Showing posts with label Roaming. Show all posts
Showing posts with label Roaming. Show all posts

Wednesday, 30 November 2022

Disaster Roaming in 3GPP Release-17

One way all operators in a country/region/geographic area differentiate amongst themselves is by the reach of their network. It's not in their interest to allow national roaming. Occasionally a regulator may force them to allow this, especially in rural or remote areas. Another reason why operators may choose to allow roaming is to reduce their network deployment costs. 

In case of disasters or emergencies, if an operator's infrastructure goes down, the subscribers of that network can still access other networks for emergencies but not for normal services. This can cause issues as some people may not be able to communicate with friends/family/work. 

A recent example of this kind of outage was in Japan, when the KDDI network failed. Some 39 million users were affected and many of them couldn't even do emergency calls. If Disaster Roaming was enabled, this kind of situation wouldn't occur.

South Korea already has a proprietary disaster roaming system in operation since 2020, as can be seen in the video above. This automatic disaster roaming is only available for 4G and 5G.

In 3GPP Release-17, Disaster Roaming has been specified for LTE and 5G NR. In case of LTE, the information is sent in SIB Type 30 while in 5G it is in SIB Type 15.

3GPP TS 23.501 section 5.40 provides summary of all the other information needed for disaster roaming. Quoting from that:

Subject to operator policy and national/regional regulations, 5GS provides Disaster Roaming service (e.g. voice call and data service) for the UEs from PLMN(s) with Disaster Condition. The UE shall attempt Disaster Roaming only if:

  • there is no available PLMN which is allowable (see TS 23.122 [17]);
  • the UE is not in RM-REGISTERED and CM-CONNECTED state over non-3GPP access connected to 5GCN;
  • the UE cannot get service over non-3GPP access through ePDG;
  • the UE supports Disaster Roaming service;
  • the UE has been configured by the HPLMN with an indication of whether Disaster roaming is enabled in the UE set to "disaster roaming is enabled in the UE" as specified in clause 5.40.2; and
  • a PLMN without Disaster Condition is able to accept Disaster Inbound Roamers from the PLMN with Disaster Condition.

In this Release of the specification, the Disaster Condition only applies to NG-RAN nodes, which means the rest of the network functions except one or more NG-RAN nodes of the PLMN with Disaster Condition can be assumed to be operational.

A UE supporting Disaster Roaming is configured with the following information:

  • Optionally, indication of whether disaster roaming is enabled in the UE;
  • Optionally, indication of 'applicability of "lists of PLMN(s) to be used in disaster condition" provided by a VPLMN';
  • Optionally, list of PLMN(s) to be used in Disaster Condition.

The Activation of Disaster Roaming is performed by the HPLMN by setting the indication of whether Disaster roaming is enabled in the UE to "disaster roaming is enabled in the UE" using the UE Parameters Update Procedure as defined in TS 23.502 [3]. The UE shall only perform disaster roaming if the HPLMN has configured the UE with the indication of whether disaster roaming is enabled in the UE and set the indication to "disaster roaming is enabled in the UE". The UE, registered for Disaster Roaming service, shall deregister from the PLMN providing Disaster Roaming service if the received indication of whether disaster roaming is enabled in the UE is set to "disaster roaming is disabled in the UE".

Check the specs out for complete details. 

From my point of view, it makes complete sense to have this enabled for the case when disaster strikes. Earlier this year, local governments in Queensland, Australia were urging the Federal Government to immediately commit to a trial of domestic mobile roaming during emergencies based on the recommendation by the Regional Telecommunications Independent Review Committee. Other countries and regions would be demanding this sooner or later as well. It is in everyone's interest that the operators enable this as soon as possible.

Related Posts:

Monday, 6 June 2022

2G/3G Shutdown may Cost Lives as 4G/5G Voice Roaming is a Mess

You have probably heard me a complaining about the pace of VoLTE rollout, 2G/3G shutdowns, 4G Voice roaming, etc. This post highlights all these issues coming together in a dangerous way. People often ask me why is it that it's always just me highlighting the issues. The answer is that there are other people but their voice may not reach you. In this post, I am highlighting presentations by Rudolf van der Berg, Project and programme manager at Stratix Consulting.

