SE2900 I-SBC Interconnection Technical White Paper. HUAWEI SE2900 Session Border Controller V300R002C10 HUAWEI TECHNOLOGIES CO., LTD.

Transcription

1 V300R002C10 SE2900 I-SBC Interconnection Technical White Paper Issue 01 Date HUAWEI TECHNOLOGIES CO., LTD.

2 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Huawei Technologies Co., Ltd. Address: Website: Huawei Industrial Base Bantian, Longgang Shenzhen People's Republic of China support@huawei.com i

3 About This Document About This Document Purpose This document briefly describes the I-SBC interconnection functions and networking solutions provided by Huawei SessionEngine2900 (SE2900) SBC, involving I-SBC interconnection features, networking, and networking reliability. This document helps you understand the I-SBC interconnection features and the deployment of the SE2900 on the carrier network. Intended Audience This document is intended for: Management personnel and planning and design personnel of carriers Huawei marketing engineers Technical support engineers Maintenance engineers Symbol Conventions The symbols that may be found in this document are defined as follows. Symbol Description Indicates a hazard with a high level or medium level of risk which, if not avoided, could result in death or serious injury. Indicates a hazard with a low level of risk which, if not avoided, could result in minor or moderate injury. Indicates a potentially hazardous situation that, if not avoided, could result in equipment damage, data loss, performance deterioration, or unanticipated results. Provides a tip that may help you solve a problem or save time. Provides additional information to emphasize or supplement important points in the main text. ii

4 About This Document Standards Compliance Category Name Purpose IETF RFC 3261 SIP: Session Initiation Protocol RFC4568 SDP Security Descriptions for Media Streams Defines SIP standards. Defines Secure Real-time Transport Protocol (SRTP) media negotiation in SIP calls. 3GPP 3GPP TS Describes SIP and SDP on the IMS network. 3GPP TS GPP TS GPP TS Defines IP network interworking. Defines IMS network interworking. Defines the IBCF. Change History Issue 01 ( ) Changes between document issues are cumulative. The latest document issue contains all the changes made in earlier issues. This issue is the first official release iii

5 Contents Contents About This Document... ii 1 Overview Typical Application Scenarios Convergent Gateway Security Protocol Conversion Charging IGW Security Protocol Conversion Charging Flexible Routing LDI Protocol Conversion Audio Transcoding Signaling Flexible Adaptation IPX Security Protocol Conversion Charging Flexible Routing Audio Transcoding Signaling Flexible Adaptation National Tandem Office Enterprise Network Interworking Capability Flexible Routing Application Scenario Function Description IPv4/IPv6 Translation Application Scenario Function Description iv

6 Contents 3.3 SIP/SIP-I/SIP-T Interworking Application Scenario Function Description SIP-H.323 Interworking Application Scenario Function Description Conversion Between SIP over UDP/TCP/SCTP/TLS Application Scenario Function Description Audio Transcoding Application Scenario Function Description Media Bypass Application Scenario Function Description Interworking Network Redundancy Core Network Redundancy Application Scenario Function Description SBC Redundancy Security Management Security Overview Major Security Challenges Major Attack Means Security Implementation Security Features Major Security Strategies Security Architecture Security Layers Service/Management Planes Security Dimensions Charging Local CCF Charging Application Scenario Function Description Flexible Adaptation DSCP Remarking Application Scenario Function Description Media Policy v

7 Contents Application Scenario Function Description SIP Header Manipulation Application Scenario Function Description QoS Assurance IP One-Way Audio Detection Application Scenario Function Description Voice Quality Reporting Application Scenario Function Description A Acronyms and Abbreviations vi

8 1 Overview 1 Overview The traditional telecommunication network (TCN) uses time division multiplexing (TDM) to provide voice services. This transmission mode features high reliability but is high-cost, low-bandwidth, and time-consuming for deployment. The sharp increase of global data traffic, communication media diversity, and global IP development require efficient and low-cost IP interconnection between the subnets of a carrier, between carriers and enterprises, and between different carriers. With network evolution, heterogeneous network interconnection encounters the following problems: The emergence of more intelligent UEs and the growing integration of services, present serious security issues and challenges to the network. Ensuring network and user information security is the top concern for network deployment. How to ensure protocol adaptation (such as SIP/SIP-I/SIP-T) and device interoperability. How to ensure efficient multimedia traffic transmission because not only voice and short message traffic but also multimedia traffic is transmitted on the network. To address these problems, the I-SBC is deployed to implement network interworking. The I-SBC consists of the interconnection session border controller (IBCF) and interconnection border gateway function (IBGF). The IBCF supports routing and forwarding, border control, and topology hiding, and instructs the IBGF to implement media interworking. The I-SBC supports interworking between the IMS network and IMS network/ngn/h.323 network/another type of IP network. See Figure

9 1 Overview Figure 1-1 SE2900 in network interworking RCS AS VoBB AS SCC AS Signaling Media Another type of network RMC Presence SE2900 Remote IBCF/IBGF DNS server I/S-CSCF H.323 network HSS IM-MGW IMS MGCF (VoBB/RCS/VoLTE/conference) IBCF + IBGF GK H.323 UE NGN Enterprise network MGW Softswitch IP-PBX Aggregated routing Routing decision device The I-SBC, which is deployed at the edge of networks, ensures network security and implements network interworking, meeting the need for IP-based gateways and Long Distance and International (LDI)/IP Packet exchange (IPX). The I-SBC supports flexible routing so that the services between different networks are flexibly and accurately routed to the destination. The I-SBC supports interworking between the networks of different capabilities and provides interworking security in addition to meeting basic service requirements of the networks. The I-SBC provides the flexible adaptation mechanism and quickly resolves the network interworking issues. The I-SBC supports core network redundancy and SBC redundancy, ensuring network reliability. The I-SBC supports basic and supplementary services, as shown in Table 1-1. Table 1-1 Basic and supplementary services Service Name SIP emergency call Overview The SIP emergency call feature enables the IMS network to identify and give special treatment to emergency calls. When a subscriber dials an emergency call number (such as 911) or an SOS URN, the IMS network identifies this call as an emergency call and forwards the call request to the nearest EC for special treatment. In the I-SBC scenario, the SE2900 is deployed between two IMS networks or between one IMS network and another network and identifies a call as an emergency call and then forwards the call to a device on another network for subsequent operations. 2

