authenticate each user and to
encrypt the communication
accessed by the HSS
Equipment Identity Register (EIR)

Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
master logical database
maintain user subscription information to control network
services
Home Location Registrar (HLR): main component of HSS
which maintains users’ identities, locations, and service
subscription information
maintain IMEIs of the subscribers
19
To external
IP networks
To PSTN
Fig. 2.4
2.1.2 Protocol Reference Model
Gi
C
Nc

Gc
HSS
(HLR)
H
EIR
Gf
AuC
Gn
Gr
F
VLR
VLR
B
E
GGSN
D
G
B
Gs
SGSN
MSC Server
Mc
NC
Iu-PS
Gb
CS-MGW
Core
Network
CS-MGW
many interfaces use MAP protocol
Nb
A
PS CN Internal Interfaces
A
IuCS
Iu-CS
Iu-CS
Iur
UTRAN
BSC
RNC
Abis
Traffic interface
Signaling interface
GSM
BSS
BTS
BTS
RAN Internal Interfaces

Uu


Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.

Abis
Um

22
A or Iu-CS: CS CN domain
Gb or Iu-PS: PS CN domain
UTRAN

Iub
Iur: logical signaling interface
Uu
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
MT
GERAN
UTRAN

Node B
Cell
Cell
RAN-to-CN Interfaces
GERAN

Node B
Cell
Cell
Um
Radio Access Networks
21
RNC
Iub
MT
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Gp
Gi
Go
GMSC
Server
Nb
MSC Server
Mc
To external To GGSN in
IP networks Other networks
IMS
Mc
CS-MGW
RAN Internal Interfaces
RAN-to-CN Interfaces
CS CN Internal Interfaces
20
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.

Iu-CS: CS CN domain
Iu-PS: PS CN domain
One and only one mode


23
A/Gb mode
Iu mode
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
24
4
Fig. 2.5 Protocol reference
model for 3GPP PS domain
D
MSC
+
VLR
Mobile
RNC
Uu
Gr
SGSN
Iub
IuPS
UTRAN
Packet Data Protocol (PDP): used to
exchange user packets over a 3GPP PS CN
domain
Packet Data Unit (PDU): user packet
transported inside a 3GPP network over
traffic bearer
Traffic bearer: a set of network resources and
data transport functions used to deliver user
traffic between two network entities
HSS/HLR
Gs
Node B
2.1.3 Packet Data Protocols, Bearers,
and Connections for Packet Services
Gc
External
Packet
Network
GGSN
Gn
Gi
PS CN
Gp
GGSN
PS CN in different PLMN
25
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.6 3GPP bearers (connections) for
supporting packet-switched services
Mobile
RNC
SGSN
Radio Bearer
Lower
Layer
Bearers
The (Traffic) Radio Bearers, Iu (Traffic)
Bearers, Radio Access Bearers, and CN
Bearers are managed by different
protocols and procedures.
GGSN
CN Bearer
Iu Bearer

Lower
Layer
Bearers
Lower
Layer
Bearers

Iu
27
Fig. 2.7 Signaling and traffic connections
between mobile and SGSN
Mobile
Signaling
Radio Bearer
Mobile-SGSN
Signaling Connection
Iu
Signaling Bearer
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
28
Connections
Radio Resource Control (RRC)
connection
RANAP Connection
RNC
allows different protocols and procedures
to be used; evolve with less dependency
on each other
facilitates mobility management
Gn
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
RRC Connection
26
Separation of Bearers
3GPP Bearer
Radio Access Bearer (RAB)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
SGSN


Signaling Radio Bearer
Traffic Radio Bearer
Radio Access Network Application Part
(RANAP) connection
Traffic
Radio Bearer
Radio Access Bearer
(RAB)

Iu
Traffic Bearer

Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
29
Iu Signaling Bearers
Iu Traffic Bearers
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
30
5
2.1.4 Packet Data Protocol (PDP)
Context
PDP States
A set of information that the network uses to
determine how to forward user packets
destined to and originated from a particular
PDP address
Contain the following main information



ACTIVE state


INACTIVE state

PDP Address
Routing Information: identifiers of tunnels and
Access Point Name (APN)
Quality of Service (QoS) Profiles: QoS Profile
Subscribed, QoS Profile Requested, QoS Profile
Negotiated
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.




31
Fig. 2.8 3GPP PDP context state
transitions
32
State Transition
PDP Context Activation
PDP Context Modification
PDP Context
ACTIVE


PDP Context Activation
modify the PDP Address or the attributes of
the QoS profile
Release 5 only allows the GGSN-initiated
PDP Context Modification
PDP Context Deactivation
PDP Context
INACTIVE
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
may contain a valid PDP address, but will not contain valid routing
and mapping information needed to determine how to process PDP
packets
no user data can be transferred
changing location of a mobile user will not cause an update for the
PDP context
If a GGSN has user packets to send to a mobile, the GGSN may use
Network-requested PDP Context Activation procedure to change
the PDP context of the destination mobile into ACTIVE state.
The GGSN may also discard packets destined to a mobile if the
corresponding PDP context is in INACTIVE state.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
PDP Context Modification
PDP Context Deactivation
or
Mobility Management state changes
to PMM-IDLE or PMM-DETACHED
contains update-to-date information for forwarding PDP packets
between the mobile and the GGSN
RABs may be established only when there are user packets
33
34
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
2.1.5 Steps for a Mobile to Access
3GPP Packet-Switched Services
HSS
GPRS Attach
SGSN
Fig. 1.9 Three-phased access to
3GPP packet-switched network and
services
Mobile
GPRS Attach
PDP Context Activation and RAB
Establishment
Register with the IMS
(a) Phase 1: Mobile registers with PS CN via GPRS Attach
1. Activate PDP Context Request
2. PDP Context Activation
3. Establish Radio Access Bearer
Mobile
SGSN
GGSN
4. Activate PDP Context Accept
(b) Phase 2: Activate PDP Context and establish Radio Access Bearer.
SGSN
GGSN
Registration with IMS
IMS
Mobile
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
35
(c) Phase 3: Registers with the IMS (only if the mobile wishes to use services provided by IMS).
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
36
6
PDP Context Activation and RAB
Establishment
GPRS Attach
A mobile registers with SGSN.
A mobile provides its identity and service requirements to
the SGSN and will be authenticated and authorized by the
SGSN.
Establish a Mobility Management Context on the mobile, in
the RAN, and on the SGSN. This allows the RAN and the
SGSN to track the mobile’s location.
Establish a signaling connection between the mobile and
the SGSN. The mobile and the SGSN use this signaling
connection to exchange signaling and control messages
needed to perform the GPRS Attach procedure.
Allow the mobile to access some services provided by the
SGSN. Such services include sending and receiving SMS
messages and being paged by the SGSN.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
37
38
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
2.1.6 User Packet Routing and
Transport
Register with the IMS
When a mobile wishes to use the IPbased real-time voice or multimedia
services provided by the IMS, the
mobile needs to perform registration
with the IMS.
SIP registration procedure is used for a
user to register with the IMS.
Will be described in detail in Chapter 3
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
A mobile can request the network to establish
and activate a PDP Context for its PDP
address after the mobile has performed GPRS
Attach successfully.
A successful PDP context activation will
trigger the PS CN domain to establish the CN
Bearer and the RAB.
A mobile will be able to send and receive user
packets over the PS CN domain.
Inside the PS CN domain, IP is the main
protocol for transporting user packets
between network nods.
IP is used for routing between GGSNs.
Routing of user packets between SGSN
and GGSN is based on GPRS-specific
protocols and procedures.
39
40
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
IP Network
Fig. 2.10
Packet Routing
GGSN
Gn
Gn
GTP Tunnel
GPRS Tunneling Protocol (GTP): routing and mobility
management
SGSN
SGSN
Iu
GTP Tunnel
GTP Tunnel
maintain an individual routing entry as part of a PDP context
for every mobile terminal that has an active PDP context
RNC
RNC
User packets
Radio Bearer
Source Mobile
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
GTP Tunnel
Iu
Host-specific routes are used to forward user packets
between a mobile and a GGSN.