Let's start with Rudolf's post from LinkedIn:

Stop the shutdown of 2G and 3G networks to save lives. This is the urgent call I make today and I hope you can help me spread it! Please call on people you know in politics, regulators and emergency services to demand a stop! Call on anyone you know in the GSMA, 3GPP, handset makers (Apple, Samsung, Qualcomm, MediaTek), network builders (Ericsson, Nokia, Huawei) to re-engineer VoLTE to an interoperable standard.

Emergency calls (112, 911) should work anywhere in the world on any phone. For GSM and 3G voice calling it did. You could fly anywhere and call emergency services and in the EU we have the roaming regulation that demands calling like at home. Voice over 4G and 5G hasn't been properly standardized and isn't interoperable between networks, devices, chipsets and firmware. People need to be able to make and receive telephone calls around the world, to each other and to emergency services. Unfortunately even according to sector itself emergency services are at risk from VoLTE. A consumer today can't know whether a phone they bought will make VoLTE calls at home or abroad, nor whether it can reach emergency services. That can't be right!

So please help EENA 112 and me share this message! Thank you #eena2022 (Slide 4 contains a mistake, T-Mo USA hasn't decided on 2G shutdown yet. that is good for availability of 911, though fundamental point remains. Apologies.)

The video and slides are embedded below:

The slides contain many useful references and links, you can download directly from here.

Back in April, iBASIS hosted a VoLTE and 5G Roaming Roundtable. You can watch the video here and download the presentation and whitepaper as well. It contains talks from Kaleido Intelligence, iBASIS, KPN, Bouygues Telecom and Telus. 

The slide from Dutch MNO KPN above highlights the VoLTE Roaming issues they are observing. Other operators will face this issue sooner or later as well. 

The Regulators, GSMA and 3GPP have to come together to fix this important issue for once and all so no lives are lost because of this. Hopefully someone is listening!

Related Posts

Tuesday, 9 June 2020

5G Roaming with SEPP (Security Edge Protection Proxy)

SEPP (Security Edge Protection Proxy) is part of the roaming security architecture as shown in the figure above. Ericsson's article, "An overview of the 3GPP 5G security standard" describes the use of SEPP as follows:

The use of SBA has also pushed for protection at higher protocol layers (i.e. transport and application), in addition to protection of the communication between core network entities at the internet protocol (IP) layer (typically by IPsec). Therefore, the 5G core network functions support state-of-the-art security protocols like TLS 1.2 and 1.3 to protect the communication at the transport layer and the OAuth 2.0 framework at the application layer to ensure that only authorized network functions are granted access to a service offered by another function.

The improvement provided by 3GPP SA3 to the interconnect security (i.e. security between different operator networks) consists of three building blocks:

  • Firstly, a new network function called security edge protection proxy (SEPP) was introduced in the 5G architecture (as shown in figure 2). All signaling traffic across operator networks is expected to transit through these security proxies
  • Secondly, authentication between SEPPs is required. This enables effective filtering of traffic coming from the interconnect
  • Thirdly, a new application layer security solution on the N32 interface between the SEPPs was designed to provide protection of sensitive data attributes while still allowing mediation services throughout the interconnect

The main components of SBA security are authentication and transport protection between network functions using TLS, authorization framework using OAuth2, and improved interconnect security using a new security protocol designed by 3GPP.

NG.113 5G Roaming Guidelines v2.0 clarifies:

4.2 Inter PLMN (N32) Interface

The Inter-PLMN specification 3GPP TS 29.573 has been produced by 3GPP to specify the protocol definitions and message flows, and also the APIs for the procedures on the PLMN (Public Land Mobile Network) interconnection interface (i.e. N32)

As stated in 3GPP TS 29.573 the N32 interface is used between the SEPPs of a VPLMN and a HPLMN in roaming scenarios. Furthermore, 3GPP has specified N32 to be considered as two separate interfaces: N32-c and N32-f.

