Sunteți pe pagina 1din 95

FNG31 Overview of SA

CN33661EN31GLA0 1
FNG31 Overview of SA

CN33661EN31GLA0 2
FNG31 Overview of SA

CN33661EN31GLA0 4
FNG31 Overview of SA

CN33661EN31GLA0 5
FNG31 Overview of SA

Policy and Charging Control framework has been designed and standardized
by 3GPP to make it possible to treat subscribers in differentiated ways. The
framework can be applied to several access types: GERAN, UTRAN,
EUTRAN and even non-3GPP type access (e.g. CDMA).

CN33661EN31GLA0 6
FNG31 Overview of SA

CN33661EN31GLA0 7
FNG31 Overview of SA

CN33661EN31GLA0 8
FNG31 Overview of SA

CN33661EN31GLA0 9
FNG31 Overview of SA

CN33661EN31GLA0 10
FNG31 Overview of SA

DPI uses local predefided rules as Gx interface does not allow


other activation criterias than rule names or rulebase names in
addition to IP5-tuple

CN33661EN31GLA0 11
FNG31 Overview of SA

CN33661EN31GLA0 12
FNG31 Overview of SA

CN33661EN31GLA0 13
FNG31 Overview of SA

CN33661EN31GLA0 14
FNG31 Overview of SA

In order to understand the operation of Nokia Flexi NG, one must be familiar
with the TCP/IP protocol family, including the application layer protocols that
are used with the mobile services.
Flexi NG supports many different access methods, including GPRS, 3G, LTE
(4G) and 3GPP WLAN. Each access network type delivers user data to the
Flexi NG nodes in a similar way.
Flexi NG supports traffic analysis (shallow and deep packet inspection) and
differentiated charging using Layer 3 (IPv4), Layer 4 (UDP, TCP) and Layer 7
(several applications) information.

CN33661EN31GLA0 15
FNG31 Overview of SA

Inspecting user traffic flows at the lowest layers is the most efficient method of
traffic analysis. The Layer 3/4 analysis feature inspects the Layer 3 (IP) header
as well as L4 information. L4 analysis is fast, because it does not need to
inspect the application layer (L7) payload, which does not usually contain
neatly arranged fixed-length fields within it.
The analysed information includes
The destination IP address (the server or network(s) providing the service(s))
IP protocol field (the transport layer (L4) protocol carried within the packet)
TCP/UDP destination port number (the application within the server)

L4 analysis is suitable if there is no need to perform actions based on:


L7 events, for example transferring individual files (FTP) or sending an email
message (SMTP);
L7 headers or commands to support complex protocols, such as RTSP and
FTP;
URLs within a HTTP or WAP server.

CN33661EN31GLA0 16
FNG31 Overview of SA

CN33661EN31GLA0 17
FNG31 Overview of SA

Layer 7 (L7) analysis is more processing intensive than L4 analysis, but it is


required when, for example:
There is a need to differentiate between URLs or filenames within the same
server, which is usually the case with HTTP, WAP and RTSP;
There is a need to differentiate between commands or requests sent by
clients;
Different content types (for example, ring tones, pictures, video clips) must
be differentiated;
The application layer sessions consist of separate control and data flows,
which is the case with RTSP and FTP;

CN33661EN31GLA0 18
FNG31 Overview of SA

CN33661EN31GLA0 19
FNG31 Overview of SA

There are hundreds of application (L7) protocols detected by the Flexi NG L7


analysers. The DPI engine is frequently updated to stay tuned to new (or
changed) protocols.
WAP 1.x transport is used by all WAP 1.x browsers and also some WAP 2.0
browsers.
HTTP is used by the majority of different mobile devices, including WAP 2.0
browsers.
MMS messages are delivered on top of WAP 1.x or WAP 2.0.
The i-mode protocol is also based on HTTP. Flexi NG supports i-mode e-mail
analysis.
All mobile streaming clients use the Real-Time Transport Protocol (RTSP).
The standard protocol for sending Internet email is the Simple Mail Transport
Protocol (SMTP). Only the SMTP proxy analyser supports it.
The File Transfer Protocol is still widely used for sending and receiving files.
Only the FTP proxy analyser supports it.
The basic L7 analyser performs Push-to-Talk over Cellular (PoC) traffic
analysis on Layers 3, 4 and 5. Layer 7 analysis of SIP signaling traffic is not
necessary.
The Real-Time Video Sharing Person-to-Person protocol is used between
terminal to deliver real-time video. In this case as well, the kernel L7 analyser
does not need to analyse the SIP signaling traffic.