Gi
GGSN
GGSN acts as a central point for routing of all user
packets.
User packets are tunneled between RNC and SGSN,
between SGSN and GGSN, and between two SGSNs.

Gi
41
Radio Bearer
Destination Mobile
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
42
7
Mapping between Identifiers
IP
Address
Packets addressed to the PDP address are
delivered by the lower protocol to the IP layer
through the Service Access Point.


PDP Context
PDP Address
PDP Address
IMSI
IMSI
P-TMSI
P-TMSI
……
……
NSAPI
NSAPI
RAB ID
identified by a Network-layer Service Access Point
Identifier (NSAPI)
a unique NAPSI is used for each IP address
RAB ID
RAB ID
NSAPI
TEID
Radio Access Bearer (RAB)
Tunnel Endpoint Identifier (TEID)

PDP Context
RB ID
exchanged during tunnel setup process
RB ID
TEID
TEID
Radio Bearer (RB)
Radio Access Bearer Identifier (RAB ID)
Radio Bearer Identifier (RB ID)
Mobile
TEID
GTP Tunnel
Iu Bearer
RNC
SGSN
GGSN
Mapping
X
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
43
2.1.7 Configuring PDP Addresses
on Mobile Stations
44
Dynamic PDP Address from an
External IP Network
Use a static PDP address assigned by
the visited 3GPP network
Use a static PDP address assigned by
an external IP network
Acquire a PDP address dynamically from
the visited 3GPP network
Acquire a PDP address dynamically from
an external IP network
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Y
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
The visited PS domain first activates a PDP
context without a PDP address for the mobile.
The visited PS CN will not forward other user
packets to or from the mobile before a valid
PDP address is added to the mobile’s PDP
context.
The mobile’s serving GGSN in the visited
network will have to learn the PDP address
assigned to the mobile.
45
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
MS
New SGSN
Old SGSN
EIR
GGSN
46
HLR
Attach Request
2.1.8 GPRS Attach Procedure
Identification Request
Fig. 2.12
Identification Response
Identity Request
Identity Response
GPRS Attach procedure to attach to the
PS domain
IMSI Attach procedure to attach to the
CS domain
May combine GPRS Attach procedure
and IMSI Attach procedure to attach to
the PS and the CS domain
simultaneously
Authentication and
Authorization
IMEI Verification
Authentication and Authorization
IMEI verification
Update Location
Cancel Location
Cancel Location ACK
Delete PDP Context Request
Delete PDP Context Response
Insert Subscriber Data
Insert Subscriber Data ACK
Update Location ACK
Attach Accept
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
47
Attach Complete
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
48
8
2.1.9 PDP Context Activation and
Modification
Attach Request
Identifiers of the mobile: P-TMSI or its IMSI, but not
both
P-TMSI Signature:



3-octet number assigned to the mobile by the SGSN that
assigned the P-TMSI
used by the SGSNs to authenticate a P-TMSI
can also be used by the mobile to authenticate the network
node that is assigning the P-TMSI
Attach Type: indicate whether the Attach Request is
for GPRS Attach only, GPRS Attach while already
IMSI attached, or combined GPRS/IMSI Attach
Location information: Routing Area Identity (RAI)
(will be discussed in more detail in Chapter 4)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
PDP Address allocation: The network
allocates an PDP address to the mobile if
needed.
CN Bearer Establishment: The network
creates and activates the PDP context on
GGSN and SGSN and establishes all the
necessary bearers between SGSN and GGSN
for transporting user and signaling traffic for
the activated PDP context.
RAB Assignment: The network establishes the
Radio Access Bearers to carry user traffic.
49
2.1.9 PDP Context Activation and
Modification (Cont.)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
2.1.9.1 Mobile-Initiated PDP Context
Activation and Modification
Activate PDP Context Request
2.1.9.1 Mobile-Initiated PDP Context
Activation and Modification
2.1.9.2 Network-Requested PDP
Context Activation
2.1.9.3 PDP Context Modification






Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
51
Fig. 2.13 3GPP mobile-initiated
PDP context activation
1. Activate PDP
Context Request
RNC
SGSN
2. Create PDP Context Request
GGSN
8. Activate PDP
Context Accept
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.