N32-c is the Control Plane interface between the SEPPs for performing the initial handshake and negotiating the parameters to be applied for the actual N32 message forwarding. See section 4.2.2 of 3GPP TS 29.573.

Once the initial HTTP/2 handshake is completed the N32-c connection is torn down. This connection is End-to-End between SEPPs and does not involve IPX to intercept the HTTP/2 connection; although the IPX may be involved for IP level routing.

N32-f is the Forwarding interface between the SEPPs, that is used for forwarding the communication between the Network Function (NF) service consumer and the NF service producer after applying the application level security protection. See section 4.2.3 of 3GPP TS 29.573.

N32-f can provide Application Level Security (ALS) as specified in 3GPP TS 33.501 between SEPPs, if negotiated using N32-c. ALS provides the following protection functionalities: -

  • Message protection of the information exchanged between NF service consumer and producer
  • Forwarding of the application layer protected message from a SEPP in one PLMN to another PLMN by way of using IPX providers on the path. The IPX providers on the path may involve the insertion of content modification instructions which the receiving SEPP applies after verifying the integrity of such modification instructions.

The HTTP/2 connection used on N32-f is long lived; and when a SEPP establishes a connection towards another PLMN via IPX, the HTTP/2 connection from a SEPP terminates at the next hop IPX.

N32-f makes use of the HTTP/2 connection management requirements specified in 3GPP TS 29.500. Confidentiality protection shall apply to all IE’s for the JOSE protected message forwarding procedure, such that hop-by-hop security between SEPP and the IPXs should be established using an IPSec or TLS VPN.

If an IPX is not in the path between SEPPs, then an IPSec of Transport Layer Security, TLS VPN will be established directly.

Note: N32-f shall use “http” connections generated by a SEPP, and not “https”

The SEPP will act as a non-transparent Proxy for the NF’s when service based interfaces are used across PLMNs, however inside IPX service providers, an HTTP proxy may also be used to modify information elements (IE’s) inside the HTTP/2 request and response messages.

Acting in a similar manner to the IPX Diameter Proxy used in EPC roaming, the HTTP/2 Proxy can be used for inspection of messages, and modification of parameters. 


The picture in the tweet above shows how SEPP will play a role in Local Break Out (LBO) roaming as well as Home Routed (HR) roaming.

Related Posts:

Tuesday, 13 March 2018

LoRa is quietly marching on...


During the mobile world congress, I was pleasantly surprised to see how LoRa ecosystem keeps getting larger. There was also an upbeat mood within the LoRa vendor community as it keeps winning one battle after another. Here is my short take on the technology with an unbiased lens.


To start with, lets look at this short report by Tom Rebbeck from Analysys Mason. The PDF can be downloaded after registering from here.

As can be seen, all major IoT technologies (LoRa, NB-IoT, Sigfox & LTE-M) gained ground in 2017. Most of the LoRa and all of Sigfox networks are actually not deployed by the mobile operators. From the article:

These points lead to a final observation about network deployments – many operators are launching multiple technologies. Of the 26 operators with publicly-announced interest in LTE-M networks, 20 also have plans for other networks;
• 14 will combine it with NB-IoT
• four will offer LTE-M and LoRa and
• two, Softbank and Swisscom, are working with LoRa, LTE-M and NB-IoT.

We are not aware of operators also owning Sigfox networks, though some, such as Telefónica, are selling connectivity provided by a Sigfox network operator.

The incremental cost of upgrading from NB-IoT or LTE-M to both technologies is relatively small. Most estimates put the additional cost at less than an additional 20% – and sometimes considerably less. For many operators, the question will be which technology to prioritise, and when to launch, rather than which to choose.

The reasons for launching multiple networks appear to be tactical as much as strategic. Some operators firmly believe that the different technologies will match different use cases – for example, LoRa may be better suited to stationary, low bandwidth devices like smart meters, while LTE-M, could meet the needs of devices that need mobility, higher bandwidth and support for voice, for example a personal health monitor with an emergency call button.