10 1 Overview Service Name SIP subscription SIP call SIP fax Overview SIP subscription enables the core network to send NOTIFY messages about status changes to subscribers who, after successful registration, initiate SUBSCRIBE requests to the core network to subscribe to their own status or other subscribers' status. Common subscription statuses include registration status and presence status, respectively identified by the reg or presence event package carried in the Event header of a SUBSCRIBE request. The SIP call feature enables the SE2900 to create, modify, or terminate multi-media sessions and use SDP to dynamically modify session attributes, such as required session bandwidths, media types (voice, video, or data), and media codec formats. In the SIP call procedure, the SE2900 also supports such supplementary services as call hold, forking, call transfer, call redirection, conference calls, and three-party services in addition to the basic call procedure. In the I-SBC scenario, the SE2900 is deployed between two IMS networks or between one IMS network and another type of network and forwards call messages between the networks. SIP fax is a telecommunications service in which data is transmitted between two fax machines. It provides a complete set of service functions, including fax data bearer and fax service management, for fax machines on both sides of the network. In the I-SBC scenario, the SE2900 is deployed between two IMS networks or between one IMS network and another type of network and forwards fax data between the networks. The I-SBC supports the following functions for network interworking: Flexible routing When the SE2900 connects to multiple IP networks, flexible routing is used to meet different routing requirements to ensure network reliability and routing flexibility. IPv4/IPv6 translation The I-SBC is used to implement interworking between the IPv4 and IPv6 networks. SIP/SIP-I/SIP-T interworking When the SE2900 acts as an IP interworking gateway between the NGN, IMS network, and CS network, SIP/SIP-I/SIP-T interworking is needed because the IMS network supports SIP but the NGN and CS network support SIP/SIP-I/SIP-T. SIP-H.323 interworking In the I-SBC scenario, the UEs homed to different core networks support different protocols, such as SIP and H.323. The SIP-H.323 interworking feature helps implement interworking between the IMS network/ngn and the H.323 network. As the convergence center for multiple solutions, the SE2900 is dedicated to establishing a seamless intelligent edge for heterogeneous networks under continuous evolution. In the all-ip era, H.323 conferences still play an important role in enterprises, and this requires the access to the SIP-based IMS network. IP-PBX access The private branch exchange (PBX), also called the private automatic branch exchange (PABX), is a dedicated exchange that provides call center functions or hotline functions 3

11 1 Overview for corporate users, such as enterprises, companies, and banks, and provides special service console functions for such services as fire and police emergency calls. The PBX, which incorporates telephones, fax machines, modems, and other devices, makes connections among the internal telephones of an enterprise and also connects them to the public switched telephone network (PSTN). The IP-PBX without the registration capability must access the IMS network through the I-SBC. Conversion between SIP over UDP/TCP/SCTP/TLS SIP is an application layer protocol that can run over different transport layer protocols. Generally, SIP messages are transmitted over UDP. In the I-SBC scenario, the SE2900 supports interworking between transport layer protocols. Audio transcoding Audio transcoding enables the SE2900 to convert media packets from one media format to another. With this feature, the SE2900 allows UEs using different media formats to communicate with each other. The SE2900 provides the flexible adaptation mechanism by supporting SIP header manipulation. The interconnection compatibility issue between different types of network devices is very common. To address such an issue, the SE2900 provides a mechanism that allows carriers to flexibly control SIP messages. This mechanism helps carriers quickly solve interconnection issues related to protocol use and enables a carrier network to have enhanced SIP application-layer attack defense capability. 4

12 2 Typical Application Scenarios 2 Typical Application Scenarios 2.1 Convergent Gateway A convergent gateway is a traffic ingress/egress between one domestic carrier and other domestic carriers. The carriers interconnect with each other through their own convergent gateways. Fixed-mobile convergence (FMC) carriers can deploy a convergent gateway to collect traffic between different types of networks that are run by the same carrier, as well as traffic between domestic carriers. IP-based convergent gateways have become an irreversible trend because of increasing costs and service diversity. Figure 2-1 Convergent gateway networking Domestic convergent gateway PSTN PLMN IMS Carrier's own network ENUM server UGC MGW SBC MGW O&M/billing VoIP carriers Carrier 1 PSTN Carrier 3 PBX Domestic CP/SP Carrier 2 PLMN Other local carriers Security The emergence of more intelligent UEs and the growing integration of services, present serious security issues and challenges to the network. The I-SBC is needed to ensure network and user information security Protocol Conversion The I-SBC is needed to implement interworking between different models/types of networks. 5

13 2 Typical Application Scenarios Charging SIP/SIP-I/SIP-T interworking SIP with encapsulated ISUP (SIP-I)/SIP for Telephones (SIP-T) is currently the preferred means for implementing interworking between the IMS network and CS network/ngn (interworking between SIP-based service platforms or IP-PBXs and PLMN/PSTN users). The reasons why SIP-I/SIP-T is preferred for the interworking are as follows: Only SIP-I/SIP-T is able to provide certain services. Although certain services can also be implemented using standard SIP on CS networks, SIP-I/SIP-T facilitates service implementation if the SIP peer supports SIP-I/SIP-T. The SIP/SIP-I/SIP-T interworking feature allows the SE2900 to serve as an IP interworking gateway for the IMS network, NGN, CS network, and IP-PBXs, and to provide basic voice services and supplementary services for various networks. The enhanced SIP access capability minimizes interconnection risks and helps network interworking. SIP-H.323 interworking In the all-ip era, H.323 conferences still play an important role in enterprises, and this requires the access to the SIP-based IMS network. The SE2900, as the convergence center of multiple solutions, is dedicated to building a seamless and intelligent border for the evolving heterogeneous network. This feature implements interworking between the IMS network/ngn and the H.323 network and enables an H.323 UE to join the IMS conference, which improves the H.323 UE's service experience. The I-SBC supports charging and generates charging data records (CDRs), achieving interconnect settlement. 2.2 IGW An IGW routes calls from a domestic carrier to other carriers in foreign countries. A domestic carrier uses its own IGW or other carriers' IGWs in the home country, depending on domestic regulations and whether the domestic carrier has an operation license. Figure 2-2 IGW networking International gateway FNO MNO SP Local network ENUM server/ LCR MGW O&M/billing UGC SBC MGW Country 1 VoIP Country 2 PSTN Country 3 PLMN Country 4 PSTN Country 5 PLMN Other countries 6

14 2 Typical Application Scenarios Security The problems encountered by the convergent gateway also arise on the IGW. The I-SBC can resolve the problems by supporting IP interworking (which reduces call costs and facilitates rich communication services), IP network attack defense, and network protocol conversion. The networks involving the IGW are more complex and pose serious challenges to IP network security. The I-SBC is needed to protect networks and users Protocol Conversion Charging Flexible Routing The IGW uses different communication protocols for each type of network. Network interworking requires the I-SBC to perform protocol conversion, including SIP/SIP-I/SIP-T interworking and SIP-H.323 interworking. The IGW involves the settlement with the international carrier. The I-SBC generates CDR and facilitates settlement. International traffic is often routed across multiple international carrier networks to reach the destination. This allows flexible choice of routes. The SE2900's flexible routing function meets the routing requirements of the IGW, which ensures better network connectivity and optimized routing efficiency. Routing policies include: Calling/called number-based routing policy CIC or RN-based routing policy User type-based routing policy Media type-based routing policy Call type-based routing policy ENUM query-based policy QoS-based routing policy Codec-based routing policy Date and time-based routing policy Rerouting upon forwarding failures 2.3 LDI Many multinational carriers deploy their subnets in different countries and face the following challenges in interconnecting and managing subnets in a centralized manner: A multinational carrier leases or builds an IGW for each subnet. This increases the investment and costs of international calls. In addition, a lack of centralized subnet planning and management leads to high maintenance costs and reduces the negotiation power of carriers when they try to reach a deal with companies that lease IGWs. 7

