Sunday, 1 March 2015

Monday, 23 February 2015

Static/Dynamic IP Address Allocation in LTE


I recently came across a discussion on how static and dynamic IP address are allocated in LTE for a UE. Luckily, there is a recent document from Netmanias that discussed this topic. The document is embedded below.



If you enjoyed reading the document (part 1) above, then there is a part 2 here. While in part 1, we saw that IP addresses can be either dynamic or static depending on their allocators, part 2 presents a specific case of IP address allocation – allocation in geographically-separated locations within an LTE network. In case of dynamic allocation, no matter where a user accesses, a dynamically selected P-GW dynamically allocates an IP address to the user for PDN connection. In case of static allocation, however, there is always one specific P-GW and one IP address for a user - the designated P-GW allocates a static IP address for the user’s PDN connection. A case study shows an LTE network that serves two cities as an example to describe different ways and procedures of IP address allocation, and see how they are different from each other.

Sunday, 15 February 2015

5G and NFV


In my 5G: A 2020 vision presentation, I argued that some of the technologies that will be necessary for 5G is in fact independent of 5G. One such technology is NFV. Having said that, I also argue that the minimum prototype for 5G would require an NFV based implementation.


Tieto gave an interesting presentation in our last Small Cell SIG event explaining how the network will be implemented based on NFV. The presentation is embedded below:



There is also an interesting paper that expands on this further, available from Slideshare here.

Tuesday, 3 February 2015

5G: A 2020 Vision


I had the pleasure of speaking at the CW (Cambridge Wireless) event ‘5G: A Practical Approach’. It was a very interesting event with great speakers. Over the next few weeks, I will hopefully add the presentations from some of the other speakers too.

In fact before the presentation (below), I had a few discussions over the twitter to validate if people agree with my assumptions. For those who use twitter, maybe you may want to have a look at some of these below:







Anyway, here is the presentation.

 

Wednesday, 21 January 2015

Voice over WiFi (VoWiFi) technical details

VoWiFi is certainly a hot topic, thanks to the support of VoWiFi on iPhone 6. A presentation from LTE World Summit 2014 by Taqua on this topic has already crossed 13K views. In this post I intend to look at the different approaches for VoWiFi and throw in some technical details. I am by no means an expert so please feel free to add your input in the comments.

Anybody reading this post is not aware of S2a, S2b, Samog, TWAG, ePDG, etc. and what they are, please refer to our whitepaper on cellular and wi-fi integration here (section 3).

There are two approaches to VoWiFi, native client already in your device or an App that could be either downloaded from the app store or pre-installed. The UK operator '3' has an app known as ThreeInTouch. While on WiFi, this app can make and receive calls and texts. The only problem is that it does not handover an ongoing call from WiFi to cellular and and vice versa. Here are a few slides (slides 36-38) from them from a conference last year:



The other operators have a native client that can use Wi-Fi as the access network for voice calls as well as the data when the device is connected on the WLAN.

A simple architecture can be seen from the picture above. As can be seen, the device can connect to the network via a non-3GPP trusted wireless access network via the TWAG or via a non-3GPP untrusted wireless access network via ePDG. In the latter case, an IPSec tunnel would have to be established between the device and the ePDG. The SIM credentials would be used for authentication purposes so that an intruder cannot access ePDG and the core.

Now, I dont want to talk about VoLTE bearers establishment, etc. which I have already done here earlier. In order to establish S2a (trusted) and S2b (untrusted) connection, the AAA server selects an APN among those which are subscribed to in the HLR/HSS. The PDN-GW (generally referred to as PGW) dynamically assigns an IP address out of a pool of addresses which is associated with this APN. This UE IP address is used by the VoWiFi SIP UA (User Agent) as the contact information when registering to the SIP soft switch (which would typically be the operators IMS network).

If for any reason the SIP UA in the device is not able to use the SIM for authentication (needs ISIM?) then a username/password based authentication credentials can be used (SIP digest authentication).

Typically, there would be a seperate UA for VoLTE and VoWiFi. They would both be generally registering to the same IMS APN using different credentials and contact addresses. The IMS network can deal with multiple registrations from the same subscriber but from different IP addresses (see 3GPP TS 23.237 - 'IMS Service Continuity' for details).

Because of multiple UA's, a new element needs to be introduced in order to 'fork' the downstream media streams (RTP/RTCP packets) to different IP addresses over time.

3GPP has defined the Access Transfer Gateway (ATGW) which is controlled by the Access Transfer Control Function (ATCF); the ATCF interfaces to the IMS and Service Centralization and Continuity Application Server (SCC AS). All these are not shown in the picture above but is available in 3GPP TS 23.237. The IMS networks in use today as well as the one being deployed for VoLTE does not have ATGW/ATCF. As a result vendors have to come up with clever non-standardised solutions to solve the problem.