But, a fundamental motive for offering multiple networks is to hedge investments. While they may not admit it publicly, operators do not know which technology will gain the most traction. They do not want to lose significant, lucrative contracts because they have backed the wrong technology. Deploying both LTE-M and NB-IoT – or LoRa – adds little cost and yet provides a hedge against this risk. For operators launching LoRa, there has been the added benefit of being early to market and gaining experience of what developers want and need from LPWA networks. This experience should help them when other technologies are deployed at scale.

The following is from MWC 2018 summary by ABI Research:

LPWA network technologies continue to gather momentum with adoption from a growing ecosystem of communications service providers (CSPs), original equipment manufacturers (OEMs) and IoT solution providers. LPWA networks are central to the connectivity offerings from telcos with support for NB-IoT, LTE-M, LoRaWAN, and SIGFOX. Telefonica highlighted SIGFOX as an important network technology along with NB-IoT and Cat M in its IoT connectivity platform. Similarly, Orange and SK Telecom emphasized on their continued support for LoRaWAN along with Cat M in France and South Korea. On the other hand, Vodafone and Deutsche Telekom, while aggressively pursuing deployment of NB-IoT networks, currently have mostly large scale POCs on their networks. 

...
Smart meters — Utilities are demanding that meter OEMs and technology solution providers deliver product design life of at least 15 years for battery operated smart water and gas meters. LPWA technologies, such as NB-IoT, LoRaWAN, SIGFOX and wireless M-bus, that are optimized for very low-power consumption and available at low cost are clearly emerging as the most favored LPWA solutions.

The following picture is from Ovum post MWC-2018 Webinar:

Here is a short video from MWC by yours truly looking at LoRa Gateways


There are also few announcements / news from LoRa world just to highlight how the ecosystem is thriving:


Source: SenRa

So someone recently asked me is LoRa is the new WiMax? The answer is obviously a big NO. Just look at the LoRa alliance members in the picture above. Its a whole ecosystem with different players having different interests, working on a different part of the ecosystem.

NB-IoT & LTE-M will gain ground in the coming years but there will always be a place for other LPWA technologies like LoRa.

Finally, here is a slide deck (embedded below) that I really like. The picture above very nicely illustrates that LoRaWAN and Cellular complement each other well. Maybe that is the reason that Orange is a big supporter of LoRa.



So for operators who are just starting their IoT journey or smaller operators who are unsure of the IoT potential, may want to start their journey with LoRa to play around and understand the business cases, etc. In the meantime LTE-M and NB-IoT ecosystem will mature with prices coming down further and battery time improving. That may be the right time to decide on the way forward.


Further Reading:

Monday, 19 June 2017

Network Sharing is becoming more relevant with 5G

5G is becoming a case of 'damned if you do damned if you don't'. Behind the headlines of new achievements and faster speeds lies the reality that many operators are struggling to keep afloat. Indian and Nigerian operators are struggling with heavy debt and it wont be a surprise if some of the operators fold in due course.

With increasing costs and decreasing revenues, its no surprise that operators are looking at ways of keeping costs down. Some operators are postponing their 5G plans in favour of Gigabit LTE. Other die hard operators are pushing ahead with 5G but looking at ways to keep the costs down. In Japan for example, NTT DOCOMO has suggested sharing 5G base stations with its two rivals to trim costs, particularly focusing efforts in urban areas.


In this post, I am looking to summarise an old but brilliant post by Dr. Kim Larsen here. While it is a very well written and in-depth post, I have a feeling that many readers may not have the patience to go through all of it. All pictures in this post are from the original post by Dr. Kim Larsen.


Before embarking on any Network sharing mission, its worthwhile asking the 5W's (Who, Why, What, Where, When) and 2H's (How, How much).

  • Why do you want to share?
  • Who to share with? (your equal, your better or your worse).
  • What to share? (sites, passives, active, frequencies, new sites, old sites, towers, rooftops, organization, ,…).
  • Where to share? (rural, sub-urban, urban, regional, all, etc..).
  • When is a good time to start sharing? During rollout phase, steady phase or modernisation phase. See picture below. For 5G, it would make much more sense that network sharing is done from the beginning, i.e., Rollout Phase


  • How to do sharing?. This may sound like a simple question but it should take account of regulatory complexity in a country. The picture below explains this well:



  • How much will it cost and how much savings can be attained in the long term? This is in-fact a very important question because the end result after a lot of hard work and laying off many people may result in an insignificant amount of cost savings. Dr. Kim provides detailed insight on this topic that I find it difficult to summarise. Best option is to read it on his blog.


