Inmarsat BGAN Network Overview

advertisement
Inmarsat BGAN Network
Overview
CN Team
Global Network Engineering
Version 1.4 Q1 2014
BGAN Network in 2014
Two live SAS sites; Burum and Paumalu (Hawaii) with Fucino
as a backup for Burum.
Satellite coverage:
• I4F1 APAC region – lands in Paumalu SAS,
• I4F2 EMEA region – lands in Burum SAS,
• I4F3 AMER region – lands in Paumalu SAS.
MMPs (Meet Me Points) available for DP interconnect:
•
•
•
•
•
Amsterdam Telecity,
New York Telx,
Burum SAS,
Paumalu SAS,
Sydney HarbourMSP (special requirements apply).
BGAN Network 2014
I4F3
I4F1
I4F2
China FRG
DP POPS
DP POPS
HKG
MMP
Spare
Paumalu
Burum
SAS Core
Network
Inmarsat Edge Routers
STM1
HKColo MMP, Hong Kong
PAUMALU
MMP
Sydney FRG
BURUM
MMP
SYDNEY
MMP
Fucino
STM1
SAS Core
Network
Internet
(Special
conditions
apply)
SAS
Network
SAS
Network
100Mbit
STM1
DP POPS
DS3
NYC MMP
AMS MMP
Inmarsat Edge Routers
DP POPS
SAS DCN
DS3
DP POPS
Telex MMP, New York
Inmarsat Edge Routers
Telecity MMP, Amsterdam
SAS Core
Network
DP POPS
BGAN PS Domain
DP Radius
Server
RNC
SGSN
Iu
GGSN
Gn
Gi
DP POP
UT
RFS
3GPP TS
25.413 RANAP
Inmarsat BGAN SDM
3GPP TS
29.060 GTP
3GPP TS 24.008 NAS
ftp.3gpp.org/specs/2004-12/Rel-4/
3GPP TS 29.061
Interworking
3GPP NAS over IAI2
PS Domain Routing in a nutshell
To get an IP address and access to an exit point from the BGAN
network, a user chooses an APN and activates a PDP context.
The SGSN at the SAS where the traffic is landing queries an APN
DNS to find out which GGSN is hosting that APN and sends PDP
context creation request to the GGSN.
The GGSN obtains an IP address via RADIUS and returns the
address to the SGSN and completes the setup of the GTP tunnel for
user traffic.
The SGSN requests a radio bearer and establishes a GTP tunnel to
the RNC for user traffic.
Any traffic from the BGAN UT is forwarded through the network in a
GTP tunnel and onto the Gi interface. The IP address assigned to the
terminal is not used for routing within the network, only at the GGSN.
Traffic to/from the DP network and the GGSN is transferred via an
IPSec or GRE tunnel.
What is an APN?
The GGSN can be considered as a collection of virtual routers.
Each of these virtual routers has associated with it a collection of
interfaces, filters, routing tables, rules and a name that together
make up the APN.
Each APN is unique, but the same APN name may be used by
more than one GGSN. The association between the name and
the GGSN that should be used is determined by the APN DNS
that the SGSN consults.
Each APN contains information about the RADIUS server, which
is usually located in the DP’s POP or DP network. The RADIUS
server handles all user authentication and assigns IP addresses
based on various credentials.
What is a PDP context?
From the user’s perspective a PDP context is an IP address
assigned by the network and connectivity.
Within the network a PDP context is the collection of data
needed to route the traffic to and from the user.
A secondary PDP context uses the same IP address as the
first PDP context but has a different QoS associated with it.
A secondary PDP context has it’s own radio bearer and GTP
tunnels within the network.
At the UT and the GGSN a traffic flow template (TFT) is used
to map traffic of a particular type into the secondary PDP
context.
What is a POP?
From the Inmarsat perspective, a POP is pair of redundant
routers connected to Inmarsat’s routers. The user traffic to and
from the GGSN is delivered through an IPSec or GRE tunnel
to a tunnel endpoint that is a VIP shared by the DP routers.