15 2 Typical Application Scenarios Traffic between subnets of the same carrier may be transferred by an international traffic network of another carrier. This increases the costs of international calls, increases the time required for call setup, and degrades voice quality. The Long Distance and International (LDI) solution implements interworking between domestic networks of the same carrier, between international carriers, and between subnets of the same multinational carrier. By using the LDI solution, carriers can accelerate convergence of the core network to provide new services, such as multimedia services and convergent applications. This will ultimately help carriers to simplify network structures and reduce operating expenses (OPEXs). Carriers gain the following benefits from the LDI solution: Reduce costs of international calls, including calls between subnets of the same carrier and calls between subnets and other foreign networks. Improve brand reputation and advantageous position in pricing negotiation. Increase revenue from low-cost international wholesale services. Improve brand attraction due to the delivery of new services, including international roaming, enterprise communication, and conferencing services. Some carriers lease their LDI networks as IPX networks so that many small carriers can implement national and international communication services. Figure 2-3 Architecture of the LDI network LDI network MGW SBC ENUM server/ LCR O&M/billing UGC The IMS core network is optional. Service center Subnet 1 Subnet 2 Subnet 3 Subnet 4 Subnet 5 Subnet n Region 1 Region 2 Region m In the LDI solution, the I-SBC can be deployed to ensure network security and perform inter-subnet traffic settlement Protocol Conversion The IGW uses different communication protocols for each type of network. Considering cost reduction, service expansion, and network maintenance convenience, LDI uses IP-based SIP protocol to converge signaling, which involves interworking between integrated services digital network user part (ISUP) signaling and SIP signaling. The I-SBC is deployed to support SIP/SIP-I/SIP-T interworking, achieving ISUP signaling lossless transmission. 8

16 2 Typical Application Scenarios Audio Transcoding The diversity of network types and UE types results in the situation where UEs use different media formats. For example, the UEs on the fixed network use G.711 and UEs on the mobile network use AMR. Transcoding is required when the UEs on the fixed network and mobile network communicate with each other. Such problems also arise in interworking between other types of networks or UEs. Audio transcoding enables the SE2900 to convert media packets from one media format to another. With this feature, the SE2900 allows UEs using different media formats to communicate with each other Signaling Flexible Adaptation The networks supporting SIP have different understanding of SIP and different parsing capabilities of signaling packets, which is an important factor to affect the network tandem capability. SIP header manipulation provides a mechanism to flexibly control SIP messages. Enables a carrier network to have better SIP application-layer attack defense capability. Helps carriers quickly solve interworking problems related to protocol use. 2.4 IPX In addition to building their own LDI networks, multinational carriers can use the third-party IPX network to converge subnets and communicate with other carriers. Small-scale carriers can lease the IPX network to achieve international communication services. In IPX interworking, the IPX network can be used as a voice hub to provide converged mobile/fixed interworking calls or a Diameter agent to provide centralized Diameter signaling convergence and forwarding. 9

17 2 Typical Application Scenarios Figure 2-4 IPX networking Service center HSS Centrex AS Telephony AS Conference AS Routing enhancement ENUM server LCR server Other carrier networks IP carrier TDM carrier Subnet Subnet 1 Subnet 2 Subnet 3 Subnet 4 Bearer channel Signaling channel Heartbeat link Security The IPX network is similar to the LDI network. The IPX network converges different carrier networks and imposes higher requirements for security, charging, and tandem capabilities. The I-SBC supports the following functions to resolve different problems. Network security must be considered so that the IPX network converges carrier networks Protocol Conversion Charging Flexible Routing The IPX network converging different carrier networks must be able to support protocol interworking, such as SIP/SIP-I/SIP-T interworking and SIP-H.323 interworking. The IPX provider needs to perform traffic settlement with different carriers. Therefore, the IPX network must support charging. The IPX network connects to the networks of different carriers and international call transfer need to be considered. The IPX network preferentially selects low-cost paths to ensure reliability. Many routes are involved in routing and routing policies are flexible. 10

18 2 Typical Application Scenarios Audio Transcoding The diversity of UE types must be considered for the convergence between the networks of different carriers. The I-SBC needs to be deployed to achieve transcoding so that the UEs using different media formats communicate with each other Signaling Flexible Adaptation The inconsistency of protocol understanding and packet parsing capabilities must be considered to ensure the IPX network's tandem capability. The I-SBC's SIP header manipulation function can improve the IPX network's tandem capability. 2.5 National Tandem Office The national tandem office is similar to the LDI in terms of network architecture and functions. It is used to converge signaling and traffic between domestic carriers' endpoints. A carrier may operate various types of networks. For example, a comprehensive carrier operates fixed and mobile networks at the same time. It is recommended to build a single tandem network, simplifying network architecture and reducing alternative channels (if management is not taken into account). For details, see the LDI description. The I-SBC is deployed to enhance tandem network security and tandem capability. 2.6 Enterprise Network IP-PBX Access The IP-PBX provides call center functions or hotline functions for corporate users, such as enterprises, companies, and banks, and provides special service console functions for such services as fire and police emergency calls. The IP-PBX that does not have the registration capability accesses the IMS network through the I-SBC so that the I-SBC supports core network redundancy to ensure access reliability and core network security. The I-SBC also supports media bypass so that the media packets in the call between the caller and callee attached to the same IP-PBX are transmitted only within an enterprise, reducing the consumption of core network resources. 11

19 2 Typical Application Scenarios Figure 2-5 Business trunking access in IBCF mode Core network I-SBC PBX A PBX B UE UE UE UE 12

20 3 Interworking Capability 3 Interworking Capability 3.1 Flexible Routing Application Scenario Flexible routing enables the SE2900 to flexibly route initial INVITE messages based on a series of user-defined routing policies. Flexible routing improves the flexibility of route planning and ensures better network connectivity and optimized routing efficiency. Routing policies include: Calling/called number-based routing policy CIC or RN-based routing policy User type-based routing policy Media type-based routing policy Call type-based routing policy ENUM query-based policy QoS-based routing policy Codec-based routing policy Date and time-based routing policy Rerouting upon forwarding failures Function Description Calling/Called Number-based Routing Policy The SE2900 selects a route based on the calling/called number in an initial INVITE request. The calling number refers to the user part of the URI in the P-Asserted-Identity header of the initial INVITE request. If multiple P-Asserted-Identity headers exist, the user part of the URI in the first P-Asserted-Identity header is regarded as the calling number. If no P-Asserted-Identity headers exist, the user part of the URI in the From header is regarded as the calling number. The called number refers to the user part of the URI in the Request-URI of the initial INVITE request. 13