6. Update PDP Context Request
APN Network Identifier
APN Operator Identifier: identify the PLMN
(optional)
Same name syntax as the Internet Domain
Name
Domain Name System (DNS) can be used to
translate an APN to an IP address
7. Update PDP Context Response
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
52
Select a service (or a GGSN) in the PS domain
or a contact point in an external packet
network
Contain two main parts

4. Establish or Modify Radio Access Bearers
Mobile
PDP Address: either 0.0.0.0 or specified by the
mobile
Network-layer Service Access Point Identifier
(NSAPI)
PDP Type
Access Point Name (APN)
QoS Requested
PDP Configuration Options: optional PDP
parameters directly with GGSN
Access Point Name (APN)
3. Create PDP Context Response
5. Invoke Trace
50
53
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
54
9
Create PDP Context Request
Create PDP Context Response
TEID: to identify the GGSN side of the GTP
tunnel
PDP Address:
NSAPI: copied from Activate PDP Context Request
PDP Type: copied from Activate PDP Context Request
PDP Address: from the Activate PDP Context Request message
APN: selected by SGSN
QoS negotiated: QoS profile the SGSN agrees to support
Tunnel Endpoint Identifier (TEID): created by SGSN based on
mobile’s IMSI and on the NSAPI in the Activate PDP Context
Request
Selection Mode: whether the APN was subscribed by mobile or
selected by SGSN
Charging Characteristics: what kind of charging the PDP context
is liable for
PDP Configuration Options: copied from the Activate PDP
Context Request
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.


a PDP address assigned by the GGSN
0.0.0.0 if the mobile asks to acquire from an
external network
QoS Negotiated: QoS profile agreed by the
GGSN
PDP Configuration Options: relayed by
intermediate nodes transparently to the
mobile
55
Fig. 2.14 3GPP networkrequested PDP context activation
2.1.9.2 Network-Requested PDP
Context Activation
GGSN must have static information
about the PDP address

HSS/HLR
For example, the GGSN needs to know the
mobile’s IMSI in order to query the HLR
A Request PDP Context Activation
message to the mobile to instruct the
mobile to start the Mobile-initiated PDP
Context Activation procedure described
in Figure 2.13
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
3. Send Routing Info
for GPRS ACK
2. Send Routing Info
for GPRS
1. User
packets
4. PDU Notification Request
5. PDU Notification Response
6. Request PDP Context Activation
SGSN
GGSN
7. Mobile-Initiated PDP Context Activation
Mobile
57
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
58
Fig. 2.15 3GPP GGSN-initiated
PDP context modification
2.1.9.3 PDP Context Modification
Active PDP context can be modified
PDP address: only a GGSN can initiate
the process to modify the PDP address
in an active PDP context
QoS profiles: can be initiated by the
mobile, GGSN, SGSN, or the RAN
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
56
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
59
RNC
2. Modify PDP
Context Request
SGSN
1. Update PDP
Context Request
GGSN
3. Modify PDP
Context Accept
4. RAB Assignment Procedure
(to modify existing RABs)
Mobile
5. Update PDP
Context Response
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
60
10
2.1.10 Radio Access Bearer
Assignment
Update PDP Context Request
RAB Assignment: assignment, modification
and release of RAB
In R5, can only be initiated by the network
TEID: identify the SGSN end of the GTP
tunnel
NSAPI: identify the PDP context to be
modified
PDP Address: a new PDP address if the GGSN
wishes to modify the PDP Address (optional)
QoS Requested: new QoS profile suggested
by the GGSN

Radio Resource Control (RRC) protocol will be
used to establish, maintain, and release the
Radio Bearers
SGSN negotiates with the RAN about the QoS
profile for the mobile
61
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 1.16 3GPP Radio Access
Bearer Assignment
RNC
3. RAB Assignment Responses
2.1.11 Packet-Switched Domain
Protocol Stacks
2.1.11.1 Gn and Gp interfaces and the
GPRS Tunneling Protocol
2.1.11.2 The Iu-PS Interface
2.1.11.3 Gi, Gr, Gc, and Gs Interfaces
2.1.11.4 Mobile-to-GGSN Protocol
Stacks
SGSN
Mobile
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
63
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
64
Fig. 1.17 3GPP Gn and Gp
interface protocol stacks
2.1.11.1 Gn and Gp interfaces
and the GPRS Tunneling Protocol
Gn: between SGSN and GGSN as well
as SGSNs in the same PLMN
Gp: between an SGSN and a GGSN in a
different PLMN
GPRS Tunneling Protocol (GTP) is used
for both user plane and control plane
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
62
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
1. RAB Assignment Request
2. Establish, modify, and release
Radio Bearers
initiated by the SGSN upon triggered by other
network entities in the CN or the RAN
65
GTP-U
GTP-U
GTP-C
GTP-C
UDP
UDP
UDP
UDP
IP
IP
IP
IP
Layer 2
Layer 2
Layer 2
Layer 2
Layer 1
Layer 1
Layer 1
SGSN
GGSN
Layer 1
SGSN
GGSN
(a) Gn and Gp Interface User Plane.
(b) Gn and Gp Interface Control Plane.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
66
11
GPRS Tunneling Protocol (GTP)
GTP Messages
Tunnel Management: activate, modify and
remove PDP Contexts and their associated
GTP tunnels
Location Management: used by a GGSN to
retrieve location information from the HLR
Mobility Management: used between SGSNs
to transfer mobility related information
Path Management: used by a node to
determine if a peer node is alive and to
inform the peer node of what GTP header
extensions it can support
GTP-C: manage (create, modify, and release)
GTP-U tunnels, manage PDP contexts,
location management, and mobility
management

multiple PDP contexts with the same PDP address
will share a common GTP-C tunnel
GTP-U: establish and manage GTP tunnels
used to tunnel user packets