CN33661EN31GLA0 20
FNG31 Overview of SA

CN33661EN31GLA0 21
FNG31 Overview of SA

CN33661EN31GLA0 22
FNG31 Overview of SA

CN33661EN31GLA0 23
FNG31 Overview of SA

Packet sent to SAB includes reference to PCC rule that matched in L4. SAB
will anyway go through all the active rulebases for the user because the rule
that matched in L4 might not match in L7. A different rule in L7 may match.

CN33661EN31GLA0 24
FNG31 Overview of SA

CN33661EN31GLA0 25
FNG31 Overview of SA

SC= session_ctrl process


Session database in SE contains information about the end-user PDN
sessions as well as the active PCC rulebase IDs

CN33661EN31GLA0 26
FNG31 Overview of SA

CN33661EN31GLA0 27
FNG31 Overview of SA

CN33661EN31GLA0 28
FNG31 Overview of SA

CN33661EN31GLA0 29
FNG31 Overview of SA

CN33661EN31GLA0 30
FNG31 Overview of SA

CN33661EN31GLA0 31
FNG31 Overview of SA

CN33661EN31GLA0 32
FNG31 Overview of SA

AMPP1 hardware those values correspond to 1, 1.5, and 2 million flows, respectively.
For AMPP2 hardware those values correspond to 2, 4, and 6 million flows,

33 33
CN33661EN31GLA0
FNG31 Overview of SA

CN33661EN31GLA0 34
FNG31 Overview of SA

CN33661EN31GLA0 35
FNG31 Overview of SA

CN33661EN31GLA0 36
FNG31 Overview of SA

CN33661EN31GLA0 37
FNG31 Overview of SA

CN33661EN31GLA0 38
FNG31 Overview of SA

CN33661EN31GLA0 39
FNG31 Overview of SA

Gating
Differentiated charging
HTTP redirection
L3/L4 redirection
Service bandwidth management
DPI reporting
PDN switching
Gx reporting
Header enrichment

Note that the current name for DPI reporting is Trend reporting, but the term
DPI reporting is still used throughout Flexi NG operating documentation.

CN33661EN31GLA0 40
FNG31 Overview of SA

CN33661EN31GLA0 41
FNG31 Overview of SA

CN33661EN31GLA0 42
FNG31 Overview of SA

CN33661EN31GLA0 43
FNG31 Overview of SA

CN33661EN31GLA0 44
FNG31 Overview of SA

CN33661EN31GLA0 45
FNG31 Overview of SA

CN33661EN31GLA0 46
FNG31 Overview of SA

CN33661EN31GLA0 47
FNG31 Overview of SA

CN33661EN31GLA0 48
FNG31 Overview of SA

In Flexi NG 2.1 there will be NAT capability in Flexi NG. In this case NAT is applied at the Gi interface (e.g., in the
interface that is used by AP switched traffic). NAT bindings are logged.

CN33661EN31GLA0 49
FNG31 Overview of SA

CN33661EN31GLA0 50
FNG31 Overview of SA

CN33661EN31GLA0 51
FNG31 Overview of SA

The header enrichment functionality in the Flexi NG makes it possible to insert


additional headers that contain:

Subscribers IP address
MSISDN
MD5 MSISDN (hashed MSISDN)
IMSI
MD5 IMSI (hashed IMSI)
APN
RAT
User Location Info
PLMNID
Billing type (Charging Characteristics)
Roaming Status
GGSN IP address
SGSN IP address
Charging ID
IMEISV
Auth-acg (authorised Charging-Rule-Base-Names, separated by '+')
Customer-ID CN33661EN31GLA0 52
FNG31 Overview of SA

CN33661EN31GLA0 53
FNG31 Overview of SA

CN33661EN31GLA0 54
FNG31 Overview of SA

CN33661EN31GLA0 55
FNG31 Overview of SA

HTTP redirection can be triggered either from the PCC rules (without OCS) or
when the subscriber runs out of quota (with OCS). In the latter case, the
redirect URI is provided either dynamically by the OCS or statically by
configuration, see HTTP redirection.