21 3 Interworking Capability CIC or RN-based Routing Policy The SE2900 selects a route based on the cic and cic-context parameters or the rn and rn-context parameters in the Request-URI of the initial INVITE request. User Type-based Routing Policy The SE2900 selects a route based on the type of the caller. Calling party category (CPC) refers to the CPC parameter in the P-Asserted-Identity header. Possible values of this parameter are ordinary, test, operator, payphone, priority, data, and unknown. Call messages with the cpc parameter set to other values are processed as those with the cpc parameter set to unknown. The following is a sample value of the cpc parameter in a P-Asserted-Identity header: P-Asserted-Identity:<tel: ;cpc=ordinary>. Media Type-based Routing Policy The SE2900 selects a route based on the media type carried in SDP information of the initial INVITE request. The following table lists possible media types. Media Type Description Remarks Audio The SDP 'm=' line is audio. If the SDP 'm=' line contains both video and audio and the port number in the 'v=' line is set to 0, the media type is audio. Video Fax File transfer The SDP 'm=' line is video and the port number in the 'v=' line is not 0. The SE2900 supports only codecs G.711a, G.711u, Clearmode, ClearmodeRED, T.38, and T.38 over RTP. If either of the following conditions is met, the media type is file transfer. The Accept-Contact header contains +g.oma.sip-im and the 'a=' line contains file-selector. The Accept-Contact header contains +g.3gpp.icsi-ref="urn%3aurn-7%3a 3gpp-service.ims.icsi.oma.cpm.filetran sfer". If the SDP 'm=' line contains both video and audio and the port number in the 'v=' line is not set to 0, the media type is video

22 3 Interworking Capability Media Type Description Remarks Instant messaging (IM) message Picture sharing If any of the following conditions is met, the media type is IM message. The Accept-Contact header contains +g.oma.sip-im and the 'a=' line does not contain file-selector. The Accept-Contact header contains +g.3gpp.icsi-ref="urn%3aurn-7%3a 3gpp-service.ims.icsi.oma.cpm.msg". The Accept-Contact header contains +g.3gpp.icsi-ref="urn%3aurn-7%3a 3gpp-service.ims.icsi.oma.cpm.session ". The Accept-Contact header contains +g.3gpp.icsi-ref="urn%3aurn-7%3a 3gpp-service.ims.icsi.oma.cpm.largem sg". The Accept-Contact header contains +g.3gpp.iari-ref="urn%3aurn-7%3a3gp p-application.ims.iari.gsma-is". - - All media types The media type is not specified. The option ALL(All media types) has the lowest priority. If none of the preceding media types is matched, the SE2900 uses this option. Call Type-based Routing Policy The SE2900 selects a route based on the call type. The tgrp and trunk-context parameters in the Contact header of an initial INVITE request together identify a call type. ENUM Query-based Policy ENUM query-based routing enables the SE2900 to map E.164 numbers into IMPUs in the URI format by querying the E.164 numbers against the ENUM server and select routes based on the IMPUs returned by the ENUM server. In this case, all routing data is aggregated on the ENUM server. Figure 3-1 shows the typical networking. 15

23 3 Interworking Capability Figure 3-1 Typical networking for ENUM query-based policy Rerouting upon Forwarding Failures After receiving an OXX response, the SE2900 determines whether to forward packets using another trunk group in the current route based on configured policies. Figure 3-2 Procedure for rerouting upon forwarding failures 1. The SE2900 selects a route based on the configured routing policy after receiving an initial INVITE request. Then the SE2900 selects a trunk group through which the INVITE request is forwarded to SIP AN A. 2. SIP AN A returns an OXX response to the SE Based on the IBCF route reselection policy, the SE2900 determines to route the initial INVITE request to SIP AN B using another trunk group in the same route. 16

24 3 Interworking Capability 3.2 IPv4/IPv6 Translation Application Scenario The rapid development of the IP network and sharp increase of communication devices (including but not limited to computers) that use IP addresses to access the Internet result in scarcity of IPv4 resources and hinder Internet development. IPv6 is introduced to resolve the IPv4 address-space depletion problem. IPv6 has a significantly larger address space than IPv4. This larger address space results from the use of a 128-bit (16-byte) address, whereas IPv4 uses only 32 bits (4 bytes). The new address space supports about 3.4 x addresses. Larger address space meets hierarchical address allocation requirements and public address and private address allocation requirements. Carriers do not need to deploy address saving technologies, such as network address translation (NAT), to alleviate IPv4 address exhaustion, which simplifies network architecture and reduces networking costs. IPv4 and IPv6 networks coexist for a long time. The I-SBC supports IPv4-IPv6 interworking and enables carriers to provide services with the same user experience as before Function Description Figure 3-3 IPv4-IPv6 interworking Core network A IPv6 IPv4 Core network B SE2900 Signaling Media The SE2900 supports IPv4/IPv6 dual-stack and is able to translate between signaling and media addresses of different types, implementing IPv4-IPv6 interworking and enabling carriers to provide services with the same user experience as before. 3.3 SIP/SIP-I/SIP-T Interworking Application Scenario SIP with encapsulated ISUP (SIP-I)/SIP for Telephones (SIP-T) is currently the preferred means for implementing interworking between the IMS network and CS network/ngn (interworking between SIP-based service platforms or IP-PBXs and PLMN/PSTN users). The reasons why SIP-I/SIP-T is preferred for the interworking are as follows: Only SIP-I/SIP-T is able to provide certain services. Although certain services can also be implemented using standard SIP on CS networks, SIP-I/SIP-T facilitates service implementation if the SIP peer supports SIP-I/SIP-T. 17

25 3 Interworking Capability The SIP/SIP-I/SIP-T interworking feature allows the SE2900 to serve as an IP interworking gateway for the IMS network, NGN, CS network, and IP-PBXs, and to provide basic voice services and supplementary services for various networks Function Description Figure 3-4 shows the networking scheme in which the SE2900 serves as an IP interworking gateway for the NGN, IMS network, and CS network. The IMS network supports SIP. The NGN and CS network support SIP/SIP-I/SIP-T. Figure 3-4 Typical networking scheme with the SE2900 serving as an IP interworking gateway Table 3-1 describes SIP, SIP-I, and SIP-T. Integrated Services Digital Network User Part (ISUP) is part of the Signaling System No. 7 (SS7) and provides signals for basic bearer services and supplementary services on the ISDN network. 18

26 3 Interworking Capability Table 3-1 SIP/SIP-I/SIP-T SIP Type SIP SIP-I/SIP-T Defined by IETF ITU-T, IETF Protocol ID Definition SIP-ISUP Interworking RFC 2976, RFC 3261, RFC 3262, RFC 3264, RFC 3311, and so on SIP is a text-based and application-layer control protocol that can establish, modify, and terminate multimedia sessions or calls. It is based on an HTTP-like request/response transaction model, which can be used to implement various multimedia services, including voice, video, and instant messaging services. SIP is also called standard SIP. Certain information, including service attributes, ISDN channel information, and announcement indication, is missing during conversion from ISUP to SIP. Q , RFC 3204, RFC 3372, and RFC 3398 SIP-I and SIP-T, extensions to SIP, carry ISUP bodies in SIP messages to implement lossless transmission. ISUP bodies can be included in SIP-I/SIP-T messages and can contain interworking information about basic calls and ISUP supplementary services. ISUP-SIP Mapping - The mappings between ISUP bodies of SIP-I messages and SIP messages are as follows: IAM = INVITE ACM = 180 Ringing CPG = 183 ANM = 200 OK (INVITE) CON = 200 OK (INVITE) SUS = Re-INVITE RES = INFO REL = BYE RLC = 200 OK (BYE) Difference ISUP bodies are not included in SIP messages. The ISUP body processing procedures in SIP-I and SIP-T are similar. 19