one GTP-U tunnel between SGSN and GGSN will
be established for every active PDP context
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
67
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
68
Fig. 2.18 GPRS Tunneling
Protocol (GTP) header format
GTP Header Format
8
7
6
Version
Version: 1 for the current version
PT (Protocol Type): for 3GPP CN or GPRS/GSM
E (Extension header Flag): indicates whether the Next Extension
Header is present
S (Sequence Number flag): indicates if the Sequence Number
field is present
PN (N-PDU Number Flag): indicates whether the N-PDU Number
field is present
Message Type: indicates the type of the GTP message
N-PDU Number: used in inter-SGSN Routing Area Update
procedure and some inter-system handoff procedures for
coordinating data transmission between a mobile terminal and a
SGSN
5
4
3
2
1
PT
(*)
E
S
PN
Message Type
Length (1st octet)
Length (2nd octet)
Tunnel Endpoint Identifier (1st octet)
Tunnel Endpoint Identifier (2nd octet)
Tunnel Endpoint Identifier (3rdoctet)
Tunnel Endpoint Identifier (4th octet)
Sequence Number (optional) (1st octet)
Sequence Number (optional) (2nd octet)
N-PDU Number (optional)
Next Extension Header Type (optional)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
69
70
Fig. 2.19 3GPP Iu-PS
interface protocol stacks
2.1.11.2 The Iu-PS Interface
Tunnel Management: establishing,
maintaining and releasing the GTP tunnels
between a RNC and a SGSN
Radio Access Bearer Management:
establishing, maintaining and releasing Radio
Access Bearers (RABs)
Radio Resource Management: Radio Resource
Admission Control by RNC
Mobility Management: handoff between RNC;
paging; positioning services
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
71
GTP-U
GTP-U
UDP
UDP
IP
IP
Layer 2
Layer 2
Layer 1
Layer 1
RNC
(a) Iu-PS User Plane.
SGSN
RANAP
RANAP
SCCP
SCCP
Signaling
Bearer
Signaling
Bearer
AAL 5
AAL 5
ATM
RNC
ATM
(b) Iu-PS Control Plane.
SGSN
RANAP: Radio Access Network Application Part
SCCP: Signaling Connection Control Part
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
72
12
Fig. 2.20 3GPP Gi interface
protocol stack
2.1.11.3 Gi, Gr, Gc, and Gs
Interfaces
Gi: used by GGSN to connect to any
external IP network
Gr: between SGSN and HLR
Gc: between GGSN and HLR
Gs: between SGSN and MSC/VLR
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
MAP
MAP
TCAP
IP
Layer 2
Layer 1
Layer 1
Gi
GGSN
73
Fig. 2.21 3GPP control-plane protocol
stack between SGSN (or GGSN) and HLR
TCAP
IP
Layer 2
External
IP Network
74
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.22 3GPP control-plane protocol stack
between GGSN and HLR based on GTP
GTP-C
MAP
MAP
TCAP
TCAP
GTP-C
SCCP
SCCP
UDP
UDP
SCCP
SCCP
Signaling
Bearer
Signaling
Bearer
IP
IP
MTP 3
MTP 3
Layer 2
Gr or Gc
SGSN or GGSN
Layer 1
HLR
TCAP: Transaction Capabilities Application Part
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Layer 2
MTP 2
Layer 1
Layer 1
Gn
GGSN
75
Fig. 2.23 3GPP control-plane protocol stack
between SGSN and MSC/VLR
MTP 2
Layer 1
Gc
GSN
serving as
Protocol Converter
HLR
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
76
2.1.11.4 Mobile-to-GGSN Protocol
Stacks
Packet Data Convergence Protocol (PDCP)

Header compression for higher-layer data streams
 IP Header Compression (IPHC)
BSSAP+
BSSAP+
SCCP
SCCP
Signaling
Bearer
 Robust Header Compression (ROHC)

Signaling
Bearer
Gs
SGSN

MSC
BSSAP+: Base Station System Application Part+
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
77
Mapping higher-layer data into the underlying
radio interface protocols
Maintaining data transmission orders for upper
layer protocols that have such requirement
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
78
13
Fig. 2.24 3GPP user-plane protocol
stack between mobile and GGSN
Radio Link Control (RLC)
Provides logical link control over the radio interfaces
A mobile can have multiple RLC connections
Support
Applications
PDP
(e.g., IP, PPP)
PDP
(e.g., IP, PPP)