Example of location response header field


Location:http://redirectingurl/?MSISDN=35880000000000&IMSI=12345678912
3456&IP=27.0.0.18&APN=automaatti.native&ROAMING=0&IMEISV=8962501
397133138

CN33661EN31GLA0 56
FNG31 Overview of SA

Flexi NG supports various non-user-specific statistics related to the Service


Awareness functionality. Aggregated statistics and PCC rule statistics (layer 4
and layer 7 flows) are stored in XML files and available over Simple Network
Management Protocol (SNMP) interface. NetAct support NE3S/SNMP
interface. The following reports, for example, can be produced in NetAct:
Total usage for each protocol class such as peer to peer (P2P) file transfer,
HTTP, audio or video streaming / flash, email, messaging, VoIP
Usage for each specific protocol such as a list of most used or selected
protocol usage: uplink/downlink (UL/DL) bytes and packets

Aggregated statistics provide a good overall view on network usage and the
PCC rule configuration can be planned based on aggregated statistics. For
example, the aggregated statistics can be used to select the most used
services. If some protocols or internet sites are used more than allowed, the
operator can take specific actions such as gating, policing or charging the
usage.
By default, the SNMP statistics are collected in a measurement period of 15
minutes. Statistics include the following counters:
Aggregated protocol statistics
Aggregated statistic counters for each detected L7 protocol
Protocol ID with UL/DL bytes and packet counters
PCC rule statistics
L4 / L7 statistic counters are collected for each subscriber in Flexi NG, but in
SNMP interface only aggregated statistics are reported.
PCC rules can be URLs, applications such as BitTorrent, or any IP5tuple.
DL/UL volume/packet, hit counters provided (when appropriate) per PCC rule
for each blade 57
CN33661EN31GLA0
FNG31 Overview of SA

CN33661EN31GLA0 58
FNG31 Overview of SA

The traffic differentiation feature allows NSN Flexi NG to perform


differentiated charging based on protocol information available on different
layers of the TCP/IP protocol stack.
The operator can specify a different charging action for each service
recognised by Flexi NG. The different charging methods include volume-, time-
and event-based charging.
In the slide above, the operator has defined that for this particular subscriber
(user), the price for each service is different.
Receiving streaming media costs 1 /minute.
Access to operators WAP service costs 8 /MB for some services, 10 cents per
event (for example, news item) for some services, and 4 /hour for some services.
Access to operators email service costs 6 /MB and 6 cents per each sent
mail message.
Sending MMS messages costs 0.5 apiece
Notice that in the example, the pricing model is extremely simple, because
there is no differentiation between services available in the WAP servers. In
most cases, different WAP or HTTP based services are rated separately, and
they may use different charging methods.
Nokia Flexi NG does not perform rating of content services, even though the
example above shows the final cost of the end user. Rating is performed
outside Flexi NG using the charging information generated during the service
access.
CN33661EN31GLA0 59
FNG31 Overview of SA

CN33661EN31GLA0 60
FNG31 Overview of SA

CN33661EN31GLA0 61
FNG31 Overview of SA

Bearer-level metering is done to RG0 and it is reported only to the eCDR when
postpaid/hot billing charging is in use.

Flexi NG supports several charging methods for differentiated traffic: volume,


content volume, active time as well as subscription based charging.
The key benefit with the flexible charging alternatives is that the operator may
choose the most suitable charging method for different services and different
end users. For example, time-based charging is the logical alternative when
charging streaming traffic. For generic browsing traffic a more suitable
charging alternative would be charging based on volume.
Volume-based charging means charging based on the transferred data
volume, either uplink, downlink or both.
When charging is based on volume, two charging alternatives can be applied:
the operator may charge for all transferred traffic (including L3/L4 headers) or
charging can be based on application payload only. On L3 and L4 levels all IP
traffic, including re-transmissions, are included in the volume. In L7 analysis
the payload (including application protocol headers) is measured and e.g.
retransmitted data is excluded. Total volume and content (payload) volume
cannot be combined to a single PCC-rule.
The charging method can also be a combination of the basic charging
methods. For example, Flexi NG can be used to meter a combination of
content volume and time of a service flow.

CN33661EN31GLA0 62
FNG31 Overview of SA

The IP packet data is metered based on the IP header and the payload size without
having the GTP tunnel encapsulation.

the TCP handshake (IP packets: Syn-SynAck-Ack) for volume-based metering for DPI is
charged as 156 bytes.

In SAB node the L7 flow is created when the first data packet for a flow is seen. This
means that the TCP connection handshake packets do not match any PCC rule.
the default TCP handshake volume is added to the corresponding PCC rule rating
group metering.