27 3 Interworking Capability 3.4 SIP-H.323 Interworking Application Scenario In the I-SBC scenario, the UEs homed to different core networks support different protocols, such as SIP and H.323. The SIP-H.323 interworking feature helps implement interworking between the IMS network/ngn and the H.323 network. The SE2900, as the convergence center of multiple solutions, is dedicated to building a seamless and intelligent border for the evolving heterogeneous network. In the all-ip era, H.323 conferences still play an important role in enterprises, and this requires the access to the SIP-based IMS network Function Description This feature implements interworking between the IMS network/ngn and the H.323 network and enables an H.323 UE to join the IMS conference, which improves the H.323 UE's service experience. Figure 3-5 shows a typical networking for interworking between the IMS network/ngn and the H.323 network. Figure 3-5 Networking for interworking between the IMS network/ngn and the H.323 network Figure 3-6 shows the typical networking for joining H.323 UEs to an IMS conference. 20

28 3 Interworking Capability Figure 3-6 Networking for joining H.323 UEs to an IMS conference SIP-H.323 Interworking Procedure Table 3-2 describes the SIP-H.323 interworking procedure. Table 3-2 SIP-H.323 interworking procedure Service Type Service Name Basic services Fast-start call service procedure SIP-to-H.323 fast-start call service H.323-to-SIP fast-start call service Supported audio codecs are G.711A, G.711μ, G.722, G.728, G.723, G.729A, and G.729. Supported video codecs are H.261, H.263, and H.264. Slow-start call service procedure SIP-to-H.323 slow-start call service H.323-to-SIP slow-start call service Slow start procedure In a slow start procedure, a fast-start call on the SIP network can be changed to a slow-start call on the H.323 network, but a fast start call on the H.323 network cannot be changed to a slow-start call on the SIP network. H.245 tunneling procedure H.245 tunneling procedure for a SIP-to-H.323 call H.245 tunneling procedure for an H.323-to-SIP call Procedure for switching from H.245 tunneling to an independent H.245 connection T.38 fax service procedure 21

29 3 Interworking Capability Service Type Supplementary services Conference services Service Name The H.323 network supports only T.38 fax services. The SE2900 supports conversion between T.38 fax services on the H.323 network and G.711 fax services on the SIP network. Dual tone multiple frequency (DTMF) service procedure The SE2900 supports the conversion of inband and outband DTMF signals between SIP and H.323 networks. Video auxiliary service procedure The H.323 network uses the H.239 protocol, and the SIP network uses the Binary Floor Control Protocol (BFCP). The SE2900 supports negotiation and uses video auxiliary stream channels to complete token application for conferences. Far-end camera control procedure The SE2900 supports H.224-based camera control. Flexible routing procedure Call forwarding procedure When a call is being forwarded on the H.323 network, the gatekeeper (GK) replies with a Facility message that carries the forwarding information, notifying the caller that the call is being forwarded. When a call is being forwarded on the SIP network, the SE2900 converts a 181 message to a Facility message, notifying the caller that the call is being forwarded. No media stream detection procedure If the SE2900 fails to receive media streams within a period because the UE is disconnected from the network or a UE abnormality occurs, the SE2900 terminates ongoing calls. The SE2900 can detect RTP packets. I-frame update The SE2900 supports the conversion between H.323-based and SIP-based I-frame requests. Payload type (PT) value conversion procedure The SE2900 supports conversion between PT values on the SIP and H.323 networks. The SE2900 allows H.323 UEs to be invited to join an IMS conference. Procedure for inviting an H.323 UE to an IMS conference (from fast start to slow start) Procedure for inviting an H.323 UE to an IMS conference (slow start) Procedure in which an H.323 UE joins a conference Procedure for inviting an H.323 UE to an IMS conference with BFCP as video auxiliary stream control 22

30 3 Interworking Capability 3.5 Conversion Between SIP over UDP/TCP/SCTP/TLS Application Scenario As an application layer protocol, SIP runs over different transport layer protocols, including UDP, TCP, and SCTP. To guarantee that data is transmitted securely on the transport layer, the SE2900 supports TLS. Each transport mode has its own advantages and disadvantages, and each network uses a different transport mode. The SE2900 supports bearer conversion to make the networks interworking. In the I-SBC scenario, the SE2900 supports conversion between SIP over UDP/TCP/SCTP/TLS Function Description Figure 3-7 Conversion between SIP over UDP/TCP/SCTP/TLS Core network A SIP over UDP/TCP/ SCTP/TLS SIP over UDP/TCP/ SCTP/TLS Core network B SE2900 Signaling The SE2900 allows using static or dynamic TCP links to transmit SIP messages. The SE2900 supports dynamic conversion between SIP over TCP and SIP over UDP. If the SIP message length is greater than or equal to the MTU (1300 bytes by default), the SE2900 sets up a TCP link and switches SIP messages to the TCP link for transmission. If the SIP message length is less than the MTU, the SE2900 sends SIP messages using the transport protocol specified in the initial INVITE request. If higher transmission security is required, TLS is used between the SE2900 and peer network to encrypt SIP messages, implementing secure transmission of SIP messages. 3.6 Audio Transcoding Application Scenario The diversity of network types and UE types results in the situation where UEs use different media formats. For example, the UEs on the fixed network use G.711 and UEs on the mobile network use AMR. Transcoding is required when the UEs on the fixed network and mobile network communicate with each other. Audio transcoding enables the SE2900 to convert media packets from one media format to another. With this feature, the SE2900 allows UEs using different media formats to communicate with each other Function Description This feature supports the following types of media format conversion: 23

31 3 Interworking Capability Audio transcoding Conversion between G.711 (including G.711A and G.711U), G.729 (including G.729A and G.729AB), G.723.1, G.722, ilbc, AMR, and AMR-WB Conversion between the same ARM/AMR-WB codec with different parameters, such as different mode-set parameter values, different packetization modes, and different mode control parameter values Conversion between same G.711, G.729, ilbc, AMR, or AMR-WB codec format that have different ptime values Fax conversion Conversion between fax over T.38 and fax over G.711 Conversion between fax over G.711A and fax over G.711U DTMF conversion Conversion between G.711 DTMF signals and RFC2833 DTMF signals Conversion between G.711 DTMF signals (on the bearer plane) and SIP INFO DTMF signals (on the signaling plane) Conversion between RFC2833 DTMF signals (on the bearer plane) and SIP INFO DTMF signals (on the signaling plane) Figure 3-8 shows the scheme for communication between UEs using different codecs through the SE2900. Figure 3-8 Media transcoding scheme 3.7 Media Bypass Application Scenario Media bypass enables media streams in the SIP call service to be transmitted between UEs without passing through the SE2900, saving bearer resources on the core network and reducing the media delay Function Description In the I-SBC scenario, media bypass has two modes: Intra-trunk-group automatic media bypass When the caller and callee belong to the same trunk group, media streams are transmitted between the caller and callee without passing through the SE2900. Forced media bypass 24