PDCP
PDCP
RLC
RLC

GTP-U
GTP-U
GTP-U
GTP-U
UDP
UDP
UDP
UDP

IP
IP
IP
IP

MAC
Layer 2
Layer 2
Layer 2
Layer 2

Layer 1
Layer 1
Layer 1
Layer 1

MAC
Layer 1
Iu-Ps
Uu
MS
Layer 1
Gn
UTRAN
SGSN
GGSN
79
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.25 3GPP control-plane protocol
stack between mobile and SGSN
GMM
SM
SMS
GMM
SM
RRC
RRC
RANAP
RLC
RLC
SCCP
SCCP
MAC
MAC
Signaling
Bearer
Signaling
Bearer
GPRS Mobility Management (GMM): support
mobility management functions including
GPRS Attach and Detach operations, security,
and routing area update procedure.
Session Management (SM): support PDP
context activation, modification, and
deactivation
SMS (Short Message Service): support short
messages
SMS
AAL 5
ATM
MS
GMM, SM, and SMS
Layer 1
Uu
ATM
Iu-PS
RNS
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
SGSN
81
82
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.26 Access another IP
network through 3GPP PS domain
2.1.12 Accessing IP Networks
through PS Domain
User registration (e.g., authentication
and authorization) with the external IP
network
Dynamic assignment of IP addresses to
the mobile by the external IP network
Encryption of user data transported
between the mobile and the external IP
network
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
80
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
RANAP
AAL 5
Layer 1
Broadcast information related to the RAN and the CN to the
mobiles
Establish, maintain, and release RRC connections
Establish, maintain, and release Radio Bearers
Paging
Radio power control
Control of radio measurement and reporting
Control of the on and off of ciphering between the mobile
and the RAN
83
User Traffic
RNC
SGSN
Router
GGSN
External
IP Network
Gi
Mobile
RAN
3GPP PS Domain
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
84
14
Transparent Access vs. Nontransparent Access
2.1.12 Accessing IP Networks
through PS Domain
Transparent Access: The GGSN does not
participate in any interaction between the
mobile and the external IP network except
transporting user packets.
Non-transparent Access: The GGSN
participates in at least one of the interactions
between the mobile and the external IP
network described above.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
2.1.12.1 Transparent Access
2.1.12.2 Non-Transparent Access Using
Mobile IP
2.1.12.3 Acquiring IP Address
Dynamically Using DHCP from an
External Network
2.1.12.4 Dial-up Access Using PPP
85
86
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.27 Protocol stacks for transparent
to IP networks through 3GPP PS CN
2.1.12.1 Transparent Access
Gain access to a GGSN in the local PS
CN
Acquire an IP address from the local PS
domain to use as its PDP address in
local PS CN domain
Register with the external IP network
Higher-Layer
IP Protocols
(e.g., MIP,
IPsec)
Higher-Layer
IP Protocols
(e.g., MIP,
IPsec)
UDP/TCP
UDP/TCP
IP
IP
IP
IP
Layer 2
Layer 2
3GPP Packet Domain Bearer
Layer 1
Layer 1
Gi
Mobile Terminal
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
87
2.1.12.2 Non-Transparent Access
Using Mobile IP
GGSN
External IP Network
88
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.28 Protocol stacks for non-transparent
access to IP networks through PS CN domain
GGSN also serves as a MIPv4 FA
Mobile uses the IP address of the GGSN
as its FA CoA
HA may be inside an external IP
network
MIPv4
MIPv4 Foreign Agent
MIPv4
UDP
UDP
UDP
IP
IP
IP
UDP
IP
Layer 2
Layer 2
3GPP Packet Domain Bearer
Layer 1
Layer 1
Gi
Mobile Terminal
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
89
GGSN
External IP Network
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
90
15
Fig. 2.29
Mobile
GGSN
With Mobile IP FA
SGSN
Activate PDP Context Request
(PDP Address = 0.0.0.0
APN=MIPv4FA)
Activate PDP Context Accept
(PDP Address = 0.0.0.0)
Mobile IP
HA
Create PDP Context Request
(PDP Address = 0.0.0.0
APN=MIPv4FA)
Before an IP address is assigned to the
mobile by the external IP network, the PS CN
domain should be able to relay DHCP
messages between the mobile and external
DHCP server.
When an IP address is assigned to the mobile
by the external IP network, the mobile’s PDP
contexts on the SGSN and the GGSN need to
be updated to include the mobile’s IP address.
Create PDP Context Response
(PDP Address = 0.0.0.0)
Mobile IP Agent Advertisement
Mobile IP Registration Request
(CoA = FA CoA = Address of GGSN)
2.1.12.3 Acquiring IP Address Dynamically
Using DHCP from an External Network
Mobile IP Registration Request
(CoA = FA CoA = Address of GGSN)
Mobile IP Registration Reply
Extract mobile’s
home address
And enter it to
PDP Context
Mobile IP Registration Reply
GGSN-initiated PDP Context Modification
91
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.30 3GPP protocol stacks for supporting IP
address assignment by external network
using DHCP
Fig. 2.31
Mobile
DHCP
Relay Agent
Activate PDP Context Request
(PDP Address = 0.0.0.0)
UDP
UDP
UDP
IP
IP
IP
IP
Lower Layers
Mobile Station
Lower Layers Lower Layers
GGSN
DHCP Server in
External
IP Network
Create PDP Context Request
(PDP Address = 0.0.0.0)
Create PDP Context Response
(PDP Address = 0.0.0.0)
DHCPDISCOVER
DHCP
Server Process
UDP
GGSN
with
DHCP Relay Agent
SGSN
Activate PDP Context Accept
(PDP Address = 0.0.0.0)
DHCP
Client Process
92
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
DHCPDISCOVER
DHCPOFFER
DHCPOFFER
DHCPREQUEST
DHCPREQUEST
Lower Layers
DHCPACK
External IP Network
Extract IP Address
Assigned to Mobile
DHCPACK
GGSN-initiated PDP Context Modification
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
93
2.1.12.4 Dial-up Access Using
PPP
Fig. 2.32 Protocol stacks for dialup through
3GPP packet domain to an IP network
Dialup refers to the process of establishing a
link-layer connection to an IP network
PPP connection is a natural choice for
implementing the portion of a dialup
connection over the PS domain
L2TP may be used to extend the PPP
connection from GGSN to external IP network
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
94
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
95
PPP
Lower Layers
Mobile
PPP
Lower Layers
Protocols for
tunneling
over IP network
(e.g., L2TP)
Protocols for
tunneling
over IP network
(e.g., L2TP)
UDP
UDP
IP
IP
Lower Layers
Lower Layers
GGSN (LAC)
LNS in External IP Network
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
96
16
Fig. 2.33 Signaling flows for dialup through
3GPP packet domain to an IP network
Visited Network
1. Activate PDP Context Request
(PDP Address = 0.0.0.0)
4. Activate PDP Context Accept
(PDP Address = 0.0.0.0)
Mobile
External
IP Network
2. Create PDP Context Request
(PDD Address = 0.0.0.0)
SGSN
3. Create PDP Context Response
(PDP Address = 0.0.0.0)
GGSN
6. L2TP Negotiation
LNS
5. Establish PPP and Configure IP over PPP
2.2.1 3GPP2 Network Architecture
98
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Radio Networks (RNs)
cdma2000 base station
Core network

2.2.1 3GPP2 Network Architecture
2.2.2 3GPP2 Packet Data Network
Architecture
2.2.3 Protocol Reference Model
2.2.4 Access to 3GPP2 Packet Data Network
2.2.5 User Packet Routing and Transport
2.2.6 Protocol Stacks for Packet Data Services
97
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.

2.2 3GPP2 PACKET DATA
NETWORKS
circuit-switched domain
packet-switched domain


Radio Networks (RNs): based on circuitswitched technologies and is used for
both circuit-switched and packetswitched services


Base Station (BS)


99
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.34 3GPP2 conceptual network architecture
Circuit Switched
Core Network
Servers
(e.g., SCP, VMS, MC,
PDE, NPDB, SN)
PSTN
MSC
C
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
100
2.2.1.1 Circuit-Switched Core
Network


VLR
Mobile Switching Center (MSC)
Information Servers

Pi
B
A
HLR
Base Station Controller (BSC)
Base Transceiver System (BTS)
Switching and call control components
Ai
Radio
Network
System ID (SID): identify a system
Network ID (NID): identify a network
pair (SID, NID)
(SID, NID): uniquely identify a network within a
system

Home Location Registrar (HLR)
Visitor Location Registrar (VLR)
Equipment Identity Registrar (EIR)
Service control servers
BTS
BSC
Packet Switched
Core Network
Aquinter
AAA
Server
Pi

HA

Pi
Pi
Aquater
PCF
IP
Network


PDSN


Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
101
Service Control Point (SCP)
Voice Message System (VMS)
Message Center (MC)
Position Determining Entity (PDE)
Number Portability Database (NPDB)
Service Node (SN)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
102
17
2.2.2 3GPP2 Packet Data
Network Architecture
2.2.2.1 Functional Architecture
2.2.2.1 Functional Architecture
2.2.2.2 Reference Network Architecture
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
103
Fig. 2.35 3GPP2 packet data
network functional architecture
RRC
MS
PCF
PDSN
104
Route IP packets between the 3GPP2 network and
any external IP networks
Route IP packets between mobile terminals inside the
same operator’s 3GPP2 network
Act as an IP address server to assign IP address to
mobiles
Act as a PPP server for mobiles (i.e., establish,
maintain and terminate PPP session to a mobile
terminal)
Provide mobility management functions (FA)
Communicate with an AAA server to authenticate
and/or authorize MS
AAA
105
Packet Control Function (PCF)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
106
Radio Resource Control (RRC)
Establish, maintain, and terminate
layer-2 connections to the PDSN
Maintain reachability information for
mobile terminals
Relay IP packets between RN and PDSN
Tracks status of radio resources
Communicate with RRC function on the
BSC to manage radio resources
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Packet Data Serving Node (PDSN)
HA
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Packet Data Serving Node (PDSN)
Packet Control Function (PCF)
Radio Resource Control (RRC)
Mobile Station (MS)
Home Agent (HA)
Authentication, Authorization,
Accounting (AAA)
107
Establish, maintain, and terminate radio
connections to mobiles and
management radio resources allocated
to these connections
Broadcast system information to
mobiles
Maintain status of mobile terminals
(e.g., active, dormant)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
108
18
Fig. 2.36 Functional architecture of a
mobile station (MS)
Mobile Station (MS)
User Identity Module (UIM): removable
or integrated into ME
Mobile Equipment (ME)