An alternative approach to network sharing is national roaming. Many European operators are dead against national roaming as this means the network loses its differentiation compared to rival operators. Having said that, its always worthwhile working out the savings and seeing if this can actually help.

National Roaming can be attractive for relative low traffic scenarios or in case were product of traffic units and national roaming unit cost remains manageable and lower than the Shared Network Cost.

The termination cost or restructuring cost, including write-off of existing telecom assets (i.e., radio nodes, passive site solutions, transmission, aggregation nodes, etc….) is likely to be a substantially financial burden to National Roaming Business Case in an area with existing telecom infrastructure. Certainly above and beyond that of a Network Sharing scenario where assets are being re-used and restructuring cost might be partially shared between the sharing partners.

Obviously, if National Roaming is established in an area that has no network coverage, restructuring and termination cost is not an issue and Network TCO will clearly be avoided, Albeit the above economical logic and P&L trade-offs on cost still applies.

If this has been useful to understand some of the basics of network sharing, I encourage you to read the original blog post as that contains many more details.

Futher Reading:



Friday, 7 October 2016

Whats up with VoLTE Roaming?

I have been covering the LTE Voice Summit for last couple of years (see here: 2015 & 2014) but this year I wont be around unfortunately. Anyway, I am sure there will be many interesting discussions. From my point of view, the 2 topics that have been widely discussed is roaming and VoWiFi.

One of the criticisms of VoWiFi is that it does not the QoS aspect is missing, which makes VoLTE special. In a recent post, I looked at the QoS in VoWiFi issue. If you haven't seen it, see here.

Coming back to VoLTE roaming, I came across this recent presentation by Orange.
This suggests that S8HR is a bad idea, the focus should be on LBO. For anyone who is not aware of the details of S8HR & LBO, please see my earlier blog post here. What this presentation suggests is to use LBO with no MTR (Mobile Termination Rates) but instead use TAP (Transferred Account Procedures). The presentation is embedded below:



Another approach that is not discussed too much but seems to be the norm at the moment is the use of IP eXchange (IPX). I also came across this other panel discussion on the topic


IPX is already in use for data roaming today and acts as a hub between different operators helping to solve inter-operability issues and mediating between roaming models. It can work out based on the calling and callee party what kind of quality and approach to use.

Here is the summary of the panel discussion:



Hopefully the LTE Voice Summit next week will provide some more insights. I look forward to hearing them.

Blog posts on related topics:

Sunday, 17 July 2016

Two VoLTE Deployment Case Studies

Back in 2011, I was right in predicting that we will not see VoLTE as early as everyone had predicted. Looking through my twitter archive, I would say I was about right.



The big issue with VoLTE has always been the complexity. In a post last year I provided a quote from China Mobile group vice-president Mr.Liu Aili, "VoLTE network deployment is the one of the most difficult project ever, the implementation complexity and workload is unparalleled in history".



From a recent information published by IHS, there will only be 310 million subscribers by end of 2016 and 2020 is when 1 billion subscribers can make use of VoLTE. I think the number will probably be much higher as we will have VoLTE by stealth.


Below are couple of case studies, one from SK Telecom, presented by Chloe(Go-Eun) Lee and other from Henry Wong, CTO Mobile Engineering, Hong Kong Telecom (HKT). Hope you find them informative and useful.






Sunday, 1 November 2015

Quick Summary of LTE Voice Summit 2015 (#LTEVoice)

Last year's summary of the LTE voice summit was very much appreciated so I have created one this year too.

The status of VoLTE can be very well summarised as can be seen in the image above.
‘VoLTE network deployment is the one of the most difficult project ever, the implementation complexity and workload is unparalleled in history’ - China Mobile group vice-president Mr.Liu Aili
Surprisingly, not many presentations were shared so I have gone back to the tweets and the pictures I took to compile this report. You may want to download the PDF from slideshare to be able to see the links. Hope you find it useful.