32 3 Interworking Capability The SE2900 does not modify SDP so that media streams do not pass through the SE2900. Figure 3-9 shows media bypass networking in the I-SBC scenario. Figure 3-9 Media bypass networking in the I-SBC scenario 25

33 4 Interworking Network Redundancy 4 Interworking Network Redundancy 4.1 Core Network Redundancy Application Scenario The redundancy of core network feature is a geographical redundancy solution that allows the SE2900 to interconnect with core servers in physically disparate sites, thereby ensuring service continuity even if a core server is unavailable unexpectedly. This feature is used when the SE2900 interconnects with core servers that are located in physically disparate sites to implement geographical disaster tolerance Function Description With this feature, the SE2900 sends SIP OPTIONS messages to the core servers periodically and switches service traffic from the failed core server to other core servers. The SE2900 supports two networking modes for core network redundancy: dual-homing and P-CSCF pool. Table 4-1 describes the two modes. Table 4-1 Networking modes for implementing the redundancy of core network feature Networking Mode Dual-homing Description The SE2900 is homed to two core servers that work in master/slave mode. Normally, the SE2900 is controlled and managed by the master core server. The SE2900 periodically sends SIP OPTIONS messages to detect the link status between the SE2900 and core servers. If the master core server fails, the slave core server takes over. Networking Diagram 26

34 4 Interworking Network Redundancy Networking Mode Pool Description The SE2900 is homed to a pool of core servers that work in load-balancing mode. In normal cases, the SE2900 balances the load among the core servers in the same pool. The SE2900 periodically sends SIP OPTIONS messages to detect the link status between the SE2900 and the core servers in the pool. Once a core server becomes faulty, the SE2900 balances the load among the rest core servers. Networking Diagram 4.2 SBC Redundancy Multiple I-SBCs are deployed in the same equipment room or different equipment rooms and work in load-balancing mode to provide non-stop services, implementing geographic redundancy (GR) and enhancing interworking reliability. Generally, each I-SBC can process services and supports redundancy. If one I-SBC becomes faulty, other I-SBCs can take over services to ensure service continuity. Two modes are available: Master/backup mode: Under normal circumstances, the master SE2900 processes services, and the backup SE2900 does not process services. The backup SE2900 takes over services only when both the devices on the core network and another type of network detect that the master SE2900 becomes faulty. Load-balancing mode: Each SE2900 shares 50% of the total services. When both the devices on the core network and another type of network detect that the master SE2900 becomes faulty, all services are switched to the other SE2900 for processing. 27

35 4 Interworking Network Redundancy Figure 4-1 Load-balancing networking Core network Dynamic routing area SBC A SE2900 SBC B SE2900 Dynamic routing area. Another type of network 28

36 5 Security Management 5 Security Management 5.1 Security Overview The SE2900 security solution ensures that hardware, software, and data stored on the SE2900 are protected against network congestion, disconnection, failure or unauthorized control caused by rogue processes, and that data on the live network is not discarded, disclosed, or tampered with. The core network to which the SE2900 is homed might adopt the all-ip network structure and use SIP as its session control mechanism. The combination of factors, such as the development of the information communication technology (ICT), the emergence of intelligent UEs, and the growing service integration presents serious security challenges to the core network. Because of the openness of the IP network and scalability of SIP, the core network is vulnerable to attacks from unauthorized users and hackers. If carrier networks become unavailable due to security issues, services are interrupted and user experiences are adversely affected, causing revenue deterioration, customer attrition, and negative brand awareness. The SE2900, being deployed at the entry of the core network, provides security functions at various levels and ensures the security of itself and core servers Major Security Challenges Major security challenges that the SE2900 and the core network face are as follows: Network openness The SE2900 is deployed at the edge of the core network and allows only authorized and secure UEs from the untrusted access network to access the core network. All-IP architecture of the core network Using the all-ip network architecture, the core network is exposed directly to attacks from the Internet. Hackers may attack the core network any way they can. Therefore, the SE2900, as the first entrance to the core network, must be capable of defending against IP layer attacks. SIP flexibility The increasing popularity and strong scalability of SIP makes it susceptible to various forged and malformed packets on live networks. Therefore, the SE2900 must be capable of identifying and filtering out abnormal signaling packets. Signaling and media attacks 29

37 5 Security Management The SE2900 functions as a signaling and media proxy. Therefore, the SE2900 must be capable of defending against both signaling and media attacks. Traffic storm Major Attack Means In peak hours, the traffic volume surges, and overloaded network devices suffer from DoS attacks. To resolve this issue, the SE2900 restricts the volume of the signaling and media traffic and the rate of registration and call packets. Figure 5-1 shows the major means used to attack core networks. Figure 5-1 Major attack means Sabotage An attacker launches DoS/DDoS and malformed SIP packet attacks against key resources, such as bandwidth, links, and device processing capability, on the core network. As a result, core servers are deprived of their service processing capabilities, and resources become unavailable to legitimate users. Major attach means are as follows: DoS/DDoS attack: An attacker sends a huge number of messages in a short period of time or sends SIP requests that may result in local loopbacks to the core network. As a result, core servers cannot process services because resources are exhausted. Malformed SIP packet attack: An attacker sends malformed SIP packets that do not conform with Internet Engineering Task Force (IETF) and 3rd Generation Partnership Project (3GPP) protocols and standards, to the core network. As a result, core servers malfunction and cannot process services. Fraudulent use of network resources 30

38 5 Security Management An attacker tampers with the information carried in messages exchanged between users and the core network, such as user information and codec types in call signaling messages. In this way, the attacker can use network resources free of charge. Common cases are toll fraud and bandwidth theft. Toll fraud: An attacker intercepts the signaling packets of a legitimate user. The attacker then tampers with the signaling packets and uses this user's account to initiate a call. Bandwidth theft: After a call has been established, an attacker uses fraudulent means (for example, using a different codec from the codec that is negotiated during the call setup) to use more bandwidth than allowed. Information disclosure An attacker uses illegal means to obtain core network information, such as network topology and user accounts and passwords. The common attacks are information scanning and eavesdropping. Information scanning: An attacker uses scanning tools to probe for the IP addresses, ports, and service software types of core servers in order to exploit security vulnerabilities. For example, an attacker uses scanning software to initiate a series of TCP connection requests sent to the ports of a core network device. By analyzing the response packets, the attacker identifies the ports that the core network device uses to provide services. Then the attacker attacks the core network device by using these ports. Attackers may also use scanning tools to probe for the routing information carried in call signaling messages in order to collect core network architecture information and launch attacks. Information eavesdropping: An attacker uses illegal software to listen to the SIP signaling information of the core network to obtain key information, such as the network topology, user identity information, user traffic information, and instant messages. Attackers may also capture TCP/IP packets during transmission and intercept and tamper with the packets. After stealing key user information, such as passwords and user rights, attackers tamper with user information to be able to control core network devices. Information deletion Network information or resources are maliciously intercepted and deleted, causing the loss of system information, such as operation logs and system files. In common cases, attackers may intercept or delete system files by embedding viruses and Trojan horses. Information deletion: An attacker obtains the super administrator account and password by embedding malicious software into the operating system (OS) or database, and then intercepts or deletes files or data, or uses malicious software to directly delete system files, causing the loss of operation logs or key data. 5.2 Security Implementation Security Features The SE2900 security solution provides rich protection schemes to ensure the security of core servers and services as well as the SE2900 itself. The SE2900 security solution provides the following security features: Confidentiality: prevents exposure of core network information to unauthorized users and entities. 31