CN33661EN31GLA0 63
FNG31 Overview of SA

CN33661EN31GLA0 64
FNG31 Overview of SA

Time-based charging means charging based on the time consumed. Time-


based charging method is supported by L4 and L7 analysis. Time-based
charging can either calculate the entire length of a session, for example a
HTTP connection, or just seconds that up/downlink traffic has been sent.

CN33661EN31GLA0 65
FNG31 Overview of SA

CN33661EN31GLA0 66
FNG31 Overview of SA

CN33661EN31GLA0 67
FNG31 Overview of SA

CN33661EN31GLA0 68
FNG31 Overview of SA

CN33661EN31GLA0 69
FNG31 Overview of SA

CN33661EN31GLA0 70
FNG31 Overview of SA

CN33661EN31GLA0 71
FNG31 Overview of SA

CN33661EN31GLA0 72
FNG31 Overview of SA

CN33661EN31GLA0 73
FNG31 Overview of SA

For each PDN connection, Flexi NG can receive several rulebases over
Radius (SGi). Additionally, the operator is allowed to pre-configure one default
rulebase for each session profile. By combining the received rulebases or (rule
names) and the pre-configured APN specific default rulebase, Flexi NG builds
an active PCC rule set for each bearer.

CN33661EN31GLA0 74
FNG31 Overview of SA

CN33661EN31GLA0 75
FNG31 Overview of SA

Session profile
In PDP context / EPS bearer creation, an access point name
(APN) is used to select the session profile for connecting to
the packet data network, and the user is given an IP address.
For each session profile a default rulebase can be configured
Rulebase
Defines a set of services (PCC rules) allowed for a user, up to
20 rulebases can be activated
Each rulebase is locally configured to FNG to form a set of
PCC rules
Rulebase can be activated based on Session profile, or it can
come from AAA or PCRF
All the received Rulebases are combined dynamically for the
user
PCC rule
Defines a set of filters (L4/L7) that can be used to identify
services, only traffic matching to defined filters is allowed
For each PCC rule a policy action (e.g. gating) or charging
(rating group) can be defined
Up to 1000 PCC rules can be activated for one user
L4 PCC rule defines IP-tuple/protocol level filters
CN33661EN31GLA0 76
FNG31 Overview of SA

NOTE: A PCC rule can contain both L4 and L7 filters. In this case as
well, it is the precedence order that tells in which order the filters are
matched.

CN33661EN31GLA0 77
FNG31 Overview of SA

CN33661EN31GLA0 78
FNG31 Overview of SA

CN33661EN31GLA0 79
FNG31 Overview of SA

CN33661EN31GLA0 80
FNG31 Overview of SA

If multiple PCC rule bases are set into a single session profile, the PCC rule lists of
each of the used PCC rule bases are merged together, and the PCC rules in those lists
are resorted according to their precedence values.

CN33661EN31GLA0 81
FNG31 Overview of SA

CN33661EN31GLA0 82
FNG31 Overview of SA

CN33661EN31GLA0 83
FNG31 Overview of SA

NOTE: The number of active rating groups per user is 10!

CN33661EN31GLA0 84
FNG31 Overview of SA

CN33661EN31GLA0 85
FNG31 Overview of SA

NOTE: Combination of Service ID and Rating group is not supported.


NOTE: There can be only one matching filter to any traffic and hence
only one RG reported. Both L4 and L7 filters cannot be used
simultaneously for metering the traffic.

CN33661EN31GLA0 86
FNG31 Overview of SA

CN33661EN31GLA0 87
FNG31 Overview of SA

DPI PCC rule configuration

88 88
CN33661EN31GLA0
FNG31 Overview of SA

In contrast with predefined PCC rules, dynamic PCC rules can contain SPI PCC filters
only as specified in 3GPP TS 29.212 Policy and Charging Control (PCC) over Gx/Sd
reference point.

89 89
CN33661EN31GLA0
FNG31 Overview of SA

CN33661EN31GLA0 90
FNG31 Overview of SA

kill -USR2 <gwup_proxy PID> prints the active rules into the SAB
blade specific syslog file in /var/log directory

CN33661EN31GLA0 91
FNG31 Overview of SA

APN-specific policies

CN33661EN31GLA0 92
FNG31 Overview of SA

CN33661EN31GLA0 93
FNG31 Overview of SA

CN33661EN31GLA0 94
FNG31 Overview of SA

CN33661EN31GLA0 95
FNG31 Overview of SA

CN33661EN31GLA0 96