Related links:

Saturday, 10 October 2015

VoLTE Roaming: LBO, S8HR or HBO

There was an interesting discussion on different roaming scenarios in the LTE Voice Summit on 29th, 30th Sep. in London. The above picture provides a brief summary of these well known options. I have blogged about LBO/RAVEL here and S8HR here. A presentation by NTT Docomo in a GSMA webinar here provides more details on these architectures (slide 29 onwards - though it is more biased towards S8HR).

Ajay Joseph, CTO, iBasis gave an interesting presentation that highlighted the problems present in both these approaches.

In case of LBO, the biggest issue is that the home operator need to do a testing with each roaming partner to make sure VoLTE roaming works smoothly. This will be time consuming and expensive.

In case of S8HR, he provided a very good example. Imagine a VoLTE subscriber from USA is visiting Singapore. He now needs to make a phone call to someone in Indonesia (which is just next to Singapore). The flow of data would be all the way from Singapore to USA to Indonesia and back. This can introduce delays and impact QoE. The obvious advantage of S8HR is that since the call setup and media go to Home PMN (Public Mobile Network), no additional testing with the Visited PMN is required. The testing time is small and rollouts are quicker.

iBasis are proposing a solution called Hub Breakout (HBO) which would offer the best of LBO and S8HR. Each VoLTE operator would need to test their interoperability only with iBasis. Emergency calls and lawful intercept that does not work with S8HR would work with the HBO solution.

While I agree that this is a good solution, I am sure that many operators would not use this solution and there may be other solutions proposed in due course as well. Reminds me of this XKCD cartoon:


Anyway, here is the iBasis presentation:



Sunday, 12 July 2015

S8HR: Standardization of New VoLTE Roaming Architecture

VoLTE is a very popular topic on this blog. A basic VoLTE document from Anritsu has over 40K views and my summary from last years LTE Voice summit has over 30K views. I assume this is not just due to the complexity of this feature.

When I attended the LTE Voice summit last year, of the many solutions being proposed for roaming, 'Roaming Architecture for Voice over LTE with Local Breakout (RAVEL)' was being touted as the preferred solution, even though many vendors had reservations.

Since then, GSMA has endorsed a new VoLTE roaming architecture, S8HR, as a candidate for VoLTE roaming. Unlike previous architectures, S8HR does not require the deployment of an IMS platform in VPLMN. This is advantageous because it shortens time-to-market and provides services universally without having to depend on the capability of VPLMN.



Telecom Italia has a nice quick summary, reproduced below:

S8HR simplicity, however, is not only its strength but also its weakness, as it is the source of some serious technical issues that will have to be solved. The analysis of these issues is on the Rel13 3GPP agenda for the next months, but may overflow to Rel14. Let’s see what these issues are, more in detail:


Regulatory requirements - S8HR roaming architecture needs to meet all the current regulatory requirements applicable to voice roaming, specifically:
  • Support of emergency calls - The issues in this context are several. For example, authenticated emergency calls rely on the existence if an IMS NNI between VPLMN and HPLMN (which S8HR does not provide); conversely, the unauthenticated emergency calls, although technically feasible in S8HR, are allowed only in some Countries subject to the local regulation of VPLMN. Also, for a non-UE-detectable IMS Emergency call, the P-CSCF in the HPLMN needs to be capable of deciding the subsequent action (e.g. translate the dialed number and progress the call or reject it with the indication to set up an emergency call instead), taking the VPLMN ID into account. A configuration of local emergency numbers per Mobile Country Code on P-CSCF may thus be needed.
  • ­Support of Lawful Interception (LI) & data retention for inbound roamers in VPLMN -  S8HR offers no solution to the case where interception is required in the VPLMN for inbound roamers. 3GPP is required to define a solution that fulfill such vital regulatory requirement, as done today in circuit switched networks. Of course VPLMN and HPLMN can agree in their bilateral roaming agreement to disable confidentiality protection to support inbound roamer LI but is this practice really viable from a regulatory point of view?
Voice call continuity – The issue is that when the inbound roamers lose the LTE coverage to enter into  a 2G/3G CS area, the Single Radio Voice Call Continuity (SRVCC) should be performed involving the HPLMN in a totally different way than current specification (i.e. without any IMS NNI being deployed).
Coexistence of LBO and S8HR roaming architectures will have to be studied since an operator may need to support both LBO and S8HR VoLTE roaming architecture options for roaming with different operators, on the basis of bilateral agreement and depending on the capability.
Other issues relate to the capability of the home based S-CSCF and TAS (Telephony Application Server) to be made aware about the VPLMN identity for charging purposes and to enable the TAS to subsequently perform communication barring supplementary services. Also, where the roaming user calls a geo-local number (e.g. short code, or premium numbers), the IMS entities in HPLMN must do number resolution to correctly route the call.
From preliminary discussions held at Working Group level in SA2 (architecture) and SA3 (security) in April, it was felt useful to create a new 3GPP Technical Report to perform comprehensive technical analysis on the subject. Thus it is expected that the discussions will continue in the next months until the end of 2015 and will overheat Release 13 agenda due to their commercial and “political” nature. Stay tuned to monitor the progress of the subject or contact the authors for further information!
NTT Docomo also did some trials back in February and got some brilliant results:

In the trials, DOCOMO and KT achieved the world's first high-definition voice and video call with full end-to-end quality of service. Also, DOCOMO and Verizon achieved the world's first transoceanic high-definition VoLTE roaming calls. DOCOMO has existing commercial 3G and 4G roaming relations with Verizon Wireless and KT.
The calls were made on an IP eXchange (IPX) and network equipment to replicate commercial networks. With only two months of preparation, which also proved the technology's feasibility of speedy commercialization, the quality of VoLTE roaming calls using S8HR architecture over both short and long distances was proven to be better than that of existing 3G voice roaming services.


In fact, NTT Docomo has already said based on the survery from GSMA's Network 2020 programme that 80% of the network operators want this to be supported by the standards and 46% of the operators already have a plan to support this.


The architecture has the following technical characteristics:
(1) Bearers for IMS services are established on the S8 reference point, just as LTE data roaming.
(2) All IMS nodes are located at Home Public Land Mobile Network (HPLMN), and all signaling and media traffic for the VoLTE roaming service go through HPLMN.
(3) IMS transactions are performed directly between the terminal and P-CSCF at HPLMN. Accordingly, Visited Public Land Mobile Network (VPLMN) and interconnect networks (IPX/GRX) are not service-aware at the IMS level. The services can only be differentiated by APN or QoS levels.

These three technical features make it possible to provide all IMS services by HPLMN only and to minimize functional addition to VPLMN. As a result, S8HR shortens the time-to-market for VoLTE roaming services.

Figure 2 shows the attach procedure for S8HR VoLTE roaming. From Steps 1 to 3, there is no significant difference from the LTE data roaming attach procedure. In Step 4, HSS sends an update location answer message to MME. In order for the MME to select the PGW in HPLMN (Step 5), the MME must set the information element VPLMN Dynamic Address “Allowed,” which is included in the subscribed data, to “Not Allowed.” In Step 6, the bearer for SIP signaling is created between SGW and PGW with QCI=5. MME sends an attach accept message to the terminal with an IMS Voice over PS Session Support Indication information element, which indicates that VoLTE is supported. The information element is set on the basis of the MME’s internal configuration specifying whether there is a VoLTE roaming agreement to use S8HR. If no agreement exists between two PLMNs, the information element will not be set.

The complete article from the NTT Docomo technical journal is embedded



Monday, 29 December 2014

The SS7 flaws that allows hackers to snoop on your calls and SMS

By now I am aware that most people have heard of the flaws in SS7 networks that allow hackers to snoop, re-route calls and read text messages. For anyone who is not aware of these things, can read some excellent news articles here:

Our trusted security expert, Ravi Borgaonkar, informs us that all these flaws have already been discussed back in May, as part of Positive Hack Days (PHDays).