39 5 Security Management Integrity: prevents data tampering by unauthorized users. Availability: allows access by authorized entities and prevents DoS attacks. Traceability: provides historical event records, which can be used to investigate attacks on the network. Data security: protects against hacker intrusion and password attacks to achieve secure data transmission. These features provide security for the SE2900 and core network in the following aspects: Software security: protects the SE2900 system software from being hacked, duplicated, tampered with, or infected by viruses. Data security: prevents data on the SE2900 and core network from being accessed by unauthorized users to ensure data confidentiality, integrity, and availability. Management security: provides measures to achieve secure network management, including regulations, security auditing, and risk analysis Major Security Strategies The SE2900 adopts the following security strategies: Software platform security The OMU provides the basic security capabilities, ensuring the basic architecture for the security of the OS, database, and security logs. Border attack defense Serving as an ingress node to the core network, the SE2900 uses a series of measures to shield the core network from outside attacks. The measures include packet filtering, IP layer attack defense, and signaling/media attack defense. Network isolation The SE2900 separates the control plane, user plane, and management plane from each other through security measures, such as physical isolation, plane isolation, VPN, and VLAN, ensuring information security. Media security The SE2900 uses media pinholing firewall and RTP packet checks to filter media streams that pass through the SE2900. These measures defend against media attacks and improve service quality. In addition, the SE2900 uses SRTP media encryption to encrypt the RTP packets transmitted between UEs and the SE2900, ensuring the security of call content. Principle of least privilege Both end users and network maintenance personnel are granted only the least privilege, bandwidth, and system resources that are needed to complete their operations. By default, the SE2900 disables unnecessary network services and operation rights to minimize network security risks. 5.3 Security Architecture The SE2900 security architecture is composed of three layers and three planes. Each layer or plane has a security mechanism to defend against specific security threats. Figure 5-2 shows the SE2900 security architecture. 32

40 5 Security Management Figure 5-2 SE2900 security architecture Figure 5-2 lists the most typical security threats and basic security measures the SE2900 takes to tackle the threats. For the principles and definitions applied to the security layers and planes, see Security Layers and Service/Management Planes. For the security threats on security layers and planes and corresponding measures the SE2900 takes to tackle the threats, see the basic architecture layer, network layer, and application layer. The security architecture enables the SE2900 to start the attack defense from the large traffic attacks that are easy to defend against. The following figure shows the detail. 33

41 5 Security Management Security Layers The SE2900 hardware implements the defense against network layer attacks because such attacks have relatively fixed patterns. The SE2900 software implements the defense against the following attacks: Unicast reverse path forwarding (URFP) ICMP flood attacks Large ICMP packet attacks IP fragment attacks Teardrop attacks SYN flood attacks WinNuke attacks UDP flood attacks UDP short header attacks Fraggle attacks The HRU module provides the signaling DoS/DDoS attack defense function and implements the defense against signaling DoS/DDoS attacks below the signaling plane. The HRU module also provides the media pinholing firewall function and implements the defense against attacks on the media plane because such attacks incur large traffic volume. The security analysis center (SEM) collects fault information from the TCP protocol stack, flow control module, and SIP processing module, identifies the attacks that incur low traffic volume, generates dynamic blacklist entries accordingly, and delivers the generated blacklist entries to the HRU or SIP processing module for further processing. The SIP processing module also supports call admission control (CAC), which is independent of the SEM, controlling user behavior at the application layer. The three layers in the SE2900 architecture are the basic architecture layer, network layer, and application layer. Table 5-1 describes these layers and the items under their protection. 34

42 5 Security Management Table 5-1 Security layers Security Layer Description Protected Objects Device Model OSI Model Basic architecture layer Based on software and hardware architectures of the CGP platform, the SE2900 secures the OS, database, system software, and system patches. Database layer OS layer Hardware layer Data link layer Physical layer Network layer Application layer Using network isolation, access control, and network layer attack defense, the SE2900 secures the access to network resources and services. Using application layer attack defense, signaling/media packet check, signaling/media packet encryption, and LMT security hardening, the SE2900 provides upper layer security for access control, service application, system maintenance accounts, and system logs. - Transport layer Network layer Application layer Application layer Presentation layer Session layer Table 5-1 lists the mapping between security layers and device models. Figure 5-3 shows the mapping. 35

43 5 Security Management Figure 5-3 Mapping between security layers and device models Service/Management Planes The three planes of the SE2900 architecture are the control plane, user plane, and management plane. Table 5-2 describes these planes and protected objects. Table 5-2 Service/management planes Service/Management Plane Control plane User plane Description The SE2900 provides security for the signaling streams of service applications on the control plane by implementing security policies, such as DoS/DDoS signaling attack defense, intrusion prevention, flow control, CAC, blacklist and whitelist, topology hiding, and signaling encryption. The SE2900 provides security for RTP sessions and the bandwidth allocated to these sessions by implementing security policies, such as the media pinholing firewall, RTP packet attack defense, bandwidth control, and media Protected Objects Data related to signaling control Data related to media 36

44 5 Security Management Service/Management Plane Management plane Description encryption. The SE2900 provides security for the operation, administration, and maintenance (OAM) management by implementing security policies, such as account security, data transmission security, authentication and authorization, security alarm, and web security. Protected Objects Data related to centralized managemen t and maintenance Security Dimensions The control plane, user plane, and management plane are isolated from each other. Each plane at the basic architecture layer and network layer faces the same security issues and challenges. Therefore, the security mechanisms at the basic architecture layer and network layer apply to each plane. Table 5-3 describes the mapping between the SE2900 security measures and ITU X.805 security dimensions. Table 5-3 Security dimensions ITU X.805 Security Dimension Access control Authentication and authorization Non-repudiation Data confidentiality Communication security Data integrity Availability Privacy SE2900 Security Measure Network isolation, ACL, CAC, SIP header manipulation, media pinholing firewall, and bandwidth control Brute force cracking attack defense, authentication through digital certificates, and principle of least privilege Logs and alarms Signaling encryption, media encryption, OAM transmission encryption, and password encryption Network isolation, signaling encryption, media encryption, and remote maintenance security Signaling encryption, media encryption, transmission security, integrity protection in SNMP and similar protocols, and system software integrity protection OS security hardening, database security hardening, security patches, network layer attack defense, signaling attack defense, and media attack defense Topology hiding and privacy protection 37