MS
ME
Terminal Equipment (TE)
Mobile Terminal (MT)
Terminal Adapter (TA)
MT
TE
TA
UIM
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
109
2.2.2.2 Reference Network
Architecture
Fig. 2.37 3GPP2 packet data network reference
physical architecture
Home Access
Visited Access
Provider Network 1
Provider Network
MSC/
VLR
Simple IP Access


mobile is assigned an IP address
dynamically by PDSN
obtain a new IP address when MS moves
to a new PDSN
Mobile IP Access

HLR
Home
AAA
Home IP Network
IP Network
AAA
Broker AAA Network
A10/A11
Mobile
Terminal
111
PDSN
P-P Interface
Visited Access
Provider Network 2
IPv6
SS7
Network
Visited
AAA
RN
Mobile IP (v4 or v6)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
110
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
HA
Home IP Network,
Private Network,
or
Home Access
Provider Network
PDSN
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
112
Relation with CS Network
PDSN acts as an IPv6 access router
PPP is established between MS and
PDSN
IPv6 over PPP
PDSN sends Router Advertisement
MS can use IPv6 stateless
autoconfiguration to construct and
configure a local IPv6 address
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Many critical capabilities in PS network
rely on CS network

handoff, paging, connection setup
PS network does not directly interface
with the CS network
CS procedures are initiated by the BSC
inside RN upon receiving data or
requests from PCF
113
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
114
19
Fig. 2.38 3GPP2 protocol reference model
2.2.3 Protocol Reference Model
MSC
A Reference Point
Ater Reference Point
Aquinter Reference Point
Aquarter Reference Point
P-P Interface (optional)

Call Control
And
Mobility
Management
A1
(Signaling)
A2
(User
Traffic)
Circuit
Switch
PDSN
A5
(User Traffic)
P-P
Interface
A Reference Point
A3 (User Traffic)
BSC2
A3 (Signaling)
A8 (User Traffic)
BSC1
A9 (Signaling)
A10 (User Traffic)
PCF
A11 (Signaling)
PDSN
A7 (Signaling)
PDSN-to-PDSN Interface is used support
fast handoff between PDSNs
Ater
Reference Point
Aquinter
Reference Point
Aquater
Reference Point
(R-P interface)
Traffic interface
Signaling interface
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
115
A Reference Point
117
Interface A3: carry signaling and user traffic
between SDU on a source BSC and a target
BTS for supporting soft handoff

A3 signaling controls the allocation and use of A3
user traffic channels
Interface A7: carry other signaling
information not carried by the A3 interface
between a source and a target BS
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
118
Aquarter Reference Point (R-P
Interface)
Aquinter Reference Point
A8 interface: transport user data traffic
A9 interface: signaling between a BSC
and a PCF
The A8 and A9 interfaces are also used
to support mobility between BSCs under
the same PCF
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
116
Ater Reference Point
Interface A1: carry signaling traffic
between the Call Control and Mobility
Management functions of the MSC and
the Call Control function of the BSC
Interface A2 and A5: carry different
types of user traffic between the switch
component of MSC and Selection and
Distribution Unit (SDU) on BSC
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
119
A10 interface: provide a path for user
traffic
A11 interface: signaling between the
PCF and the PDSN
The A10 and A11 interfaces are also
used to support mobility between PCFs
under the same PDSN
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
120
20
2.2.4 Access to 3GPP2 Packet
Data Network
MS

Step 1
Establish A10
A9-Connect-A8
Establish PPP connection
Mobile IP Agent Advertisement
Mobile IP Registration Request
Authorization
Request
Authorization
Request
Authorization
Response
Authorization
Response
Mobile IP Registration Request
Step 2
Mobile IP Registration Request Reply
Mobile IP Registration Request Reply
Accounting
Request
Accounting
Response
User packets over PPP
121
2.2.5 User Packet Routing and
Transport
122
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
IP Network
Fig. 2.40
IP
IP
PDSN 2
PDSN 1
A10/A11
Mobile maintains a PPP connection to its
serving PDSN
All user packets to and from the mobile
will be sent to the serving PDSN first
A8 and A10 connections are
implemented as IP tunnels using
Generic Routing Encapsulation (GRE)
A10/A11
GRE Tunnel
GRE Tunnel
PCF 2
PCF 1
A8/A9
A8/A9
GRE Tunnel
GRE Tunnel
PPP connections
BSC 2
BSC 1
User packets
Radio Bearer
Source Mobile
123
2.2.6 Protocol Stacks for Packet
Data Services
Radio Bearer
Destination Mobile
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
124
2.2.6.1 Protocol Stacks over A9
and A11 Interfaces
Stacks over A9 and A11
Main messages of A9

Stacks over A8 and A10


Stacks over P-P


Stacks Between Mobile
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Mobile IP
Home Agent
Assignment Complete
Step 2: MIPv4 registration
2.2.6.1 Protocol
Interfaces
2.2.6.2 Protocol
Interfaces
2.2.6.3 Protocol
Interface
2.2.6.4 Protocol
and PDSN
Home AAA
Server
Fig. 2.39 3GPP2
Packet Service
Activation (using
Mobile IP)
A9-Setup-A8
Step 1-C: Establish PPP connection
between mobile and PDSN.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Foreign AAA
Server
PDSN
Establish
Traffic radio
channel
Step 1-A: Gain access to the Radio
Network.
Step 1-B: Setting up resources between
the BSC and the PDSN.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
PCF
CM Service Request
 May not need to set up A8 connection