The presentation is embedded below and can be downloaded from Slideshare:



xoxoxo Added this new information on the 4th Jan 2015 oxoxox

The following is this presentation and video by Tobias Engel from the 31st Chaos Communication Congress



Wednesday, 25 June 2014

Diamater: Market Status, Roaming, NFV and Case Studies

Some more interesting presentations from the Signalling Focus Day of LTE World Summit. Good overview of market by Greg Collins of Exact ventures is embedded below.





A good presentation by Tieto where they presented some good case studies for Diameter Interworking. Presentation embedded below:




The final presentation by Diametriq is very interesting because they presented interesting way of mining the control plane. Thee case study presented was of a 'silent roamer' who is not going to spend money while roaming because he is not sure how much money is spent. This can be exploited by the operator to offer flat packages, 1 day pass, etc. to get some revenue from these roamers. Their presentation included some animations that cannot be shown while being embedded. Please download the PPT from Slideshare to view them.


Monday, 23 June 2014

LTE Roaming using IPX


A very interesting presentation from Raphaël Glatt of Bics in the Signalling Focus Day of LTE World Summit 2014. IPX is probably the most popular solution as its already being used by many operators for roaming agreements. Anyway, his presentation was the most detailed one I have come across and he was happy to share it with me for this blog. His complete presentation is embedded below:



Monday, 9 June 2014

European Regulations for 'Decoupling of SIM' and 'International Roaming'


The following is an extract from an article from Capana:

From the 1st of July 2014, the new EU Roaming Regulations III will become active.

The new EU Roaming regulations set by the European Commission, will allow retail mobile customers to purchase roaming services (such as voice, SMS and data) from an Alternative Roaming Provider (ARP) separate from their domestic service provider (DSP), without affecting either mobile number or device.
The general idea behind the regulations is to promote the interests of European citizens by increase competition between European operators, provide greater transparency, reduce bill shocks, and ultimately provide a greater roaming experience and higher quality of service for consumers.
European Commission President Jose Manuel Barosso said in a press release:
“Further substantial progress towards a European single market for telecoms is essential for Europe’s strategic interests and economic progress. For the telecoms sector itself and for citizens who are frustrated that they do not have full and fair access to internet and mobile services.”
Vice President Neelie Kroes, the Digital Agenda Commissioner responsible for package then continued in the same press release by saying:
“The legislation proposed today is great news for the future of mobile and internet in Europe. The European Commission says no to roaming premiums, yes to net neutrality, yes to investment, yes to new jobs. Fixing the telecoms sector is no longer about this one sector but about supporting the sustainable development of all sectors.”
Requirements
The process of selecting an ARP and its services while abroad within EU is more commonly known as decoupling or separate sale of roaming services. BEREC (the body of European Regulators for Electronic Communications) have provided the European Commission with their recommendations of two decoupling models that should be supported; Local breakout (LBO, which is the local provisioning of data services by a visited network operator, or Single IMSI solution where the ARP acts as a reseller of the DSPs service offerings.
Decoupling using Single IMSI
With the Single IMSI solution the ARP will engage in agreements with each domestic operator providing domestic services, then the ARP will act as a reseller of these services to the roaming subscriber. This type of solution is applicable for all types of service providers such as mobile network operators, MVNOs or VSPs. From a subscriber standpoint, they will have a roaming agreement with the ARP regardless of the DSP and the DSP is required to activate services within one working day.
Decoupling using Local Breakout
The Local breakout model refers to local provisioning of data services only, where the services is provided directly on the visited network and traditional SMS and voice traffic is supplied by the home operator in traditional roaming manner. By using the 3GPP option for local breakouts, the VPMN will be able to act as ARP for internet access and other data services.
With these new regulatory changes, there is a higher demand on flexibility in billing systems. Support for more complex multi-partner business models for ARP and MVNO is necessary for both billing and financial settlement activities.

Raymond Bouwman from Rabion Consultancy did an excellent presentation last year in the LTE World Summit, here is his presentation explaining more about the EU Roaming Regulations III