45 6 Charging 6 Charging 6.1 Local CCF Charging Application Scenario The SE2900 serves as the IBCF to provide offline charging. Two charging networking modes are available: embedded CCF and external CCF Function Description External CCF Embedded CCF When charging conditions are met, the SE2900 collects charging information from signaling messages and sends Diameter Accounting Request (ACR) messages to the CCF over the Rf interface. The CCF can be embedded on the SE2900. No CCF needs to be deployed on the network. After the SE2900 reports charging information, the embedded CCF generates original CDRs, processes the original CDRs and the CDRs generated by other NEs, generates final CDRs, and sends the final CDRs to the BC. Local CCF charging can be implemented in dual-system mutual backup or single-system networking. 38

46 6 Charging Figure 6-1 Single-system networking In dual-system mutual backup networking, the CCFs operate in master/backup mode. Once the master CCF fails, the backup CCF takes over and sends charging data records (CDRs) to the billing center (BC). See Figure 6-2. Figure 6-2 Dual-system mutual backup networking 39

47 7 Flexible Adaptation 7 Flexible Adaptation 7.1 DSCP Remarking Application Scenario DSCP remarking enables the SE2900 to set different differentiated services code point (DSCP) values for signaling and media packets. After receiving data packets, a router preferentially forwards packets with higher DSCP priorities to ensure VoIP quality of service (QoS) Function Description Figure 7-1 shows DSCP remarking. Figure 7-1 DSCP remarking This feature applies to the I-SBC scenario where the services of high-priority users or office directions need to be ensured. Related Concepts In the Differentiated Services (DiffServ) system, users can use the DiffServ field, which marks the service level of a packet, to apply for services at different levels. The first six bits of the DiffServ field are DSCP. The set of packets with the same DSCP value is called a behavior aggregate (BA). A router keeps the DSCP-to-PHB mapping. Per-hop behavior (PHB) indicates the behavior meeting a forwarding requirement, such as traffic policing, traffic 40

48 7 Flexible Adaptation shaping, and queue management. When a packet enters a router, this packet is classified into a BA according to its DSCP and forwarded by a specific PHB. Based on the QoS classification standards of DiffServ, the type of service (ToS) in the IP header of each data packet is used to distinguish the DSCP priorities. That is, you can set different values for six used bits and two unused bits of TOS for identification purpose. The DSCP is a combination of the IP Precedence and TOS fields. As DSCP values are compatible with the IP Precedence field, they are used so that the old routers that support only the IP Precedence field can be employed. Each DSCP value maps to a defined PHB code. UEs identify traffic based on the specified DSCP values. 7.2 Media Policy Application Scenario The media policy feature enables the SE2900 to flexibly control media capabilities, such as the early media, media types, media codecs, and bandwidth. This feature enables different types of UEs to communicate using the same media type and codec Function Description Early media gating control The SE2900 enables or disables the gating control based on the P-Early-Media header in a message from the core network. Media update in the forking scenario The SE2900 performs bearer control over the early media packets transferred along the forking paths and updates the media based on the carried P-Early-Media header. Media type check The SE2900 blocks media packets of specific types, such as video packets. Media bandwidth check The SE2900 restricts the bandwidth for each type of media packet, preventing UEs from overusing media bandwidth. Media codec check The SE2900 restricts the audio and video codecs allowed across the network. Media codec sorting The SE2900 sorts the media codecs in the SDP offer by priority, ensuring that high-priority media codecs are used in the communication between the caller and callee. Handling media capability check failures When the SE2900 fails to perform a media capability check, it determines whether to return a response or continue to process and forward media packets according to the configured media policy. No media stream detection When the signaling plane is normal but the media plane is abnormal, the SE2900 sends BYE messages to the core servers if it fails to detect any media streams within the specified period. Upon receipt of the BYE message, the associated core server tears down the session, improving charging accuracy. 41

49 7 Flexible Adaptation 7.3 SIP Header Manipulation Application Scenario SIP header manipulation provides a mechanism to flexibly control SIP messages. It has the following advantages: Enables a carrier network to have better SIP application-layer attack defense capability. Helps carriers quickly solve interworking problems related to protocol use Function Description Figure 7-2 SIP header manipulation implementation SIP header manipulation enables the SE2900 to manipulate the SIP messages meeting certain conditions based on regular expression match rules. Actions that the SE2900 performs on the matching first lines include DISCARD(Discard), DENY(Deny), DELETE(Delete), REPLACE(Replace), and SAVE(Save). Actions that the SE2900 performs on the matching headers include DISCARD(Discard), DENY(Deny), DELETE(Delete), REPLACE(Replace), INSERT(Insert), and SAVE(Save). Actions that the SE2900 performs on the matching message bodies include DISCARD(Discard), DENY(Deny), DELETE(Delete), REPLACE(Replace), and SAVE(Save). 42

50 8 QoS Assurance 8 QoS Assurance 8.1 IP One-Way Audio Detection Application Scenario IP one-way audio detection helps locate faults in voice services on the IP bearer network and provides auxiliary fault location information. The faults include one-way audio, no audio, short mute, and noises that are caused by internal packet drop on the SE2900. This feature helps carriers better understand the network status and obtain auxiliary fault location information Function Description The SE2900 implements this feature as follows: One-way audio detection on IP terminations: The SE2900 detects incoming and outgoing data packets on IP terminations. One-way audio detection triggered by internal packet drop: When the packet drop rate on the SE2900 exceeds a specified threshold, the SE2900 considers that one-way audio occurs and logs a one-way audio event. Figure 8-1 shows the IP one-way audio detection implementation. 43

51 8 QoS Assurance Figure 8-1 IP one-way audio detection implementation 1. IP one-way audio detection is enabled on the LMT. 2. The SE2900 performs one-way audio detection on IP terminations or detects one-way audio caused by internal packet drop. The SE2900 logs an event in the OMU hard disk after detecting one-way audio. 3. You obtain one-way logs from the SE2900 and analyze them. 8.2 Voice Quality Reporting Application Scenario Voice quality reporting enables carriers to monitor the network status on the media plane and the operating status of the network, based on which the carriers can adjust and optimize network and improve service quality. In addition, the reported QoS data also can be used in network planning and troubleshooting Function Description Voice quality reporting enables the SE2900 to measure QoS in real time, including the packet loss rate, jitter, round-trip delay, number of received/sent RTP packets, number of bytes of received/sent RTP packets, and mean opinion score (MOS). The SE2900 reports QoS statistics to the U2000 using user message tracing, consolidates the QoS statistics into traffic measurement statistics and then reports the statistics to the U2000, or reports the QoS data carried in ACR messages to the CCF over the Rf interface. Table 8-1 Codecs supported by voice quality reporting Codec Rate (kbit/s) G G and