MSC
Assignment Request
Step 1: Gain access to PDSN

BSC
Origination
ACK
125

A9-Setup-A8 and A9-Connect-A8
A9-Release-A8 and A9-Release-A8 Complete
A9-Disconnect-A8
A9-Update-A8 and A9-Update-A8 Ack
A9-Air Link (AL) Connected and A9-Air Link (AL)
Connected Ack
A9-Air Link (AL) Disconnected and A9-Air Link (AL)
Disconnected Ack
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
126
21
2.2.6.1 Protocol Stacks over A9
and A11 Interfaces (Cont.)
Fig. 2.41 3GPP2 protocol stacks for
the A9 and A11 interfaces
A11 signaling protocol is modeled after the Mobile
IPv4 protocol


PDSN acts as if it was a MIPv4 HA
PCF acts as if it was a MIPv4 FA
Main messages of A11




A11 Registration
A11 Registration
A11 Registration
A11 Registration
A9 Signaling
Request
Reply
Update
Acknowledge

C R K S s
Recur
Flags
Offset (optional)
Physical Layer
Physical Layer
Physical Layer
A11
PCF
PDSN
128
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
GRE
GRE
GRE
IP
IP
IP
IP
Link Layer
Link Layer
Link Layer
Link Layer
Physical Layer
Physical Layer
A8
PCF
GRE
Physical Layer
A10
PDSN
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
130
The P-P interface is an optional interface used
to support fast inter-PDSN handoff (see 4.4.4)
Two individual interfaces
Routing (optional)

(a) GRE header format.
Flags
Link Layer
2.2.6.3 Protocol Stacks over P-P
Interface
Sequence Number (optional)
Recur
Link Layer
129
Key (optional)
C R K S s
UDP
Protocol Type
Checksum (optional)
0 1 2 3 4 5 6 7 8 90 1 2 3 4 5
Link Layer
BSC
6 7 8 9 0 1 2 3 4 5 6 7 8 0 1 2
Ver
IP
Link Layer
Physical Layer
Fig. 2.43 Generic Routing Encapsulation
(GRE) protocol header
0 1 2 3 4 5 6 7 8 90 1 2 3 4 5
IP
A9
UDP
Fig. 2.42 3GPP2 protocol stacks for
the A8 and A10 interfaces
PCF Session Identifier (PCF SID)
PDSN Session Identifier (PDSN SID)
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
IP
127
GRE encapsulates a user packet by
adding a GRE header to the user packet
Sequence Number: ensure packet
delivery order
Key: identify the IP packets to and from
each mobile terminal

A11 Signaling
IP
BSC
2.2.6.2 Protocol Stacks over A8
and A10 Interfaces
A11 Signaling
TCP/UDP
Physical Layer
Soft state: PCF periodically sends A11 Registration
Request to refresh A10 connection
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
A9 Signaling
TCP/UDP

6 7 8 9 0 1 2 3 4 5 6 7 8 0 1 2
Ver
Protocol Type
Key
P-P Bearer Interface: P-P traffic connection to
tunnel user packets between the PDSNs by GRE
tunnel
P-P Signaling Interface: signaling messages and
procedures for managing the P-P traffic
connections
Sequence Number (optional)
(b) Format of GRE header used for tunneling between PCF and PDSN or between BSC and PCF.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
131
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
132
22
Fig. 2.44 Protocol stacks for the P-P
interface
P-P Signaling
P-P Signaling
Modeled after the Mobile IPv4 protocol


Serving PDSN acts as if it was a MIPv4 HA
Target PDSN acts as if it was a proxy/MIPv4 FA
Main messages of A11




A11
A11
A11
A11
P-P Signaling
UDP
UDP
IP, IPsec
IP, IPsec
Link Layer
Link Layer
Physical Layer
Physical Layer
Target PDSN
Serving PDSN
(a) Control-plane protocol stack
Registration Request
Registration Reply
Registration Update
Registration Acknowledge
GRE
GRE
IP, IPsec
IP, IPsec
Link Layer
Link Layer
Physical Layer
Physical Layer
Target PDSN
Serving PDSN
(b) User-plane protocol stack
133
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.45 3GPP2 protocol stacks for user
data between mobile terminal and PDSN
(without P-P interface)
2.2.6.4 Protocol Stacks Between
Mobile and PDSN
Mobile is not in the process of fast inter-PDSN
handoff (without P-P interface)

Link Access Control (LAC): establish, use, modify,
remove of radio links

IP
IP
PPP
PPP
LAC
With P-P interface
Signaling between a mobile and its serving
PDSN

Link
Physical
GRE
GRE
GRE
GRE
IP
IP
IP
IP
Link
Link
LAC
Link
Link
Physical Physical
Mobile
135
BSC
IP
IP
Link
Link
Link
Physical Physical
A8
Set up PPP
MIPv4 registration
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
134
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Physical Physical
PCF
Serving PDSN
CH
136
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.46 Protocol stacks for end-to-end
user traffic transport when P-P interface is
used
Fig. 2.47 3GPP2 protocol stacks for
signaling between mobile terminal and
PDSN
MIPv4
Client
UDP
UDP
IP
IP
IP
PPP
IP
IP
GRE
PPP
PPP
LAC
LAC
Link
Link
Physical
GRE
GRE
GRE
Link
IP
IP
IP
IP
IP
IP
Link
Link
Link
Link
Link
Link
Physical Physical
Physical Physical
A8
Mobile
GRE
IP
MIPv4
Foreign Agent
UDP
PPP
GRE
IP
Physical
A10 (R-P)
BSC
Physical Physical
A10 (R-P)
PCF
Link
GRE
LAC
IP
Physical Physical
Physical
P-P
Target PDSN
MAC
Physical
Serving PDSN
137
GRE
MAC
IP
Link
GRE
IP
Link
Physical Physical
CH
BSC
IP
Link
Link
Layer
Link
Physical Physical
A8
Mobile
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
GRE
LAC
Physical
Physical
A10
PCF
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Serving PDSN
138
23
2.3 MWIF ALL-IP MOBILE
NETWORKS
2.3.1 Network Architectures
MWIF seeks to develop an end-to-end all-IP
wireless network that will use IETF protocols
to support all networking functions at the
network-layer and higher layers, including
naming and addressing, signaling, service
control, routing, transport, mobility
management, quality of service mechanisms,
security, accounting, and network
management.
Unlike the 3GPP and 3GPP2 networks, the
MWIF architecture will no longer rely on
protocols or network entities in circuitswitched core networks.
Core Network