When there is a handover between 3GPP and non-3GPP networks, the UE IP address needs to be preserved. Solutions like MIP and IPSec have been used in the past but they are not flexible. The Release-12 solution of eSAMOG (see 3GPP TS 23.402) can be used but the solution requires changes in the UE. For the time being we will see proprietary solutions only but hopefully in future there would be standardised solutions available.

3GPP TS 23.234 describes more in detail the interworking of 3GPP based system and WLAN. Interested readers can refer to that for further insight.

Wednesday, 14 January 2015

IEEE Globecom 2014 Keynote Video: 5G Wireless Goes Beyond Smartphones


Embedded below is a video from the keynote session by Dr. Wen Tong of Huawei. I do not have the latest presentation but an earlier one (6 months old) is also embedded below for reference. It will give you a good idea on the 5G research direction





You may also be interested in this other presentation from Huawei in IEEE Globecom 2014, 5G: From Research to Standardization (what, how, when)

Wednesday, 7 January 2015

Enhancing voice services using VoLTE


VoLTE has been a very popular topic on this blog. My overview of the LTE Voice Summit missed out narrowly from the Top 10 posts of 2014 but there were other posts related to VoLTE that made it.

In this magazine article, NTT Docomo not only talks about its own architecture and transition from 3G to 4G for voice and video, it provides some detailed insights from its own experience.

There is also discussion into technical details of the feature and examples of signalling for VoLTE registration and originating/terminating calls (control, session and user plane establishment), SMS, SRVCC, Video over LTE (ViLTE) and voice to video call switching.

The paper is embedded below and available from slideshare to download.



Related links:

Monday, 29 December 2014

The SS7 flaws that allows hackers to snoop on your calls and SMS

By now I am aware that most people have heard of the flaws in SS7 networks that allow hackers to snoop, re-route calls and read text messages. For anyone who is not aware of these things, can read some excellent news articles here:

Our trusted security expert, Ravi Borgaonkar, informs us that all these flaws have already been discussed back in May, as part of Positive Hack Days (PHDays).

The presentation is embedded below and can be downloaded from Slideshare:



xoxoxo Added this new information on the 4th Jan 2015 oxoxox

The following is this presentation and video by Tobias Engel from the 31st Chaos Communication Congress



Tuesday, 23 December 2014

M2M embedded UICC (eSIM) Architecture and Use Cases

Machine-to-Machine UICC, also known as M2M Form Factor (MFF) and is often referred to as embedded SIM (eSIM) is a necessity for the low data rate M2M devices that are generally small, single contained unit that is also sealed. The intention is that once this M2M device is deployed, then there is no need to remove the UICC from it. There may be a necessity to change the operator for some or the other reason. This gives rise to the need of multi-operator UICC (SIM) cards.


The GSMA has Embedded SIM specifications available for anyone interested in implementing this. There are various documents available on the GSMA page for those interested in this topic further.

While the complete article is embedded below, here is an extract of the basic working from the document:

A eUICC is a SIM card with a Remote Provisioning function, and is designed not to be removed or changed. It is able to store multiple communication profiles, one of which is enabled (recognized by the device and used for communication). The network of the MNO in the enabled profile is used for communication. Profiles other than the enabled profile are disabled (not recognized by the device). With conventional SIM cards, the ICCID is used as the unique key to identify the SIM card, but with eUICC, the ICCID is the key used to identify profiles, and a new ID is defined, called the eUICCID, which is used as the unique key for the eSIM

GSMA defines two main types of profile.
1) Provisioning Profile: This is the communication profile initially stored in the eUICC when it is shipped. It is a limited-application communication profile used only for downloading and switching Operational Profiles, described next.
2) Operational Profile: This is a communication profile for connecting to enterprise servers or the Internet. It can also perform the roles provided by a Provisioning profile

An eSIM does not perform profile switching as a simple IC card function, but rather switches profiles based on instructions from equipment called a Subscription Manager. A Subscription Manager is maintained and managed by an MNO. The overall eSIM architecture, centering on the Subscription Manager, is shown in Figure 3, using the example of switching profiles within the eUICC.

An eUICC must have at least one profile stored in it to enable OTA functionality, and one of the stored profiles must be enabled. The enabled profile uses the network of MNO A for communication. When the user switches profiles, a switch instruction is sent to the Subscription Manager. At that time, if the profile to switch to is not stored in the eUICC, the profile is first downloaded. When it receives a switch instruction, the eUICC performs a switch of the enabled profile as an internal process.

After the switch is completed, it uses the network of MNO B to send notification that the switch has completed to the Subscription Manager, completing the process. The same procedure is used to switch back to the original MNO A, or to some other MNO C.

Anyway, here is the complete paper on NTT Docomo website.