Anything else behind those routers is entirely up to the DP/SP.
Typically this may include:
• Radius Servers,
• Firewalls,
• Value Added services such as a pre-pay facility, online usage
statistics, personal firewalls and DNS,
• Some DPs offer access to their own networks to route traffic to
customer’s office/corporate LAN which guarantees QoS.
POP Interconnect
There are six locations around the world where a DP or SP
can interconnect directly with the Inmarsat network to receive
their traffic:
•
•
•
•
•
Telecity in Amsterdam,
Telex in New York,
Burum SAS,
Paumalu SAS,
HarbourMSP in Sydney.
Connecting to Inmarsat at a Meet Me Point is referred to a
POP interconnect.
POP interconnect allows QoS to be maintained end to end
which is important for some streaming services.
It also provides greater privacy and security than routing the
traffic via the internet.
POP Interconnect (cont)
The most popular and cost-effective MMPs for DPs to connect into
are Telecity Amsterdam and Telx New York.
Inmarsat are establishing MMPs at the Burum and Paumalu SAS
sites for lower latency connections.
Establishing a POP interconnect at the Sydney MMP will require a
dedicated APN which can only exit in Australia;
i.e. dpname-aus.bgan.inmarsat.com.
This is because of forced routing restrictions and the legal intercept
requirement from the Australian Government.
Physical Arrangement for POP
Interconnect
Internet Interconnect
The GGSN tunnel endpoints are accessible over the public
internet.
An IPSec tunnel can be established between the Inmarsat
network and the DP/SP tunnel endpoint if the DP tunnel
endpoint is available over the internet.
Some DPs use this option as a backup to POP interconnect.
Inmarsat also offer a shared APN called bgan.inmarsat.com. A
PDP context with this APN will provide the user with access to
the internet with a public IP address.
APN Additional Features
BGP peering can be run inside the traffic tunnel for up/down state
detection. UT address ranges which are live in the GGSN can also
be advertised to the DP’s POP via this session.
Global IP
• Global IP is an feature used when an APN with an identical name is
configured in both GGSNs, and the same IP address ranges are used
across both. This enables a BGAN user to obtain the same IP address
regardless of which ocean region they are in.
• The GGSN can advertise every active UT address in the GGSN routing
table towards the POP in a /32 format using BGP.
• This ensures the POP router knows the correct return route & tunnel for
each active UT.
• As soon as the UT establishes a PDP context, a BGP update is sent to
the POP and vice-versa when the context is closed.
• A Global IP APN is priced differently to regular APNs and the number of
PDP context allowed are limited.
APN Additional Features #2
RADIUS Disconnect – Enables the DP to manually disconnect
a PDP session via the DP’s RADIUS.
User Location Info – The SAC country code area which the
user raises the PDP context from is passed onto the DP in the
RADIUS authentication and accounting messages.
Routing behind MS – An additional subnet can exist behind a
user terminal and the subnet can be supplied by RADIUS
Access Accept, which enables the GGSN to route the
additional network address via the PDP context.
Other Considerations #1
Forced Routing
Inmarsat has to fulfill regional requirements by sending packets
back to some countries of origin for Legal Interception.
Inmarsat have a node in place which does the forced routing and
sits on the core network at the SAS sites. It force routes user
traffic in Russia, China and Australia. Its called the GnFR.
The forced routing is transparent to the DP, although it will
lengthen round trip times for those users.
Traffic from China lands in Beijing as is routed through the Beijing
SAS, so the RTT is optimised.
Other Considerations #2
Round Trip times between MMPs and
Forced Routed countries
BUR
BUR
PAU
AMS
HK
NY
SYD
BEIJ
PAU
250
AMS
HK
NY
SYD
BEIJ
MSCW
5
255
85
n/a
265
48
220
110
145
210
155
255
n/a
n/a
295
270
45
n/a
322
48
273
363
302
127
n/a
n/a
n/a
MSCW
~RTT in
ms
Download