All-IP using standard IETF protocols
Independent of access-specific
technologies used in different Access
Networks
Access Networks
139
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Fig. 2.48
Layered Functional Architecture
Transport Layer (in both Access Network and
Core Network)
Control Layer
Service Layer
Application Layer
Application Layer
3rd Party Applications
Service Layer
Applications/Services, Directory Servers, Global Name Servers,
Location Servers, Authorization Server,
Policy Server
Control Layer
Mobility Management, Communication Session Management,
Address Management, Resource Manager,
Authentication, Accounting.
Security
Functions
OAM&P
Transport Layer
Core Network
Access
Network
The security and the OAM&P (Operation,
Administration, Maintenance and Provisioning)
functions may span across multiple functional
layers.
Access
Gateway
141
Router
Router
IP
Gateways
Mobile
Terminals
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
140
Router
Media
Gateways
External IP
Networks
Signaling
Gateway
PSTN and
Circuit-Switched
Wireless Networks
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
142
O p e r a t io n s , A d m in ist r a tio n , M a in t e n a n c e & P r o v is io n in g
C o n f ig u r a t io n
M anagem ent
F a u lt
M an agem en t
S63
S66
S65
S41
S41
L o c a tio n
Server
S39
S38
R esource
D ir e c t o r y
G lo b a l
N am e
Server
S40
S25
G e o g r a p h ic
L o c a tio n
M anager
T h ir d P a r ty
A p p lic a tio n
C ore N etw ork
A p p lic a t io n
S16
D ir e c t o r y S e r v ic e s
S41
S26
S67
A p p lic a t io n F u n c t io n a l E n t itie s
S11
S e r v ic e
D is c o v e r y
Server
B illin g
M anagem ent
P erfo rm a n ce
M anagem ent
S e c u r it y
M anagem ent
S64
C o r e N e tw o r k F u n c tio n a l E n t itie s
P r o file
Server
S13
S33
S59
S58
S15
A u t h o r is a tio n
Server
S56
A u t h e n tic a t io n
Server
S55
S41
A c c o u n t in g
Server
S18
S41
S29
S e s s io n
A nchor
S28
S53
S35
M o b ile
A tte n d a n t
A ccess
G atew ay
S47
A ccess
T ra n sp o rt
G atew ay
IP
A ddress
M anager
B 04
M u lt im e d ia
R esource
F u n c tio n
S30
R ou ter
B 07
S31
B 10
S43
B 05
B 05
In te r n e t
B 05
B 06
In tr a n e t
S46
P STN
T e r m in a l

K ey
B 08
S68

S45
M A P
N e tw o rk
E n te r p r is e
N etw ork
A c c e ss N e tw o rk
U ser
I d e n tit y
M o d u le
C o lle c t iv e
Snn
R e fe r e n c e P o in t
( S ig n a llin g )
N etw ork
F u n c tio n a l
E n tity
B nn
R e fe r e n c e P o in t
(U se r D a ta B e a re r)
Enable a mobile to gain access to the core
network and to send and receive IP packets over
the core network
SIP Registration
S ig n a llin g
G atew ay
T r a n sp o r t G a te w a y F E s
C N I n te r w o r k in g F u n c tio n s
S37
S42
S44
M e d ia
G a te w a y
IP
G a te w a y
B 09
S12
M e d ia
G atew ay
C o n t r o lle r
S23
S27
B 02
B 01
B 03

S21 S22
R esource
M anager
S52
M u ltim e d ia
R esource
C o n t r o lle r
Specific to each access network
Basic Registration for Core Network
S54
S32
S41
S34
S61 S62
S20
S19
S e s s io n
P roxy
S17

S57
S41
S60
C o m m u n ic a t io n
S e s sio n
M anager
S36
2.3.2 Access to MWIF Networks
Access Network Registration
A A A F u n c tio n a l E n tit ie s
S48
S50
S51
S49
H om e
M o b ilit y
M anager
H o m e IP
A ddress
M anager
Fig. 2.49
S14
P o lic y
R e p o s ito r y
S24
Enable a user to use SIP to initiate and receive
multimedia communications
An integral part of session and service
management
N etw ork
A r e fe r e n c e p o in t to a c o lle c tiv e g o e s to e v e r y n e tw o rk f u n c tio n a l e n tity w ith in th e c o lle c tiv e
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
143
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
144
24
Serving Network
Mobile
Attendant
Terminal
Home Network
Authentication Policy
Policy
Server
Repository Server
Home
Mobility
Authentication Policy
Server
Repository Manager
Home IP
Address
Manager
Profile
Server
Access Network Registration
Step 1
2.3.3 Session Management
Obtain IP Address and Mobile Attendant Address
Request Terminal
Registration
Request
Authentication
2.3.3.1 Functional Entities, Protocol
Reference Points and Stacks
2.3.3.2 Mobile-Initiated Call Setup
Policy
Request
Policy
Response
Policy
Request
Request Authentication
Step 2
Policy
Response
Fig. 2.50 MWIF
basic registration
procedure
Request Terminal
Registration
Response Terminal
Registration
Address
Request
Address
Response
Profile Request
Response
Response Terminal
Authentication
Registration
Step 3
Profile Response
Response Authentication
QoS Procedure
145
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
Serving Network
DIAMETER
AAA
Server
Authentication Authorization Accounting
Terminal
Global
Name
server
Resource
Directory
S25
Core
Network
S49
S49
Access
Transport
Gateway
Home Network
IP
Gateway
Session
Proxy
SIP INVITE
SIP INVITE
Session
Anchor
S19
S20
S18
Communication
Communication
Session
Session
Manager
Manager
S18
S21
Session
S20 Anchor
S41
Service
Discovery
Server
S41
S29
Media
Gateway
Controller
S27
S28
Media
Resource
Controller
IP
Gateway
Fig. 2.52 MWIF
mobile-originated
call setup procedure
S17
183 Call Processing
183 Call Processing
PRACK
Access Gateway
Fig. 2.51
PRACK
Authorization
Server
Profile
Server
Policy
Repository
Request
Authentication
Request Authorization
Request
Profile
Response
Profile
Request Policy
Response Authorization
Response Policy
ACK
Home Network
User Data
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
147
183 Call Processing from destination
PRACK
200 OK
200 OK
200 OK
Radio Access Network
Visited Network
Authentication
Server
SIP INVITE sent to destination
Session
Proxy
Session
Proxy
CSM
Response
Authentication
S24
S22
Communication
Session
Manager
146
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
ACK
User Data
ACK
User Data
Copyright © 2004 by John Wiley & Sons, Inc. All rights reserved.
148
25